Nowadays, everyone uses the USB or pen drive for transferring the data. This pen drive has made our life easier that data transfer has become simple. However, do you know that the malware in the firmware of the USB flash drive cannot be detected even by your security software? Here, you can learn about the fundamental flaw in USB which cannot be detected.
Recently, security researchers have modified the firmware that controls the very basic functions and communication of the USB flash drive. Also, they have made a small piece of malware that can be installed on it. This malware is called BadUSB. It can be installed on the firmware of the USB to take the complete control of the computer. Once the malware-infected USB is inserted into the computer, it slowly and invisibly alters the installed files on the USB and redirects the user to the unwanted internet traffic.
Embedded within the hardware of the USB, it can control the device and the computer in which it is connected. Once it attains the control, the information is transmitted back and forth. Since the malware is present on the hardware of the USB, it cannot be detected even by your security software.
When you give the malware injected USB to your security people, they will perform the scan using the security software and delete the unwanted files. Then they will return it to you saying the USB is clean from threats. However, the problem still exists.
How to escape from this fundamental flaw in USB
It is impossible to check whether the firmware or the hardware of the USB is flawed and it is injected with malware. There is no way you can detect the malware that is injected in the USB’s firmware. Until a solution is found, there are only precautions available to avoid the problem by changing your way of using it.
1. Use only 100% trusted USB in any computer.
2. Use only your USB on your computer.