Self-made BadUSB (cheap) We’ve been told not to plug random USB devices into our computers. But why? We decided to show you what hackers can do to infect your computer using a self made BadUSB. We also included measures you can take to defend against it. The attack is simple and later we will show more advanced methods where hackers can move laterally with the help of your curiosity hackers-arise.com/badusb-hid… @three_cube @_aircorridor #redteam #cybersecurity

A more natural English version: One interesting use of a BadUSB is that I use it at work to keep my computer awake, so it doesn’t get flagged as inactive by the EDR/endpoint management software and automatically shut down.

Your Creative Sound Blaster speaker can be hijacked by anyone within 15 meters. No physical access needed. The Katana V2X has vulnerabilities that let an attacker silently turn it into a BadUSB attack device against your PC.

USB attacks: BadUSB reprograms firmware to act as a keyboard. Rubber Ducky injects keystrokes at superhuman speed. O.MG cable has embedded attack hardware. Physical access to a USB port is game over without controls. #USBSecurity

CyberDefender Password Manager and Hardware Encrypted Secure Storage: A Complete Security Solution Protecting sensitive credentials and documents requires more than software alone. The CyberDefender Password Manager combines AES-256-GCM encryption, a PBKDF2 derived master key, encrypted password and document vaults, TOTP two factor authentication, FIDO2 hardware key support, breach detection, reused password alerts, secure password generation, and a built in entropy calculator enforcing a minimum 75 bit password strength. Users benefit from category organization, live search and filtering, QR code support, CSV import and export, and secure encrypted document storage for sensitive files, contracts, financial records, legal paperwork, recovery data, and private business information. Every CyberDefender application includes a built in helpdesk system and a direct link to CyberDefender GPT for assistance and guidance. The Password Manager is delivered as a digitally signed standalone Windows executable requiring no installation, no supporting files, and no cloud account, allowing secure portable use directly from encrypted storage devices across multiple systems. The hardware encrypted secure storage device adds enterprise grade physical and digital security with FIPS 140-3 Level 3 certification and XTS-AES 256 bit hardware encryption performed directly on the device, leaving no trace on the host computer. Its waterproof, dustproof, crush resistant zinc casing is epoxy sealed against physical tampering. Security features include virtual keyboard protection against keyloggers, Brute Force attack protection with crypto erase, digitally signed firmware for BadUSB protection, read only mode, optional dual partitions, and multiple password roles including Admin, User, Recovery, and Crypto-Erase support. Together they create a defense in depth security solution where credentials, encrypted documents, backups, and authentication remain protected both digitally and physically for individuals, professionals, and businesses. Stay alert. Stay prepared. Be a CyberDefender. Please direct business inquiries to sales@rkj-consulting.com

The kernel trusts a new USB keyboard instantly, which is how BadUSB works. USBGuard makes it ask first: whitelist trusted hardware, block the rest. #Linux #Security techearl.com/usbguard-block-…

PARA QUÉ SIRVE (capacidades clave): → WiFi auditing: monitor mode, handshakes, deauth, evil twin (Mana) → HID Attack / BadUSB: cable USB como teclado malicioso → Bluetooth Arsenal: ataques de proximidad → CARsenal: car hacking sobre CAN bus → KeX: escritorio Kali vía HDMI

🦈 Официальное заявление: прояснение ситуации вокруг ATTACK SHARK R85 HE. Мы обратили внимание на публикацию, в которой утверждается, что R85 HE якобы действует как устройство BadUSB и собирает учетные данные. Мы очень серьезно относимся к вопросам безопасности — поэтому вместо быстрого опровержения мы провели 48-часовой аудит оборудования, проверили логи и протестировали устройство на реальных системах. 🔍 Что мы обнаружили: Утверждения содержат серьезные технические неточности. USB HID-клавиатуры не могут скрытно сканировать файлы, анализировать установленные приложения или выполнять фоновые команды. В R85 HE используется ПЗУ 256K — оно полностью занято официальной прошивкой, без возможности размещения вредоносных скриптов. 📹 Мы опубликовали необработанное демо на реальной системе, где показано: Чистая среда Windows и пустые журналы Microsoft Defender Отсутствие «призрачных» нажатий клавиш и всплывающих окон PowerShell Установка драйверов без каких-либо предупреждений Оригинальный пост был опубликован с нового аккаунта, и несколько модераторов уже удалили его из-за отсутствия доказательств. Мы не делаем предположений о мотивах — наша цель лишь предоставить факты, данные о железе и полную прозрачность. Есть вопросы или сомнения? Свяжитесь напрямую с нашей инженерной командой: support@attackshark.com – Команда ATTACK SHARK

