By Oh, cute little helpful USB Cable, how I one day may loathe you. I just think I’m innocently plugging you into my computer, perhaps to charge although you take infinitely longer than a wall charger, or maybe I’m moving some pictures or files. Then without warning, an attacker is actually operating my computer, my personal identity is stolen, and I’m bankrupt.
(image via CNET)
I’m being over-the-top of course, but the fact that researchers from George Mason University have found a way to alter Android’s USB Driver properties to launch an attack and take over a computer almost completely undetected seem like a rather scary possibility. The same could be done for iPhone and the threat has worked on Windows, Mac and Linux alike.
Two facts I found extremely interesting from the CNET article include the inherent stealth of the exploit:
Antivirus software wouldn’t necessarily stop this because it can’t tell that the activities of the exploit are not controlled or sanctioned by the user, Stavrou said. “It’s hard to separate good behavior from bad behavior when it comes from the keyboard,” he said.
And its ability to spread:
“Say your computer at home is compromised and you compromise your Android phone by connecting them,” he said. “Then, whenever you connect the smartphone to another laptop or computing device I can take over that computer also, and then compromise other computers off that Android. It’s a viral type of compromise using the USB cable.”
You shouldn’t worry about plugging your phone into your computer after reading this article, but the fact remains, you should always be cautious of what you’re downloading and from where you’re downloading. In this case, we’re lucky the good guys are finding out the cool exploits, but trust me when I say that there are probably more doing the same type of research who aren’t on the side of good. And I know there are plenty of rooting aficionados out there downloading and booting ROMs with altered drivers!
This is NOT a hack! It’s just normal stuff you can do with USB. Why is everybody calling everything a hack these days?
im scared…the internet. so valuable yet so deadly!
while this article is interesting and informative, that last line is a bit overly fud-ish for me. I haven’t rooted my phone or installed custom roms. But that line just bugs me. are we to trust the xda (and others)? I guess its a decision to make, so i hope none of the primary root-ing and rom-ing guys are taking advantage of us.
Its scary but interesting too. I think I should try this trick. But before that need to free my lappy and phone from important contacts else an axe could fall on me :)
ATUL
I’ve plugged my USB to my OG droid and some times it loads the bootloader. Says some stuff along with “press ok to program”
Here is my direct response to this article
http://www.android.net/forum/android-forum/58257-do-you-need-anti-virus-protection-5.html#post69414
Thanks WugFresh, that calmed me down. From what I’ve seen, the devs at xda seem very protective of their users (and their donation streams). They are quick to review the work of their peers and point out rogues.
George Mason has a university? That rocks.
Your welcome. One thing I forgot to mention in that response is that ROM development is very much a collaborative process; all the devs use bits and pieces from their peers. They all share their code openly we eachother, so it would be very suspicious simply to suddenly see a ROM with zero indication of collaboration: furthermore, if you actually believe this is happening then you are suggesting all the devs are conspiring against the end user. That’s rather farfetched and actually disrespectful to all the hard work they have done for us.
Thank God eScan end point security keeps me safe :)