USB Flash drive worm spreads Aids info

By on
USB Flash drive worm spreads Aids info

Worm designed to promote awareness of HIV and Aids.

Security experts have disclosed details of a worm that copies itself onto removable drives, such as USB Flash drives, in an attempt to spread information about Aids and HIV.

The LiarVB-A worm hunts for removable drives such as floppy disks and USB memory sticks, as well as spreading via network shares.

It creates a hidden file called 'autorun.inf' to ensure that a copy of the worm is run the next time the drive is connected to a Windows PC.

Once it has infected a system, it drops an HTML file containing a message about Aids and HIV to the user's drive.

"Much of the malware we see is designed to generate income for the hackers, but this worm is different in that it spreads information about Aids instead," said Graham Cluley, senior technology consultant at Sophos.

"Even though the hackers responsible for this worm are not set on filling their pockets with cash, and may feel that they are spreading an important message, they are still breaking the law.

"In the future we might see more graffiti-style malware being written on behalf of political, religious and other groups looking for a soapbox to broadcast their opinions."

At the bottom of the HTML file is a message which claims that the worm causes no harm. It reads as follows:

'This file Doesn't make harmful change to your computer. This File is NOT DANGEROUS for your Computer and FlashDisk (USB). This File Doesn't Disturb any Data or Files on your computer and FlashDisk (USB). So Dont be affraid, and Be Happy!'

"It is nonsense to say that this worm does not harm computers. It makes changes to a PC's settings and overwrites files," said Cluley.

"There is no such thing as a useful virus. Companies should be allowed to decide for themselves what code runs on their computers rather than virus writers thinking it is OK to inject whatever code they like into corporate networks."

Sophos warned last month of another family of worms which target Flash drives, this time changing installations of Internet Explorer to say that they were 'Hacked by 1BYTE'.

The company has urged users to disable the autorun facility in Windows so that removable devices such as USB keys and CD-Roms do not automatically launch when attached to a PC.
Copyright ©v3.co.uk
Tags:
aids drive flash info security spreads usb worm

Most Read Articles

Devastating flaw puts almost every wi-fi network at risk

Devastating flaw puts almost every wi-fi network at risk
NBN Co works to recover cost of network damage

NBN Co works to recover cost of network damage
Subaru key fob vulnerability lets hackers unlock cars

Subaru key fob vulnerability lets hackers unlock cars
Telstra builds 900 machine learning models for marketing overhaul

Telstra builds 900 machine learning models for marketing overhaul
You must be a registered member of iTnews to post a comment.
| Register

Whitepapers from our sponsors

The 5G Business Potential – Industry digitalisation and the untapped opportunities for operators
The 5G Business Potential – Industry digitalisation and the untapped opportunities for operators
Solving IT complexity
Solving IT complexity
Optimising Enterprise Data Centres for the Cloud
Optimising Enterprise Data Centres for the Cloud
Growing companies have a growing interest in technology
Growing companies have a growing interest in technology
RSA NetWitness® Endpoint. Respond 3X Faster to Threats
RSA NetWitness® Endpoint. Respond 3X Faster to Threats

Events

Log In

Username:
Password:
|  Forgot your password?