W32/SillyFD-AA worm targets removable drives

News

W32/SillyFD-AA worm targets removable drives

Antony Savvas

Companies are being warned of a worm that spreads by copying itself onto removable drives such as USB memory sticks, and automatically runs when the device is next connected to a computer.

Internet security firm Sophos said the W32/SillyFD-AA worm hunts for removable drives, such as floppy discs and USB memory sticks, and then creates a hidden file called autorun.inf to ensure a copy of the worm is run the next time it is plugged into a Windows PC. 

It also changes the title of Internet Explorer windows to append the phrase "Hacked by 1BYTE".

Graham Cluley, senior technology consultant at Sophos, said, “With a significant rise in financially motivated malware, this type of worm could be an obvious backdoor into a company for criminals bent on targeting a specific business with their malicious code."

How to remove the threat >>

Forgetful staff leave businesses exposed >>

Device security control and security of portable devices >>

David Lacey’s security blog >>
The latest ideas, best practices, and business issues associated with managing security

Stuart King’s risk management blog >>
Dealing with the operational challenges of information security and risk management

Comment on this article: computer.weekly@rbi.co.uk


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy