W32/SillyFD-AA worm targets removable drives


W32/SillyFD-AA worm targets removable drives

Antony Savvas

Companies are being warned of a worm that spreads by copying itself onto removable drives such as USB memory sticks, and automatically runs when the device is next connected to a computer.

Internet security firm Sophos said the W32/SillyFD-AA worm hunts for removable drives, such as floppy discs and USB memory sticks, and then creates a hidden file called autorun.inf to ensure a copy of the worm is run the next time it is plugged into a Windows PC. 

It also changes the title of Internet Explorer windows to append the phrase "Hacked by 1BYTE".

Graham Cluley, senior technology consultant at Sophos, said, “With a significant rise in financially motivated malware, this type of worm could be an obvious backdoor into a company for criminals bent on targeting a specific business with their malicious code."

How to remove the threat >>

Forgetful staff leave businesses exposed >>

Device security control and security of portable devices >>

David Lacey’s security blog >>
The latest ideas, best practices, and business issues associated with managing security

Stuart King’s risk management blog >>
Dealing with the operational challenges of information security and risk management

Comment on this article: computer.weekly@rbi.co.uk

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy