TechTarget

W32/SillyFD-AA worm targets removable drives

Companies are being warned of a worm that spreads by copying itself onto removable drives such as USB memory sticks, and automatically runs when the device is next connected to a computer.

Antony Savvas
Follow:

Companies are being warned of a worm that spreads by copying itself onto removable drives such as USB memory sticks, and automatically runs when the device is next connected to a computer.

Internet security firm Sophos said the W32/SillyFD-AA worm hunts for removable drives, such as floppy discs and USB memory sticks, and then creates a hidden file called autorun.inf to ensure a copy of the worm is run the next time it is plugged into a Windows PC. 

It also changes the title of Internet Explorer windows to append the phrase "Hacked by 1BYTE".

Graham Cluley, senior technology consultant at Sophos, said, “With a significant rise in financially motivated malware, this type of worm could be an obvious backdoor into a company for criminals bent on targeting a specific business with their malicious code."

How to remove the threat >>

Forgetful staff leave businesses exposed >>

Device security control and security of portable devices >>

David Lacey’s security blog >>
The latest ideas, best practices, and business issues associated with managing security

Stuart King’s risk management blog >>
Dealing with the operational challenges of information security and risk management

Comment on this article: computer.weekly@rbi.co.uk

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Register

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close