USB Threat Radar

Discover the USB Security Vulnerabilities That Threaten Enterprise Infrastructure

We analyzed thousands of USB devices to find out how viruses and malware spread through removable media.

Our Technology Partners

Discover the Scale of the USB Security Threat

USB devices are widely used for data transfer, backup, and recovery. Their convenience makes them indispensable, but it also makes them a popular attack vector. Recent analysis by TYREX’s USB security specialists revealed the scale of the risk. In September 2024, we detected hundreds of infected devices across a global sample. They carried security threats ranging from viruses to adware to sophisticated tools used to infiltrate secure networks.

USB Devices Scanned

1000

Infected Devices Found

Malware Variants Discovered

1000

Key Findings from the USB Threat Radar Report

The TYREX USB Threat Radar shows how attackers use USB devices to breach IT and OT security.

Our analysis identifies:

A reliance on Python-based tools, such as Impacket.
Virus infection patterns that vary over time, with spikes suggesting coordinated campaigns.
Evidence of both widely known malware families and new or evolving threats.

Download the full report to access:

A detailed breakdown of the top threats detected in September 2024.
Geographic trends in USB-borne virus infections.
An in-depth look at Python/Impacket tools and how they are misused.
Recommended strategies for reducing the risk of USB-borne viruses.

Study Methodology

Our analysis draws on scans of 6,000 USB devices and more than 100,000 files. We subjected each device to a multilayered review that included:

File scanning for viruses and suspicious code.
Behavioral assessment to catch malicious activity that bypasses signature detection.
Aggregated trend analysis to identify emerging attack methods.

Our methodology detects both established virus and malware families and novel attack vectors.

Download the Full USB Threat Radar Report

Access exclusive charts, data, and recommendations to strengthen your defenses against USB-borne threats.

About the Authors

Christophe Bourel and Gérard Varjacques, TYREX co-founders, lead a team that specializes in monitoring and combating USB threats at scale. Our approach combines global scanning with technical expertise to deliver intelligence for organizations that need to understand and address USB risks.

Gerard Varjacques

CEO

Christophe Bourel

FOUNDER

USB Threat Radar: Frequently Asked Questions

Why are USB devices still a security risk?

USB devices can bypass network firewalls and intrusion detection because they connect directly to endpoints. They can also introduce malware and vulnerabilities into systems that are otherwise isolated. Infected devices can be used to island-hop to other systems and exfiltrate files.

What types of threats can spread through USB devices?

USB devices can carry viruses and other malware, ransomware that encrypts files, and spyware that gives bad actors control over your system. They may also exploit firmware-level attacks like BadUSB, which disguises a device as a trusted keyboard or network adapter. Attack frameworks such as Impacket can then be used to escalate privileges and harvest credentials once inside a system.

How can organizations act on insights from the report?

TYREX provides USB scanning and decontamination stations that check removable devices for malware using multiple anti-virus and antimalware, as well as static analysis. Infected or suspicious files are removed before the device connects to a secure system.

What deployment options does TYREX offer?

TYREX decontamination stations are available in multiple formats: desktop consoles for offices and workstations, freestanding kiosks for shared or high-traffic areas, wall-mounted units for compact spaces, and rugged mobile models for field use.