The US Computer Emergency Response Team (US-Cert) is warning users and administrators to be on the lookout following the discovery of a malware outbreak being spread via USB keys.
The rise in attacks was first reported by researchers at Symantec, who noted that the attacks are taking two main forms.
The first infection tactic involves malware which simply copies itself to all storage devices which are connected to the infected PC. The tried-and-true attack method is usually delivered by way of social engineering, often posing as video or application files.
The second method uses the Autorun feature in Windows. The malware copies itself from the infected machine onto a USB drive as 'autorun.inf' allowing the file to automatically execute and perform a new infection when the drive is plugged into another system with Autorun enabled.
USB drive attacks use a method as old as the computer virus itself. Early viruses spread themselves by infecting floppy disks and local networks.
Though the tactic eventually gave way to web page and email borne attacks. Symantec suggested that the increasing use of media players and USB thumb drives is making the tactic popular once again.
In order to avoid attacks, US-Cert is recommending that users and administrators disable autorun for connected devices. Symantec also suggests that administrators set policies which limit the ability of users to mount connected devices unless absolutely necess
Alarms sounded over flash drive infections
By Shaun Nichols on Nov 21, 2008 3:25PM