If it's a USB stick you don't trust, you should always be careful. There's malicious hardware that looks like a USB stick, but pretends to be a keyboard, making malicious inputs. Or hardware which contains condensators that charge up from your USB port and then send a strong electrical pulse into your PC, potentially frying electronics.
this post was submitted on 28 Sep 2023
16 points (100.0% liked)
linux4noobs
1336 readers
1 users here now
linux4noobs
Noob Friendly, Expert Enabling
Whether you're a seasoned pro or the noobiest of noobs, you've found the right place for Linux support and information. With a dedication to supporting free and open source software, this community aims to ensure Linux fits your needs and works for you. From troubleshooting to tutorials, practical tips, news and more, all aspects of Linux are warmly welcomed. Join a community of like-minded enthusiasts and professionals driving Linux's ongoing evolution.
Seeking Support?
- Mention your Linux distro and relevant system details.
- Describe what you've tried so far.
- Share your solution even if you found it yourself.
- Do not delete your post. This allows other people to see possible solutions if they have a similar problem.
- Properly format any scripts, code, logs, or error messages.
- Be mindful to omit any sensitive information such as usernames, passwords, IP addresses, etc.
Community Rules
- Keep discussions respectful and amiable. This community is a space where individuals may freely inquire, exchange thoughts, express viewpoints, and extend help without encountering belittlement. We were all a noob at one point. Differing opinions and ideas is a normal part of discourse, but it must remain civil. Offenders will be warned and/or removed.
- Posts must be Linux oriented
- Spam or affiliate links will not be tolerated.
founded 1 year ago
MODERATORS
Maybe it's called 'USB Killer' (Please Correct Me If I Misunderstood), and thanks for your warning, But i am dealing with a normal USB flash drive.
Yeah, USB-Killer is one of the products that realizes the condensator concept.
Quick answer: no.
Longer answer: if a USB key is inserted but not mounted (as you mentioned) the system does not interact with it in any way, except to log that something has been inserted, so there is no way Linux will be infected.
Longer longer answer: if you insert a USB key, then mount it (for instance read only) the system will no interact or execute anything on the key unless you specifically start a program that is on the key. So it will not be infected either.
Since most viruses and malware are for Windows, you can therefore mount a USB key and start an antivirus program to clean your malware without risking the integrity of your system.
thanks for clarify
This is all true if it is a USB drive, but there is no way to know if it is a regular drive or something more malicious. If you dont know where a USB comes from, the safest thing is to just bin it.
OK, I agree it could be something more malicious, and that the safest solution is always to bin something unknown.
My position is that the op knows the USB device and suspects it has been compromised by connecting it to a windows machine. But the content may be worth salvaging. In that case, my advice still applies.
It's possible for a USB drive to become infected with BadUSB style malware and do all sorts of shenanigans. This is where the USB controller on the stick is infected allowing it to show up as a keyboard or do other nefarious things. Fairly rare for that to happen though. Most likely you will be fine if you erase it without mounting anything.