USB Gets Silly

It was bound to happen sooner or later.

Someone has written a worm that leverages USB drives as a means of propagation. I'm surprised that it took this long.

Think about it. What are thumbdrives used for? I plug it into my computer, copy a file or two, and then you take it and copy the file to your machine. You might as well be having unprotected sex, except with a bunch of little ones and zeros.

Here's the skinny from Sophos. Ha get it? Worm.. skinny? Ha! Nevermind.

------------------------------------------

Security researchers at Sophos are warning of a new Trojan worm virus that is being spread via infected USB device.

According to the security software maker, the W32/SillyFD-AA program, or Silly worm, automatically spreads itself to any USB storage device connected to a PC it has infected, and then passes itself along to any subsequent machines to which the removable thumb drive is inserted.

Once loaded onto a computer, the worm creates a hidden file labeled as "autorun.inf" from which it continues to propagate itself. Among the only discernable affects of the attack is that it changes the title of users' Internet Explorer browsers to read: Hacked by 1BYTE.

The same type of attack could be used to spread far more malicious programs such as spyware or rootkits.
Such attempts to infect via physical interface could become increasingly popular. According to a recent report published by Centennial Software, removable storage drives have actually become the leading cause of security concern for IT administrators, based on a survey the company conducted at a European conference.

------------------------------------------

Personally, if I were a l33t hax0r filled with all that post pubescent angst trying to stick it to the man, fuck the system, and all that - I would be kinda pissed that my worm got named Silly.

-CG