What Is a USB Drop Attack and How Can You Prevent It? - MUO - MakeUseOf

If you ever find a Universal Serial Bus (USB) drive in your driveway, a parking lot, or other commonplaces, never plug it into your PC. The cute-looking USB stick might have malicious software or code to carry out a USB drop attack.

What Is a USB Drop Attack?

In a USB drop attack, a cybercriminal strategically places an infected USB in the proximity of a victim so that the target can find it and plug it into a computer out of curiosity.

USB drop attacks are social engineering attacks that rely on how humans think and act in different situations.

When a person finds a USB stick, either they want to return it to the real owner or keep it. In both cases, they will likely plug the USB stick into a device to find out what it contains. And once the USB drive is plugged in, troubles start.

4 Types of USB Attacks

Let's first go over the main types of USB attacks you should be aware of.

1. Social Engineering

USB sticks have files with inviting names like "Top Secret". And these files have links to malicious sites. Clicking on them takes victims to phishing sites that can dupe victims into sharing confidential information, giving money, or installing malware on their computers.

2. Malicious Code

This is one of the most common types of USB drop attacks. USB sticks have files that release malicious code when somebody clicks on them, installing malware automatically on the victim's system. Then, attackers can steal confidential data or, in the case of ransomware, encrypt files.

3. Human Interface Device Spoofing

In a Human Interface Device (HID) spoofing attack, a connected USB drive misdirects a computer to think that a keyboard is attached. Then, the USB drive injects pre-configured keystrokes that give hackers remote computer access.

Once the remote connection is established, hackers can steal confidential information or install various types of malware on the victim's computer.

4. USBKill

USBKill attacks, though not common, are designed to destroy computers. In such an attack, a USBKill stick that looks precisely the same as any other USB thumb drive stores power using a capacitor. It then releases a high-voltage back through data pins of that same USB connection. This destroys the computer as USB data pins are designed to handle a tiny amount of power—just enough to send signals.

Why Cybercriminals Attempt USB Drop Attacks

Why would hackers even bother with USB drop attacks? There are a few key reasons. Using such an attack, cybercriminals can:

  • Steal logins and passwords;
  • Install ransomware to encrypt data or exfiltrate data;
  • Take over victims' computers remotely to spy on them by using their webcams and microphones;
  • Destroy victims' computers.

But the main objective of USB drop attacks is money.

Once hackers get hold of your sensitive data or device, they can ask for a ransom after encrypting your data or sell your confidential information on the dark web to make cash.

How to Prevent a USB Drop Attack

You might often need to open a USB drive, without knowing if the USB drive is free from viruses or malware. For example, your friend or relative has asked you to print a few documents from a USB stick. You would just trust that everything is fine, right? They might not even be aware that the USB is compromised.

What's more, sometimes, there are situations when you have to know what's on an unfamiliar USB stick.

Let's consider some efficient ways to help you avoid falling victim of a USB drop attack.

Only Use Trusted USB Drives

The best way to avoid a USB attack is to only plug trusted USB devices into your computer. If you're not sure whether a USB drive is clean or not, avoid plugging it into your computer system.

Install a Reliable Security Program

how to check whether there's an update for windows security

Installing and regularly updating a comprehensive antivirus program can protect your computer system from many known threats. Make sure your PC has the latest security software installed.

If the nature of your work requires you to open unknown USB drives frequently, you should look for a security solution that has capabilities beyond virus and malware mitigation.

The security solution you pick must have a feature that will not authorize any HIDs unless you input a code with an already authorized HID. This feature will protect your computer system from HID spoofing.

Disable AutoPlay on Your PC

The AutoPlay feature is a helpful feature in Windows. It allows Windows Explorer to automatically perform different actions depending on the media type on the connected device.

But with AutoPlay enabled, malicious code or malware can be automatically executed when you connect an infected USB drive to your computer system.

So, disabling the AutoPlay feature can help you avoid getting infected while inserting unknown USB drives into your Windows PC.

