Apparently hackers have started targeting poor end users with a worm that spreads via USB memory sticks. According to Sophos which has reported the security risk:
The SillyFD-AA worm hunts for removable drives such as floppy disks and USB memory sticks, and then creates a hidden file called autorun.inf to ensure a copy of the worm is run the next time it is plugged into a Windows PC. It also changes the title of Internet Explorer windows to append the phrase "Hacked by 1BYTE
What strikes me about this type of threat is that USB memory sticks are everywhere. In fact I got one the other day at a conference. It has become the preferred way to distribute PowerPoint slides. They are very useful. But in making the USB memory stick so pervasive, the IT industry has created another way for hackers to attack corporate IT. I wish someone had considered the security implications before they became so widespread.