Official Statement: Addressing the Security Rumors Regarding the ATTACK SHARK R85 HE Hello everyone, We recently spotted a post alleging that the ATTACK SHARK R85 HE keyboard functions as a "BadUSB credential harvester." Cybersecurity is something we take with absolute seriousness. Instead of rushing out a generic PR denial, we spent the last 48 hours working with our hardware solution providers and quality control teams to perform a full hardware audit and real-machine verification. As many savvy members in the comments have already correctly pointed out, the claims made in that post contain major technical fallacies. Here is the objective breakdown of the reality: 1. Unedited Unboxing & Real-Machine Demonstration Video To maintain absolute transparency, our team has recorded a comprehensive, unedited demonstration in a clean Windows environment. You can watch the full video on our Official YouTube Channel. In this video, we demonstrate the following step-by-step: Clean Test Environment: We start by showing a fresh Windows environment with completely blank Windows Defender protection logs. The Notepad "Keystroke Monitor": We open a blank Notepad on the desktop. If a device were a malicious BadUSB script-injector, it would be forced to "type" commands to open terminal windows upon connection. As shown in the video, when the R85 HE is plugged in, zero unauthorized windows pop up, no PowerShell instances run, and absolutely no ghost inputs appear in the Notepad. Driver & Software Integrity Check: The OS recognizes the device normally with no alerts. We then seamlessly install, and run both our official desktop driver and our web-based driver. Windows Defender remains completely silent throughout the entire process, flag-free. We welcome any independent reviewers or tech hobbyists to replicate these exact steps in a clean environment. 2. Why the Allegations Contradict Basic Hardware Architecture The OP claimed the keyboard "reconcired first... targeted LastPass... and inventoried every application" silently in the background. Technically speaking, this is an impossibility for a standard peripheral: The "Blind Input" Limitation of USB HID: The R85 HE enumerates strictly as a standard HID keyboard and mouse composite device. Under the USB standard, a keyboard is a blind input channel. It can only send scan codes to the PC; it has absolutely zero permission or hardware pipeline to read host files, scan registry entries, or detect what software is installed. For a BadUSB to execute anything, it must visually type it out on your screen (which is why our Notepad test is a definitive debunking). The "silent background reconnaissance" described by the OP does not exist in standard USB protocol. Microcontroller & ROM Constraints (100% Utilized): The keyboard utilizes the RY5088 MCU with a maximum ROM capacity of 256K. The stock factory firmware completely occupies this entire space down to the last byte (Bootloader: 32K, Core Keyboard Logic: 160K, User Profiles & RGB Configurations: 64K). There is no unallocated physical storage available to house payload archives, nor is there a scripting engine built into the firmware to trigger sequential attacks. The Windows Defender Flag: The screenshot provided by the OP shows a generic Skeeyah.A!bit Trojan infection. A standard USB device cannot spontaneously drop or create an executable file into Windows system directories upon being plugged in. As noted by multiple rational community members, the OP’s host machine was almost certainly already compromised via prior internet vectors, leading to a false correlation when plugging in a new peripheral. 3. Staying Objective We noticed the account responsible for the post was a freshly created user cross-posting the exact same text across multiple subreddits. Since then, moderators in two major subreddits have already removed the threads for policy violations and a lack of verified evidence. We will not speculate on the author's motives—whether it was a false correlation caused by a pre-existing virus or a deliberate attempt to mislead. We prefer to let the raw hardware data and packet logs speak for themselves. We highly value the authentic feedback of every customer and are committed to doing our utmost to help resolve any issues. Regarding controversial statements, we prefer to support our position with facts, as we aim to prevent other guests from being misled by inaccurate information. If you have any further questions or require assistance, please reach out to our engineering support at support@attackshark.com. Best regards, ATTACK SHARK Team

