New Worm Targets Portable Memory Drives

May 5, 2007

Sophos researchers say worm is an example of hackers targeting removable devices in an effort to get around security.

Researchers from security vendor Sophos say a new worm targeting removable drives is an example of a potential security threat for businesses.

The SillyFD-AA worm searches for removable drives such as floppy disks and USB memory sticks and creates a hidden file called autorun.inf so that a copy of the worm runs the next time the device is connected to a computer running Windows. In addition, it changes the title of Internet Explorer windows to say that the computer has been "Hacked by 1BYTE."

In an interview with eWEEK, Graham Cluley, senior technology consultant at Sophos, said the worm has not been widely distributed, and that researchers were warning the public because of the potential danger. It would be easy, he continued, to add to the worm the ability to transmit through other routes, such as e-mail and instant messaging.

"It is interesting to see hackers using different techniques in their attempt to break into peoples' computers," said Cluley, in Abingdon, United Kingdom. "This type of attack is perhaps understandable as so many businesses these days do have e-mail gateway protection in place…they can scan files coming into their company via e-mail attachments, but can't check the files coming in attached to the keychain in peoples' pockets."

Sophos researchers said hackers are increasingly looking for ways to attack businesses that will meet less resistance than more traditional e-mail-borne viruses and malware. The company's security experts advise users to disable the autorun facility of Windows so removable devices do not automatically launch when they are attached to a computer. Any storage device that is attached to a computer should be checked for virus and other malware before use, Sophos officials said.

"Companies may also consider installing software which locks down and controls access to external drives such as USB sticks," Cluley said. "In some firms this may make sense not just because of the malware threat, but also the problem of employees stealing sensitive or confidential information out of a company on their USB drive."

Sophos officials recommend companies automatically update their corporate virus protection, and defend their users with a consolidated solution to defend against the threats of viruses, spyware, hackers and spam.

However, the threat of this particular worm is limited, partly because up-to-date desktop anti-virus software should be capable of intercepting the virus when it tries to run after a user has plugged in the USB memory stick, Cluley said.

Copyright 2007 by Ziff Davis Media, Distributed by United Press International


print this article email this article download pdf blog this article bookmark this article     Stumble it Digg this share on Facebook retweet share on Reddit add to delicious
Rate this story - 4.3 /5 (10 votes)


May 5, 2007 all stories

Comments: 0

4.3 /5 (10 votes)
  • Stumble this up

  • Digg this

  • share this

  • hide

  • Related Stories

  • Worms infesting computers worldwide: Microsoft
    created Nov 02, 2009 | popularity not rated yet | comments 0
  • Conficker worm dabbling with mischief
    created Apr 28, 2009 | popularity not rated yet | comments 0
  • Bogus security software growing threat: Microsoft
    created Apr 08, 2009 | popularity not rated yet | comments 0
  • Conficker worm plays no tricks on April Fools' Day
    created Apr 02, 2009 | popularity not rated yet | comments 0
  • Conficker worm digs in around the world
    created Apr 01, 2009 | popularity not rated yet | comments 0



  • hide

  • Relevant PhysicsForums posts

  • transient heat transfer
    created 7 hours ago
  • Trying to adapt a fuel gage circuit
    created Nov 22, 2009
  • Pushing the piston.
    created Nov 22, 2009
  • Do Camcorders/ Video camera have Sensors in them?
    created Nov 22, 2009
  • More from Physics Forums - General Engineering

Other News

IBM Researchers Lower Language Barrier With Text Translator

Technology / Computer Sciences

created 3 hours ago | popularity 4 / 5 (1) | comments 0

IBM Researchers are helping to break the language barrier with the advent of technology dubbed "n.Fluent" -- smart software that translates text between English and 11 other languages. IBM employees use it to instantaneously ...


Intel logo A

Intel wants a chip implant in your brain

Technology / Hi Tech

created 13 hours ago | popularity 4.1 / 5 (15) | comments 26

(PhysOrg.com) -- Computer chip maker Intel wants to implant a brain-sensing chip directly into the brains of its customers to allow them to operate computers and other devices without moving a muscle.


Just in time for Black Friday: students turn iPhone into barcode scanner

Just in time for Black Friday: students turn iPhone into barcode scanner

Technology / Software

created 1hour ago | popularity 4 / 5 (1) | comments 0

(PhysOrg.com) -- Comparing prices over the Internet has become a common practice for consumers. Now, just in time for Black Friday, a group of Missouri University of Science and Technology students is putting ...


Friends go online at Foursquare to meet offline (AP)

Friends go online at Foursquare to meet offline

Technology / Internet

created 3 hours ago | popularity not rated yet | comments 0

(AP) -- Laura Fitton's ascent has been staggering: In less than a year, she's become mayor of nine different places in several different states, all without giving any speeches or kissing any babies.


HP's profit up 14 pct despite sales drop (AP)

HP's profit up 14 pct despite sales drop

Technology / Business

created 3 hours ago | popularity not rated yet | comments 0

(AP) -- Hewlett-Packard Co.'s profit jumped 14 percent in the latest quarter, helped by cost-cutting and better results from its technology services division.




PhysOrg Account
advanced search
  • follow with twitter
  • follow on facebook
  • read with kindle
  • customize RSS
  • physorg mobile
  • newsletter