BADUSB: How Bad?
In July, researchers Karsten Nohl and Jakob Lell announced that they'd found a critical security flaw they called BadUSB, allowing attackers to smuggle malware on the devices effectively undetected. Even worse, there didn't seem to be a clear fix for the attack.That's because there isn't a clean fix. The problem resides in the fact that a USB device can "announce" that it has multiple capabilities and the machine they're connected to will believe it. Some of those can be input/output devices (like a keyboard) and others can be storage-related.