|
|
|
Symantec Sees Rise in USB-Based Malware as Reports of U.S. Army Ban Surface
By: Brian Prince
2008-11-20
Article Rating: / 1
There are 1 user comments on this Network Security & Hardware story.
A reported ban by the U.S. Army on USB devices underscores the growing prevalence of USB-based malware. Researchers at Symantec say they have observed an increase in USB security threats going back at least a year.Researchers
at Symantec are noting an uptick in USB-based
malware as reports surface of a U.S. Army ban on USB
devices and portable media.
According to reports on
Wired, the U.S. Army has banned the use of USB
sticks, flash media cards, CDs and other removable storage due to security
concerns and the proliferation of the Agent.btz worm
a variant of SillyFDC
that spreads by copying itself to thumb drives or other removable media.
Read more on the Wired report
here.
News of the Army ban comes as attackers are increasingly turning to USB-based
malware. In Symantec's
Global Internet Security Threat Report Vol. XIII, (PDF) the security
vendor noted that executable file sharing was the most common means of
malware propagation in the second half of 2007. This was done by viruses and
worms copying themselves to removable media, according to the report.
The trend has continued in October and November, with each of the five most
active pieces of malware that use the USB
attack vector increasing in prevalence. For example, VBS.Runatuo went from
roughly 2 percent of sampled malware on Oct. 1 to about four percent Nov.
12.
"The jump in this particular type is mainly a result of malware authors
being opportunistic," said Marc Fossi, manager of development for Security
Technology and Response at Symantec. "We've found in the past that as a
technology becomes more widespread and used by more users that malware authors
become more likely to take advantage of that technology."
There doesn't seem to be a particular group behind the increase, according
to Anthony Roe, threat analysis engineer on Symantec's Security Intelligence
Analysis Team. More likely, Roe said, it is a concept that has been
incorporated into more malicious code because of the growth in USB
use and the method's viability.
"We don't have any specific numbers on USB
device usage, but many people are using these devices to share large files that
would take too long to transfer over the network or are too large for
e-mail," Fossi said. "Also, in regions where Internet cafes and
booths are heavily used or more popular, users may store all their personal
documents on a thumb drive and plug it into the public terminal to upload or
download a file ... It's similar to the way many of the old floppy disk viruses
used to spread."
In a blog post, Symantec advised users to disable the
AutoRun functionality for removable media. In addition, businesses can set
policies that keep USB storage devices from being used, Symantec officials
said.
|
|
�������x}vH9�Nj>�!q]P��\f6�S�"�/;/ξ>Fdn�RU=[.�ȌȈ��Iș�kBܤdwf��]zg{oHRcg��?B/92�uB4=G�RFf��өS7�?`���(V;Y|�%x�_'Щ�ѩ�dJԯwlB6#͛R�x>҈궫m�hK�@Q~daFMC[ԗuPU}V(��~h�U5=Ӱ��Ne[kPQTP?]tN/s�(Ԭ[08�}�U=铋;yظ} g �dm#5��UE`R�8�y_�4S�::y\B^�,9:GFI?l;|#ܲ_/�P-�]jz[츆Ga`%�pfQ>2Q}oE}uyI}|zti |g9̠T
PAfPKe+��ЩZuܜn9n:�MtHs!+|.!�pgsZ?�L`Ck']IXCy�C-0
ϖj#3�?_ԇZGgcdx,˭~~F��黚�-4S�9�}1o�%? ,�+���k�3F��8�X@/@ש#W4K�a�liJ�
�9B�A`�ܸ玁R�49�Vϡ�8蟩$W�m�4�@r�=ذ�1�"%̝�ߨҞ6.`qz/��(A/�
�5|*\(ٛ�"K�;�zl�U��"ʥ��c�p��UTһ(M�.k8�>�]7Du..*s5-w:r�E?ĴT֤qn-һ^5?aD�f�",�$��MmsQV#J�,�KP����@8ʍ�/?�1B��e��GtM?y?�x`�贎�;mF_sgtdgfY9z��4$�AC62^,zK5}j���>'ݰä �wXxؿ\�c�O&v�/|�\1�<�zN��=H�]6(Zl׃$&A
ϛ�̀��s%08{�ɝ�5�zy0�ݻCiy`y1�&=��դ�; �Tg ,�u]=
�w@�L�߃1�#i
�L<�ĥN }p�(~9-WR��;C/0tKt]JI G⣋� 4.g@)AH �=k����m��99z���/~'~rGBJ�e6O�s@PGҙ=�JP.�̈́R��Z
z)�3ٜ��ʬ$1M&힟u]_�
#�m"0�%X����
-gZ
X��usV+E�6
��?LB{Ė~�}`H\P9aC:�'߅#b�7v�2g�N@/p|WY� �3EDVhdF!Z!
