|
|
|
New Worm Targets Portable Memory Drives
By: Brian Prince
2007-05-04
Article Rating: / 0
There are 0 user comments on this Network Security & Hardware story.
Sophos researchers say worm is an example of hackers targeting removable devices in an effort to get around security.Researchers from security vendor Sophos say a new worm targeting removable drives is an example of a potential security threat for businesses.
The SillyFD-AA worm searches for removable drives such as floppy disks and USB memory sticks and creates a hidden file called autorun.inf so that a copy of the worm runs the next time the device is connected to a computer running Windows. In addition, it changes the title of Internet Explorer windows to say that the computer has been "Hacked by 1BYTE."
In an interview with eWEEK, Graham Cluley, senior technology consultant at Sophos, said the worm has not been widely distributed, and that researchers were warning the public because of the potential danger. It would be easy, he continued, to add to the worm the ability to transmit through other routes, such as e-mail and instant messaging.
"It is interesting to see hackers using different techniques in their attempt to break into peoples computers," said Cluley, in Abingdon, United Kingdom. "This type of attack is perhaps understandable as so many businesses these days do have e-mail gateway protection in place…they can scan files coming into their company via e-mail attachments, but cant check the files coming in attached to the keychain in peoples pockets."
Sophos researchers said hackers are increasingly looking for ways to attack businesses that will meet less resistance than more traditional e-mail-borne viruses and malware. The companys security experts advise users to disable the autorun facility of Windows so removable devices do not automatically launch when they are attached to a computer. Any storage device that is attached to a computer should be checked for virus and other malware before use, Sophos officials said.
 An old worms return provides a reminder to keep security up to date. Click here to read more.
