Security News > 2020 > March > Google Releases Tool to Block USB Keystroke Injection Attacks
Google has released a new software tool designed to identify potential USB keystroke injection attacks and block devices they originate from.
Delivered over USB, keystroke injection attacks require a Human Interface Device Driver.
USB Keystroke Injection Protection ships with the HARDENING mode enabled by default and is available in open source on GitHub, where a step-by-step guide provides details on how to get up and running the systemd daemon that is enabled on reboot.
"The tool is not a silver bullet against USB-based attacks or keystroke injection attacks, since an attacker with access to a user's machine can do worse things if the machine is left unlocked," Google explains.
"The tool can be complemented with other Linux tools, such as fine-grained udev rules or open source projects like USBGuard, to make successful attacks more challenging. The latter lets users define policies and allow/block specific USB devices or block USB devices while the screen is locked," Google also says.
News URL
Related news
- Google raps Iran's APT42 for raining down spear-phishing attacks (source)
- Google to Remove App that Made Google Pixel Devices Vulnerable to Attacks (source)
- Google fixes ninth Chrome zero-day exploited in attacks this year (source)
- Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks (source)