We’re all used to the ease with which we can move data around using networks — and with USB memory sticks.
While networks came later for most people, the flash memory stick has become the equivalent of the old floppy disk: universal and easy to transport. Except its not unusual to find one with 4GB of data while the last mass-market floppy could handle a massive 1.44MB. That’s 0.00014GB. I digress.
The point here is that we know about how networks can be carriers of malware — viruses, spam, and all the other unlovely stuff that some individuals (and groups) create with the express intention of messing up your day. But did you know that the humble USB stick can also be a vector?
That’s because there’s a file on most USB sticks called autorun.inf that tells the PC what program to run when the stick is inserted. If it exists, it runs the application pointed to by the file. The problems is that several malware scripts exploit autorun.inf. When you plug in an infected memory stick, the scripts can change the autorun.inf file so your PC executes the malware which will, at the very least, infect your PC, probably inviting other malware onto it. When you take the stick to another computer, the cycle repeats.
Avasts technical team recently reported that some 13.5 percent of all malware detected by its software originated from a USB stick. As Avast’s Jan Širmer reports in his blog: “This malware is a worm that starts an executable file which then invites a wide array of malware into the computer. The incoming malware copies itself into the core of the Windows OS and can replicate itself each time the computer is started.”
It’s not the first time this phenomenon has been spotted and it surely won’t be the last as experience teaches us that, when it comes to a tussle between security and convenience, convenience wins every time. Alas, Windows’ autorun feature may be convenient, but the operating system doesn’t make the potentially adverse consequences of opening the contents of a stick in Windows Explorer quite so evident.
However — and there always is a ‘however’ isn’t there? — there is a simple remedy: disable autorun — it’s only a one-off task — to give Avast (or whatever you use) time to scan any USB memory device you connect to your PC before you open it up. Here’s a link to Microsoft’s website that tells you how to do it.
One last thing: just because a stick comes from a supposedly reputable source, you cannot assume that the contents of the stick as malware-free: mistakes do and have happened to even the best brands.
Just be aware.
