Leone Technologies Blog

Leone Technologies has been serving the New Jersey area since 2003, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

The Hacker’s Rubber Ducky Should Frighten You

The Hacker’s Rubber Ducky Should Frighten You

When you think of the rubber ducky, what memories flood your mind? The rubber ducky might be reminiscent of simpler times, but a new threat that is capable of launching malware payloads via USB stands to ruin these fond memories forever.

What is the Rubber Ducky Threat?

The rubber ducky is a device that is, on the surface, no different from a regular flash drive used to transfer files. You’re likely no stranger to them. While the cloud makes this technology somewhat obsolete, the USB flash drive industry (a $7+ billion industry, by the way) is still going strong, seeing a 7% growth year after year. Suffice it to say that there are plenty of USB drives still circulating.

Of course, the rubber ducky is more than just your typical flash drive, even if it looks just like one. When you plug it into a computer, it is recognized not as file storage, but as a device like a USB keyboard. This means that any attempts to stop it from transmitting data are bypassed. Once the device is plugged in, it’s game over. Any keystroke made while the device is open is trusted, meaning that hackers have several different options available to them.

What Kind of Threat is Today’s Rubber Ducky?

Any device which uses a USB dongle must be scrutinized if you want to preserve network security, and rubber ducky is no different. Specifically, this hardware is designed to overcome the challenges faced by previous iterations of the hardware. This device uses what’s called “DuckyScript” to issue demands to the target machine. Previous iterations were limited to writing keystroke sequences, but DuckyScript is much more powerful, allowing attackers to store variables, write functions, and use logic to attack their victims.

Rubber ducky can also determine which operating system the user is running, deploying code to strike at the specified operating system. Furthermore, it can keep its automated executions under wraps by placing delays in-between keystrokes. This convinces the computer that the user is indeed human. Perhaps the most dangerous feature of rubber ducky is its capacity to steal data by encoding it in binary, giving the attacker the ability to steal it.

How Do You Protect Yourself?

The best protection from any USB dongle attacks is to ensure that potentially harmful drives are kept off of your infrastructure in the first place. Make sure that your team knows not to trust random drives they might find lying around, whether in the office or out in the world. If there is any shadow of a doubt concerning a device, it should be reported to IT.

If you don't have an internal IT department, however, we’d be happy to help you keep your infrastructure safe! All you have to do is contact us at (856) 524-7045 to learn more.

Which Search Engine Works Best? Part 1
No Matter How Strong Your Computer is, Magnets Are...


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Saturday, February 04, 2023

Captcha Image

Latest Blog

Smart devices of all types are constantly being introduced to consumer markets. People are finding that some of these devices are making it much easier to track and manage their lives. When considering whether or not these smart gadgets are...

Contact Us

Learn more about what Leone Technologies
can do for your business.

Leone Technologies
923 Haddonfield Road Suite #300
Cherry Hill, New Jersey 08002

Account Login