"Companies may also consider installing software which locks down and controls access to external drives such as USB sticks," Cluley said. "In some firms this may make sense not just because of the malware threat, but also the problem of employees stealing sensitive or confidential information out of a company on their USB drive."
Sophos officials recommend companies automatically update their corporate virus protection, and defend their users with a consolidated solution to defend against the threats of viruses, spyware, hackers and spam.
However, the threat of this particular worm is limited, partly because up-to-date desktop anti-virus software should be capable of intercepting the virus when it tries to run after a user has plugged in the USB memory stick, Cluley said.
Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.
|
|
�������x}v⸲Z��I>13IC/�H!d�3=2�OͶMy��o$�v �ݽϝI�\RJR�{{o~$rhiOH1��%3�zTwI}"I�~xk#(7
Z)rd�uBԲ�\3f�өS7�?`����+,�Q � tjOt0]2d�s6!esM'cߨ�``1Zm8lR�B'A�jw��(EJ�h]�P(�uxe�$oqP}ؾ_�T�9ÙNL}!
{�>"B%h��1Qus_7?~#�f��gB(ʻ�F�ziҖGdd9-r4=y͠*{�� /\1r.ddqM[C/�,gOrD�ƞ4HC+d!�LJ^`:r,#��GNX�STVHf̴;kj�4[kbc{K
7}(�$gtj.vߟF?(���k��8Q1̋)g�?L�G$9N؎MWEn�ڏ�MKm_j|�4v:�8"�z5z�x�KHU6�м)g_2o:v�t\a_dY3�ML6oS_֭cU)�Zp\*Vr7mù,^|6q*syݙ/
�EU�ns~#>GA
Gf�mG)-Ǒ4�Pt;~l@.{���oQ\`'H�H_L�Z.��JX<řȃ Tr3�u3P礋\獒A_pa鰨�cX@v�qna�5=�3�+i3��YN:AK~2/�NM�N�/fٚY�J��d�T�0�LzUYsY�;>'g�:�Q��ڟ-lOk�կ`:�['^=:$~Y䎺�54�0���V+�JJ-2OUL}xE$Y)rk"���ٞBd}#�;�g�cM�<�~xAh6
2T��a��]v�jWЬrxx[cW)�>r�5$yWϝ�7��hr�
Ce)#p?SͅI��hJq�䠉c,YSl �RNFB@�X\��U��>q"E[fT}O��8{3B�qɝ`g@�ы �BD4?CC���0"pd/nj?uK˚��ɻfuݜn҅5]We
wUCLK�\zcO�guEW~�?u~]�8^%g�5F0�h�eݴ%!��8W5MGZ9LG탯fv\��J���G�-dj`q�ayΔA7vφ���:NQ�m6?3jY}vi |��
I�}Ц�ޣ87}M����H/0i�\~�{ͥn<&tayPŞ+�CߜQo^ϩ`��I�
�l"�vڹe3����%P͝�H�CJ$l%K�W�{́n '�[Ar�S.�hfh:6-�yL#;WO{6R^)#0k4;�a\(*JDe�l��q-Zr�3v,˹Ϧ�qzI8|�1L�`_�miT83G,#BU��FD�e�
3/?4X)029�_��>YP߉ ܕV�����R5]֙32-Rn:=9Ģ\Qۂ+�B%� ` N� {ҧ|h�:>#X�& ,#E�.2��JA���46�\,0�|,W*Uˈ`n�+V/(�� 7]@�.�&X��Ӟ?DNS}O].C+DÜU^-bx��/$jXU#r�C(Jz\R*qVJ/wq�)4ޜ�)rs`~>�g4Mc٧Pz;���gn�!Wڒߙ�[W`eaSƘ=H�?`SEt�/ÊT);s9W*RD�[�'��ɂX
�VP�ŖGask'��k��0E��C?%��H�*�7hRhý23URzJM;OP,'�;Ђw>+?�iQ�Y�f0`%5-*�Jqe��(����ޒQ'�Cŕ9��
G[ݮcfu>:k}��\W
ZQa߯EU�X^�:څH����Q�i3
9��|
q?qߎ3XA�mbJxނ�9"yea@WIl��֊�hL;[JONMа6>̋y�L�[u3up]g8��oiv��Qly2�B#���d߉�g&z�>�m!\�Dr?nnx��P�C"�ǣj9�`LfaN'1�u?akF&�w��LŌY�2r
L_AF`52A.rW�D wl~+㧐os�C/���ܒ;� f 퇫�|*�81FlK6,~x�Vf�6)E|�\D"pLn�ap�zCdD">iK-&�an$��0�|��[rR)Y���
{4wl^?iJ#whk�_R�{4@,!Y*
