W32/SillyFD-AA worm targets removable drives
Companies are being warned of a worm that spreads by copying itself onto removable drives such as USB memory sticks, and automatically runs when the device is next connected to a computer.
Companies are being warned of a worm that spreads by copying itself onto removable drives such as USB memory sticks, and automatically runs when the device is next connected to a computer.
Internet security firm Sophos said the W32/SillyFD-AA worm hunts for removable drives, such as floppy discs and USB memory sticks, and then creates a hidden file called autorun.inf to ensure a copy of the worm is run the next time it is plugged into a Windows PC.
It also changes the title of Internet Explorer windows to append the phrase "Hacked by 1BYTE".
Graham Cluley, senior technology consultant at Sophos, said, “With a significant rise in financially motivated malware, this type of worm could be an obvious backdoor into a company for criminals bent on targeting a specific business with their malicious code."
Forgetful staff leave businesses exposed >>
Device security control and security of portable devices >>
David Lacey’s security blog >>
The latest ideas, best practices, and business issues associated with managing security
Stuart King’s risk management blog >>
Dealing with the operational challenges of information security and risk management
Comment on this article: [email protected]
Read more on IT risk management
-
![]()
Encrypted memory sticks could cure user carelessness
-
![]()
Stuxnet – the prototype cyber weapon?
By: Warwick Ashford
-
![]()
CW Security Think Tank: What should security professionals do about Stuxnet?
By: Warwick Ashford
-
![]()
New Windows zero-day vulnerability allows USB malware to run, says Sophos
By: Warwick Ashford
