Worm Spreads and Infects PCs Through USB Ports
World security experts are warning that there are increasing incidents of worms infecting computer systems by entering via USB flash ports. This makes security of devices open to risks of malicious worms and Trojans, more complex.
The Worm Wn32.Agent.wj plants a copy of itself on the root folder of USB flash drives, MP3 or any other storage devices of the system. It acts further by creating 'autorun.inf' configuration file, which spreads the malicious code as a result of plugging the infected drive into another PC.
According to Govind Rammurthy, CEO of MicroWorld Technologies, malware developers are always on search for new devices and areas for proliferating their dangerous creations into an ever-increasing number of computers. This particular worm appears to harm a large number of enterprises just when they have realized the exclusive convenience and easy portability of thumb drives. It is therefore not surprising that virus writers find them equally easy a mode to thrust their malware, reported Network Times on March 1, 2007.
Recently PandaLabs detected a worm known as USBToy.A that works similarly. After infecting a computer, the worm copies itself in a concealed folder when any of the devices like a memory stick; an MP3 player etc. connects to the PC. Later if the same device is connected to a different PC, it infects that too.
Every time the computer is logged on, the malicious USBToy.A displays a Chinese message on the Windows desktop. The worm hides its presence by using the Windows "SetFileAttributesA" and makes it hard to spot it.
Using a hacked USB device it is possible to write malicious code to employ it to seize financial data of any organization. It can then save the data on a file or even air it on the Internet.
The risk of trojans and worms attacking USB Drives and such removable devices is the current threat to data integrity of organizations As the defining line between office, home and a hotel room becomes hazy it is crucial for an executive following the track of fast business, to deploy adequate protection against every type of malicious program, Govind Rammurthy further said.
Related article: Worm Spreads With Random Subject Lines
» SPAMfighter News - 16-03-2007