Bad Guys Using USB Drives to Spread Malicious CodesThe US-Computer Emergency Response Team (CERT) issued a warning on November 20, 2008 that USB flash drive devices are being increasingly used to spread malicious codes, as reported by cnetnews on November 20, 2008. Gunter Ollmann, Chief Security Strategist of ISS Security Division, IBM, said that malicious codes writers are deliberately developing new variants of malware to spread them through USB devices. According to security experts, USB thumb drives are used in a couple of ways to propagate viruses and other malicious software. For instance, a clean USB thumb drive can receive virus from an infected machine while transferring files. The same drive can pass on the virus to other systems if the AutoRun-type feature is running on them. When a CD or a flash drive is inserted in Windows operating system, the AutoRun feature automatically launches installers and other programs. Mac operating systems also follow the same process. Moreover, security experts said that USB sticks claiming to be coming from the legitimate sources may contain malware. For instance, USB 2.0 floppy drive keys came along with ProLiant servers of Hewlett-Packard Co. in April 2008 were infected with malware. Hackers are discovering malicious USB sticks and other gadgets that can be connected to the system through USB drive. These devices contain malicious software capable of stealing sensitive data such as credit card information, account passwords and personally identifiable information. Ollmann, thus, advised computer users not to open USB sticks from unsolicited sources, update patches, and keep PIN number secret. Besides, users can disable the autoplay feature of their systems while inserting USB device and terminate USB drivers. However, these security measures can create problems in connecting to the network and printing, said Ollmann, as reported by SearchSecurity on November 20, 2008. Seeing the rising magnitude of the problem, the US Strategic Command has blocked the use of USB sticks. Security officials also reported that the fast spreading malicious worm - SillyFDC - is forcing experts to raise alarms. Related article: Bot Operator Infects Rubbermaid Computers And Sentenced to Prison ยป SPAMfighter News - 12/5/2008 |    |
Dear Reader
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!
 |  |
