25% Worms Propagate Through Infected USB Devices
Panda Security's anti-malware lab has found that in 2010, 25% of new worms have been exclusively crafted to propagate via USB storage devices linked to PCs. These kinds of hazards can replicate themselves to any other device competent of storing information.
According to the information from Panda Security's Second International SMB (small and medium sized firms) Security Barometer, this method of distributing worms is very effective. As per a survey conducted across 20 nations with responses from around 10,470 companies, it was found that around 48% of SMBs (around 1,000 computers) confessed of being infected by some kind of malware in 2009.
Out of the total respondents, around 27% confirmed that the source of infection was a some kind of USB device plugged to a computer.
Commenting on the issue, Luis Corrons, Technical Director of PandaLabs (Research Division of Panda Security) said that most of the malware in circulation had been designed to propagate via these USB devices, as reported by computerworld on August 26, 2010. He further stated that the malware not only copied itself to these devices, but it also ran automatically when the USB device was plugged into the system and infected the system clearly in front of the user.
Although these kinds of infections are still less compared to the one's propagated through e-mail, it is an emerging trend. Corrons says that there are many gadgets in the market that can be attached to a system like cell phones, MP3 or MP4 player, digicams, etc. This is undoubtedly very simple and handy for users, but as all these gadgets encompass memory cards or internal memory, it is possible that user's cell phone could be having a virus without his knowledge."
Worms automatically gets loaded on the system when the users watched the data of an infected USB drive through a file manger such as Windows explorer.
Meanwhile, this is not the first case of USB infection. Earlier, a worm named Conficker gained worldwide attention after it circulated via flash drives.
William Lynn (U.S. Deputy Defense Secretary) lately disclosed that the entire U.S. Central Command's (CENTCOM) network was jeopardized after an infected USB drive was plugged into one of the network's computer.
Thus, the users have been recommended to employ best security practices to avoid such risks.
Related article: “Loopholes did not cause online banking thefts”: ICBC
» SPAMfighter News - 31-08-2010