A USB key can be anything, or even complex combinations of things. It can be a storage device and an HID keyboard input and an optical drive that autoruns software on the PC it is connected to, with all of this being intentionally supported by the host operating system.

No back door is required: This can happen right at the front door, as the operating system does what it is intended to do when it detects new hardware.

And as a parting shot: It can even deliberately physically destroy the host computer's hardware. (Try that with a crafty ZIP file.)