To install click the Add extension button. That's it.

The source code for the WIKI 2 extension is being checked by specialists of the Mozilla Foundation, Google, and Apple. You could also do it yourself at any point in time.

How to transfigure the Wikipedia

Would you like Wikipedia to always look as professional and up-to-date? We have created a browser extension. It will enhance any encyclopedic page you visit with the magic of the WIKI 2 technology.

Try it — you can delete it anytime.

Install in 5 seconds
4,5
Kelly Slayton
Congratulations on this excellent venture… what a great idea!
Alexander Grigorievskiy
I use WIKI 2 every day and almost forgot how the original Wikipedia looks like.
Live Statistics
English Articles
Improved in 24 Hours
Added in 24 Hours
Languages
Recent
Show all languages
What we do. Every page goes through several hundred of perfecting techniques; in live mode. Quite the same Wikipedia. Just better.
Great Wikipedia has got greater.
.
Leo
Newton
Brights
Milds

BadUSB

From Wikipedia, the free encyclopedia

"It's the struggle between simplicity and security. The power of USB is that you plug it in and it just works. This simplicity is exactly what's enabling these attacks."

- Karsten Nohl, 2014[1]

At 2, the USB controller of which the custom firmware can be flashed to is visible

BadUSB is a computer security attack using USB devices that are programmed with malicious software.[2] For example, USB flash drives can contain a programmable Intel 8051 microcontroller, which can be reprogrammed, turning a USB flash drive into a malicious device.[3] This attack works by programming the fake USB flash drive to emulate a keyboard, which once plugged into a computer, is automatically recognized and allowed to interact with the computer, and can then initiate a series of keystrokes which open a command window and issue commands to download malware.

The BadUSB attack was first revealed during a Black Hat talk in 2014 by Karsten Nohl, Sascha Krißler and Jakob Lell. Two months after the talk, other researchers published code that can be used to exploit the vulnerability.[4] In 2017, version 1.0 of the USG dongle, which acts like a hardware firewall, was released, which is designed to prevent BadUSB style attacks.[5]

YouTube Encyclopedic

  • 1/3
    Views:
    2 446 548
    639 230
    65 185
  • bad USBs are SCARY!! (build one with a Raspberry Pi Pico for $8)
  • Evolution Of The BadUSB
  • Create a $3 Undetectable Bad USB

Transcription

Criminal usage

In March 2020, the FBI issued a warning that members of the FIN7 cybercrime group have been targeting companies in the retail, restaurant, and hotel industries with BadUSB attacks designed to deliver REvil or BlackMatter ransomware.[6] Packages have been sent to employees in IT, executive management, and human resources departments.[6] One intended target was sent a package in the mail which contained a fake gift card from Best Buy as well as a USB flash drive with a letter stating that the recipient should plug the drive into their computer to access a list of items that could be purchased with the gift card.[6][7] When tested, the USB drive emulated a keyboard, and then initiated a series of keystrokes which opened a PowerShell window and issued commands to download malware to the test computer, and then contacted servers in Russia.[6][7]

In January 2022, the FBI issued another warning that members FIN7 were targeting transportation and insurance companies (since August 2021), and defense companies (since November 2021), with BadUSB attacks designed to deliver REvil or BlackMatter ransomware.[8][9] These targets were sent USB drives in packages claiming to be from Amazon or the United States Department of Health and Human Services, with letters talking about free gift cards or COVID-19 protocols that were purportedly further explained by information on the USB drive.[8][9] As above, when plugged in, the USB drives emulate a keyboard, and then initiate a series of keystrokes which open a PowerShell window and issue commands to download malware.[8][9]

See also

Further reading

  • Lu, Hongyi; Wu, Yechang; Li, Shuqing; Lin, You; Zhang, Chaozu; Zhang, Fengwei (May 2021). "BADUSB-C: Revisiting BadUSB with Type-C". 2021 IEEE Security and Privacy Workshops (SPW). pp. 327–338. doi:10.1109/SPW53761.2021.00053. ISBN 978-1-6654-3732-5.

References

  1. ^ Goodin, Dan (July 31, 2014). "This thumbdrive hacks computers. 'BadUSB' exploit makes devices turn 'evil'". Ars Technica. Archived from the original on 2017-09-09. Retrieved 2021-09-07.
  2. ^ Greenberg, Andy (July 31, 2014). "Why the Security of USB Is Fundamentally Broken". Wired. ISSN 1059-1028. Retrieved 2021-09-07.
  3. ^ Nohl, Karsten; Krißler, Sascha; Lell, Jakob. "BadUSB - On accessories that turn evil" (PDF). Archived (PDF) from the original on 2016-10-19.
  4. ^ Greenberg, Andy (October 2, 2014). "The Unpatchable Malware That Infects USBs Is Now on the Loose". Wired. ISSN 1059-1028. Retrieved 2021-09-07.
  5. ^ Doctorow, Cory (March 2, 2017). "USG: an open source anti-BadUSB hardware firewall for your USB port". Boing Boing. Archived from the original on 2017-03-03. Retrieved 2021-09-07.
  6. ^ a b c d Ilascu, Ionut (2020-03-27). "FBI: Hackers Sending Malicious USB Drives & Teddy Bears via USPS". Bleeping Computer. This is not a one-off incident, though. The FBI warns that FIN7 has mailed these packages via USPS to numerous businesses (retail, restaurant, hotel industry) where they target employees in human resources, IT, or executive management departments. These packages sometimes include "gifts" like teddy bears or gift cards. These USB drives are configured to emulate keystrokes that launch a PowerShell command to retrieve malware from server controlled by the attacker. Then, the USB device contacts domains or IP‌ addresses in Russia.
  7. ^ a b Cimpanu, Catalin (March 26, 2020). "Rare BadUSB attack detected in the wild against US hospitality provider". ZDNet. Archived from the original on 2020-03-26. Retrieved 2021-09-07.
  8. ^ a b c Gatlan, Sergiu (2022-01-07). "FBI: Hackers use BadUSB to target defense firms with ransomware". Bleeping Computer. FIN7 operators impersonated Amazon and the US Department of Health & Human Services (HHS) to trick the targets into opening the packages and connecting the USB drives to their systems. Since August, reports received by the FBI say that these malicious packages also contain letters about COVID-19 guidelines or counterfeit gift cards and forged thank you notes, depending on the impersonated entity.
  9. ^ a b c Tung, Liam (2022-01-10). "Ransomware warning: Cyber criminals are mailing out USB drives that install malware". ZDNET.

Further reading

This page was last edited on 21 July 2023, at 22:14
Basis of this page is in Wikipedia. Text is available under the CC BY-SA 3.0 Unported License. Non-text media are available under their specified licenses. Wikipedia® is a registered trademark of the Wikimedia Foundation, Inc. WIKI 2 is an independent company and has no affiliation with Wikimedia Foundation.
Contact WIKI 2
Introduction
Terms of Service
Privacy Policy