= Lw(V�T w^;=�=PgaE8F<�b5k%6ox�"=hqNSОBG9z�Q=/OJb-yhjjj�I�{ۥa]hk%�\��$74�BjNkNQV(R� �d�sqŰ,B�m6\�Fx9̆~:����tq7RTȅjzS#S�ModV+�zZTJx[6Ù`�aP�e)>6 [IF|x�|���MK6("==r3|6Ol?}���]0FhPz;�ܮ[M.G~g^kx1h'0N�cm �+R_�g?]I0�K��lcSxt(�b*��ZAU�K�+[^>�F����]h��!.��־7)�X@�P AB�aϖ}V*Y~b9'�
_ќvz"0�v/aOT5)ŕU(jls3йtNsl �A?9dN H��k�93
�NQ&g�`�W+Y3ߵfwṛ:u�߀&�l@q}a��A��Oowڣ�07$pkcVg\T`uրDj9�a�]&c螬]M~ϜQX��K{Tޫ1�Ze�R/(SYMq'&F.҄^6N31a;G6}l;/��i�)ր
kEXqkTV�C\�X��5ry%�&Q
j��ɵ3q�ŏh(5rHG!I�(uO(%ťj4�j�1BoE�D\t[E5#�
��l⊖IJJͅg;gkH?"�B�55�a2��O^�IўA>|2b6
��j+jBgY"p0Nos�-8َu�6fF}���`}`F~++*$Ԛ�kEI=N����h0iAtA�*ľ�E�.CGTTS7=5� �G�L)߭q*�h��UIPT�]�;_ s�sc4��q=C IR{P{Dw),E~W9ހg�|R)TU��d��K<� �J�;!�O}+�*<ޣ5���=a7q-�<9t1���=�aZ��aǰ�ZXa/���㘌4{~y�~Pkݷ�S(
-��$P�x~+ ���]ӧ�{��Cal8.e:w~�JpiO�HQe't<}>A#WiOew��u�i�f��kea_KKx��fqïR�)��X|pսhI6?�pȞYU$(��X�N��$Qߵ!s^i {{l:��+^a�<;k��F��!�
�usй�_>u!CrֹhK^GKQ\MC{�R‥G!hUHv*8��2 6MF"��1SW5!麣42lzE�@Iy˸tZ+,�r�uXs!�}�=�ɢ뇩h4�lꏝ�0
�Bf/��?|CAj�y�P(�
�� k@JA=�Vohuzga�{mE�
����b�cA�HF�rI�=#�ijV{L�$G)��_(ί [Jҷ�o@W蘧Y;D{_q-��=�?EU��j':Hl���g�4|칏A$��rz 0xc�|o}-H6Ծ�N9 Sc4V)fT��XSao�y�0;Ʀ}�8@!ѝR, q?Is6�uYԺ�[&�̘#pA�:%Ii��B U5ey�e%. eH5NR�MLE]�OE/�$$�;�)Z!�I9[ebsa�6mn3μ�K:�n�+�̃ ,-�Y+Q$/i\A1;ͳ`"�,G7Dh�<�J[LkX!*Vj\�Zr]H*'?v�Ãb.�̔yxh'($r@N~A>?W%{ݝY��h푎ɹ���p
~'ac
;eΫ� P|�u{�{eB�s�?݁EO6t���4diwDm79'y�V7N{m^X�FC�f/ݷ?~vcW};�>-l-8t�ǠC�R�#ۉ1M&�$(j^VPWdE)I�= �GG#�~`q8-8��a�tH_l�ځ;�-�3(�-m3j-u2{K�L7Kx=W<�cOw42]awmK�M݅mJˢz%nwQh�r;ث�ًJ*QY(QQ�#{�"F7{two��/Eu�oO&&�mq4W-3�����'Km�x;ixma�.ҳ6^�(R6ww�7�}Zy�obz*��op'a@�n��dB1=�Y(�8��nB(Q`),O�Bj5�Ŏ%`�o@1�S O�4Z�m,J�t\fT�}/�"( uM�&Z!��w8M6e��9"@�/P;#~أw�Z̔s}TiQ�A�7YΊw܉SbjZ*䨱$QDx+N.&ŕBC9�-�bM:97/8Z3&ًc5ޭ?&f;�B9bNEEQi�_3ǶH=Vz9Ff4;'�D�v�u
`g6�e3\�Gx^>:3A 3?ܞ��pxޱ&Qbyeƅq[-|c#]�Ʋl�9#Xq~D&~�Ɨ�ず,-��؋ؠu�BG]ͪ+b�߹mg%�yه�1FA}����Kg]hOY59X��K���ӵ/mo:mW:kY_,*,�Y�)?