🦈 Official Statement: Setting the record straight on the ATTACK SHARK R85 HE. We saw the post claiming the R85 HE acts as a BadUSB credential harvester. We take security seriously — so instead of a quick denial, we spent 48 hours auditing hardware, reviewing logs, and testing real machines. 🔍 What we found: The claims contain major technical inaccuracies. USB HID keyboards can’t silently scan your files, inventory apps, or execute background payloads. Our R85 HE uses a 256K ROM — fully occupied by legitimate firmware — with zero room for malicious scripts. 📹 We’ve released an unedited real-machine demo showing: Clean Windows environment blank Defender logs No ghost keystrokes or PowerShell popups Driver installs with zero flags The original post came from a new account, and several mods have already removed it due to lack of evidence. We’re not here to guess motives — just to share facts, hardware data, and full transparency. Questions or concerns? Reach our engineering team directly: support@attackshark.com – The ATTACK SHARK Team

Official Statement: Addressing the Security Rumors Regarding the ATTACK SHARK R85 HE Hello everyone, We recently spotted a post alleging that the ATTACK SHARK R85 HE keyboard functions as a "BadUSB credential harvester." Cybersecurity is something we take with absolute seriousness. Instead of rushing out a generic PR denial, we spent the last 48 hours working with our hardware solution providers and quality control teams to perform a full hardware audit and real-machine verification. As many savvy members in the comments have already correctly pointed out, the claims made in that post contain major technical fallacies. Here is the objective breakdown of the reality: 1. Unedited Unboxing & Real-Machine Demonstration Video To maintain absolute transparency, our team has recorded a comprehensive, unedited demonstration in a clean Windows environment. You can watch the full video on our Official YouTube Channel. In this video, we demonstrate the following step-by-step: Clean Test Environment: We start by showing a fresh Windows environment with completely blank Windows Defender protection logs. The Notepad "Keystroke Monitor": We open a blank Notepad on the desktop. If a device were a malicious BadUSB script-injector, it would be forced to "type" commands to open terminal windows upon connection. As shown in the video, when the R85 HE is plugged in, zero unauthorized windows pop up, no PowerShell instances run, and absolutely no ghost inputs appear in the Notepad. Driver & Software Integrity Check: The OS recognizes the device normally with no alerts. We then seamlessly install, and run both our official desktop driver and our web-based driver. Windows Defender remains completely silent throughout the entire process, flag-free. We welcome any independent reviewers or tech hobbyists to replicate these exact steps in a clean environment. 2. Why the Allegations Contradict Basic Hardware Architecture The OP claimed the keyboard "reconcired first... targeted LastPass... and inventoried every application" silently in the background. Technically speaking, this is an impossibility for a standard peripheral: The "Blind Input" Limitation of USB HID: The R85 HE enumerates strictly as a standard HID keyboard and mouse composite device. Under the USB standard, a keyboard is a blind input channel. It can only send scan codes to the PC; it has absolutely zero permission or hardware pipeline to read host files, scan registry entries, or detect what software is installed. For a BadUSB to execute anything, it must visually type it out on your screen (which is why our Notepad test is a definitive debunking). The "silent background reconnaissance" described by the OP does not exist in standard USB protocol. Microcontroller & ROM Constraints (100% Utilized): The keyboard utilizes the RY5088 MCU with a maximum ROM capacity of 256K. The stock factory firmware completely occupies this entire space down to the last byte (Bootloader: 32K, Core Keyboard Logic: 160K, User Profiles & RGB Configurations: 64K). There is no unallocated physical storage available to house payload archives, nor is there a scripting engine built into the firmware to trigger sequential attacks. The Windows Defender Flag: The screenshot provided by the OP shows a generic Skeeyah.A!bit Trojan infection. A standard USB device cannot spontaneously drop or create an executable file into Windows system directories upon being plugged in. As noted by multiple rational community members, the OP’s host machine was almost certainly already compromised via prior internet vectors, leading to a false correlation when plugging in a new peripheral. 3. Staying Objective We noticed the account responsible for the post was a freshly created user cross-posting the exact same text across multiple subreddits. Since then, moderators in two major subreddits have already removed the threads for policy violations and a lack of verified evidence. We will not speculate on the author's motives—whether it was a false correlation caused by a pre-existing virus or a deliberate attempt to mislead. We prefer to let the raw hardware data and packet logs speak for themselves. We highly value the authentic feedback of every customer and are committed to doing our utmost to help resolve any issues. Regarding controversial statements, we prefer to support our position with facts, as we aim to prevent other guests from being misled by inaccurate information. If you have any further questions or require assistance, please reach out to our engineering support at support@attackshark.com. Best regards, ATTACK SHARK Team

