Stop! Before you load that USB memory stick or memory card, do you know where it came from? There’s a dangerous new virus carried by USB gadgets that, for now, can’t be stopped.
Last month, security researcher Karsten Nohl unveiled a scary unstoppable virus called BadUSB at a security conference. However, he said that until there was a fix, he wouldn't make the virus public.
Well, two other security researchers, Adam Caudill and Brandon Wilson, decided not to wait and have put their version of the superbug online for anyone to use.
The two independent security researchers, who declined to name their employer, say that publicly releasing the USB attack code will allow penetration testers to use the technique, all the better to prove to their clients that USBs are nearly impossible to secure in their current form. And they also argue that making a working exploit available is the only way to pressure USB makers to change the tiny devices’ fundamentally broken security scheme.
Unfortunately, making it public also makes it available to any hacker in the world. That's a very, very bad thing.