Beware of infected storage devices: USB flash drives, Floppy disks, CD-ROMs

Classic tricks never go out of style. A favorite trick in the cyber-crime world is done by infecting USB flash drives (or whatever method of storage that is used at the time… remember floppy disks and CD-ROMs?) to cast a malicious program onto the victim’s computer by taking advantage of our biggest human weakness: curiosity.


Maybe you think that there are only few who would fall into these traps, but the truth is that it’s a common occurrence. A group of researchers from the University of Illinois tested people’s “curiosity” and came up with an interesting conclusion: almost half took the bait.


Curious by nature

The study’s author spread 297 USB flash drives across campus to see what would happen. Almost half of the devices (48%) ended up in the USB port of someone else’s computer. Most of them later claimed that they plugged-in the USB in order to find its rightful owner and return it to them (68%). 18% admitted they did it out of curiosity.


The most alarming is not the number of people who fell into the temptation to look at what was stored on the device, but that they would look without taking proper precautions. Only ten people analyzed the USB stick using an antivirus.


Only ten people used an antivirus while

examining the contents of the USB stick


The five most naive victims admitted that they completely trusted their perating system, which unfortunately, was too hopeful. As the prestigious security expert Bruce Schneier stated, “the problem isn’t that people are idiots […] The problem is that operating systems trust random USB sticks.”