The Return of USB “Auto-Run” Attacks

Background USB Autorun attacks became the rage back in 2005.  Hak5 created a project to increase awareness of this security issue called USB-Hacksaw, originally a U3 device that would auto-run a series of programs.  This could be used from general system administration tasks, or potential malicious tasks; such as installing back-doors and running password collection programs.  Shortly, Vendors like Microsoft started to remove Auto-run capabilities to prevent more serious malware…