What's old is new again, with researchers seeing a threefold increase in malware distributed through USB drives in the first half of 2023
  • brownmustardminion
    2·
    1 year ago

    What steps can one take to vet a usb drive before using or formatting it on a secure system?

    Is it enough to spin up a VM or do you need a separate bare metal just for sandboxing usb drives?

    • wmassingham@lemmy.world
      3·
      1 year ago

      It depends on how much you trust the drive. If you don’t trust it at all, just don’t use it. If you trust it completely, use it as-is. In the middle is stuff like sandboxing.

      Passing untrusted USB devices to a VM is tricky, though. There are VM guest escape vulns. If you’re passing the USB device itself through, you’ll probably have it connected to the hypervisor for a short time before enabling passthrough. Is that safe? And if you’re passing a discrete PCIe USB controller or something, you have to trust that the hypervisor has implemented that securely.

      If you find a USB device on the street, throw it out.

  • ReakDuck
    12·
    1 year ago

    Reason: they use Windows

    No wonder its that easy