As I mentioned in a previous blog post
, the BadUSB virus poses an unprecedented threat to our digital security. Because it lives in a USB device's firmware instead of in its memory, it can't be detected with anti-malware software. What's worse, it is designed to mimic other internal USB devices like your keyboard, network card and web cam allowing the virus to do malicious things like send keystrokes, redirect internet traffic and spy on you. The only way to remove BadUSB from an infected computer to physically replace every on-board and external USB device, and in many cases just buying a new PC is probably going to be the more cost-effective option.
Last week I suggested a temporary solution
would be to identify and avoid any USB device that use a Phison controller since Phison is currently the only vendor vulnerable to the virus. However, in discussing the matter with a computer scientist friend of mine and then with the lead researcher who invented BadUSB, I was informed the virus could simply change the vendor ID to that of another manufacturer.
At this point the only viable option (other than never using a flash drive again and sealing off your USB ports) is two-fold: First, immediately replace your existing flash drive with a NIST compliant flash drive that uses digitally signed firmware
. Replacing the custom firmware on these devices with BadUSB or other versions of malicious firmware isn't possible. Second, never allow someone to plug a non-NIST compliant flash drive into your computer.
We are researching the possibility of gaining NIST compliance for the flash drives we sell at FlashDrivePros. In the meantime, I highly recommend you order a Kanguru Defender
or similar flash drive that is insusceptible to the BadUSB virus.