Think malware can only come from the Web, malicious emails and corrupt files? If you depend on USB flash drives for your business, listen up about another threat: A new USB malware is on the loose. And it can cause ultimate digital destruction.
Back in July, security researchers Karsten Nohl and Jakob Lell revealed that USB sticks have an unfixable security flaw that can allow malware to take over your entire PC -- without you knowing it.
To demonstrate, Nohl and Lell created BadUSB, malware that lives in a USB's core. It rewrites the USB's firmware, staying undetected as it self-installs and quietly wreaks havoc on devices and network systems the infected USB is connected to. Even worse, BadUSB remains imperceptible to antivirus software and mobile security apps, and lives on even after the contents of the drive and devices have been deleted and reformatted.
This week, Adam Caudill and Brandon Wilson, security researchers who reverse engineered and recreated BadUSB, did what is seemingly the unthinkable: They've released the code for the malware, allowing anyone to reproduce the malware and exploit all types of USB-capable devices, Wired reports.