e
4v=.EЋ1ui&&l|dǶ�Ge7M�#3�pTAk�oZ,U�eX379R9lz�(�rM5�E
|j�ŏh(5rH�D!I�(u(%ť�Iպi2R�KbU)�b<*�쵊jdm
�
��l⊖vJͥg`kH?"�B�5�5��a2��OvF^�Iў@�|b0�hA�w53yB8f'Su$N,+!Uq]�w3M#>ր�h
k0~f�Y��V|�ejMRԞD'�L4 �|�bߏ
uRģTTS7=5>A"wS[�U�5c��:�#RR�hw�ĶZVr?'}Da�!`�T}V�Dw),E~w9ހg9�|R)TU�dP�%�\x�O}+�4C��Zoi�'T�nz߽\'Gwƒ"'!Z+7�3,�q�vë��V15/ȷ���\~>Z+>
п"}QL
X7I�@��Ew%]�7�U�}ֻ�Hgn��1`<=W~g]����fcr;�)�Zyyϵ%<�47sjzD�V%]>\N͏-�øBoٳ��P �K �cD16bx+]=/aoVta�.g BF@�qDWNzA+t:Kߧ5?wL.:m)�ޠw%y07�&Լ輻n48�`�xѤȢ8B̔cxH>ן��6� Bj
Bu\z5g�^ |ƹ�}UYhr�slPT4GS!ކq�֭�̚_�f?ĄB?jΎy0�P(���� c@JA=�6ohuW�Oi�{k�D-����b�ca�JF�rM�=#�ijVwLW$'Q�):�(9QA(Kѷo%F߀>1K_4��~
ɮPR��pL�6as\|$�B2�^'28�/:}hp)9��ڏI���a�]Z�il}
zsDaP;DZ3pu*dhw+-R!UkE��wWcU+�T���FE:'%:�m�B�}ޟ{�_�14�+ߙL,*z5\mvkfv?sL:�>dOC@/-vd1^4Yo��a'AXyMw�Vrl8w@rs&�8<��#P`-ݺ�ܭ)�g$`D@3=ég涣A� jm3�JN��
�X��W+i�Ɵ�p$|+؊w�O��Z�{kE�|;̔-u�\w�W�)�&5�!%O4y˭ LdT�/soFK[�⹏^}lQߏo^%~<-��KX#N��h�<:KBg�uT*�~`.z_n:�8Yz9/�l<�
*,
SsΗzvn�b��JD~M**O";pi=j,0a΄#@�<
gtcd1qWZ7^�ЖztfښY�Z53��M�\:ЮU8TC9��^î@�d�4/=�0v^�SzۚJA)DZ8Y�vD5tW^aWx�4
ʏ7v}�1�eUe
CO4@
3�\�,�#�ƴ2�b㡮RL(#+72�g@Z�. C R`hY|>搎Y
�P:ʐ�1WxArfȂAgYVF
̉ ;Yo!2�P�hr����ANY�c% $�E�ߏmƆ��5#��hV-荶�PʂI@V
�fRY H�]�c��YR/�եb�Y��b���À�"�9������'}XKja�� <�%D�$ �� $ 3KI�`�/%IQ%-T_E�d�/,铳��m6Y
�fr�$�_F�~BUriCU���)`):6�t��T_W6Y` H }0sN\��pC0K�.5pI�7L�~_DڄL#Eqn(mٯ\Dzv�]g�KN/,ө(.qư���QOjރ>�)nE��KZ�e5� :��׳>�� X�8 ��
�4(;eX ��8D{�,k�G
ݕb\Sv��K�̓NЯ�K�ZeΜ;�KMWw�q�E
ojjX[�����ፑXc�$l��Zp=Hx.]0\֢&j@gc!nR�mb J7'uRǠTźRIa`�. 1XfD�o9>/
�w0�+iL6
E ,˜P[gb.ŤOh0a G�g9@ㇰh#X-L[۹1]=� c{�5�̖\l^,_�Aj/8�$d�,O5̻�f�I$|�o~'
fw�\E-+jjR�$:"s|ن/\wmZ.Ռ%.EBX0�%EYX[iET�PvDeȻ��3P2mï�0 ,U^`(f6Wշߣ6��llUmˡ~�l�bMl�"��l
n)�k�Xoi0-*�FVlN..ugp5�փ]�̰cKANo�
f5EJ|oM|;G�
-*v~vxDշvaD�f�&z��
\9�Q��_$"yb:h�t
���cxvj$s��#Op�ZL[�1IQ蜉 1#��4|�i%/Hq�.X�gr-&v%h1,}PG�0�A} _$4y�ZP{l
�8|+.a�p*��c�靆)�V4'�
nY�[`8l>ϋ¬
{WCsWQVF.е�JY�VC|_~�QЖy���d^d`hRI/N9�ZHc�c;3yOC*Θh63PU[X�ko�Q�h<�A�W|`߱�-Pcp�xU��
e�o_Kݪ_:�cysߢ̉`�x2�vLӲV뿑$~W�1�K�7�A1Dkb���@/]j�8}L�t3M R^�#�J1tq*{o��,R*��
�j�`܀W���¯ţ6VRP_xEė��[ ,~1h�f8#�:-BRo!nz�Ez?x�T�&ݥ1e\?�\ǔ�Y?6�`n3䯫v16^sf:2U��S
Q�? Ofy^;�&Ȥ#>y<:A$H�դ��M>id�07��u�D䰬=βh'.K�tZPN|l:
�U6^gyH�+XQܻ�g~@�(j��
�#��!;雀;UlX~f~�rpǏ{a|-|'t(UNsqE�v >6i�ሏ]Y��a�
C^(���#K��&sϘd�Yhk�j5
�A�^�vyJ->"G@�� �*"R�6./>�1?1�B,�Tw\&G6Ë�/)qy�wYk��t6WqNfAfQȢi�7(�\�sI
RCeb?]CttEkc"]N1x~��[OMεֈ1p*B GUٜ�Arj�5zS
