14. June 2024

Crypto Users: Beware of USB Keystroke Injectors!

• USB wireless keystroke injection devices, like the Diabolic Drive, can be used to stress test networks and business infrastructure.
• However, they pose a threat to unsuspecting users by installing malware that could take over systems.
• CrowdStrike’s Field CTO for Europe explains how these devices are not necessarily malicious but the keystrokes that come after may be dangerous.

Threat of USB Keystroke Injectors

The Diabolic Drive is a recently developed USB wireless keystroke injection tool intended to stress test networks and business infrastructure against threats. Reviews highlight that the 64GB drive is Wi-Fi enabled once plugged into a system, allowing remote access with potential payloads of hypothetical malicious scripts. This raises concern as it could be used as a means to steal cryptocurrency from unsuspecting users.

Security Experts Weigh in on Threat

Cointelegraph reached out to several cybersecurity firms to explore the potential threat of a USB injection tool and its ability to steal coins from crypto users. Zeki Turedi, CrowdStrike’s field CTO for Europe explained that these types of devices have been used by penetration testers for many years but they themselves are not malicious; rather it is the keystrokes that follow which could potentially be dangerous.

How Can Crypto Users Protect Themselves?

In order to protect against this type of attack, Erez Yalon, Director of Security Research at Check Point Software Technologies suggests using an encrypted USB device or switching off Wi-Fi when connecting unknown devices: “This will help mitigate any attack initiated by such devices and stop malicious code from being transmitted.” He also recommends disabling autorun on Windows machines which helps prevent any malicious code or script from automatically running when connected to an unfamiliar device.

Precautionary Steps When Attending Conferences

Yalon further advises crypto users attending conferences or events where free promotional materials like flash drives are given away should exercise caution before plugging them in: “Always check what you are plugging in! Don’t trust any freebies you get at events — especially if it’s something security related.”

Conclusion

It is essential for crypto users to understand the potential risks associated with unknown USB devices so they can protect their digital assets accordingly. If ever suspicious about a device’s purpose or origin take extra precautionary measures before plugging it in; alternatively use an encrypted storage device instead if possible.