That is, there is supposedly a virus that infects files on a USB-stick, and its firmware, internal memory, which is read from the computer (and thus determine whether the infestation) is impossible. Supposedly if the flash drive is connected to a computer virus can gain control of him even if he does not run any one file. Ostensibly, this virus was created NSA USA and using it a lot for whom they are spying.
It sounds like science fiction, but studied the materials, I, as an opponent of conspiracy theories, but an expert in the field of software, I can say this: it is almost certainly true.
The fact is that even in the second half of last year, researchers found a vulnerability that allows to hide malicious code in the firmware, and in the fall, other researchers even published sample code that uses this vulnerability. Note that in the second article to which I refer, even then, it was assumed that the NSA can this vulnerability know and use.
Explain on fingers how this vulnerability works: modern USB devices are actually microcomputers. They have their own microprocessor and memory, which stores the software that controls the processor - firmware. And this microcomputer and your computer communicate with each other through the protocol USB. Ever connected a USB-keyboard or mouse? Then you know that immediately after the connection, you can use it, to drive her anything. So imagine that your stick microcomputer that performs code that hackers placed on its firmware, you can send a computer such signals that the flash drive will not for a USB flash drive, and for an external keyboard. Vobёt that any sequence of commands that wish hacker that he was sitting behind your computer.
And this is just one example of this vulnerability, in fact, plenty of opportunities, the problem is sewn deep into the USB architecture for all these years, and in autumn, it was clear that there is no software to protect themselves from it at the moment.
And with the already infected computer, you can update the firmware of the new stick (you ever update the firmware of devices, right?), Communicating with its microprocessor, but read the contents of the firmware on the flash drive is not possible (except for the case when the manufacturer stick specifically provided in this firmware possibility), for a total find such a hidden virus theoretically impossible.
Now Kaspersky has detected a virus, rather a network of viruses, including those that use this vulnerability. In this case, the code of the virus indicates the likelihood of their authors affiliation with virus writers stuxnet, hit Iran objects that seemed to hint to us that the customer NSA. But the main thing else (and this is good news for all of us!): Despite the theoretical possibility of infection most of the computers in the world through the flesh, the virus was detected in only a small fraction of computers in the state institutions in several countries (the same as Iran, Russia .. .) that with a probability of about 100% indicates that it is the handiwork of the NSA did.
Meanwhile, we must understand that it is possible that other structures (primarily other global security services) knew about the vulnerability, and used it, so it is likely that a significant portion of computers and USB-devices in the world are already infected with such viruses.
In this sense, very surprised that the NSA has decided to make viruses that exploit a vulnerability, but did not report it to producers - in fact it is possible that while they were infected with a computer virus state structures of Russia and Iran, such as viruses infect computers Chinese special forces US government agencies
Distribute and write in the comments, you cease to use the stick now?