People are naturally curious. This sense of curiosity can be easily exploited using a USB drop key attack. In this attack, a malicious actor drops a thumb drive in a parking lot or other public area near a workspace. An employee might notice the USB drive lying on the ground, pick it up, and plug it into their computer. Unbeknownst to them, the drive is loaded with malicious software that can compromise the employee’s computer.
This attack relies on the victim’s computer having autorun enabled so that the malicious code is executed immediately. The malware, depending on its nature, may then spread outward and start infecting other hosts on the network.
Due to this potential scenario, the autorun feature has been disabled by default since Windows Vista. However, the victim can still be enticed to manually open a file and run the malicious code by disguising it in the following ways:
-
As something fun, such as a game
-
As something useful, such as a free program
-
As something mysterious and enticing, such as a file with a cryptic name #physicalSecurity