I appreciate the correction, but the risk still seems minimal.
1. The attack is very situational. There are hundreds of usb flash drive controllers out there (see: https://www.usbdev.ru/files/). The chance that your flash drive a) can be re-programmed b) the malware author bothered making a payload for c) copier is infected are all very small.
2. The attack is very visible, since the user would notice the computer randomly opening command prompts and typing commands. It's also very easy to interrupt. Stray mouse/keyboard inputs would foil the attack, as will unplugging the USB drive.
3. Despite how visible the attack is (see above), the lack of empirical reports probably suggests it's not a real attack that's being carried out
That assume it presents as a HID, and not another device profile with more direct attack surface in the hardware or kernel. Windows isolates the USB drivers to thwart such attacks, but perhaps it could manage to attack memory directly through the PCI bus before the kernel’s involvement?
I am not sure of the details, but agree that seems like a rather large amount of hacker effort, when they can currently attack over the internet and demand instant bitcoin payment.
> Windows isolates the USB drivers to thwart such attacks, but perhaps it could manage to attack memory directly through the PCI bus before the kernel’s involvement?
AFAIK how these attacks essentially work is by imputing key sequences to execute malicious code (eg. typing curl ... | bash into the terminal). There's no driver or pcie/DMA attacks going on.
