Because USB drives are frequently transferred from one device to another, they’re easily susceptible to attacks from different types of malware. Read on to learn more about these common USB viruses.
In this article:
- Rubber Ducky Firmware
- PHUKD/THATS PHUKD/URFUKED
- USBdriveby/USB driveby
- Default Gateway Override
- Password Protection Bypass Patch
- USB Thief
- Bash Bunny Updater
9 Types of Malware You Need to Protect Your USB From
Malware Definition: A contraction of the term “malicious software,” it’s an umbrella term for any kind of software made to infiltrate your computer and disrupt or damage its inner workings.
1. Rubber Ducky Firmware
“Rubber Ducky” is a popular USB malware compatible with almost all computer operating systems. What this flash drive malware does is it encrypts your files without you knowing.
A USB with a Rubber Ducky malware will be read by the computer as a generic keyboard. Once plugged, it uses its pre-installed keystrokes to lock files on the USB.
Keystroke Definition: The act of pressing a key on a keyboard, which can trigger certain functions in a computer.
2. PHUKD/THATS PHUKD/URFUKED
This USB malware might have three names, but it does just one thing. Just like Rubber Ducky, PHUKD/THATS PHUKD/URFUKED also encrypts your files.
The key difference is in the malware’s timing. The Rubber Ducky malware automatically starts to encrypt your files the moment you plug your USB into a computer.
On the other hand, data hackers who program USBs with PHUKD/THATS PHUKD/URFUKED can choose a specific time to activate the malware.
3. USBdriveby/USB driveby
USBdriveby is a powerful USB development board that someone can attach to a USB drive. This device can hack any computer in 60 seconds.
When you plug the USBdriveby into your PC or laptop, it masks itself as a mouse or keyboard. It then uses pre-installed keystrokes to disable your computer’s firewall.
With your firewall down, USBdriveby starts cracking-down on your computer’s DNS settings. This unlocks your connection and exposes it to hackers who can control your system remotely.
4. Default Gateway Override
Like USBdriveby, Default Gateway Override also uses pre-installed keystrokes to hack your computer’s DNS settings. But instead of targetting your computer’s firewall, it goes straight to attacking your Ethernet adapter’s settings.
Once Default Gateway Override takes control of your Ethernet connector, it starts changing your DNS settings. A hacker can then gain access to your server and, consequently, your passwords, documents, and important computer files.
TURNIPSCHOOL is a type of malware developed by the Cottonmouth program of the National Security Agency (NSA). Considered as spyware by many, TURNIPSCHOOL can collect data on the computer of its unsuspecting victim.
The TURNIPSCHOOL malware uses a short-range radio-frequency communication connection to hack a computer or laptop. Alternatively, it also serves as a custom USB device, which hackers can control with a radio.
6. Password Protection Bypass Patch
If you have files in your USB that are password-protected, they’re definitely not safe against the Password Protection Bypass Patch malware.
As its name suggests, this USB malware cracks the security of your encrypted files wide open. Password Protection Bypass Patch does this by altering your USBs firmware.
This malware poses a real danger, especially when you use your USB flash drives to store important and secure data files. If you think the Password Protection Bypass Patch malware infected your USB, stop saving files to that flash drive immediately.
Malware isn’t just capable of accessing your computer and destroying your system data. Some types of malware can tap into your device’s webcam and record your every move.
An example of this kind of malware is iSeeYou. It’s an Apple-specific malware that affects the iSight cameras in infected Apple laptops.
iSeeYou also disables the LED light of your computer’s webcam even when it’s on. This way, the user has no idea that she or he is being recorded at all.
8. USB Thief
Back in 2016, ESET, an antivirus and Internet security company, discovered a new data-stealing malware found in USB flash drives. They identified the malware as the USB Thief, which is very different from the more common malware types that flood the Internet on a daily basis.
One of the aspects that make the USB Thief unique is it’s transmittable only via flash drive. Another quality that sets this malware apart from all the others is it doesn’t leave any trace on the computer or laptop it’s plugged in.
Lastly, the USB Thief has a tendency to bind itself to a single USB. This means you can’t copy or transfer the malware onto another USB flash drive.
USB Thief latches onto and hides itself in portable apps like Firefox and TrueCrypt downloaded into a USB. Once plugged into a computer, the malware starts collecting your personal data and makes it available to hackers.
9. Bash Bunny Updater
Bash Bunny is a simple yet powerful USB-based malware designed by Hak5. It automatically attacks as soon as the infected USB plugs into a computer or laptop.
Like most of the malware types on this list, Bash Bunny infiltrates a computer by posing as a keyboard program. According to the Hak5 website, the malware then proceeds to run its pre-loaded keystrokes to accomplish the following tasks:
- Imitate more keystrokes
- Steal cookies
- Copy data credentials
- Steal Wi-Fi passwords
- Gain remote access
- Create and launch backdoors
These are only nine of the many types of malware your unprotected USB are susceptible to. Today’s technology is ever-evolving, so there will always be new USB viruses that spread throughout the Internet that can easily make their way to your flash drive.
Protect your USB from unwanted attacks by only plugging them in devices you trust!
Do you know of other types of malware that can also attack your USB? List them down in the comments section below!