Sticking unknown USB devices into your computer is risky business

Deborah Salmi, 27 October 2015

Sticking unknown USB devices into your computer is risky business

If you found a USB stick, would you plug it into your laptop to see what’s on it?

Sounds like a risky thing to do, but in a recent experiment in four major U.S. cities, that’s exactly what happened when 200 unbranded USB devices were left in public places. One in five people let their curiosity get the best of them and plugged the flash drive into a device. These "Nosy Nellys" proceeded to open text files, click on unfamiliar web links, or send messages to a listed email address. All potentially risky behaviors!

Plugging USB drive  into a laptop You can scan your USB sticks with Avast

“These actions may seem innocuous, but each has the potential to open the door to the very real threat of becoming the victim of a hacker or a cybercriminal,” said Todd Thibodeaux, president and CEO of The Computing Technology Industry Association (CompTIA) the trade association that commissioned the experiment.

Every time you plug an unknown flash drive into your computer, you’re taking a risk because a USB drive can spread malware, as well as attract it. Here are some dramatic examples:

Stuxnet and Flame were spread by USB device

The infamous Stuxnet worm and Flame malware, alleged American-Israeli cyber weapons designed to attack and spy on Iran’s nuclear program, relied on USB sticks to disseminate attack code to Windows machines.


Power generation facilities infected by malware on USB sticks

A tainted USB drive was responsible for attacks at two U.S. power generation facilities documented in late 2012. The U.S. Industrial Control Systems Cyber Emergency Response Team were called in to investigate and found that infections were spread by USB drives that were plugged into critical systems without back-ups.

How to use Avast to scan a USB device

Avast antivirus products come with a number of pre-defined scans including the ability to scan any removable storage device that is connected to your computer, like USB flash drives and external hard drives. It will scan the drive to detect potential “auto-run” programs that may try to launch when the device is connected.

  • Open the Avast user interface
  • Click the Scan tab
  • Choose Scan for viruses
  • In the drop down menu on the right side, choose Removable media from the selection

Follow Avast on Facebook, Twitter, YouTube, and Google+ where we keep you updated on cybersecurity news every day.

Related articles