Detecting malware-infected USB drives

You don't need anti-virus. Simply look at the contents of one of the drives. Are they empty? Fine, then you are ok. Pull random samples out and check them.

If you asked the vendor to put files on the drive, such as promotional materials for you company, then makes sure that the files match precisely.

Remember: do this from a machine with the latest patches. For example, you don't want to do this with a Windows machine with autorun enabled, or the virus will hop to your machine, infect it, then hide its files from you. A recent Mac or Linux machine will probably be safe.

Beware that USB drives can have multiple "partitions", one of which might appear as a CD-ROM drive. Check not just the one you expect, but these additional partitions as well.

All this assumes the device acts as a normal flash drive. Hackers can do something more nefarious, such as pretend to be a keyboard and inject keystrokes that log the hacker in. It's so unlikely that you don't have to worry about it, but if you do, then you'd have to hire an expert to test them.

Lastly, because of these security concerns, promotional USB drives are a very bad promotional items. Most Fortune 500 corporations and the military have rules dictating that such drives should be destroyed, and never plugged into a computer.


The simplest option is actually to set up a machine with a couple of antivirus/antimalware products on it, with no connectivity to other networks, and plug the devices in.

It is not foolproof by any means, but to get a deep assurance you would have to examine the driver files and that is likely to be time consuming and uneconomic. Depending on where you are, you may have a strong contract with the company that sold them to you, but even if not, if you find malware, you could offer them the option of providing you with clean ones or never getting your business again...


The easiest way would probably be to reformat them all. Might take some time though, depending on how many you have.