USB HID Attacks
USB HID devices are a form of user input for the computer, usually seen as a keyboard or mouse to most people, which use the USB protocol to communicate to the computer. These are a mainstay and while people want to use computers, they are not going away anytime soon. USB HID devices use a form of communication where a set of commands are sent to from the device, and the driver communicates it to the computer, which does some operating system magic and makes the computer do commands like type, or click on to the start button.
Now, imagine if you could make it type, and do what you do on the computer, Run PowerShell, execute commands, open websites. This is already out there, in usage, with even more features too, these tools have been built upon for a while, now appearing in our pop culture, with TV Shows like Mr Robot showing these tools in usage as a payload delivery mechanism.
These exploits are not in just the realm of fiction either, in the past, organisations such as the NSA have deployed similar tools (such as those seen in the NSA’s ANT Catalog). USB based attacks have also been proven as practical attack vectors as shown by the Stuxnet attack discovered back in 2010. More recently, an attack in 2017 on a Nuclear Power plant by a user who wanted to watch the movie La La Land.
Researchers who have tested dropping USB sticks in public locations have…
