Home > Cloud Computing > Cloud Security

Researchers demonstrate how to crack the USB driver and conquer the PC operating system

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Angelos Stavrou, assistant professor at George Mason University, and his student Wang chaohui presented their new achievements in the security field at the Black Hat DC Hacker Conference by cracking the USB driver, only one common USB cable can be used to conquer the PC operating system.

Simply put, their method of cracking is to add the virtual keyboard and mouse function to the USB driver, and directly use the Virtual Peripherals to issue operation instructions, attackers can obtain system control, download malware, and steal files.

The initial cracking program may be sent to the user's computer by visiting a malicious website or downloading a disguised malicious program. Once the user uses a USB cable to connect to the computer for charging or synchronizing the program, the program can start to spread, and through the computer to mobile phones, mobile phones to computers and even mobile phones to mobile phones quickly spread. Currently, mobile phone cracking only supports Android, but developers say that the iPhone and any other USB interface computing devices can be implemented in a similar way.

The attacker can automatically identify the operating system. In Windows, a hardware discovery window pops up in the lower-left corner of the screen for one to two seconds. In Mac systems, new device information can be disabled by the program sent by the smartphone. In Linux, there will be no prompts. Therefore, such attacks are unlikely to be discovered by users. Because it simulates the operations performed by users through the keyboard and mouse, the existing anti-virus and security software is powerless.

Stavrou said it had developed this attack method to demonstrate the potential risks of the USB driver, because the operating system can connect to any device using the USB protocol without authentication. "The operating system should bring up a warning asking the user to confirm whether the device is actually connected," he said ".

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
get the permalink how to find operating system how to know operating system how to see operating system how to check operating system how to determine operating system how to check operating system in laptop
Related Article
How does personal cloud security guarantee data security?
Model-driven cloud security-automating cloud security with cl...
Cloud security to achieve effective prevention of the future ...
Focus on three major cloud security areas, you know?
Decrypting Cisco type 5 password hashes
Using redis to write webshell

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More