Official Statement: Addressing the Security Rumors Regarding the ATTACK SHARK R85 HE Hello everyone, We recently spotted a post alleging that the ATTACK SHARK R85 HE keyboard functions as a "BadUSB credential harvester." Cybersecurity is something we take with absolute seriousness. Instead of rushing out a generic PR denial, we spent the last 48 hours working with our hardware solution providers and quality control teams to perform a full hardware audit and real-machine verification. As many savvy members in the comments have already correctly pointed out, the claims made in that post contain major technical fallacies. Here is the objective breakdown of the reality: 1. Unedited Unboxing & Real-Machine Demonstration Video To maintain absolute transparency, our team has recorded a comprehensive, unedited demonstration in a clean Windows environment. You can watch the full video on our Official YouTube Channel. In this video, we demonstrate the following step-by-step: Clean Test Environment: We start by showing a fresh Windows environment with completely blank Windows Defender protection logs. The Notepad "Keystroke Monitor": We open a blank Notepad on the desktop. If a device were a malicious BadUSB script-injector, it would be forced to "type" commands to open terminal windows upon connection. As shown in the video, when the R85 HE is plugged in, zero unauthorized windows pop up, no PowerShell instances run, and absolutely no ghost inputs appear in the Notepad. Driver & Software Integrity Check: The OS recognizes the device normally with no alerts. We then seamlessly install, and run both our official desktop driver and our web-based driver. Windows Defender remains completely silent throughout the entire process, flag-free. We welcome any independent reviewers or tech hobbyists to replicate these exact steps in a clean environment. 2. Why the Allegations Contradict Basic Hardware Architecture The OP claimed the keyboard "reconcired first... targeted LastPass... and inventoried every application" silently in the background. Technically speaking, this is an impossibility for a standard peripheral: The "Blind Input" Limitation of USB HID: The R85 HE enumerates strictly as a standard HID keyboard and mouse composite device. Under the USB standard, a keyboard is a blind input channel. It can only send scan codes to the PC; it has absolutely zero permission or hardware pipeline to read host files, scan registry entries, or detect what software is installed. For a BadUSB to execute anything, it must visually type it out on your screen (which is why our Notepad test is a definitive debunking). The "silent background reconnaissance" described by the OP does not exist in standard USB protocol. Microcontroller & ROM Constraints (100% Utilized): The keyboard utilizes the RY5088 MCU with a maximum ROM capacity of 256K. The stock factory firmware completely occupies this entire space down to the last byte (Bootloader: 32K, Core Keyboard Logic: 160K, User Profiles & RGB Configurations: 64K). There is no unallocated physical storage available to house payload archives, nor is there a scripting engine built into the firmware to trigger sequential attacks. The Windows Defender Flag: The screenshot provided by the OP shows a generic Skeeyah.A!bit Trojan infection. A standard USB device cannot spontaneously drop or create an executable file into Windows system directories upon being plugged in. As noted by multiple rational community members, the OP’s host machine was almost certainly already compromised via prior internet vectors, leading to a false correlation when plugging in a new peripheral. 3. Staying Objective We noticed the account responsible for the post was a freshly created user cross-posting the exact same text across multiple subreddits. Since then, moderators in two major subreddits have already removed the threads for policy violations and a lack of verified evidence. We will not speculate on the author's motives—whether it was a false correlation caused by a pre-existing virus or a deliberate attempt to mislead. We prefer to let the raw hardware data and packet logs speak for themselves. We highly value the authentic feedback of every customer and are committed to doing our utmost to help resolve any issues. Regarding controversial statements, we prefer to support our position with facts, as we aim to prevent other guests from being misled by inaccurate information. If you have any further questions or require assistance, please reach out to our engineering support at support@attackshark.com. Best regards, ATTACK SHARK Team

