contador web Saltar al contenido

What USBHarpoon? Attack puts malware on devices via USB cable | Security

USBHarpoon is an attack using the modified USB cable to install viruses on computers. Invasion works by making the computer recognize the USB cable and a battery charger as if they were a keyboard. This allows the criminal to issue hidden commands that can cause damage, cause damage and even intercept data. According to the WinFuture website, Windows, macOS, Linux and Android systems are vulnerable. USBHarpoon was created by Vicent Yiu, a security researcher at Syon Security.

New sophisticated virus capable of targeting Windows, macOS and Linux

USB cable can be modified to behave like a keyboard and pass dangerous commands to the computer Photo: Carol Danelli / TechTudoUSB cable can be modified to behave like a keyboard and pass dangerous commands to the computer Photo: Carol Danelli / TechTudo

USB cable can be modified to behave like a keyboard and pass dangerous commands to the computer Photo: Carol Danelli / TechTudo

Want to buy PC, cell phone and other discount products? Meet Compare TechTudo

The method of attack depends on a few factors. The first is that the user connects the compromised cable to his device with the session open (without being on the lock screens). Another detail is that the harmful commands and codes issued by USBHarpoon generate actions on the screen, opening prompts and command terminals, and this would hardly go unnoticed by the user.

However, at the moment, there are still no effective operating system measures to prevent attacks of this type.

How USBHarpoon works

Modified cables are difficult to identify Photo: Divulgao / Vincent YiuModified cables are difficult to identify Photo: Divulgao / Vincent Yiu

Modified cables are difficult to identify Photo: Divulgao / Vincent Yiu

The whole trick is to make the computer or cell phone see the device connected via USB as if it were a keyboard. Connected to the cable, a power charger hides a circuit prepared to release the malicious codes, which will trigger prompts and command screens on the computer screen.

These commands can take many forms. Demonstrations of USBHarpoon show that it is possible to install malware on the victim's device, redirect Internet traffic so that the computer can access fake websites, intercept data and even cause damage to the system, removing important files and components.

The researchers responsible for USBHarpoon also warn that it is possible for a more ingenious hacker to simply develop an attack format that only goes into action when the victim is away from the computer. Thus, the harmful commands would be executed without being identified by the user.

Modified cable now has a circuit containing the malicious code and the ability to trick the victim's computer Photo: Divulgao / Vincent YiuModified cable now has a circuit containing the malicious code and the ability to trick the victim's computer Photo: Divulgao / Vincent Yiu

Modified cable now has a circuit containing the malicious code and the ability to trick the victim's computer Photo: Divulgao / Vincent Yiu

The whole problem around USBHarpoon is that it cheats the system, causing a malicious device to be seen as a keyboard. There are still no totally safe ways to prevent this type of attack.

At the moment, there are already "USB condoms", which are just like intermediate dongles that you can use on your PC's input ports. These accessories can electronically block any irregular information traffic, as would be the case with a power charger trying to hijack the computer.

There is a problem with this approach: just as a cable and charger can be prepared to transmit viruses and other pests, the "USB condom" also presents the same problem.

The video below shows the attack in progress. Notice how the cable looks normal and how there is a set of commands running at the Windows prompts:

The developers responsible for the attack granted an interview to Bleeping Computer. They drew attention to the fact that the vulnerabilities exploited by USBHarpoon called BadUSB among experts have been known since 2014. However, since then, there has been no progress in correcting the problem. There was also no effort to prevent increasingly elaborate and creative ways of exploiting the gap from time to time.

What is the best free antivirus? Find out in the TechTudo forum.

How to remove viruses on an Android phone

How to remove viruses on an Android phone