Photo Kiosks Spread Malware Via USB Sticks
The users of Windows-based photo kiosks of Fuji located in Big W retail stores across Australia are faced upto the danger of having USB drives, and consequently, their PCs infected with malware.
IT consultant Morgan Storey discovered this fact when he found a dubious file on a USB drive which was used by his wife to carry pictures to be developed at a photo kiosk Fujifilm DPC XTR at a Big W store in Mt Gravatt (a suburb of Brisbane).
On scanning the stick with an anti-virus software, it was found to be infected with a phone home Trojan called Trojan.Poison-36. This Trojan is known to block the activity of anti-virus solution, and then looks to drop additional malware onto the system.
As per the claims, the Windows-based Fuji photo kiosks situated in Big W stores supposedly don't run anti-virus solution, and many of them are also compromised.
Morgan said that cybercriminals could have designed against such a thing by abusing software restriction policy, or using policy to make USB drives read-only, reported HELP NET SECURITY on July 6, 2010.
Responding to the allegations raised on Big W, its parent company Woolworths stated that Big W owns 1800 photo kiosks across the country, and that there's extremely low probability of viruses spreading through its kiosks. However, the company is working in collaboration with its partner, Fujifilm, to develop and introduce suitable antivirus solution.
Meanwhile, the company also advised its customers that in order to lessen the already minimal danger, they should stop the use of USB drives and should instead use CDs, DVDs and memory cards at a photo kiosk.
According to security experts, public kiosks are exposed to a huge number of USB sticks as well as other media every month. Thus, it lies very much in the probability range that memory cards and flash drives plugged by users into computers at the kiosks may make their residential or office computer infected.
To conclude, the security experts recommended users to raise their awareness about the newly emerging virus and malware threats. They should also regularly update all the applications on their systems, as well as install antivirus software to avoid virus attacks.
Related article: Path Transversal Attack
» SPAMfighter News - 19-07-2010