Good evening everyone, a quick little question but important: If I connect an external hdd (or pendrive) infected via USB, it automatically infects the pc also??.....even if it does not open any file? Eventually, what you must do to avoid infection via USB? Thanks.
Depends on what OS you have. If it's up-to-date, there will be a prompt with multiple actions when you insert a drive. One of them is the autorun script, if any. If you don't click that, the chances of infection are nil. You could always disable autorun/autoplay, or sanitize the drive (delete autorun.inf) just in case.
If your OS is Windows, common way is autorun as already mentioned, which actually can easily be blocked. Another common way , tho it's not exactly automated attack, is social engineering, e.g. displaying fake folder view, fake context menu, etc. if you wanna avoid them surely, always display file extension, display hidden and system files, and when you navigate to that drive don't click or double click drive icon, instead use folder tree. And don't trust context menu. There's another way to infect you and it's OS independent, called BadUSB exploit, but it's quite unlikely. If you still want to protect from it, use Hitman Pro.Alert or G-Data USB Keyborad Guard.
Oh yeah, speaking of exploits... Keep your OS up-to-date and secured, since something like the .LNK exploit may still exist.
Run a rescue disk system as http://www.emsisoft.com/en/software/eek/ or similar, connect the external hard disk and scan it.
Many thanks to everyone for their interest and advice! The operating system is Windows 7-Pro_SP1_64bit with the latest updates february 2015 .... however I definitely follow your sage advice to disable autorun usb! But on the web I saw several ways to do it, and now I'm confused because I don't understand what is the right one! ..... also don't understand which registry key (or keys) should be changed... What is the fast way without having to download or install anything?.....because if the key to change is only one (or two) I can do it manually using the "regedit.exe" utility, but if there are many keys to changed, then it's difficult and I would not make trouble!
I have a sure-fire fix. Send me a PM. I'll send my grandson to your house and he will fill all your open USB ports with recently used "Double Bubble" bubble- gum as he did to mine several years ago Or you can DIY as "Double Bubble" is available on Amazon. G-Data has a free mini-program that prevents and warns you of any attempt of a USB device to control your keyboard without your OK, the most common route of Bad USB attack. It caused issues on my PC, but many peeps apparently are able to use it.
Oh hey, thanks! I didn't know that was a possibility. Implementing something like that should be fairly trivial on Linux, I think - probably a udev rule to prevent the attachment of more than one USB keyboard at a time. (Or any USB keyboards, if you're using PS/2 for whatever reason.)
That's because this is a feature in beta version, but you already know. Yup, I'll do that on my next Linux setup. I believe Windows also should implement such a granular control as a registry entry rather than simple blacklisting.
