Warning! Think Twice Before Using USB Drives
Security researchers have discovered a new data-stealing Trojan that makes special use of USB devices in order to spread itself and does not leave any trace of activity on the compromised systems.
The ‘USB Thief’ Trojan Malware
The USB Thief Trojan malware is stored either as a portable application’s plugin source or as a Dynamically Linked Library (DLL) used by the portable application.
Since USB devices often store popular applications like Firefox, Notepad++ or TrueCrypt portable, once any of these applications is executed, the malware starts running in the background.
USB Thief is capable of stealing data from air-gapped systems – systems that are isolated from the Internet and other external networks.
“Well, taking into account that organizations isolate some of their systems for a good reason,” explained Peter Stancik, the security evangelist at ESET. “Any tool capable of attacking these so called air-gapped systems must be regarded as dangerous.”
The malware runs from a USB removable device, so it don’t leave any traces of its activities, and thus, victims do not even notice that their data had been stolen.
Besides this, USB Thief utilizes a sophisticated implementation of multi-staged encryption that makes the malware harder to detect and analyse.
“This is not a very common way to trick users, but very dangerous,” Stancik said. “People should understand the risks associated with USB storage devices obtained from sources that may not be trustworthy.”
Here’s How you can Protect from being Infected:
- Do not use USB storage devices from non-trustworthy sources.
- Turn off Autorun
- Regularly backup your data