Here is the simple process to disable AutoPlay on a Windows PC:

  1. Go to Settings > Bluetooth and devices.
  2. Scroll down in the right sidebar, and click on the AutoPlay tab.
  3. Toggle off the Use AutoPlay for all media and devices option.
    A Screenshot of AutoPlay Off Setting in Windows 11 PC

Use Virtualization Software to Open USB Drives

Though this is not a foolproof method, opening an unknown USB drive in a virtual environment to find out what it contains can offer you reasonable protection.

You can use Oracle's free VirtualBox program to create a virtual environment on your computer. Make sure you disable file sharing between the host computer and the virtual machine before connecting an unfamiliar USB device to a virtual machine on your computer.

Use an Air-Gapped Computer

If you need to know what a USB drive contains, use an air-gapped computer. An air-gapped computer means the PC is not connected to any computer network or the internet. And you should use this air-gapped computer only for opening unknown USB drives.

Don't Fall for a Dropped USB Drive

Carrying out USB drop attacks is easy for hackers as buying USB flash drives is inexpensive. The best way to protect from a USB drop attack or any other type of attack involving a USB drive is simply to never trust an unknown USB drive.

If you must open an unknown USB drive, using an air-gapped PC or a virtual environment can offer reasonable protection. If other family members use your PC, disabling USB ports can be a good strategy to stay protected.

Comments

Post a Comment

Popular posts from this blog

Covid US: New Jersey records first death from UK 'super strain' - Daily Mail

Image
Covid US: New Jersey records first death from UK 'super strain' - Daily Mail Covid US: New Jersey records first death from UK 'super strain' - Daily Mail Britain will be lashed by SEVEN inches of snow and heavy downpours from today - Daily Mail Another shot in the arm for Britain! 60million MORE jabs set to be made in UK - Daily Mail Mansion Global Daily: Seller's Reluctance Hits the U.K., Demand Keeps Hong Kong Home Prices Afloat, and More - Mansion Global Covid US: New Jersey records first death from UK 'super strain' - Daily Mail Posted: 28 Jan 2021 09:48 AM PST New Jersey has recorded its first death from the highly-contagious U.K. variant of COVID-19.  The unidentified resident succumbed to the virus on Wednesday, State Health Commissioner Judith Persichilli confirmed at a press conference.  The victim had 'significant underlying health cond...
Read more

Wednesday Newspaper | Daily Business Review - Law.com

Image
Wednesday Newspaper | Daily Business Review - Law.com Wednesday Newspaper | Daily Business Review - Law.com Daily Pilot e-Newspaper: Wednesday, Dec. 9, 2020 - Los Angeles Times Newspaper headlines: Covid-19 vaccine 'giant leap' and Johnson heads to Brussels - BBC News Wednesday Newspaper | Daily Business Review - Law.com Posted: 09 Dec 2020 04:00 AM PST Law.com The Practical Benefits of Resolving Coverage Disputes through Mediation Sponsored By : NAM | Webcast Date : Thursday, December 10, 2020 | "A coverage dispute" is a wide net that broadly captures an array of issues encountered in the context of first-party claims, third-party claims and inter-insurer disputes – each of which, in turn, has various subsets, depending on the parties, policies, facts and damages in question. Daily Pilot e-Newspaper: Wednesday, Dec. 9, 2020 - Los Angeles Times Posted: 08 Dec 2020 ...
Read more

Quarantines, isolation and lockdowns draw mixed reviews: 'There is no zero risk in the world' - USA TODAY

Image
Quarantines, isolation and lockdowns draw mixed reviews: 'There is no zero risk in the world' - USA TODAY Quarantines, isolation and lockdowns draw mixed reviews: 'There is no zero risk in the world' - USA TODAY Report: Sixth woman says she was sexually abused by Olympic taekwondo champ Steven Lopez - USA TODAY Peacock problems, avocado threat, weedy sea dragons: News from around our 50 states - USA TODAY The champs and the chastened: Nationals, Astros enjoy far different first days of work - USA TODAY Toddler's reaction to Target ad of boy in wheelchair goes viral: 'He couldn't stop looking' - USA TODAY Quarantines, isolation and lockdowns draw mixed reviews: 'There is no zero risk in the world' - USA TODAY Posted: 17 Feb 2020 10:06 AM PST CLOSE Two charter flights carrying Diamond Princess passen...
Read more