How a USB-connected speaker can infect a PC without ever being touched
摘要
一项安全研究发现,新加坡创新科技公司生产的Sound Blaster Katana V2X音箱存在安全漏洞。该音箱通过USB或蓝牙连接电脑,研究人员发现其使用的专有CTP协议可被利用,攻击者只需在蓝牙范围内即可远程执行代码,感染连接的PC设备。该漏洞由研究员Rasmus Moorats偶然发现,目前尚未有修复方案。
Operating system makers take many steps to prevent their wares from accepting commands from remote devices. The safeguards, designed to thwart malicious attacks, typically require hackers to jump through all kinds of hoops to bypass the measures. But what if remote code execution were as simple as being within Bluetooth range of a speaker connected to the targeted device?
It turns out it can, at least when the speaker is a Sound Blaster Katana V2X sold by Singapore-based Creative Technologies. The speaker, which sells for $283, is widely acclaimed with numerous reviews showering praise on the sound and performance of it and its predecessor, the Sound Blaster V2.
A PC-pwning proxy
Researcher Rasmus Moorats stumbled on the hack by accident, after he purchased a Katana V2X, a soundbar that connects to PCs, Macs, and Linux devices over USB or Bluetooth. Moorats was curious if he could create a Linux tool that communicated with his speaker. He discovered he could do so through CTP, a proprietary mechanism he guesses is short for Creative Transport Protocol.
转载信息
评论 (0)
暂无评论,来留下第一条评论吧