Experts Detect ‘USB Switchblade’ – A New Endpoint Threat
Researchers have identified an 'endpoint threat' that steals confidential company data from computer systems. 'Centennial Software' that develops 'IT asset' and 'security management solutions' has warned about new 'endpoint malware' called 'USB Switchblade'.
The malware attacks Windows System and filches corporate information such as 'passwords', 'IP data', 'browser history' and 'auto-fill records', and also includes information needed for online banking and other payment systems.
According to security specialists the 'USB Switchblade' allows hackers to intrude into system where they can set up "ghost admin" accounts and execute 'virtual network computing' (VNC). The process enables the miscreants to alter the configuration of the PC, establish privileges to capture more data and acquire remote access to other 'botnets' within the network.
The cyber attacker can download the malicious code from the Internet and load it onto a USB device, gaining access to data from an unprotected endpoint on a PC in an office, call center, or bank.
After downloading the 'USB Switchblade' off the Net and installing it onto a USB device, the hacker can conduct data theft from an unsecured endpoint on a computer. 'USB Switchblade' functions in the reverse way to 'USB Dumper'. USB Dumper steals data from 'portable storage devices' a mechanism that was detected in October this year.
The IT professionals describe the working of the 'malware' in a way where the malicious user downloads it from the Internet and plants it onto a 'USB device'. This then lets the cyber crook to harvest data from any 'unsecured endpoint' on a PC set in an office, call center, or bank. The new threat works in an opposite direction of the 'USB Dumper', first found in October 2006. It steals files and documents from easy- to- carry storage devices.
Andy Burton, CEO at 'Centennial Software' stresses the need for organizations to be more watchful as online thieves develop more creative and ingenious methods to steal both individual and corporate data. 'USB Switchblade' is designed very craftily in not only stealing usernames and passwords but also establishes a backdoor for thieves to gain entry to a computer and stealthily capture sensitive data.
Related article: Experts Find Two Vulnerabilities in Firefox
» SPAMfighter News - 22-12-2006