USB keystroke attacks could be bad, if not worse. Though it’s hard for an attacker to achieve this feat, once a thumb drive is directly plugged into PC, that would give the attacker full admin privileges for exploitation. This was succeeded by the US against Iran’s nuclear plans in the past. Thus, such attacks top have the potential to exploit very badly.
A mere precaution rather than cure
Now, Google made software that’s more like the first level of defense, which helps users to sense any potential attacks. As the software, called USB Keystroke Protection aims for alerting the user rather than completely vanishing it. It’s more like a precaution rather than a cure. Yet, it’s useful for at least knowing the incoming threat. While these keystrokes are initially developed for helping admins in few system tasks, but it’s re-engineered by attackers to run malicious code for their advantage. Sebastian Neuner from Google’s Information Security Engineering Team said, This software tool will block any keystroke injection devices and works along with any existing USB defense tools as USBGuard. It monitors and collects Information about potential USB threats and logs into Syslog. Further, it even ejects the USB drive from OS by unbinding the driver if needed. The tool’s an open-source, thus free to use. It’s available on Google’s GitHub page for download. It’s like a favor Google doing for Linux, for using its kernels as an Android base.