uAj��pX�`��N�Ŋ�N&DL-dW@��76w�U1ֻ7� )Ə�fښ�u= ���S��naǼ"ayyE+~[��Ğx:N�"ثM��q�Q2q��<.$դL^tG��Lb)��Lr,J:A.ˮ�h��}ʮGD3a�t^��7}��D{�y�Ϩ�UKlŕ�Zۧ�H{�
47�mg+KZ,#��KDߖ��
Pkg[VPMY:�fGCg�ݔ:}�LE�?n�=��pYms�$&1nlkN�@?J��$K:3,:w2&ID@�mZ4��k^vZt/>�^Sݙ[S=���xQm$cB��gmny�@ �%�Ā���s��ƣms��hqw'w'w'w' �4�tBYNS h"� ckp^�{s�k
/wZί(}�x��45@� �"}v�4L&Ģ%�mސ7^��b|ɗ bt|WĞI(�{?SU$D`YM5�Fx��k�mdo8�7�-���H[jKBO�۰.au]!O#C-�
��Mȶ=q7}ilRO;RƶID�UXL
VXomL�PFYнwxE1Sχ]ojPs�IN*SR'g�ĠDN#�
C(nMpb�Ɩ�6d]?u7[Oo%�p(Uӝ�V)L^P"6V0 Fт&`b�;�⒊jDM`&(ፒ _~��(��0,��2MCr4��/
qC~qxRIDt<�5ɾ|�9�h . BlC7ŵ_�קI`ᡯ�>9u&�kJX5UFz=ٺ�W^��͞\aȲ!ٞKx�Jx�s?}+$�1b IA�W�藢@�76|:;Ԣ�>��\bD=�xdφt�~#%��6*偋�췧�I@ϣJY_
tߨ{Ѯ����+
1.{[ �X#]^iQm(CtcG;�wit�XBQK(部G�nŬT�VN#8՛uYu_l��w�4yDL{b���c �_`�_gû^25-e\4=߱�4L��H^�&�ɸa=y<[M�ċ,�O85�W�aM96۬7oM��|'%4^"R7�X8�scuߢL`x2�l7<7;�hOנ&�>i`��!Z�z8R��~�xr1HBv114@
aD�glǏ{C1Sc^1tq*{o��,RL
{jm�`܀79��¯ţdR?�n6b%���s>1,�3'!i#{ȭ�n�x�`1�^ �PAg�t~D)Lc{G4+�\0�v7Dy��uM|x�#o�?.%Se,,1
ǝ��1sl,ǝSTC�N.A$Z�e���M>r~�x
F@ ѥ��[E~��ziRЃsʉmO�\x#NUq`2B�X�{H8{$Uc�PN9Q9!$�ٷElX�Ae5F?P٦I]Ǐ;}B�%LDrX�v
S|@�ixl96ve1h}($F�y�B8ʣ�w�ĸWAl"IGñ2xS]|�o�[���aZ�/ �[#r�d! `B�o,"Evya5`8wQ�mIb�Kf\�,i�A潠E�Y�Y�hXR�16\R=ja_Y-OP/y��]ZX,:Ȣ~eL<^^ASç�i��o
"�r*ނ0H.uPc�_P U@+Ěh9^�5p_?YM13bmC5�0Y�f|���bUk�_ںq��1yK,]�杌fnTew
fݮr�\S� p찄?1D{x]BÜ��Э%i�_V'r;;�?|W}ybJM-TZI�ܥ/��ac@!xr3=ܘEJ�\��ꓱ�v"̭5jX$0okH#;X*ၧN�
c*�>"A�d2�g|2\�֢@k��+��
w-kx�zi��LA�
���s�6g_a��᷍Bk��,l6�Eg+vd"mnl�r9՜�tg f@>#Ժ3\B+�1/6W��l1N�V
HW�lfmmYQ16�B�ۅ]�aI=N��f�HN5K�m�@Xө����N__J1}#WӨw�oD�~d#nO5~·\QC%�Kk�L�e`Mh%&MFRxw<Ƥ�O#UP�0qB!1
\�T#Ѝ�B)˪M;oP}wY?e=ta
�'�if�B�V}{�N5d-Ã;z�|U:�Qi|%wҹf,ќ�y#:�&yM
�E.�NoJuOQoIgn4��}X ��Pm¼ϴHbSx�#r'?�\qxc#�k
3`w*K�_�߰�,VI�m{$7��[�$~r?Z̅DWC
`�xG >�FY�~hvEwW=��G{@&#x��w4q.=�A{9�tX@# )z�l�+Ja 3uݞ��:ҧ6V�hco>zSH{)D|1K#!+EA��H3v\~7�.zB�";��'p�p�\`qr�@K*+2&�B�s�8���79w=_z=&nń[v��#a� k(E�$�TdemDR,Yn0�鄿aX9�Biq=r�633^�jG>u;LQZj��*�!b3wإ4ϓ/ ,^| QW hX�]N*�@���`g*���
