Open In App

USB Drop Attack in System Hacking

Last Updated : 03 Aug, 2022
Improve
Improve
Like Article
Like
Save
Share
Report

The USB drop attack is a client-side attack in system hacking. This means that an attacker must be physically near the victim and plug a malicious USB device into the victim’s computer to launch this type of attack. This type of cybersecurity hack is often used by cybercriminals to steal data or install malware onto a vulnerable PC, or as a means to install ransomware on the victim’s machine. The drop can come in many forms, including an infected CD or DVD, an inserted SD card into a slot on your PC, or even an activated Bluetooth connection that automatically starts downloading malware onto your computer when it syncs with another one nearby.

USB drop attack

 

When an attacker uses this technique, the device can immediately be destroyed in a controlled manner for the following reasons:

  • Placing a device into service mode and operating a reset button or holding down the push button, or truncating a USB cord inserted into the device. When these techniques are performed simultaneously, physical damage to the device may occur.
  • Disconnecting power to the USB port and plugging it back in (without already having been powered on) by holding down the reset button or pushing up on a USB connector. 
  • When this is performed, physical damage may occur to some devices.
  • Pressing the eject button on a CD or DVD drive when the media is in the drive. 
  • When this technique is performed, physical damage to the media may occur.

The USB drop attack is difficult for some types of hardware, but not impossible. The attacker needs to choose a method that offers no chance of rebooting or restoring files. But it’s possible that recovery software may be able to restore files from an operating system after pressing an eject button on a CD or DVD drive or other similar methods. The victim’s operating system (OS) might be able to prevent damage, or it might not. The attacker can also decide methods that will cause no permanent physical damage if the attacker’s goal is simply to download malware, which might include shutting down the machine and unplugging it after the malware has been installed.

Key Points:

  • The USB drop attack is a client-side attack in system hacking.
  • It is a difficult way for some types of hardware, but not impossible.
  • The attacker needs to decide on a method that offers no chance of rebooting or restoring files.
  • But it’s possible that recovery software may be able to restore files from an operating system after pressing an eject button on a CD or DVD drive or other similar methods.
  • The victim’s operating system (OS) might be able to prevent damage, or it might not.
  • The attacker can also choose methods that will cause no permanent physical damage if the hacker’s goal is simply to download malware, which might include shutting down the machine and unplugging it after the malware has been installed.

Countermeasures:

  • USB devices are difficult to protect against.
  • Many devices are designed for convenience and mobility, not for security.

Solutions include:

  • Trust but Verify: Ensure that there’s no malware on your machine before you use it or plug it into your machine. Use a disk image tool to make an exact copy of your hard drive, then compare the copy to the original. Check the SHA1 hash, or better yet, run a mirroring tool like BitLocker or Vera crypt. If you don’t check first, you’ll download malware onto your computer without knowing it. If you check afterward, you won’t infect yourself with malware until after the fact, when it’s too late to do anything about it.
  • Use a Firewall: A firewall allows you to control what program accesses your network, or the Internet. You can create rules to prevent malware from being installed by programs on your computer or through your network connection,
  • Disable AutoRun on USB Drives: USB devices are automatically launched as soon as they are plugged into a host computer. Make sure that your OS is configured not to automatically run any executable code that’s contained within these devices. AutoPlay is a feature built into modern versions of Windows that allows USB drives and other types of removable media to be started with a double click from within Windows Explorer (by default). Disabling AutoPlay will avert this attack method.

Conclusion:

The USB drop attack is a client-side attack in system hacking. This means that an attacker must be physically near the victim and plug a malicious USB device into the victim’s computer to launch this type of attack. The drop can come in many forms, including an infected CD or DVD, an inserted SD card into a slot on your PC, or even an activated Bluetooth connection that automatically starts downloading malware onto your computer when it syncs with another one nearby. When an attacker uses this technique, the device can immediately be destroyed in a controlled manner for the following reasons: Placing a device into service mode and operating a reset button or holding down the push button, or truncating a USB cord inserted into the device.


Like Article
Suggest improvement
Previous
What is a Default Password Attack Threat?
Next
What is Sniffing Attack in System Hacking?
Share your thoughts in the comments

Similar Reads

What is System Hacking in Ethical Hacking?
What is Sniffing Attack in System Hacking?
Reverse Brute Force Attack in System Hacking
FGDUMP in System Hacking
pwdump7 in System Hacking
USB Rubber Ducky - PenetrationTesting
What is Non-Electronic Password Attack on a System?
How To Multiple IP Addresses Work in Ethical Hacking?
Top 50 Ethical Hacking Interview Questions and Answers
Remote Access in Ethical Hacking

P
pittamand3tx
Article Tags :
We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy
Lightbox