25 percent of all malware now targeting USB storage devices

25 percent of all malware now targeting USB storage devices.

[newsimage]http://static.rankone.nl/images_posts/2010/08/Nas7Mb.jpg[/newsimage]A new report released by PandaLabs reveals that 25 percent of malware that has been discovered so far this year has been programmed to spread through the use of USB devices connected to users computers.


Read the full article here: [http://www.myce.com/news/25-percent-of-all-malware-is-now-targeting-usb-storage-devices-33797/](http://www.myce.com/news/25-percent-of-all-malware-is-now-targeting-usb-storage-devices-33797/)


Please note that the reactions from the complete site will be synched below.

Rotflmao. Floppy disks, internet & now usb devices … We are devolving :iagree:

[QUOTE=debro;2541525]Rotflmao. Floppy disks, internet & now usb devices … We are devolving :iagree:[/QUOTE]

What else would there be?? lol… people are so lack of thinking they pickup any USB stick on the ground not thinking wait is that really a free USB or just a malware waiting to launch itself?? People should take more time and think like just step and break it that will deter the malware thief from putting more USB out there like that in the street or parking lot. That where most of the USB malware stories I hear happen people not thinking and saying wait why would someone put a free USB stick for anyone to take??? :cop: It should be painfully obvious they did it for no good intention but for their own gain and spreading of their malwares. At least now Win7 Ult for me prevents autorun by default but I know the majority if not most are still XP and those are the target O/S that get nailed with the USB malware trojan horse sticks… People including government should take more education and know that nothing is ever free including a USB stick laying around for anyone to pick up…that is a Fact of life “[B]Nothing is ever free[/B]” or “[B]Comes without consequences[/B]”. If people just take a little time and think which most forgot how to think considering they are the most likely to help infect the malware more.

Use some usb security software to prevent infection, no big deal…
Google is your friend!

Even with Autorun disabled, I’ve seen malware do other means to spread via flash drives. For example, I’ve seen viruses that replace documents, MP3s, etc. with the malware executable under the same name and using the same icons as the original file types they replaced.

By default, file extensions are hidden in Windows, including Windows Vista & 7, so if someone launches malware disguised as a document and clicks “Yes” to the UAC prompt thinking “It’s only a Word file, what harm can a document do?” . . .

But then this is not the original name.
Instead it is something like secret_pr0n.doc.exe (if the extension were shown)

Michael

[QUOTE=petremure;2541771]Use some usb security software to prevent infection, no big deal…[/QUOTE]Your security concept is broken if you rely on additional software.
Software restriction policies and restricted user accounts are much more powerful than any “security software”.
Bing is your friend :slight_smile:

Michael

[QUOTE=mciahel;2541797]But then this is not the original name.
Instead it is something like secret_pr0n.doc.exe (if the extension were shown)[/QUOTE]

In the cases I’ve seen, going back to ~2002 when I was at university, the infection actually deleted the original files and the infected replacements only had an executable extension, not a double extension like infected e-mail attachments. I don’t remember the name of this infection, but it was a pain at the time. Another issue at the time was programming students who use to create pranks by giving their payload the icon of a folder and placing it on a public share.

The following simulates examples of how it would have looked. Now imagine a novice user opening a folder or pen drive they found to see following. A more cautious user who may get suspicious about the two files may still wonder what’s in the folder…

This is the same content, but with the hidden extensions revealed: :wink:

Admitted, this is really evil. At least for novice users.
Also, in this case, software restriction policies would have prevented the user from executing the malware :smiley:

Michael

[QUOTE=mciahel;2541925]Admitted, this is really evil. At least for novice users.
Also, in this case, software restriction policies would have prevented the user from executing the malware :smiley:

Michael[/QUOTE]
But who else would be dumb enough to open executable files, thinking they were documents/folders?

[QUOTE=mciahel;2541797]But then this is not the original name.
Instead it is something like secret_pr0n.doc.exe (if the extension were shown)

Michael[/QUOTE]
I’d run that, on a virtual machine, with read only attribute set on the virtual HDD, sandboxed, just for the novelty :iagree:

[QUOTE=debro;2541970]But who else would be dumb enough to open executable files, thinking they were documents/folders?[/QUOTE]
Lots of people, apparently, since 25% of all malware is now targeting USB storage devices and a lot of it is this kind of thing…

I think the default setting of hiding file extensions on the Windows OS is a terrible idea.

