Malware, Vulnerability Management

Researchers release BadUSB code at Derbycon

Researchers have published BadUSB code two months after Karsten Nohl from SR Labs demonstrated at the Black Hat conference in Las Vegas how to use the virtually undetectable malware to infect nearly any USB device.

Researchers Brandon Wilson and Adam Caudill conducted a similar demonstration at the security convention, Derbycon, held in Louisville, Ky., recently. 

Nohl had refrained from publishing the code because there was no easy way to remedy the flaw in USB devices with a patch. But Wired quotes Caudill as telling the Derbycon audience Friday that “all of this should be public. It shouldn't be held back.”

As a result, he and Wilson released “everything we've got,” saying that “you need to release the material so people can defend against it.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.