Chromebooks are inherently secure computers – they are essentially immune to viruses and similar threats found on other computers. The one primary weakness is a physical one, but Google is taking steps to fix it.
There is a malicious USB tool called Rubber Ducky that emulates a keyboard and has the ability to inject 1
Since this is a physical weakness, Chromebooks are just as vulnerable Rubber Ducky attacks like other machines. However, Google is working on a new feature for Chrome OS named USBGuard which removes this threat by blocking access to USB ports on locked Chromebooks. This feature does not simply block access to the USB ports all over Card, but keeps the currently used connectors alive. So, if you transfer files from a USB drive and the book goes to sleep, the transfer continues. Similarly, users can whitelist certain devices, such as mice and keyboards, so they are always available regardless of the lockout status of the Chromebook.
The USBGuard flag is already live on the Chrome OS Canary channel for users living dangerous, but should be available to other users on other channels in the coming weeks or months.
ChromeStory via Engadget