2

I found a USB drive and I would like to check out the contents to see if there is any information that could allow me to identify and return to the owner.

However, I'm unsure of what is on the drive. Is it safe for me to just insert it into my computer? Is there any possibility it might transmit malware etc.?

stickman
  • 1,580
  • 3
  • 13
  • 18
  • 3
    You say you're unsure what's on the drive, but are you sure it's an actual usb drive ? – zakinster Jan 02 '17 at 09:40
  • @thel3l The Rubber Ducky is a good example but there are lots of devices designed to look like USB drives but aren't. The linked answer offers a good list but no general solution on how to handle them. – zakinster Jan 02 '17 at 10:07

2 Answers2

3

Besides Hardware attacks that can destroy your computer like USB Killer
There are also attacks that just use the USB device (like badUSB)

and thats all before you have seen any possible file. The files themselves could be infected. There is simply no way to know if its safe from a distance.

LvB
  • 8,336
  • 1
  • 27
  • 43
1

It depends if the USB stick in an actual USB drive.

You can protect against malware attack from an USB drive with software measure (disable auto mount, use a virtual machine, etc.).

But you can't protect against an unknown hardware attack from an unknown USB stick wich may actually be an emulated keyboard, network card or an electric frying device like USB killer.

My solution is to use a dedicated computer for that with no sensitive data, a ready-only FS (a Raspberry Pi is a good fit), no network connection and a USB surge protection.

zakinster
  • 624
  • 3
  • 10