New Worm Targets Portable Memory Drives

May 05, 2007

Sophos researchers say worm is an example of hackers targeting removable devices in an effort to get around security.

Researchers from security vendor Sophos say a new worm targeting removable drives is an example of a potential security threat for businesses.

The SillyFD-AA worm searches for removable drives such as floppy disks and USB memory sticks and creates a hidden file called autorun.inf so that a copy of the worm runs the next time the device is connected to a computer running Windows. In addition, it changes the title of Internet Explorer windows to say that the computer has been "Hacked by 1BYTE."

In an interview with eWEEK, Graham Cluley, senior technology consultant at Sophos, said the worm has not been widely distributed, and that researchers were warning the public because of the potential danger. It would be easy, he continued, to add to the worm the ability to transmit through other routes, such as e-mail and instant messaging.

"It is interesting to see hackers using different techniques in their attempt to break into peoples' computers," said Cluley, in Abingdon, United Kingdom. "This type of attack is perhaps understandable as so many businesses these days do have e-mail gateway protection in place…they can scan files coming into their company via e-mail attachments, but can't check the files coming in attached to the keychain in peoples' pockets."

Sophos researchers said hackers are increasingly looking for ways to attack businesses that will meet less resistance than more traditional e-mail-borne viruses and malware. The company's security experts advise users to disable the autorun facility of Windows so removable devices do not automatically launch when they are attached to a computer. Any storage device that is attached to a computer should be checked for virus and other malware before use, Sophos officials said.

"Companies may also consider installing software which locks down and controls access to external drives such as USB sticks," Cluley said. "In some firms this may make sense not just because of the malware threat, but also the problem of employees stealing sensitive or confidential information out of a company on their USB drive."

Sophos officials recommend companies automatically update their corporate virus protection, and defend their users with a consolidated solution to defend against the threats of viruses, spyware, hackers and spam.

However, the threat of this particular worm is limited, partly because up-to-date desktop anti-virus software should be capable of intercepting the virus when it tries to run after a user has plugged in the USB memory stick, Cluley said.

Copyright 2007 by Ziff Davis Media, Distributed by United Press International

Explore further: Singapore moves to regulate taxi booking apps

add to favorites email to friend print save as pdf

Related Stories

When the ATM runs Windows, how safe is your money?

Oct 13, 2014

How safe is Microsoft Windows? After all, the list of malware that has caused major headaches worldwide over the last 15 years is long – viruses, worms and Trojans have forced computers to shut down, knocked South Korea offl ...

Is your USB stick the enemy?

Aug 12, 2014

Computer users everywhere are looking at the USB stick sat next to their computer this week with trepidation. Many are now wondering if this trusted friend has turned against them now that cybersecurity experts ...

Global wave of Flame cyber attacks called staggering

May 28, 2012

(Phys.org) -- Kaspersky Lab has discovered complex malware that has been in operation for at least five years, collecting data from countries including both Israel and Iran. Kaspersky experts think the masterminds ...

NATO mobilises for cyber warfare

Nov 18, 2010

In 1989, before the Internet revolution, Suleyman Anil was the lone man in charge of the security of NATO's IT system, armed with a single computer.

Recommended for you

Singapore moves to regulate taxi booking apps

Nov 21, 2014

Singapore on Friday announced new rules for mobile taxi booking apps, including US-based Uber, in the latest move by governments around the world to regulate the increasingly popular services.

Protecting personal data in the cloud

Nov 20, 2014

IBM today announced it has patented the design for a data privacy engine that can more efficiently and affordably help businesses protect personal data as it is transferred between countries, including across private clouds.

Gift Guide: Dragons, aliens, heroes for the gamer

Nov 19, 2014

Sony's PlayStation 4 video-game console has built an impressive lead over its competitors. That's good news for holiday shoppers because it has driven Microsoft and Nintendo to offer more budget-friendly ...

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.