Skip to main content
  1. Home
  2. Computing
  3. News

Malware alert — don’t plug in that USB stick you found on the street

Bruce Brown
By
USB drop attack demo - Blackhat USA 2016
Be careful, that “found” USB drive may hold malware that’s just waiting for you to plug it in. Maybe you consider a found USB stick a chance to do a good deed by returning it to its owner — if you can discover who the owner is. Or maybe you’re curious and just want to see what’s on the removable storage drive. Whatever your reason for picking it up and plugging it in, that “lost” USB stick may be bait waiting for someone to hurt, according to Tom’s Hardware.
Recommended Videos

Google anti-abuse team researcher Elie Bursztein tested the effectiveness of using “lost” USB memory  to spread malware on a college campus. In Bursztein’s study, almost all of the USB sticks (97 percent) were picked up and almost half (45 percent) were plugged into computers where someone clicked on the stored files. In further testing, Bursztein found that USB sticks with labels such as “Exams” or “Confidential” were more likely to be opened than unlabeled drives while sticks with return addresses were less likely to be opened.

Related

The threats from USB drives can come in several forms. HTML files or executable files stored on the drive could activate malware to infect the system in the background while running innocuous programs in the foreground. Users could be sent to a phishing site that would attempt to steal personal information. Alternately, activated code could search the computer’s files for personal credentials and then attempt to send them back to the hacker or to the cloud for later retrieval.

USB devices that resemble memory sticks but are really keyboard spoofers could be programmed to allow remote access and signal a hacker that the computer is open and ready for whatever the hacker intends.

It’s also possible to use USB sticks to mount zero-day attacks that exploit known software vulnerabilities either before vendors patch the hole or before users download updates. According to Bursztein, zero-day threats are less likely to be spread with randomly “lost” USB sticks due to the cost and complexity of altering firmware. You are more likely to be hit with malicious files or to pick up a keyboard-spoofer.

In any case, the best advice is to resist the temptation to pop a “found” USB stick into your computer just to see what’s on it. Bursztein demonstrated how a USB drop attack could work at Black Hat USA 2016.

Editors' Recommendations

Topics
Bruce Brown
Bruce Brown
Contributing Editor
Digital Trends Contributing Editor Bruce Brown is a member of the Smart Homes and Commerce teams. Bruce uses smart devices…
The 10 best monitors for 2024: tested and reviewed
A person using the Dell UltraSharp 40 U4025QW 40-inch curved Thunderbolt hub monitor with a Dell laptop on a desk.

For those seeking a superior computer setup, a cutting-edge monitor is non-negotiable. Whether you're entrenched in graphic design, a dedicated gamer, or a remote professional, the right display has the power to transform your computing experience. With a myriad of options available, ranging from various resolutions and panel types to refresh rates and specialized features, navigating the world of monitors can be overwhelming.

Investing in a good PC monitor can enhance your computing experience in several ways:

Read more
This Alienware gaming PC with an RTX 4090, 64GB of RAM is $1,000 off
Alienware Aurora R15 placed at an angle on a table.

Dell is consistently a great place to check for gaming PC deals and that’s certainly the case today. If you want a high-end gaming rig for less, you can currently buy the Alienware Aurora R15 gaming desktop for $2,900 instead of $3,900. The $1,000 saving is particularly sweet when you bear in mind that this is a truly high-end gaming PC packed with all the latest hardware. If you’re keen to know more, check out what we have to say about it below or you can simply hit the button below to go straight to the deal.

Why you should buy the Alienware Aurora R15 gaming desktop
Alienware makes some of the best gaming PCs around and the Alienware Aurora R15 gaming desktop is a perfect representation of that. It’s packed with the latest hardware. That includes an AMD Ryzen 9 7900X processor, 64GB of memory and 2TB of M.2 SSD storage. It’s great to see so much RAM with many gaming PCs still sticking with 32GB when 64GB really does set you up for the long term. Similarly, the large amount of fast storage is perfect for ensuring you won’t run out of room any time soon even when handling large installs like Call of Duty: Warzone or Hogwarts Legacy.

Read more
4 CPUs you should buy instead of the Ryzen 7 7800X3D
AMD Ryzen 7 7800X3D sitting on a motherboard.

The Ryzen 7 7800X3D is one of the best gaming processors you can buy, and it's easy to see why. It's easily the fastest gaming CPU on the market, it's reasonably priced, and it's available on a platform that AMD says it will support for several years. But it's not the right chip for everyone.

Although the Ryzen 7 7800X3D ticks all the right boxes, there are several alternatives available. Some are cheaper while still offering great performance, while others are more powerful in applications outside of gaming. The Ryzen 7 7800X3D is a great CPU, but if you want to do a little more shopping, these are the other processors you should consider.
AMD Ryzen 7 5800X3D

Read more