(also BadUSB attack)
BadUSB is a type of cyberattack that uses compromised USB devices to execute malicious code. In a BadUSB attack, the criminal modifies the firmware of a USB device (such as a USB flash drive or a USB keyboard) to automatically enter specific commands once inserted into the victim’s computer.
BadUSB was first brought to the public eye by Karsten Nohl and Jakob Lell at the Black Hat USA 2014 security conference.
Stopping BadUSB attacks
- Use USB device security tools. Security tools like USBGuard, USBCop, and USBKill can help detect and prevent BadUSB attacks.
- Use only trusted USB devices. Criminals can leave compromised USB devices at the reception or in the lobby, hoping that curious employees will test them out. Avoid using USB devices from unknown sources.
- Stick to trusted brands and vendors. USB devices sold on shady websites can come pre-installed with BadUSB software. The same goes for USB devices of unknown manufacturers sold on online marketplaces.
- Update periodically. BadUSB attacks often exploit vulnerabilities in software. Keep your operating system and software up-to-date to protect against these attacks.
- Use USB allowlists. Configure your computer to only allow connections from specific USB devices, limiting the number of devices that may be used to execute a BadUSB attack.
- Disable USB ports. If you’re worried about others (like disgruntled co-workers) carrying out a secret BadUSB attack on your device, you can disable its unused USB ports in your computer’s BIOS or operating system.