[QUOTE=Blu-rayFreak;2542180]Lots of people, apparently, since 25% of all malware is now targeting USB storage devices and a lot of it is this kind of thing…

I think the default setting of hiding file extensions on the Windows OS is a terrible idea.[/QUOTE]
Windows 7 at least makes a small improvement in usability which is significant.

When you have file extensions shown, and you rename a file, windows 7 automatically selects the filename, but excludes the extension, and if the user STILL changes the file extension, it asks “are you sure? The file may become unusable” - no more accidental filetype changes :wink:

It’s almost safe to let the average user have file extensions shown :iagree:

Of course, in the case of newbs, or persistent PEBKACS (like my parents), there’s really nothing you can do to save them from themselves - and locking up the PC with limited accounts, no program installs, no unsafe attachments, no autorun, antivirus, anti-malware, browser management & etc are still required.

What is wrong with these people. Avast Pro watches everything I open, much less load into the PC. What are they using for protection: BB Guns??

theolefart

Has this been mentioned?.. Delete the Autorun.inf file from your USB drive and then just create a folder instead - with the same name - Autorun.inf

Then from the command prompt, type the following, from the USB drive prompt:

attrib Autorun.inf -a +r +h +s

This will make the folder read-only, hidden and system (a system file, “protected”). Then to open your USB drive, you will have to right-click it from “My Computer” & select Open. Temporary solution, as many/most USB virii can, still, actually delete your folder and re-create a malicious Autorun.inf

P.S.
Many websites offer this kind of information, a google query for “protect your usb autorun.inf” will bring some up; 4 example:

imod.co.za/2010/06/15/protect-your-usb-drive-against-autorun-inf-viruses/

Many ways to keep this from happening:

  1. Don’t let your friends or family touch your Flash, or External HDD’s.

  2. Turn off Autorun, or hold shift while inserting Removable Drives.

Many easy ways to get rid of the Removable Drive virus’ if you get infected:

  1. The Free version of Panda Cloud Anti-Virus stops the Malicious Autorun from running, so I recommend this for most people.

  2. If you do get infected with it, it may disable most Anti-Virus programs, so get the Free Home Version of Avast, and run a Bootup Scan, then Run Malwarebytes after the PC comes up. This will surely work, for it hasn’t failed yet.

I see many workers and family members with these Autorun virus’, fairly easy to get rid of, so it’s not a HUGE deal.

[QUOTE=loanstar744;2545062]Removable Drive virus’[/QUOTE]
^^

[ol]
[li]Removable Drive’s virus
[/li][li]and/or Removable Drives’ virii
[/li][li]and/or Removable Drives virii
[/li][/ol]

:wink: :slight_smile:

P.S.
Plural form of words ending in -us

“Usage of virii within Internet communities has met with some resistance, most notably by Tom Christiansen, a figure in the Perl community, who researched the issue and wrote what eventually became referred to in various online discussions as the authoritative essay on the subject,[6] favoring viruses instead of virii.”

[QUOTE=old5chool;2547538]^^

[ol]
[li]Removable Drive’s virus[/li][li][I]and/or[/I] Removable Drives’ virii[/li][li][I]and/or[/I] Removable Drives virii[/li][/ol]

:wink: :slight_smile:

P.S.
Plural form of words ending in -us”[/QUOTE]

No worries, I just have to spell it like that or my fellow workers or family get confused or don’t know what I’m talking about.

Hey, good of you to post… Apparently I screwed myself! xd dictionary.reference.com/cite.html?qh=viruses&ia=ahsmd Next I’m guessing whether girls who got big hands sport huge cans? :slight_smile:

img405.imageshack.us/img405/1714/018800717.jpg

[QUOTE=old5chool;2548120]Hey, good of you to post… Apparently I screwed myself! xd dictionary.reference.com/cite.html?qh=viruses&ia=ahsmd Next I’m guessing whether girls who got big hands sport huge cans? :slight_smile:

img405.imageshack.us/img405/1714/018800717.jpg

[/QUOTE]

XD That’s an interesting assumption, and from what I’ve seen might actually be true.

Also, don’t worry about it, everyone is bound to goof every once in a while, like myself, but no big deal.