W32/SillyFD-AA worm targets removable drives

Companies are being warned of a worm that spreads by copying itself onto removable drives such as USB memory sticks, and automatically runs when the device is next connected to a computer.

Companies are being warned of a worm that spreads by copying itself onto removable drives such as USB memory sticks, and automatically runs when the device is next connected to a computer.

Internet security firm Sophos said the W32/SillyFD-AA worm hunts for removable drives, such as floppy discs and USB memory sticks, and then creates a hidden file called autorun.inf to ensure a copy of the worm is run the next time it is plugged into a Windows PC. 

It also changes the title of Internet Explorer windows to append the phrase "Hacked by 1BYTE".

Graham Cluley, senior technology consultant at Sophos, said, “With a significant rise in financially motivated malware, this type of worm could be an obvious backdoor into a company for criminals bent on targeting a specific business with their malicious code."

How to remove the threat >>

Forgetful staff leave businesses exposed >>

Device security control and security of portable devices >>

David Lacey’s security blog >>
The latest ideas, best practices, and business issues associated with managing security

Stuart King’s risk management blog >>
Dealing with the operational challenges of information security and risk management

Comment on this article: computer.weekly@rbi.co.uk

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close