Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Risky USB Flash Drives

Notifications for Security Updates, as well as News and Information from across the web - mostly security minded.

Update Contributors: Members of the Malware Removal University.

Regular Members: Our Regular Members are invited to start and/or participate in all other topics. Join in and share the news that's important to you.

Risky USB Flash Drives

Unread postby eaglehorse » January 8th, 2008, 8:51 am

Here is the link to orrigional article

CES Risk: Free USB Flash Drives

Security researchers warn that flash media given away at trade shows -- or even bought off the shelf -- may contain malware.

By Thomas Claburn
January 7, 2008 03:20 PM

Visitors to the Consumer Electronics Show in Las Vegas this week might want to forgo freebie flash drives, or at least use them with caution. The SANS Internet Storm Center has published several anecdotal reports indicating that computer peripherals like USB flash drives and consumer electronics products like digital picture frames have been found infested with malware.

While a few reports of infectious devices hardly constitute an epidemic, the issue is being taken seriously by security researchers. "USB flash drives are everywhere these days," observed Microsoft (NSDQ: MSFT) security researcher Jesper M. Johansson in an article in the January edition of Microsoft TechNet magazine. "At almost every conference, some vendor is giving them away like candy. Those drives may not have a lot of capacity, but you don't need a lot of storage space to take over an entire network... The technical details of the attack are actually quite simple. It all starts with an infected USB flash drive being inserted into a single computer. What happens then depends on the payload on that drive and, of course, how gullible the user is. "

Given the ongoing success of cyber attacks that rely on social engineering, it appears that gullibility is everywhere these days, too.

In mid-December, Kaspersky Lab senior virus analyst Aleks Gostev penned a blog post describing his experience with an infectious Compact Flash card for his digital camera. "We've already written more than once about viruses and worms which spread via removable storage media by launching automatically from autorun.inf," he said. "A number of users have also come across this type of malicious program. There are also a number of cases where hard disks, flash drives, MP3 players, and other devices were already infected with malware when shipped by the manufacturers."

In a report on the evolution of malware last year, Kaspersky Lab noted that in the first half of 2007, "so-called classic viruses demonstrated the most growth among all malware (+237%)," an increase attributed to the "highly widespread method of using flash drives to spread viruses." An example of this is a Skype worm spotted in September 2007 called Worm.Win32.Skipi.a that attempts to spread through Skype and through copying itself to attached flash drives.

Some of the anecdotal reports published by SANS speculate that the malware infections were made possible by poor manufacturer quality controls. Others suggest the malware might have been installed in retail outlets as a result of poor inventory oversight. And some suggest that malicious software may be installed post-sale, as purchased products that get returned to store shelves as a prank or malicious attack.

"We have heard of USB drives being used," said Kevin Haley, director of Symantec (NSDQ: SYMC) Security Response, in an e-mail. "They have been used for targeted attacks. And they have been used for 'commercials' for the spyware/trackware software the purchaser then attaches to the PC they want to spy on. They are not practical for mass attacks (you have to buy, prep, and distribute the drives). We don't believe it's a significant trend. It's not cost effective."

The bigger fear, said Haley, would be that a manufacturer might unwittingly put malware on a device of some sort.

That appears to be just what happened to the maker of the Victory LT-200 MP3 player, according to a blog post published on Friday by Kaspersky Lab researcher Roel Schouwenberg. The manufacturer "told us they were aware that a few months ago there was a partially infected batch of these MP3 players, and that they'd taken steps to fix the problem," he said.

"Whether it's a picture frame, a digital camera, or any USB, CF, SD, etc. memory card, the portable nature of these devices dredges up of memories of all the floppy boot viruses we used to have to deal with," said David Goldsmith of the SANS Internet Storm Center in a recent blog post. "Care should be taken when attaching storage devices to your computer to ensure you scan them for possible malware and handle them in as secure a fashion as is possible."
User avatar
Regular Member
Posts: 326
Joined: October 6th, 2007, 9:08 am
Location: S.C.
Register to Remove

Re: Risky USB Flash Drives

Unread postby Drewcat » January 8th, 2008, 5:11 pm

Ive been seeing a lot of this infected at the source stuff and it is discomforting. Logical however that bad guys might take this route. Thanks for posting.
User avatar
Regular Member
Posts: 406
Joined: September 22nd, 2007, 7:43 pm
Location: Seattle, Washington

Return to News Desk

Who is online

Users browsing this forum: No registered users and 73 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware