Recently I've watched a movie "Blackhat" where just by inserting a USB flashdrive he could infect a host PC with some malicious program. Is it true that it's not safe to share USB flashdrives just like that? If yes, how come a "virus" can initiate itself in a host machine without being executed by a user? In other words, doesn't it need to be clicked on first?
Asked
Active
Viewed 233 times
3 Answers
6
Using something like BadUSB can turn any USB device into a keyboard, RubberDucky makes this even easier.
Using these techniques you can run commands and install mallware on a computer without the user ever pressing a button or opening a file. So yes, using a untrusted USB (storage) device can be dangerous.
BadSkillz
- 4,404
- 24
- 29
2
Sharing a USB is always a risk. We never know what new ransomware or malware that pendrive contains. Its always advised to scan the USB before opening the files in your system.
Also how would you know by seeing if a file is corrupted,malware etc?
Ever came across autorun malware in windows? You dont need to click on the file for it to run
Krishna Chaitanya
- 61
- 1
- 4
0
Yes, in short, a USB drive can be used in this way. I always scan any USB that is put in my computer, regardless of who it is from.
Benoit Esnard
- 13,942
- 7
- 65
- 65
-
4If you scan it after you've put it in the computer, it may be too late. – ugoren Jan 22 '16 at 16:09
-
Not necessarily. Usb Disk scanner for example scans the disk before opening it. – Krishna Chaitanya Mar 08 '16 at 07:57