Plugging In A Randomly Found Device? Think Twice

Imagine, you walk into work or any place you visit often, and you find a USB drive as a surprise gift from an admirer. Of course, as any human, you would be tempted to see what’s inside that drive and you plug it in to your laptop/computer.

I now tell you; you have been compromised. The attacker now has full blown access to your personal details, including your password to bank accounts.

How plugging in a USB device would have gotten you here?

Let’s start with what happens when you plug in a USB without any boring details. Here’s a quick representation of the mechanism in a Windows Operating System.

Figure 1: USB Device Function

Types of Bad USB attacks?

A USB device mimicked to act as:

  • A network card or wireless cards that can be used to send signals which gives attacker control over your computer.
  • A keyboard or mouse – which could be used to mimic keystrokes, pretending to be you. Basically, exploits the computer’s trust with human interface devices (HID).
  • To inject codes to installation files without user’s knowledge.

Why you should be worried?

  • These are undetectable by any anti-virus software
  • Can inject keystrokes at 1000 words per minute.
  • It can hold an in-built micro memory card that can store any number of codes with simple scripting language.

Prevention?

Here’s a much scarier part, there’s no detection mechanism that would stop anyone from falling in these types of attacks. Because, this happens even if you have “Autoplay” turned off.

One should simply be aware of not to plug in any unknown external device to their computer. If you are not using a USB based keyboard or any other based input device, it is best to have it disabled.

X