{"id":12736,"date":"2016-08-05T12:17:15","date_gmt":"2016-08-05T16:17:15","guid":{"rendered":"https:\/\/www.kaspersky.com.au\/blog\/?p=12736"},"modified":"2019-11-15T22:50:40","modified_gmt":"2019-11-15T11:50:40","slug":"dangerous-usb","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.au\/blog\/dangerous-usb\/12736\/","title":{"rendered":"Should you use that USB key you found?"},"content":{"rendered":"<p>Here is a scenario for you: You are walking around, catching Pok\u00e9mon, getting fresh air, people-watching, taking Fido out to do his business, when something catches your eye. It\u2019s a USB stick, and it\u2019s just sitting there in the middle of the sidewalk. <\/p>\n<p>Jackpot! Christmas morning! (A very small) lottery win! So, now the question is, what is on the device? Spring Break photos? Evil plans to rule the world? Some college kid\u2019s homework? You can\u2019t know unless\u2026<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">You found a USB in your hotel lobby in <a href=\"https:\/\/twitter.com\/hashtag\/Vegas?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#Vegas<\/a> Do you plug it into your computer? <a href=\"https:\/\/twitter.com\/hashtag\/KLBH?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#KLBH<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/BlackHat2016?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#BlackHat2016<\/a><\/p>\n<p>\u2014 Kaspersky (@kaspersky) <a href=\"https:\/\/twitter.com\/kaspersky\/status\/761213956648079360?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">August 4, 2016<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Stop right there. If you found yourself in this scenario, what would you do? Would you plug in the drive or just toss it in the nearest trash can? If you would plug it in, you are not alone \u2014 although you really should not do that.<\/p>\n<p>This week at Black Hat, Elie Bursztein gave a presentation showing the results of a little social experiment his team conducted. They dropped 297 USB sticks around the University of Illinois campus (with permission from the university, of course). The sticks contained a harmless script that simply alerted the researchers if someone inserted the device into a computer, and it gave them time and location information. <\/p>\n<p>The results were illuminating: 48% of the USB sticks were plugged into a computer, most within 10 hours of being picked up. Surprisingly, 68% of the people who picked up the sticks and plugged them in said (in a survey following the test) that they were looking to get them back to the rightful owner \u2014 humanity prevails! (Although, these may be the good intentions the road to hell is paved with.)<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Would your employees plug a <a href=\"https:\/\/twitter.com\/hashtag\/USB?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#USB<\/a> stick they found in the parking lot into their machine? <a href=\"https:\/\/t.co\/mX8vSYCPud\" target=\"_blank\" rel=\"noopener nofollow\">https:\/\/t.co\/mX8vSYCPud<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/IT?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#IT<\/a> <a href=\"https:\/\/t.co\/dtwnmXmWic\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/dtwnmXmWic<\/a><\/p>\n<p>\u2014 Kaspersky (@kaspersky) <a href=\"https:\/\/twitter.com\/kaspersky\/status\/721127275807293441?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">April 16, 2016<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Now, here\u2019s the upshot: If you find yourself in a situation like the University of Illinois students and find a USB stick sitting on your front steps, you really should leave it alone. Sure, you might be able to see someone\u2019s racy photos or tax returns, but you might instead be targeted by a criminal. <\/p>\n<p>Burztein was conducting research and had no malicious intent. The script on the USB sticks was benign, and the test was conducted responsibly. The same cannot be said for the USB stick sitting in front of you.<\/p>\n<p>Inserting the device could <a href=\"https:\/\/www.elie.net\/blog\/security\/what-are-malicious-usb-keys-and-how-to-create-a-realistic-one\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">cause serious damage<\/a>: It might give an attacker access to your computer and track keystrokes (including passwords). It could infect your computer with ransomware.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">About 30% of <a href=\"https:\/\/twitter.com\/hashtag\/malware?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#malware<\/a> infections are spread via removable media like USB sticks. Here are some tips on USB safety. <a href=\"http:\/\/t.co\/t3nVf7zJ52\" target=\"_blank\" rel=\"noopener nofollow\">http:\/\/t.co\/t3nVf7zJ52<\/a><\/p>\n<p>\u2014 Kaspersky (@kaspersky) <a href=\"https:\/\/twitter.com\/kaspersky\/status\/366943501222551554?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">August 12, 2013<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>From a cybercriminal\u2019s point of view that\u2019s a good deal: The amount of money on your credit card that the key logger could steal, or the ransom that the cryptor would demand, is certainly quite a bit more, than the cost of a USB stick. And given a 48% pick-up rate, that seems like a rather profitable business for the bad guys.<\/p>\n<p><em>Rewind \u2026<\/em><\/p>\n<p>You found a USB device on the sidewalk. Do you insert it?<\/p>\n<p>Better question \u2014 how much are you willing to risk?<\/p>\n","protected":false},"excerpt":{"rendered":"<p>So you found a USB stick outside. Should you use it?<\/p>\n","protected":false},"author":636,"featured_media":12737,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[5,2647,2646],"tags":[770,1755,1782,1756,36,420,1754],"class_list":{"0":"post-12736","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"category-special-projects","9":"category-threats","10":"tag-black-hat","11":"tag-black-hat-usa-2016","12":"tag-blackhat16","13":"tag-klbh","14":"tag-malware-2","15":"tag-ransomware","16":"tag-usb-stick"},"hreflang":[{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/dangerous-usb\/12736\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/dangerous-usb\/3882\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/dangerous-usb\/7487\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/dangerous-usb\/7513\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/dangerous-usb\/7477\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/dangerous-usb\/8897\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/dangerous-usb\/8742\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/dangerous-usb\/12686\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/dangerous-usb\/2323\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/dangerous-usb\/12736\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/dangerous-usb\/5964\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/dangerous-usb\/6456\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/dangerous-usb\/5222\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/dangerous-usb\/12238\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/dangerous-usb\/12686\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/dangerous-usb\/12736\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.au\/blog\/tag\/black-hat\/","name":"black hat"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/posts\/12736","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/users\/636"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/comments?post=12736"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/posts\/12736\/revisions"}],"predecessor-version":[{"id":24474,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/posts\/12736\/revisions\/24474"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/media\/12737"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/media?parent=12736"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/categories?post=12736"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/tags?post=12736"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}