The USB Rubber Ducky is a powerful tool that holds the potential to be both constructive and harmful. In the hands of IT Support professionals, it can enhance security, streamline tasks, and aid in education.
Although it is often used by cybersecurity teams to test the security of their computer systems. The USB Rubber Ducky is also popular amongst hackers for its ability to grab passwords, open backdoors for ransomware, and delete entire file systems in a matter of seconds.
Despite its innocent appearance it only takes one USB Rubber Ducky to expose an entire network!
What is a USB Rubber Ducky?
In its most basic form, a Rubber Ducky can be described as a penetration testing tool.
Physically resembling a regular USB flash drive, an unsuspecting cybersecurity attack victim wouldn’t know the power this tool possesses.
Once this device enters a computer it can pass through most anti-malware software to allow automated keystrokes to be executed.
If used ethically a rubber ducky can:
- Assess the vulnerabilities & weak points of computer systems
- Automate repetitive tasks for IT administrators
- Teach cybersecurity concepts to students
If used unethically a rubber ducky can:
- Be used to gain unauthorised access
- Be exploited for social engineering attacks
How Does USB Rubber Ducky Work?
When you plug a Rubber Ducky into a computer, the computer recognises it as a regular USB keyboard.
Before using the Rubber Ducky, you need to create a script that contains a sequence of keystrokes that you want the device to emulate. These keystrokes can include keyboard shortcuts, commands, and other text inputs.
Duckyscript is a specific scripting language designed for the USB Rubber Ducky.
Duckyscript version 1.0 came out in 2010 and is compatible with USB A only.
Version 3.0 came out in 2022 and is the most advanced and feature-rich version that is compatible with USB A & USB C.
The Future of USB Rubber Ducky and Cybersecurity
At the popular US hacker convention Def Con, the new Rubber Ducky sold out on the first day. According to its inventor Darren Kitchen, it was his company’s most in-demand product.
As the cybersecurity landscape evolves, Hak 5’s Rubber Ducky 3.0 has only gotten smarter. Understanding the capabilities and implications of devices like the Rubber Ducky is vital to maintaining a secure digital environment.
Advancements in DuckyScript include:
- Being able to conditionally execute code appropriate to Windows or Mac
- The ability to add variable delay between keystrokes for a more human effect
- Being able to get around security features by telling a keyboard when the CapsLock or Numlock LEDs should light up
Whilst Rubber Duckys can be an excellent tool used for good in the right hands, it can cause complete chaos in the wrong hands.
We hope this blog helps to make you more aware and suspicious of any unknown USB sticks that may be lying around either inside or outside of the office. Please don’t plug them in!