Only a year or so after the USB 3.0 Standard came out, a small group of researchers found major flaws in the underlying coding of USB devices. These devices were designed to work across multiple platforms, but unfortunately that brought huge security risks with it. The susceptible code was kept "under lock and key" for many years until information leaks occurred over the past few years. It is now a platform for malware hackers to begin implementing their malicious activities.
Malware programmed right into the devices can NOT be scanned for by even the best antivirus software since the malware resides INSIDE the hardware, not in the storage memory.
"FREE" flash drives are never free, and as many people have found out, these devices were loaded up with malware and sent out in the mail. Hackers, and Chinese, right?
Question: "Should I ever use someone else's flash drive?"
Answer: You never know where that USB device has been. Yuck!@! That flash device could be laden with firmware malware, ready to quickly infect YOUR computer. Every computer the USB is plugged into will become infected. Not my type of fun.
All security folks recommend tossing out USB flash devices of unknown origin. I would NOT even peek at what is on the device.
Don't share your USB devices with friends, nor allow them to put their USB flash drive into your computer.
BE VERY CAREFUL WITH HOW YOU USE THESE DEVICES!!! This is NOT going to be something that can be fixed with time. USB-Type A standards were compromised from the start. Newer USB-C standards are becoming more popular and are much faster as well.