The flaw that was detected back in August by some security researchers that could exploit any USB device has now been made public by the researchers for everyone to see it. Anyone with a little knowledge about exploiting computers can easily do that by using the exploit code which is available at the GitHub.
The exploit was created by SR Labs researcher Karsten Nohl and Brandon Wilson, who wanted to demonstrate that USB connections can be easily exploited, and there isn’t much manufacturers can do to protect the users from it.
“The belief we have is that all of this should be public. It shouldn’t be held back. So we’re releasing everything we’ve got. This was largely inspired by the fact that [SR Labs] didn’t release their material. If you’re going to prove that there’s a flaw, you need to release the material so people can defend against it,” they said in an interview.
They both have released the code in the name of BadUSB on the GitHub. The researchers wanted it to be public as it will help companies and vendors to do best to their users from these attacks.
“If this is going to get fixed, it needs to be more than just a talk at Black Hat. If the only people who can do this are those with significant budgets, the manufacturers will never do anything about it. You have to prove to the world that it’s practical that anyone can do it…That puts pressure on the manufacturers to fix the real issue.”
According to some reports, Microsoft, Apple and other few companies are already working on it to release a fix that do not allow the attack to be executed on their computers.