Yes, I bet you do.
It’s not all that obvious that plugging in an unknown USB device can be very dangerous.
It’s one reason I recommend turning off Autoplay.
Become a Patron of Ask Leo! and go ad-free!
Find a thumb drive?
Unknown thumb drives can contain malware designed to run automatically when inserted into your computer. Other devices masquerading as thumb drives can even cause hardware damage. It’s best to resist the temptation and simply throw out any unknown devices you find. Turning off AutoPlay also helps prevent malware spread in case you accidentally connect something malicious.
Malicious thumb drives
I vaguely remember an anecdote about a security test leaving USB thumb drives outside around a corporation, as if left behind mistakenly. Each contained some relatively benign malware that would alert a remote site that the drive had been picked up and inserted.
Something like over 50% of the thumb drives had been plugged in and the malware installed.
The lesson is clear: if you want to infiltrate a random corporation, put malware on several thumb drives and drop them around the company’s headquarters.
If you’re that corporation, you want to make sure your employees are alert to the danger.
So what’s happening here? What is that danger?
AutoPlay is part of it
You’ve probably seen it: when you insert a USB stick, the system may prompt you for what action to take or perform some kind of default action, possibly even running software from the device.
In some cases, AutoPlay happens silently.
So it’s very simple: a malware author creates a USB thumb drive, setting it up to automatically and silently install malware when plugged in. You’d never know until you scanned for malware or, as in your case, things stop working as they should.
But wait — it can get worse.
More malicious that malware?
There are USB devices that look like thumb drives but aren’t. Their intent is to physically destroy as much of your computer as possible.
They do this by containing a battery of some sort. Once connected, they pass an extremely high-voltage pulse through your USB port. Depending on your computer, this can:
- Do nothing.
- Render the USB port inoperable.
- Render all USB ports inoperable.
- Render your entire computer inoperable.
- Cause your computer to catch fire.
The devices aren’t common, but also are not hard to come by.1 Particularly if you have reason to be targeted, they can be a concern.
Solution #1: Resist the temptation
Don’t plug in thumb drives (or any USB or removable device) that you’re not completely certain of. Discard them. It’s just not worth it.
If you must examine their contents and you’re willing to risk the physical destruction I mentioned above, treat them just like risky downloads. Before you do anything, scan the contents for malware.
Solution #2: Turn off AutoPlay
So how do you scan them if you can’t safely plug them in? Turn off AutoPlay. (In Windows 10 and 11, search for “autoplay” in the settings app, and then click on “Turn AutoPlay on or off”.
Once you’ve done that, you can safely insert the device and examine its contents or run anti-malware scans.
Assuming, of course, it’s not a hardware-killer.
My recommendation? It’s not worth the risk. Discard the drive.
They’re cheap and a malware infestation can be pretty expensive; hardware damage even more so.
Assuming you decided to look once you’re satisfied it’s safe, you can do whatever AutoPlay would have done by opening the file “autorun.inf” at the root of the drive in Notepad. If this file exists, the “open=” line tells Windows what program might have been run automatically.
Most of the time that’ll be a setup program, also at the root of the drive.
But as a rule of thumb (no pun intended), I disable AutoPlay on all my drives. Not only do I find it often annoying, but as you can see, there can be significant security risks if you’re not careful.