USB Rubber Ducky is a USB device that looks like a flash drive. It can be used to hack into systems, steal data and inject malicious codes into computers. The most important thing to remember about this device is that it can’t be detected by any anti-virus or firewall because it’s an HID device.
What is a HID device?
Human Interface Devices (HID) is a device class definition to replace PS/2-style connectors with a generic USB driver to support HID devices such as keyboards, mice, game controllers, and so on. Prior to HID, devices could only utilize strictly-defined protocols for mice and keyboards. Hardware innovation required either overloading data in an existing protocol or creating non-standard hardware with its own specialized driver. HID provided support for these “boot mode” devices while adding support for hardware innovation through extensible, standardized and easily-programmable interfaces.
HID devices today include a broad range of devices such as alphanumeric displays, bar code readers, volume controls on speakers/headsets, auxiliary displays, sensors and many others. Many hardware vendors also use HID for their proprietary devices.
Why is it dangerous?
Rubber Ducky is a KEYSTROKE INJECTION program that uses Human Interface Device protocol. Computers trust humans. Humans use keyboards. Hence the universal spec — HID, or Human Interface Device. A keyboard presents itself as a HID, and in turn it’s inherently trusted as human by the computer. The USB Rubber Ducky — which looks like an innocent flash drive to humans — abuses this trust to deliver powerful payloads, injecting keystrokes at superhuman speeds.
- USB rubber ducky acts as a keyboard and has keystrokes installed in it
- When we connect it to PC the keystrokes run automatically.
- It has a high speed of approx. 1000 words per minute. So those works which can be done by keyboard can also be done by USB rubber ducky
- Whenever Rubber Ducky is connected to a System it acts as a keyboard and executes the command which is uploaded on it.
- The commands used in this are known as payloads and written in Ducky script.
How is a pendrive different from a Rubber Ducky?
The problem is that USB Rubber Ducky can be easily overlooked. Someone might think that it is a normal flash drive and plug it into the computer. However, behind the scenes, scripts may be running that steal files or infect the computer.
Now let’s take a look inside the rubber ducky. The device has a 60 MHz CPU and 32 bits, which is comprised of an ALU (Arithmetic Logic Unit) and a CU (Control Unit). The ALU carries out bit operations, and the CU commands data flow.
How they can attack us with a Rubber Ducky
If you have one of these devices, plug it into your computer! The truth is that cyber criminals could take control of your computer and basically act as if they had physical access. They could steal information such as passwords and compromise the privacy and security of the victim.
Don’t underestimate the Rubber Ducky. It’s easy to use and affordable, but it’s a hacker’s dream. A hacker could gain complete control of your system if he or she has physical access to your device. You’re essentially handing over control to the attacker.
Additionally, a hacker will be able to steal your personal data from your computer by using a USB port. The victim’s system will copy certain files and information that are in Windows, for example, simply when the victim connects it to a corresponding USB port. Similarly, a Rubber Ducky can be configured to record keystrokes when logging into any platform. This is known as keylogger, which is a type of malicious software that records usernames and passwords it can also be used to turn on your computer’s camera.
The scary part about this is that unfortunately, you can’t protect yourself against this attack vector.