If USB flash drive contain any of malware/virus/worm inserted to linux host without being mount (auto mount disabled), does malware/virus/worm will infect host

  • Knusper@feddit.de
    link
    fedilink
    arrow-up
    13
    ·
    edit-2
    1 year ago

    If it's a USB stick you don't trust, you should always be careful. There's malicious hardware that looks like a USB stick, but pretends to be a keyboard, making malicious inputs. Or hardware which contains condensators that charge up from your USB port and then send a strong electrical pulse into your PC, potentially frying electronics.

    • 1_4M_N008@programming.devOP
      link
      fedilink
      arrow-up
      6
      ·
      edit-2
      1 year ago

      Maybe it's called 'USB Killer' (Please Correct Me If I Misunderstood), and thanks for your warning, But i am dealing with a normal USB flash drive.

  • Parade du Grotesque@lemmy.sdf.org
    link
    fedilink
    arrow-up
    9
    ·
    1 year ago

    Quick answer: no.

    Longer answer: if a USB key is inserted but not mounted (as you mentioned) the system does not interact with it in any way, except to log that something has been inserted, so there is no way Linux will be infected.

    Longer longer answer: if you insert a USB key, then mount it (for instance read only) the system will no interact or execute anything on the key unless you specifically start a program that is on the key. So it will not be infected either.

    Since most viruses and malware are for Windows, you can therefore mount a USB key and start an antivirus program to clean your malware without risking the integrity of your system.

    • CameronDev@programming.dev
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      This is all true if it is a USB drive, but there is no way to know if it is a regular drive or something more malicious. If you dont know where a USB comes from, the safest thing is to just bin it.

      • Parade du Grotesque@lemmy.sdf.org
        link
        fedilink
        arrow-up
        5
        ·
        1 year ago

        OK, I agree it could be something more malicious, and that the safest solution is always to bin something unknown.

        My position is that the op knows the USB device and suspects it has been compromised by connecting it to a windows machine. But the content may be worth salvaging. In that case, my advice still applies.

  • areyouevenreal@lemm.ee
    link
    fedilink
    arrow-up
    1
    ·
    11 months ago

    It’s possible for a USB drive to become infected with BadUSB style malware and do all sorts of shenanigans. This is where the USB controller on the stick is infected allowing it to show up as a keyboard or do other nefarious things. Fairly rare for that to happen though. Most likely you will be fine if you erase it without mounting anything.