BadUSB Malware Code Released Once again USB has come up as a major threat to a vast number of users who use USB drives – including USB sticks and keyboards. Security researchers have released a bunch of hacking tools that can be used to convert USB drive into silent malware installer. This vulnerability has come about to be known as "BadUSB", whose source code has been published by the researchers on the open source code hosting website Github. The hack utilizes the security flaw in the USB that allows an attacker to insert malicious code into their firmware. THE GOOD NEWS AND THE BAD The good news is that this vulnerability presents in only one USB manufacturer Phison electronics, a Taiwanese electronics company. But the bad side of it is that Phison USB sticks can infect any given device they are plugged into, and the company has not yet revealed who it manufactures USB sticks for. BadUSB VULNERABILITY IS UNPATCHABLE IMPACT OF BadUSB ATTACK Once compromised, the USB devices can reportedly: = enter keystrokes =alter files =affect Internet activity = infect other systems, as well, and then spread to additional USB devices = spoofs a network card and change the computer’s DNS setting to redirect traffic = emulates a keyboard and issue commands on behalf of the logged-in user, for example to exfiltrate files or install malware