How hackers can attack your computer through USB ports

Our computers can suffer many types of attacks. In most cases these are started because we are connected to the Internet and we do not take the appropriate measures. For example, in a public Wi-Fi network if we do not use a VPN our information will not be encrypted and may be intercepted by a cybercriminal. In addition, we can be immersed in an attack of Phishing, ransomware, viruses, Trojans, computer worms, malware and other types of harmful software. Currently, we often think that if we receive an attack it will be when we are online and we forget that although they are less frequent, there are also other options. In this article we are going to see how they can attack your computer through USB ports.

The first thing we are going to do is explain the dangers of some USB memory sticks, which can be used to attack your computer. Then we will talk about the Rubber Ducky and Bash Bunny.

How hackers can attack your computer through USB ports

Rubber Ducky USB sticks to attack your computer

Some of you may be thinking of the typical USB memory with powerful software capable of infecting our computer or with many special tools for hacking. Although it is true that it includes these types of tools, these memories are much more complex and offer much greater versatility. Apparently, if we saw it placed in the USB port of a computer or on a table, we would think that it is the typical USB memory that we have to store our data.

Then the doubt assails us that being physically identical, we wonder what their differences are and we will find these differences within them. Specifically, to attack your computer, they usually have hardware similar to this that will improve over time. This would be an example:

  • It has a Quad-Core CPU with speeds above 1GHz.
  • They come with either 512MB or 1GB of RAM.
  • They have an 8GB SSD.
  • They can have their own operating system.

A Rubber Ducky can be defined as a modified pendrive . In addition to the typical storage functions of any memory, it will allow us to program scripts to, for example, copy files from a computer. A normal memory, unless we double click on the script, will not be executed, but instead with a Rubber Ducky that is more complete because it has its CPU, RAM etc. it will behave in the way that we establish in its programming.

Bash Bunny, a pendrive to attack your computer

Obviously, we will not notice any difference with a normal pendrive and this would be an example of the Bash Bunny USB memory that can be used to attack your computer.

This specific model, in addition to the features mentioned in the previous section, in its second version has added compatibility with Bluetooth low energy. This way it will allow us to have remote control easily and quickly using this type of connectivity.

It should also be noted that it has a Linux operating system and is capable of interpreting various programming languages such as Python, Perl and Ruby and more. Here you have all the information about the Bash Bunny USB memory. As a curiosity, comment that it is not difficult to find, since it can be purchased online.

And how can I protect my equipment?

We have already seen that with these types of tools they can easily attack your team. The first thing we must do is act wisely to be protected from Rubber Ducky and similar devices. In this regard, we must start by distrusting any USB memory that we find on the street or in public places where we are, such as libraries and cafeterias. Therefore, we must not insert it into the USB port of our equipment. Nor allow a stranger to insert it with any excuse.

To be protected, we must also have security programs such as a good antivirus, if possible anti-malware software and also have an updated operating system. In the event that you have work computers, a good option would be to configure security policies to prevent the USB ports of our computer from working, this can be done at the operating system level in order to be protected against this type of device.