Small Business Digest Header Icon   •    •    •    •    •    •    •  
Small Business Digest


Flash Drives As Giveaways May Be Carrying A Computer Virus Or Worse

Visitors to trade shows and other events might want to forgo consumer electronics products like digital picture frames and USB flash drives.

Reports are surfacing that some of these giveaways have been found infested with malware.

While a few reports of infectious devices hardly constitute an epidemic, the issue is being taken seriously by security researchers.

"USB flash drives are everywhere these days," observed former Microsoft security researcher and author Jesper M. Johansson.

He wrote in the January edition of Microsoft TechNet magazine,>

"At almost every conference, some vendor is giving them away like candy. Those drives may not have a lot of capacity, but you don't need a lot of storage space to take over an entire network.

"The technical details of the attack are actually quite simple. It all starts with an infected USB flash drive being inserted into a single computer. What happens then depends on the payload on that drive and, of course, how gullible the user is," he adds.

Given the ongoing success of cyber attacks that rely on social engineering, it appears that gullibility is everywhere these days, too.

In mid-December, Kaspersky Lab senior virus analyst Aleks Gostev penned a blog post> describing his experience with an infectious Compact Flash card for his digital camera.

"We've already written more than once about viruses and worms which spread via removable storage media by launching automatically from autorun.inf," he said.

"A number of users have also come across this type of malicious program. There are also a number of cases where hard disks, flash drives, MP3 players, and other devices were already infected with malware when shipped by the manufacturers," he added.

In a report on the evolution of malware last year, Kaspersky Lab noted that in the first half of 2007, "so-called classic viruses demonstrated the most growth among all malware (+237%)."

An increase he attributed to the "highly widespread method of using flash drives to spread viruses."

An example of this is a Skype worm spotted in September 2007 called Worm.Win32.Skipi.a that attempts to spread through Skype and through copying itself to attached flash drives.

Some of the anecdotal reports published by SANS speculate that the malware infections were made possible by poor manufacturer quality controls.

Others suggest the malware might have been installed in retail outlets as a result of poor inventory oversight. And some suggest that malicious software may be installed post-sale, as purchased products that get returned to store shelves as a prank or malicious attack.

"We have heard of USB drives being used," said Kevin Haley, director of Symantec

He is quoted as saying "They (flash drives) have been used for targeted attacks. And they have been used for 'commercials' for the spyware/trackware software the purchaser then attaches to the PC they want to spy on. They are not practical for mass attacks (you have to buy, prep, and distribute the drives). We don't believe it's a significant trend. It's not cost effective."

The message from all of this technical analysis?

Be careful of the next free flash drive or giveaway you receive.  It may be a Trojan Horse you might not want to see.

© 2018, Information Strategies, Inc.
P.O. Box 315, Ridgefield, NJ 07657