Skip main navigation

Physical Attacks: Specific USB Attacks

In this video, you will learn about USB devices that can be used in physical attacks against your network.
So another physical device that I want to show you is called a Key Croc. So this is designed to sit between the actual USB keyboard and the computer. So this, again, is another device from Hak5. It’s an Arduino-based device. Again, it sits between the USB keyboard and the computer. So what this is, is when you plug it in, it operates as a key logger. So anything someone’s typing on the computer, it’s going to start recording. So I can take a look at passwords, usernames, and other critical information. And it’s just passively sitting there. It’s passing traffic through the keyboard, through this device, back to the computer. Antiviruses generally won’t pick it up, because it’s not executing a software payload.
It’s just a physical device sitting there intercepting that traffic before it passes it off. So that’s pretty dangerous in itself. What also makes this really dangerous is it’s capable of launching attacks that can be executed by typing on a keyboard. So it has the same scripting payload as a USB Rubber Ducky. And also, it has a WiFi adapter built in, so I can remotely trigger this thing, or I can remotely transfer that information that it collected. So if I somehow sneak in there, I plug it in to someone’s computer - let’s be honest, how often do you look at - follow all the cables on your USB - cables from your computer to wherever it’s going?
Probably not very often, especially your keyboard. So it’s small. It’s inconspicuous. I can trigger the payload remotely. I could have it transfer the information from the device back to me wirelessly. And I don’t even have to get physical access back to that computer again, once I get it on there. So again, that’s a pretty dangerous thing to have. Now, the last one I want to show you is called the USB Ninja. So if we look at this, it looks like any other lightning cable. It’s simple. Most people aren’t going to think, well, it’s something dangerous. No, it’s a lightning cable for your phone, to charge your phone or your device. They also have USB-C versions of this.
So this clever device is similar to the USB Rubber Ducky. So it’s by the Hackerwarehouse. It looks like an ordinary USB charging cable. Matter of fact, when you plug it in, it operates like a standard phone cable. So you plug it in the computer. Well, if a malicious hacker is using it, they’re hoping you plug it in your computer. Plug your phone in, and then it’s going to start charging. Matter of fact, you can charge your phone with it. You could transfer information back from your phone to your computer, just like any other phone cable. But it’s capable of launching attacks that are typed on a keyboard again. And it uses a scripting language. It can be triggered remotely.
I believe it’s Bluetooth.
Again, it looks like any other phone cable. You could drop this cable somewhere, hoping someone’s going to pick it up and use it. You could swap someone’s real phone cable with this. And again, it’s pretty innocuous. And it could be in conjunction with a social engineering attack. I could go, oh, hey, could I plug my phone into your computer and charge it? I have a cable. Or you could be talking with someone. While they’re distracted, you swap the cable. Or you could hand someone a cable and go hey, I bought you a phone cable here to charge your phone. I noticed your other one was pretty old, so here you go. Here’s a phone cable.
And then remotely trigger the payload. And go, OK, well, they’re getting up to make a copy, or they’re going to the bathroom or whatever. Click. Execute the payload on their computer. Again, these are all very dangerous physical attacks on the network.

In this video, you will learn about USB devices that can be used in physical attacks against your network.

Hackers can use different devices that mimic common USB devices to gain access to your network, or they can alter a harmless USB device to allow it to be used for their malicious purposes. We review Key Croc and USB Ninja devices.

Reflect and share: How can you ensure that USB devices you add to your network are safe? Share your comments in the section below.

This article is from the free online

Advanced Cyber Security Training: Network Security

Created by
FutureLearn - Learning For Life

Our purpose is to transform access to education.

We offer a diverse selection of courses from leading universities and cultural institutions from around the world. These are delivered one step at a time, and are accessible on mobile, tablet and desktop, so you can fit learning around your life.

We believe learning should be an enjoyable, social experience, so our courses offer the opportunity to discuss what you’re learning with others as you go, helping you make fresh discoveries and form new ideas.
You can unlock new opportunities with unlimited access to hundreds of online short courses for a year by subscribing to our Unlimited package. Build your knowledge with top universities and organisations.

Learn more about how FutureLearn is transforming access to education