Contact us today!
(954) 575-3992
facebook linkedin Business Solutions & Software Group RSS Feed

Michael DeMarco

Business Solutions & Software Group has been serving the Coral Springs area since 2005, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

The Hacker’s Rubber Ducky Should Frighten You

The Hacker’s Rubber Ducky Should Frighten You

When you think of the rubber ducky, what memories flood your mind? The rubber ducky might be reminiscent of simpler times, but a new threat that is capable of launching malware payloads via USB stands to ruin these fond memories forever.

What is the Rubber Ducky Threat?

The rubber ducky is a device that is, on the surface, no different from a regular flash drive used to transfer files. You’re likely no stranger to them. While the cloud makes this technology somewhat obsolete, the USB flash drive industry (a $7+ billion industry, by the way) is still going strong, seeing a 7% growth year after year. Suffice it to say that there are plenty of USB drives still circulating.

Of course, the rubber ducky is more than just your typical flash drive, even if it looks just like one. When you plug it into a computer, it is recognized not as file storage, but as a device like a USB keyboard. This means that any attempts to stop it from transmitting data are bypassed. Once the device is plugged in, it’s game over. Any keystroke made while the device is open is trusted, meaning that hackers have several different options available to them.

What Kind of Threat is Today’s Rubber Ducky?

Any device which uses a USB dongle must be scrutinized if you want to preserve network security, and rubber ducky is no different. Specifically, this hardware is designed to overcome the challenges faced by previous iterations of the hardware. This device uses what’s called “DuckyScript” to issue demands to the target machine. Previous iterations were limited to writing keystroke sequences, but DuckyScript is much more powerful, allowing attackers to store variables, write functions, and use logic to attack their victims.

Rubber ducky can also determine which operating system the user is running, deploying code to strike at the specified operating system. Furthermore, it can keep its automated executions under wraps by placing delays in-between keystrokes. This convinces the computer that the user is indeed human. Perhaps the most dangerous feature of rubber ducky is its capacity to steal data by encoding it in binary, giving the attacker the ability to steal it.

How Do You Protect Yourself?

The best protection from any USB dongle attacks is to ensure that potentially harmful drives are kept off of your infrastructure in the first place. Make sure that your team knows not to trust random drives they might find lying around, whether in the office or out in the world. If there is any shadow of a doubt concerning a device, it should be reported to IT.

If you don't have an internal IT department, however, we’d be happy to help you keep your infrastructure safe! All you have to do is contact us at (954) 575-3992 to learn more.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, 21 November 2024
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Latest News

Our Site Has Launched!

flag

Welcome to Our New Site!
We are proud to announce the unveiling of our new website at Business Solutions & Software Group!

Read more...

Contact Us

Learn more about what Business Solutions & Software Group can do for your business.

callphone

Call us today    (954) 575-3992

10211 W Sample Road
Suite 114
Coral Springs, Florida 33065

facebook linkedin #