s�n
Ddؔ�t767p>�9�=xldF
�c{ �Lla`t��.¸t?�͜C~?]_:姕`r�g�p͒�j��:r�tT�
{b8+M�5ۃӟ{,ȏŶnN���K� R~Lb
]�4�B0hp �ۯ���zgj螌���@�h),f,�])B9x�Ե�>��|�+R0cE)��t'x1nVH;�z�+I+*����9I͑1;}�*w7tmx��u�1u;�1h^^}&'+$'W6]�:N�Ϻ7x Zѷ`+dsm}>^~>\/:�\pa&hD晶���˙ǣ,�
rr�M�d�D~R(/�* /:�Ll+��5=VԊp�:kxu3�K_
�ۣ�Σ&n}uRؙzIcos���@1@C|
k{5��6π�2?Bnj_+(J/?n�63ʻP(GN輪�vF1��}N2�!�:kv;\(u2EF9\c/3N/?�g�akg99?ς�=Ϡ9<>y��y�y(��_|O�P~Q7([F9g^d�E\]d_��O7CtAt3%e�\BˌW?W��{��^�}~��H/�OP)�'ߧ�@MV9M�@7��d_|y�ʛ�rּą)�QFy98r�EV*SV9,.N2p�+i@L�w%<ߔ[nNJ>s\ȜH42& i3Ĵ<}b><&E0_w��ݥ,?�;H_=oSf@ @9:Dw�MAw�7/[�S�/:)7q{Z[��\�wڝGfU]2"X�;Yo�)P/�C�I:y}2SgفKh�/+6�:�6Da3[� ÈC/�s
H8t5�{�zY~8ݯA}|}fO}�vHy6l~h|V/O�q<1sbYu8��%��� ~�H-M�ԳpNP�دhعk�kH@T�&7�qPom
DǝmO�F�40Nr|(UJZR[TJ�
L`#"8tg@1TTY)ȅ���6�V
R�`"�
^�x|D��ei櫄:��Hs豓<�+L�а-}?�"z��.�xѰ5
VƼ6of!9^0�&X<�g4#�(�2�ł��E�%���;+Dmc`|J �9�c��|L:Aۆoj/�cK�m[?�lc�6Гi)&!Xfd[,�9�&Qn
42F;(D�o>�?g b0{Ls�zJI͉D��r&ߢ5zOF�����2A�-4SD�5]OoV!ֈ"VL;V!g�#�Erd|0�63H��R,��c~@G���~�a!rE>�O^Pvox6-H�nn���n�ӗ:�iq:��`ưxUoKML^`��0bsa`O�*y�Oq���Azflik۳c�XS1wUW�-DQœj@@|Ķo��2<�ì¤sad�g~�1Z>�+�0��{IB�
n`Z(>/A>3��{b\='G�̄08E�;O𞥕/]X���~؎|%O'
Ͻ�HO(t��FI`R1^N ���,NN�Kt�U|ٲsh(Ŭɶ��x
�S��~j^yO(�oݒ�k\�)E`0|4ae8Σap멎ml�gU|��J��A1Z�wK:��9-�cY0 p,�^f�ɴ�!(߄ �0�>胿��A"+1��<&�7o�ߟ�2%�]�)( �6/^&
pWa!0e;1MP`xOΙɎjS;�[�r$C�<[_�ڵY�oc3gz��3;��7x>;v�̇MW�ek$\�v/-�G��_ږ+ꃺYL1e~}<3�ӲG(v",@zSqyt��H�X��($
LwnW]�.*ZF��+25�cVBT
ȟc��t��{a˟�lہQ#6l\-`
jzmEtj{~xm;�S{*^V#2�
H�TL�x뤝9M ^ �
�=[=�܋;ξ1��N|0�Xg4ݶV�ed�g)C2^#s!�YX&�7DɶV�/kti�D)Ѱ0$L;,lyE�E%%���ØrNCb
~
f�$fx�E [�RjȒ
19,O�xI1%h3lZĶq��y46
���˱�*� 3�.^SĠ�/սA5F�EylT$©B=�3B$O>jOc�V\3zf7Z�ЎkzBOm��\W��5�4Ƙe>8\ܻ��
��X=`#hxj�Fy6:|���,%ݐbV�S"N$؊rq-�9�9N*LX6�f?}f��E��@ͽ]�^c*a78&�ah0�Exy��j�Sa2��+$YQwY�X��ip�0�'g�+FRq�OT||8�(>u"345�5?~^_E�e鑢%!^I��B,K�{ju.>_zv�C&ȕ/�5F�oU�Ap"gVcq$⑭7~I1�u5U.~T+nt;�o���F'ah(|N!VKq+n^~)M}j39V�3k�s+q�>dg�Mp�-�α}R�Z`'m/Z6v�lak)��
|
Network Security & Hardware 
