USB Dumper
Download
USB Dumper is an application up that when installed on on a system will run a background process that will copy files from any USB flash drive installed to it silently. The simplicity of this application is what makes it quite dangerous, as all it requires a user to do is double click the exectuable, once this is done the application runs in the background and any USB drive that is connected will automatically have its contents downloaded to the system.
Alone this application can be a security risk, however it is being integrated with other tools ( USB Hacksaw) and scripts so that the contents are not just kept on a local system, but are emailed or FTP’d to a remote location via encrypted channels.
One possible attack scenario would be to target a hotel, say a conference. Many hotels such as a Holiday Inn have a business center with a computer and printer available for business travelers convenience. The USB ports are of course open and many times these systems are poorly patched and lack any measure of security (In several instances I have even had the front desk clerk log me in as admin), primarily due to non-technical staff administering the systems. However, if an application such as USB Dumper were installed on these systems and left to sit for a week while a conference was going on, there could be quite a bit of valuable information pulled from every thumb drive that was inserted into that computer. The attacker can then go to the computer retrieve all of the data onto his own thumb drive and he is in the clear.