The new USB Rubber Ducky is more dangerous than ever - The Verge
Hak5’s new USB Rubber Ducky, unveiled at the Def Con hacking conference in Las Vegas, is more effective than ever, thanks to the inclusion of a new structured programming language (DuckyScript 3.0) that allows it to execute more sophisticated hacks.
The USB Rubber Ducky is back with a vengeance.
The much-loved hacking tool has a new incarnation, released to coincide with the Def Con hacking conference this year, and creator Darren Kitchen was on hand to explain it to The Verge. We tested out some of the new features and found that the latest edition is more dangerous than ever.
To the human eye, the USB Rubber Ducky looks like an unremarkable USB flash drive. Plug it into a computer, though, and the machine sees it as a USB keyboard — which means it accepts keystroke commands from the device just as if a person was typing them in.
“Everything it types is trusted to the same degree as the user is trusted,” Kitchen told me, “so it takes advantage of the trust model built in, where computers have been taught to trust a human. And a computer knows that a human typically communicates with it through clicking and typing.”
Darren Kitchen with his creation, the USB Rubber Ducky
Photo by Corin Faife / The Verge
The original Rubber Ducky was released over 10 years ago and became a fan favorite among hackers (it was even featured in a Mr. Robot scene). There have been a number of incremental updates since then, but the newest Rubber Ducky makes a leap forward with a set of new features that make it far more flexible and powerful than before.
https://www.theverge.com/23308394/usb-rubber-ducky-review-hack5-defcon-duckyscript
Rating: 5