A BadUSB question

Discussion in 'PC Hardware' started by Satoshi19, Jan 16, 2018.

  1. Satoshi19

    Satoshi19 MDL Member

    Jun 15, 2017
    158
    10
    10
    Hi, I have a question, a friend of mine is badusb RAT botnet victim, AFAIK, BadUSB, when plugged In can give commands, can enumerate keyboard, other HID, & even turn it into a Nic but is it possible to have rootkit embedded in firmware, virtual file system or would it turn it into NIC C&C Botnet, then download additional malware if connected to net?
     
  2. Joe C

    Joe C MDL Guru

    Jan 12, 2012
    2,565
    1,402
    90
    Yes... badusb can do those things, but how do you know that this pc is infected with this RAT?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Satoshi19

    Satoshi19 MDL Member

    Jun 15, 2017
    158
    10
    10
    #3 Satoshi19, Jan 16, 2018
    Last edited: Jan 17, 2018
    (OP)
    well, he had his friend's USB inserted,& then PC become strange, automatic mouse movements, then in event log he found that it had installed a driver as well as anonymous, system logon
     
  4. Hadron-Curious

    Hadron-Curious MDL Guru

    Jul 4, 2014
    3,532
    519
    120
    #4 Hadron-Curious, Jan 16, 2018
    Last edited: Jan 16, 2018
    it is very possible, most especially, when the exploit acts as a firmware with a remote-access kind of connection. It happened to a friend of mine who interned with a bank and that almost got him into trouble.
     
  5. Joe C

    Joe C MDL Guru

    Jan 12, 2012
    2,565
    1,402
    90
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. nodnar

    nodnar MDL Addicted

    Oct 15, 2011
    974
    667
    30
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. Satoshi19

    Satoshi19 MDL Member

    Jun 15, 2017
    158
    10
    10
  8. nodnar

    nodnar MDL Addicted

    Oct 15, 2011
    974
    667
    30
    questions...
    it has uefi scanning anyway..
    and you can run an online-scan within ~20 mins,
    i just did, to check if it still works.[does]
    and i have an inkling that it may turn up more troubles..
    if you do not try, you won`t know, will you?
    and it is free too..
    if you don`t shoot, you will always miss, as we say in holland..
    ;)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...