Print
Discuss
Send to friend
RSS feedsThe US Computer Emergency Response Team (US-Cert) is warning users and administrators to be on the lookout following the discovery of a malware outbreak being spread via USB keys.
The rise in attacks was first reported by researchers at Symantec, who noted that the attacks are taking two principal forms.
The first tactic involves malware which simply copies itself to all storage devices connected to the infected PC. This tried-and-true method is usually delivered by way of social engineering, often posing as video or application files.
The second method uses the Autorun feature in Windows. The malware copies itself from the infected machine onto a USB drive as 'autorun.inf', allowing the file to execute automatically and perform a new infection when the drive is plugged into another system with Autorun enabled.
USB drive attacks use methods as old as the computer virus itself, early versions of which spread by infecting floppy disks and local networks.
The tactic eventually gave way to web page and email borne attacks, but Symantec suggested that the increasing use of media players and USB drives is making the tactic popular once again.
In order to avoid attacks, US-Cert recommends that users and administrators disable Autorun for connected devices. Symantec also suggests setting policies which limit the ability of users to connect USB devices unless absolutely necessary.
See also:
Closure of spam network unlikely to have long-lasting effect 20 Nov 2008
Free 'Morro' service to replace Windows Live OneCare in 2009 19 Nov 2008
Security and compliance rules could nix president-elect's BlackBerry 18 Nov 2008
Windows Mobile attack rehashes dated infection technique 14 Nov 2008Company accused of hosting spam servers for online scammers 13 Nov 2008All Hacking Tags: Us-cert, Symantec, Flash, Usb, Hardware, Security
del.icio.us
Digg this
reddit!
