![\"\"](\"https:\/\/new.eba.com.ua\/wp-content\/uploads\/2021\/06\/Hacken_5_30062021.png\")
<\/p>\n<\/p>\n
USB flash drives are one of the most popular data transmission tools. Every employee as well as common users regularly use a few USB flash drives. These tools are very useful for data transmission and storage purposes due to their size and ease of use.<\/p>\n
![\"\"](\"https:\/\/new.eba.com.ua\/wp-content\/uploads\/2021\/06\/Hacken_6_30062021.png\")
<\/p>\n
One of the most widespread threats related to the use of USB flash drives for professional purposes is the possibility that these small tools may be lost or stolen. There is the risk that accidental finding may appear in the hands of hackers who can easily access all information and files stored on this drive. In 2017, the insurance company MAPFRE Life was fined $2.2 mln<\/a> due to the violation of the Health Insurance Portability and Accountability Act (HIPAA), the main document governing the protection of patients\u2019 data. The USB flash drive containing information about 2,200 patients such as their names, dates of birth, social insurance numbers, and other data was stolen from the insurance agent\u2019s office.<\/p>\n However, even when data has been deleted from a USB flash drive, hackers may restore it since a drive may contain the tracks of files or their copies. That is why the steal of these tools or their loss creates serious risks for companies.<\/p>\n The loss of a USB flash drive may is also associated with the risk of substitution. Upon finding a flash drive with the logo of a particular company, a hacker may install hidden software and bring the \u201cfinding\u201d to the company\u2019s office. The employees without any suspect of possible malicious intentions of this \u201ckind person\u201d will continue using the found USB flash drive thereby infecting both corporate and personal devices. In this case, a hacker is not interested in accessing the information stored on a flash drive but rather is interested in accessing as many devices as possible.<\/p>\n When a USB flash drive contains malicious software or is infected by viruses, there is a high risk that these malicious programs may be transmitted to the devices to which this tool is connected. Malicious software is used by hackers to steal files from the infected device, view browser history, gain control over the programs, changing configurations, etc. By connecting the infected flash drive to a computer a user without noticing it launches the installation of so-called browser pirates that redirect him to dangerous websites or resources from which the process of further transmission of malicious software takes place.<\/p>\n Furthermore, the infected flash drives may contain adware, spy modules, and potentially dangerous software. The type of threat that may be caused by connecting a USB flash drive to a computer depends on the intentions of hackers. The variety of tools hackers have at their disposal is very broad. That is why companies need to strictly monitor the use of USB flash drives by employees and try to minimize it.<\/p>\n USB Rubber Ducky<\/strong><\/p>\n One of the main tools in the hands of hackers related to USB flash drives is USB rubber ducky that resembles popular USB flash drives. USB rubber duckies with pre-installed malicious software allow hackers to rapidly enter commands to the victim\u2019s computer. These tools have a microcontroller and memory with the required loaded sketch. It takes just a few seconds for a \u201cducky\u201d to crack systems. USB rubber duckies may be purchased online at the price of $50<\/a>. The detailed instruction and lessons on how to make rubber duckies from common USB flash drives may be easily found on the Internet. Both experienced and specialists and hackers-amateurs may just by following a few steps make dangerous rubber duckies.<\/p>\n Rubber ducky – the most popular BadUSB<\/em><\/p>\n WiFi Ducky<\/strong><\/p>\n It is the analogue a rubber ducky but with a built-in Wi-Fi module. The sketch is not executed immediately when connecting this tool to a computer but the access point awaiting connection is created. One may connect to this access point from any device while the required actions may be carried out at any point in time. And that is one of the main advantages of Wi-Fi ducky over a USB rubber ducky. Wi-Fi ducky was firstly developed by Stephan Kremser and now it is available for sale<\/a>.<\/p>\n USbee<\/strong><\/p>\n The attack in the form of airgap. By connecting the USB flash drive to the victim\u2019s computer hackers can transmit data stored on this device at a frequency that ranges between 240 and 480 MHz. This type of attack targets computers that are not united in a network. USbee<\/a> was developed by researchers from Israel. The information transmitted at this frequency comes to a receiver that is located nearby, for example, in the next room. The data transmission speed is just close to 80 bytes per second, however, it is enough to steal confidential data including passwords. The advantage of this method is that there is no need to modify the USB tool and receiver. The effectiveness of this type of attack depends on many factors and that is why its popularity is lower compared to the frequency of use of rubber and Wi-Fi duckies.\u00a0<\/p>\nHow do USB flash drives become a weapon?<\/h3>\n
![\"\"](\"https:\/\/new.eba.com.ua\/wp-content\/uploads\/2021\/06\/Hacken_3_30062021-300x203.png\")
<\/p>\n
![\"\"](\"https:\/\/new.eba.com.ua\/wp-content\/uploads\/2021\/06\/Hacken_8_30062021.png\")
<\/p>\n