Offizielle Stellungnahme: Klarstellung zu den Vorwürfen gegen die ATTACK SHARK R85 HE Wir haben den Beitrag zur Kenntnis genommen, in dem behauptet wird, die R85 HE fungiere als BadUSB-Gerät zum Diebstahl von Zugangsdaten. Da Sicherheit für uns von höchster Bedeutung ist, haben wir diese Vorwürfe nicht mit einer pauschalen Zurückweisung beantwortet. Stattdessen haben wir innerhalb von 48 Stunden eine umfassende Überprüfung durchgeführt, einschließlich einer Analyse der Hardware, einer Auswertung relevanter Protokolle sowie Tests auf realen Systemen. Unsere Ergebnisse Die erhobenen Vorwürfe enthalten erhebliche technische Ungenauigkeiten. USB-HID-Tastaturen können weder eigenständig Dateien durchsuchen noch installierte Anwendungen erfassen oder im Hintergrund Schadcode ausführen. Die R85 HE verfügt über einen 256K-ROM-Speicher, der vollständig durch die reguläre Firmware belegt ist. Es besteht kein zusätzlicher Speicherplatz für versteckte Skripte oder schädliche Funktionen. Um vollständige Transparenz zu gewährleisten, haben wir ein ungeschnittenes Demonstrationsvideo auf einem realen System veröffentlicht. Darin wird gezeigt: Eine saubere Windows-Umgebung mit leeren Defender-Protokollen Keine unerwarteten Tastatureingaben oder PowerShell-Fenster Eine Treiberinstallation ohne Sicherheitswarnungen oder Beanstandungen Der ursprüngliche Beitrag wurde von einem neu erstellten Konto veröffentlicht. Mehrere Moderatoren haben ihn inzwischen aufgrund fehlender Nachweise entfernt. Wir werden nicht über mögliche Motive spekulieren. Unser Anliegen ist es, nachvollziehbare Fakten, technische Informationen und größtmögliche Transparenz bereitzustellen. Für Fragen oder Bedenken steht unser Engineering-Team direkt zur Verfügung: support@attackshark.com ATTACK SHARK Team

USBArmyKnife 🔥 — One USB to rule them all • BadUSB HID (DuckyScript) • USB Ethernet PCAP • WiFi/Bluetooth Marauder attacks • Hot Mic VNC • Hollywood UI Web control Cheap hardware. Insanely versatile. github.com/i-am-shodan/USBAr… RT if you do red teaming 💀 #HackingTools #OpenSource #RedTeamTools

EvilDuck S3 | WiFi BadUSB on a single ESP32-S3. ⚡ One chip. Full control. No drivers needed. 🌐 Web interface. DuckScript. SD card. Autorun. 🔓 Fully open source 🔗 Watch: youtu.be/Hers8yP_MoM #BadUSB #ESP32 #EthicalHacking #RubberDucky #OpenSource

Creative's Katana V2X soundbar accepts unsigned firmware over Bluetooth with no auth, letting attackers 15m away turn it into a BadUSB keyboard. Creative denies any risk, no fix shipped. techtimes.com/articles/31788…