SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
TOP Security!
25 Aug 2016

Should you use that USB key you found?

Here is a scenario for you: You are walking around, catching Pokémon, getting fresh air, people-watching, taking Fido out to do his business, when something catches your eye. It’s a USB stick, and it’s just sitting there in the middle of the sidewalk.

Jackpot! Christmas morning! (A very small) lottery win! So, now the question is, what is on the device? Spring Break photos? Evil plans to rule the world? Some college kid’s homework? You can’t know unless…

Stop right there. If you found yourself in this scenario, what would you do? Would you plug in the drive or just toss it in the nearest trash can? If you would plug it in, you are not alone — although you really should not do that. This week at Black Hat, Elie Burztein gave a presentation showing the results of a little social experiment his team conducted. They dropped 297 USB sticks around the University of Illinois campus (with permission from the university, of course). The sticks contained a harmless script that simply alerted the researchers if someone inserted the device into a computer, and it gave them time and location information.

The results were illuminating: 48% of the USB sticks were plugged into a computer, most within 10 hours of being picked up. Surprisingly, 68% of the people who picked up the sticks and plugged them in said (in a survey following the test) that they were looking to get them back to the rightful owner — humanity prevails! (Although, these may be the good intentions the road to hell is paved with.)

Now, here’s the upshot: If you find yourself in a situation like the University of Illinois students and find a USB stick sitting on your front steps, you really should leave it alone. Sure, you might be able to see someone’s racy photos or tax returns, but you might instead be targeted by a criminal. Burztein was conducting research and had no malicious intent. The script on the USB sticks was benign, and the test was conducted responsibly. The same cannot be said for the USB stick sitting in front of you.

Inserting the device could cause serious damage: It might give an attacker access to your computer and track keystrokes (including passwords). It could infect your computer with ransomware.

From a cybercriminal’s point of view that’s a good deal: The amount of money on your credit card that the key logger could steal, or the ransom that the cryptor would demand, is certainly quite a bit more, than the cost of a USB stick. And given a 48% pick-up rate, that seems like a rather profitable business for the bad guys. Rewind … You found a USB device on the sidewalk. Do you insert it? Better question — how much are you willing to risk?

Tags:
USB data protection fraud
Source:
Kaspersky Daily
1974
Other NEWS
3 Jul 2020 safeum news imgage An encrypted messaging service has been infiltrated by police
4 May 2020 safeum news imgage Two-Factor Authentication ​What Is It and Why You Should Use It
12 Dec 2019 safeum news imgage Encryption is under threat - this is how it affects you
4 Nov 2019 safeum news imgage Should Big Decisions Be Based on Data or Your Intuition?
7 Jun 2018 safeum news imgage VPNFilter malware infecting 500,000 devices is worse than we thought
4 Jun 2018 safeum news imgage Hackers target Booking.com in criminal bid to steal hundreds of thousands from customers
1 Jun 2018 safeum news imgage Operator of World's Top Internet Hub Sues German Spy Agency
30 May 2018 safeum news imgage US says North Korea behind malware attacks
29 May 2018 safeum news imgage Facebook and Google targeted as first GDPR complaints filed
25 May 2018 safeum news imgage A new reason to not buy these cheap Android devices
24 May 2018 safeum news imgage Flaws in smart pet devices, apps could come back to bite owners
23 May 2018 safeum news imgage Google sued for 'clandestine tracking' of 4.4m UK iPhone users' browsing data
21 May 2018 safeum news imgage LocationSmart reportedly leaked phone location data onto the web
18 May 2018 safeum news imgage The SEC created its own scammy ICO to teach investors a lesson
17 May 2018 safeum news imgage Thieves suck millions out of Mexican banks in transfer heist
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015