Patterns Begin to Form
Attackers quickly discovered that they could use the Autorun functionality to their advantage, and an assortment of custom firmware and attack strategies were developed for certain USB drives. These types of modified drives, which are commonly known as "USB switchblades" or "USB Hacksaws," are easily made.
Because Microsoft operating systems prior to Vista and XP Service Pack 3 would automatically execute commands in the autorun.inf file, an attacker could potentially compromise a system simply by having the USB drive inserted into a target system. Attackers could use social engineering or surreptitious physical access to get the USB drive into a target machine.
This type of attack has enjoyed several years of success and is still a viable method today. Many different variations and methods of this attack are possible and have been widely documented. As the severity and potential impact from this type of attack became more widely known, security vendors started making tools that would detect USB hacksaw attacks. While this attack can still slip under some security monitoring tools, most modern versions of the Microsoft operating system have been patched against this type of attack and there is significant awareness of it.