What is a USB Drop Attack?

Almost all of us are aware of USB storage devices. They are used to store data. Because they are portable and lightweight, we can carry them with us without any problem. Do you know these USB storage devices can be used to hack your system or install malware on your system? This is known as a USB Drop Attack.

What is a USB Drop Attack?

In a USB Drop Attack, a cybercriminal or a hacker places a USB storage device strategically so that the target or victim can find it and plug it into his computer. Once the victim plugs the USB storage device into his computer, the attack begins. Usually, USB flash drives are used for this purpose.

Dangers or Consequences of a USB Drop Attack

A USB Drop Attack victim can face the following consequences.

Phishing: An unknown USB flash drive is not safe to plug into your computer because it may contain files with embedded malicious links. If you open these files, you may become a victim of a phishing attack. On opening these files or clicking on these links, you will be redirected to a website where your confidential data or information may be compromised. Visiting these phishing websites can also install malware on your system which may lead to data loss or data theft.
Malicious Code code execution: A hacker can also use a USB flash drive to execute the malicious code on your computer. The USB flash drives used for USB Drop Attack have infected files. Opening these files will result in the execution of malicious code which may give full control of your system to the hacker. Moreover, this may also result in the deployment of Ransomware on your computer. Ransomware can encrypt your data and prevent you from accessing your computer. By encrypting your data, the cybercriminal will ask you for payment for a decryption key.
HID (Human Interface Device) Spoofing: An HID or Human Interface Device is a computer device that is used by humans to give input to the computer. In an HID Spoofing attack, the infected USB flash drive disguises itself as a keyboard. Because your computer thinks that you have attached a keyboard, the USB flash drive injects some pre-configured keystrokes that activate the malware and give the hacker remote access to your computer.

Purpose of the USB Drop Attack

Hackers perform USB Drop Attacks to:

Gain remote access to the user’s computer.
Destroy, steal, or encrypt data stored on the user’s device.
Deploy malware on the user’s computer, like Ransomware, Spyware, etc.
Steal confidential information, like credit card details or banking account passwords, organization’s data, etc.

Tips to Prevent a USB Drop Attack

We have seen what a USB Drop Attack is. Now, let’s discuss preventive measures to avoid a USB Drop Attack.

Always place your USB flash drive in a safe location where only you can access it.
Always install a good antivirus program on your system that will keep you safe from cyberattacks.
Do not plug unknown USB flash drives into your computer.
Disable AutoPlay so that the plugged-in USB flash drive does not open automatically.

Read: Command and Control Cyberattacks: How to Identify and Prevent them?

Is USB Killer real?

Yes, a USB Killer is real. It is a modified USB flash drive that supplies a high-voltage current into the device after you insert it into your device’s USB port. The main purpose of a USB Killer is to damage the user’s device.

Read: History and Evolution of Malware and Viruses

What are the USB threats?

An unknown USB flash drive can contain malicious files that can execute malicious codes on the user’s computer. This will result in data theft or data destruction. Therefore, it is always suggested not to use an unknown USB flash drive.