[PMunch]

Sure, if you're the one who created the USB drive then you could make it not actually a USB drive. But this sounds like an infected machine infecting previously safe USB drives and turn them into malicious ones. And I'm not sure I get how a USB drive can be turned malicious. I vaguely remember there was a bit you could flip in older USB drives to make them appear as disk drives and enable autorun, but I doubt that's how this is done.

[mu53]

I think its the firmware. Outside of the main drive, there are smaller chips that work with the OS to r/w the main drive. Each chip has firmware whose memory is usually r/w as well.

Once you can manipulate the code on the firmware, its probably pretty easy to find a kernel level exploit.

Here is a reference with a virus. https://superuser.com/questions/854918/manipulating-firmware...