USB-C connector provided on new MacBook and Chromebook prone to hacking via ‘borrowed charger’, BadUSB
After years of development, USB Type-C was launched through Apple MacBook and Google Chromebook. The new MacBook will come with just a single Type-C plug for both power and data, similarly Google’s Pixel 2 Chromebook also features the same Type-C port.
But with the new port comes with its own set of security issues because the Type-C port is vulnerable to BadUSB flaw. The issue was first reported by Verge which said that USB-C is vulnerable to BadUSB firmware attack or other attacks exploiting the plug’s direct memory access.
“On a standard machine, users worried about USB attacks could simply tape over their ports, but power is the one plug you have to use. Turning that plug into an attack vector could have serious security consequences.”
Verge said that users using the new MacBook and Chromebook Pixel 2 would be prone to a “borrowed charger” attack.
It said that while the new chargers don’t have the firmware needed to carry the BadUSB virus, “it would be easy for an attacker to install it herself, then spend a day in a coffee shop waiting for some unsuspecting target to plug in.”
“Nearly everyone with a laptop has shared a power cable at some point — compared with the much smaller number who have plugged in a stranger’s USB stick — so the attack could reach a lot of otherwise protected computers,” it said.
The BadUSB flaw was discovered last year by Karsten Nohl who first demonstrated an attack to a standing-room-only crowd at the Black Hat security conference in Las Vegas. It was later demonstrated by researchers Adam Caudill and Brandon Wilson who exploited the flaw by reverse-engineering USB firmware.
What is BadUSB?
The malware which is dubbed BadUSB, reprograms embedded firmware to give USB devices new, covert and most powerful capabilities. In a demo at Black Hat security conference in Las Vegas, a USB drive was infected and showed its ability to act as a keyboard that surreptitiously types malicious commands into attached computers.
Another USB was similarly be reprogrammed to act as a network card that causes connected computers to connect to malicious sites impersonating Google, Facebook or other trusted destinations. The demo showed that similar hacks could work against Android phones when attached to targeted computers. The malware is so huge that it can work on almost any USB linked devices like Web cams, keyboards, smart phones etc.
The duo posted the PoC of BadUSB flaw on Github so that researchers and security companies can study it and come out with patch for the flaw.
Type-C port vulnerable
Once exploited the malware can be spread to any USB stick and PC or vice versa. As said above, though the new rechargers are not vulnerable to BadUSB flaw but older ones are and a potential hacker can use it to access the new MacBook or Chromebook
“In the case of BadUSB, that means it’s easy for a bad actor to put together a USB device that will spread the virus every time it’s plugged in,” The Verge said.
The Verge also quoted Karsten Nohl, one of the researchers who first discovered BadUSB, as saying the additional “openness and flexibility of USB Type-C comes with more attack surface.”
“No solution for BadUSB is in sight even with this new standard,” Nohl said.
One of the problems that Apple has is that it wont be able to authenticate the Type-C port charger as it did with its Lightning port because USB is a open standard.
Verge said that a “bad actor could simply masquerade as a last-generation USB device like a wireless keyboard for long enough to pass along the virus.”
If you intend to buy the new Apple MacBook or Google Chrombook, avoid any chargers or USB devices that you did not purchase yourself to keep your laptops safe.