o@�*�Z!֤�F/2�Z�k>9;>�4>)fF<�@�&�8`;�b3<�VڹBq��1yK,y�-�J8sS%%-z�T�@E=-sP]"Z}4֡:
R�Z** 6=;�
R!�}X2y3 �sF�%0Y.SG� ň�6�v˳=
q_a-
`{�l9�c;jV]K�$c붍u8lh�Y?~]JD߷j
�>d�g��)#-:s^`#�i7t��6 t�|HH �-gw~1~$jsa�s))Cb|oUZ`}m-+J5&V\Hb2+":;I��f�$皭٦v� l����T75濽#be+WӨ4�9�*�f=0�D)kTxt�Nnֿ�Ĥ|͈VsZ�ǦNWFW2hƐ @>��p#�S�CR�,6$A�.�kp�>ap�
)V>V_d}exp'ݐJ"^�r[jr�YY2tB'`�7=��8cK��U�3Y�(juP9'�F_
�6a^zgZq1NG)L�>A�}!1K=�_,�Ⲽk�3di*k!r�߰�VI�m{$7��[�[iUꊍ\H��R��܁`N�v=CsA.7`оU #,P_����z:�}GL��ڒs��<�5
r7wOmd r�`(QL,Q�]�B(!�in�~PHe� �Ft8Z��3�)�Y⊌F��2*mM]/>nrnb-i`Ik$l��d
�D=`'�dlY�1b���Nx
֭��ix�fc�0|u�[?� T6CĊ�1�gKi>'_A�|N�$ZڝA�3
"P�V:�
/���
s�!�L)%n67X6`_ffԟ:`���Xc�+w S��}�V-x��ǯOqWyF�&hfBKl͒w~�6t ^-��pV#ߛ�iw�SX�Kmݜ�(�8���Z1)t��/H�xzsb^[ �z~�Jb+
=�
=+a�h,6 s5{(�:�(%lGyї�U�1o��Ll��g�y�w�Czy'8珞wZFQ�d�3ˌr'~F'(^~�/2lfO�f�,@n�}@n�}7�.g7?�D�#(?@?2ʻP(�K����^~e+�2�>�3��
2o+^�C�}Y�>�>f�oʁo2�ڿh�&s$eCP̐�.N�pN2˹I�+/ޯxe}�mxZLظ%poQV"�#�<5 rj1��Zq_g�~ug=:!�ڋY>Yү+x=s6eB�g`X`$;"7�<�R9^(�ohعkj�_wCtN
W{0�"ބݼ7Ԍn�@R'b$UJZR[TJ=��æ�DD���2R(�B]�,U+r
0�XT����^9�Q(Fuo*K0fy�=v̐g�a��0V1�BDO"�҉KFݠwޔ�
ۼx�[Tsc;Ӵ�ގd�@��V,�(�s��[]F%�l��B�#V���g
M[Po5ǤK�4l&�Kl͜M�1vK�uʿ�.Г�pY� ?�3ʕFq�M�hdգwh9ĉŴ)9P3�l1@x�L�z�jx*Idp!gBҫKdQ��x� K�Q,i̔B`u
jד0[n%c�$Q�#ղErdy0+l>`3E(s1>r>�0�lu�^ӲЋ_[�ǃQ`a\m�8L0I�0�q�0YMA��6M�Ίq]Vq98M�v
~gw=m�Ĵ�`5⣭A{{קFbkM�`Erb9��GM�ZCQ辀D#byy�y9qaE.�_waիAǀJq0� =]pz5uƱ
D�qgŹQœj@@|vla;L�B~.�TÓxO
��`��N,M�aџ
VeF`�]7n�BaI��´�-�9�
56'�n��~4'i+-=x��=
�94Id�`)7uЃ=���$>}T.Q
"�*kH�*s�{D�|%Є'�{�fBM�'K�YN�Ǧ1e4d,<
�Bs
j$!vz+2�jԱ"tH߱��=M,�?h�PxUE0H$=Cf�Jc��{Ơ#)�e �hDmzDd��tV�Ζb'/E1^R�s]1v�-VAO=SY,�> N_d�v�O~5�B����p|"���DϷϒeLU"z̴Wvz�DakFǽ%�}Ya ��v.~cpFʪt\5/bPJrHQ`C>��~؋|!OG
Ͻy�H�(t��FIg`S)^ ���ML[u�U|ٱs]Ә1J1А8v2�OA#D6h2֭ �k#�
#&�
<�wخ;O�q^G�d�d��9e7}pe_��ԕM`g#�~,��V[��œA66\s=b�0[|�%y=0z�&_e%�\i �kS
6-����`쎈me�y�eV9DR�*D&f
,����~93Zmr�xgs�z@NDqH'@vx�mm<^<:y,n�E�Ofu�ݍ拑ezӍx�* ��A��VJrX}P7):�OOg�sZ�M<��H�v� �@75`��=Hl�_3(|9N�RiãÍ�X�Ǹ[�(�Qy6 <ЩBAC.vf]�nFQzڰ+`
jz®":uY;D,5R?tP.9˓�0�
��u&Sǂ!w�a+cPZXjcL1G?1�wMX�+0_�9�2lt*�
X>�ˣŬ"D0Ȯ��'Z:psh{h۟Z�THهl"~�&�,{+�нT~pFK-^8a�>��"@�\NDN<<�Sf}#)VSL_X[�_,Q>I"g\`�ʂ].˛���Byֻ�Hgn��$�khv�V�;~v��?;w~k� a�
ѰT\��ߴ;�G�O{��,�Y~KO]>\hI:V; AcV]"^ֳ'��~c Wh_`<�
3x�L��
4ZQw�N�VtƢ�I:6pzrX(Պ[]jv۹�f۲M�)
d.%r�R�b܍Z)M}j39V��2k�s�q�>dgLp�-�αeRZ`l/Z6�4`W9 ��
|
Network Security & Hardware 
