Last year we told you about USB Killer v2.0, which is a USB drive that works as a power surge to fry your computer in seconds. Although the device was available on a hacking site, normally hackers aren't looking to kill a computer.
They prefer to infect it so they can steal your information. A hacker might load a bunch of drives with harmful content and leave them lying around for unsuspecting victims to pick up and plug into their laptops, tablets or computers.
Are people still falling for this scam?
According to a great presentation from the recent Black Hat Briefings security conference, yes they sure are. The anti-fraud and abuse research lead at Google, Elie Bursztein, did an experiment on a college campus that shows just how naive people can be.
Basically, picking up a USB drive off the ground and plugging it into your computer is kind of like picking up a piece of trash off the ground and putting it in your mouth...you could get a virus from both.
Bursztein conducted his social experiment on the University of Illinois Urbana-Champaign campus. He left nearly 300 USB drives in different areas around campus. Get this, 98 percent were picked up.
Even Good Samaritans got taken
Nearly 50 percent of the drives were plugged in and files were opened. In his presentation, Burstein explained that these files could have installed malware, controlled the computer remotely, or launched a zero-day exploit.
University officials protected their students from any real harm. Burstein was also not allowed to use USB drives with viruses for the experiment.
Instead, the files took the students to a survey where they answered why they plugged them in. About 70 percent claimed to be good samaritans who just wanted to figure out who it belonged to so that they could return it. About 20 percent of the survey-takers just admitted to being nosey.
My advice: Don't put a USB drive in your laptop, tablet or phone without knowing exactly where it came from.