Skip to content
  • Blog Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form

Linux-Based Lenovo Webcams’ Flaw Can Be Remotely Exploited for BadUSB Attacks

Posted on August 9, 2025August 9, 2025 By CWS

Aug 09, 2025Ravie LakshmananVulnerability / {Hardware} Safety
Cybersecurity researchers have disclosed vulnerabilities in choose mannequin webcams from Lenovo that would flip them into BadUSB assault gadgets.
“This enables distant attackers to inject keystrokes covertly and launch assaults unbiased of the host working system,” Eclypsium researchers Paul Asadoorian, Mickey Shkatov, and Jesse Michael mentioned in a report shared with The Hacker Information.
The vulnerabilities have been codenamed BadCam by the firmware safety firm. The findings had been offered on the DEF CON 33 safety convention immediately.
The event probably marks the primary time it has been demonstrated that menace actors who achieve management of a Linux-based USB peripheral that is already hooked up to a pc might be weaponized for malicious intent.
In a hypothetical assault state of affairs, an adversary can reap the benefits of the vulnerability to ship a sufferer a backdoored webcam, or connect it to a pc if they’re able to safe bodily entry, and remotely subject instructions to compromise a pc with the intention to perform post-exploitation exercise.

BadUSB, first demonstrated over a decade in the past by safety researchers Karsten Nohl and Jakob Lell on the 2014 Black Hat convention, is an assault that exploits an inherent vulnerability in USB firmware, primarily reprogramming it to discreetly execute instructions or run malicious applications on the sufferer’s laptop.
“Not like conventional malware, which lives within the file system and may usually be detected by antivirus instruments, BadUSB lives within the firmware layer,” Ivanti notes in a proof of the menace printed late final month. “As soon as related to a pc, a BadUSB gadget can: Emulate a keyboard to sort malicious instructions, set up again doorways or keyloggers, redirect web site visitors, [and] exfiltrate delicate knowledge.”
Lately, Google-owned Mandiant and the U.S. Federal Bureau of Investigation (FBI) have warned that the financially motivated menace group tracked as FIN7 has resorted to mailing U.S.-based organizations “BadUSB” malicious USB gadgets to ship a malware referred to as DICELOADER.

The most recent discovery from Eclypsium reveals {that a} USB-based peripheral, akin to webcams working Linux, that was not initially meant to be malicious, could be a vector for a BadUSB assault, marking a big escalation. Particularly, it has been discovered that such gadgets might be remotely hijacked and reworked into BadUSB gadgets with out ever being bodily unplugged or changed.
“An attacker who positive factors distant code execution on a system can reflash the firmware of an hooked up Linux-powered webcam, repurposing it to behave as a malicious HID or to emulate extra USB gadgets,” the researchers defined.
“As soon as weaponized, the seemingly innocuous webcam can inject keystrokes, ship malicious payloads, or function a foothold for deeper persistence, all whereas sustaining the outward look and core performance of an ordinary digicam.”
Moreover, menace actors with the flexibility to change the firmware of the webcam can obtain a higher stage of persistence, permitting them to re-infect the sufferer laptop with malware even after it has been wiped and the working system is reinstalled.

The vulnerabilities uncovered in Lenovo 510 FHD and Lenovo Efficiency FHD webcams relate to how the gadgets don’t validate firmware, because of which they’re prone to a whole compromise of the digicam software program by way of BadUSB-style assaults, provided that they run Linux with USB Gadget assist.
Following accountable disclosure with Lenovo in April 2025, the PC producer has launched firmware updates (model 4.8.0) to mitigate the vulnerabilities and has labored with the Chinese language firm SigmaStar to launch a software that plugs the difficulty.
“This primary-of-its-kind assault highlights a refined however deeply problematic vector: enterprise and shopper computer systems usually belief their inner and exterior peripherals, even when these peripherals are able to working their very own working techniques and accepting distant directions,” Eclypsium mentioned.
“Within the context of Linux webcams, unsigned or poorly protected firmware permits an attacker to subvert not simply the host but additionally any future hosts the digicam connects to, propagating the an infection and sidestepping conventional controls.”

The Hacker News Tags:Attacks, BadUSB, Exploited, Flaw, Lenovo, LinuxBased, Remotely, Webcams

Post navigation

Previous Post: Researchers Uncover GPT-5 Jailbreak and Zero-Click AI Agent Attacks Exposing Cloud and IoT Systems
Next Post: Darknet Market Escrow Systems is Vulnerable to Administrator Exit Scams

Related Posts

APT28 Uses Signal Chat to Deploy BEARDSHELL Malware and COVENANT in Ukraine The Hacker News
AI Slashes Workloads for vCISOs by 68% as SMBs Demand More – New Report Reveals The Hacker News
LangSmith Bug Could Expose OpenAI Keys and User Data via Malicious Agents The Hacker News
Iran-Linked BladedFeline Hits Iraqi and Kurdish Targets with Whisper and Spearal Malware The Hacker News
Researchers Uncover ECScape Flaw in Amazon ECS Enabling Cross-Task Credential Theft The Hacker News
FBI and Europol Disrupt Lumma Stealer Malware Network Linked to 10 Million Infections The Hacker News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • How to Secure Public Cloud Storage
  • Darknet Market Escrow Systems is Vulnerable to Administrator Exit Scams
  • Linux-Based Lenovo Webcams’ Flaw Can Be Remotely Exploited for BadUSB Attacks
  • Researchers Uncover GPT-5 Jailbreak and Zero-Click AI Agent Attacks Exposing Cloud and IoT Systems
  • ChatGPT “0-Click” Vulnerability in Connectors Exposed Sensitive Google Drive Data

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • How to Secure Public Cloud Storage
  • Darknet Market Escrow Systems is Vulnerable to Administrator Exit Scams
  • Linux-Based Lenovo Webcams’ Flaw Can Be Remotely Exploited for BadUSB Attacks
  • Researchers Uncover GPT-5 Jailbreak and Zero-Click AI Agent Attacks Exposing Cloud and IoT Systems
  • ChatGPT “0-Click” Vulnerability in Connectors Exposed Sensitive Google Drive Data

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News