If USB flash drive contain any of malware/virus/worm inserted to linux host without being mount (auto mount disabled), does malware/virus/worm will infect host
If it’s a USB stick you don’t trust, you should always be careful. There’s malicious hardware that looks like a USB stick, but pretends to be a keyboard, making malicious inputs. Or hardware which contains condensators that charge up from your USB port and then send a strong electrical pulse into your PC, potentially frying electronics.
Maybe it’s called ‘USB Killer’ (Please Correct Me If I Misunderstood), and thanks for your warning, But i am dealing with a normal USB flash drive.
Yeah, USB-Killer is one of the products that realizes the condensator concept.
Quick answer: no.
Longer answer: if a USB key is inserted but not mounted (as you mentioned) the system does not interact with it in any way, except to log that something has been inserted, so there is no way Linux will be infected.
Longer longer answer: if you insert a USB key, then mount it (for instance read only) the system will no interact or execute anything on the key unless you specifically start a program that is on the key. So it will not be infected either.
Since most viruses and malware are for Windows, you can therefore mount a USB key and start an antivirus program to clean your malware without risking the integrity of your system.
thanks for clarify
This is all true if it is a USB drive, but there is no way to know if it is a regular drive or something more malicious. If you dont know where a USB comes from, the safest thing is to just bin it.
OK, I agree it could be something more malicious, and that the safest solution is always to bin something unknown.
My position is that the op knows the USB device and suspects it has been compromised by connecting it to a windows machine. But the content may be worth salvaging. In that case, my advice still applies.
It’s possible for a USB drive to become infected with BadUSB style malware and do all sorts of shenanigans. This is where the USB controller on the stick is infected allowing it to show up as a keyboard or do other nefarious things. Fairly rare for that to happen though. Most likely you will be fine if you erase it without mounting anything.
