Of all the tools to carry out a cyberattack, badUSB is possibly the one that has increased its popularity the most in recent years, mainly due to its ease of capturing victims. Although at first glance they are a conventional USB memory, these devices can be configured to take control of any system and steal sensitive information, lock computers, impersonate, and a host of fraudulent uses.
Precisely their innocent appearance is their greatest danger, since instead of storing information, they are programmed to act like a computer keyboard pre-programmed with specific and directed actions. The computer recognizes it as a trusted keyboard and executes the previously programmed actions without requiring any authorization from the user and without the user noticing.
Risks to which we are exposed by BadUSB
The cybercriminal can carry out the attack he wants by having the computer under his control, impersonating the legitimate user. One of the examples of the application of this type of attack is to “uninstall the antivirus, download a Trojan from a server and run it on the computer allowing the theft of passwords, files, etc.
Another of the malicious characteristics that the researchers have highlighted is the possibility of causing an attack to be carried out from a modified pendrive that is capable of altering network traffic without the user noticing. They showed how an ethernet network adapter could be impersonated on the target system that would respond to DHCP requests made from the system but without assigning a gateway.
This would be that if we are connected to a Wi-Fi network and we introduce a modified USB in our system, we will continue browsing without problem but, the DNS requests that we make when accessing a web will be managed by the server loaded from the pendrive, which allows traffic redirection attacks that can lead us to malicious sites
