USBHarpoon a Charging Cable That Hacks Your Computer

Olaf Tan and Dennis Goh of RFID Research Group, Vincent Yiu of SYON Security and Kevin Mitnick have developed a new rogue USB charging cable named USBharpoon which can be used to compromise a computer in just a few seconds. The USBHarpoon takes inspiration from the BadUSB Project built by Karsten Nohl from Security Research Labs.

Nohl has provided a demo that turns one device type into another by just reprogramming the USB controller chips which also includes thumb drives. These drives don’t have much protection from reprogramming.

The USBHarpoon leverages the charging cable instead of the USB drive to create a “code bomb”. The cable was modified by researchers to transfer both data and power which makes it difficult to notice any abnormal behaviour from the user.

The Security Researcher has posted two videos on Twitter

The Researcher has demonstrated that his BadUSB cable will work with the 24-pin USB-C connector which is used for MacBook chargers, the researcher also added that it will work on any devices with a USB port, including mobile devices.

@Mitnick originally asked the researcher Dennis Goh to build a cable to demo the attack, thus the USBHarpoon was born. The USBHarpoon once plugged in allows for commands to be launched which download and execute the malicious code in the victim’s PC. Yiu has also published a video that shows how the USB cable works on a Drone that is connected to a Windows PC. The experts have noticed that Windows Commands are launched in Run Prompt and the Mac commands are launched from the Terminal itself.

Take your time to comment on this article.

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Astaroth Banking Malware Runs Actively Targets Users In Brazil