Theres a new crop of malware spreading through USB storage devices, reports security reporter Brian Krebs. The rootkit-style attack worms its way in through a security flaw in the way Microsoft Windows handles shortcut files.
Microsoft released an advisory about this vulnerability. The tech giant explains, the vulnerability exists because Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the icon of a specially crafted shortcut is displayed. This vulnerability is most likely to be exploited through removable drives. The advisory also includes guidance for those already infected, as well as some preventative measures.
Malware stemming from external drives, like USBs, is becoming increasingly common. We commend Microsoft for steering its users towards remedies, but prevention is still the best approach. As Krebs points out:
If this truly is a new vulnerability in Windows, it could soon become a popular method for spreading malware. But for now, this threat seems fairly targeted: Independent security researcher Frank Boldewin said he had an opportunity to dissect the malware samples, and observed that they appeared to be looking for Siemens WinCC SCADA systems, or machines responsible for controlling the operations of large, distributed systems, such as manufacturing and power plants.
Looks like this malware was made for espionage, Boldewin said.
Are you and your network protected? In order to be fully protected from viruses spreading from USB keys to your computer, you need advanced offline protection like Immunet Protect Plus.
Immunet Blog
This seems pretty scary if some hacker buys a bunch of cheap USB Flash drives to infect them with viruses and throw them around town, so people will plug them into their PC. Once the victim plug in the flash drive, their PC might be infected with a virus and controlled by the hacker if their antivirus isn't good.
It is pretty weird that by just displaying a shortcut icon. It can infect a PC and the file does not even have to be opened by double clicking it.
Microsoft released an advisory about this vulnerability. The tech giant explains, the vulnerability exists because Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the icon of a specially crafted shortcut is displayed. This vulnerability is most likely to be exploited through removable drives. The advisory also includes guidance for those already infected, as well as some preventative measures.
Malware stemming from external drives, like USBs, is becoming increasingly common. We commend Microsoft for steering its users towards remedies, but prevention is still the best approach. As Krebs points out:
If this truly is a new vulnerability in Windows, it could soon become a popular method for spreading malware. But for now, this threat seems fairly targeted: Independent security researcher Frank Boldewin said he had an opportunity to dissect the malware samples, and observed that they appeared to be looking for Siemens WinCC SCADA systems, or machines responsible for controlling the operations of large, distributed systems, such as manufacturing and power plants.
Looks like this malware was made for espionage, Boldewin said.
Are you and your network protected? In order to be fully protected from viruses spreading from USB keys to your computer, you need advanced offline protection like Immunet Protect Plus.
Immunet Blog
This seems pretty scary if some hacker buys a bunch of cheap USB Flash drives to infect them with viruses and throw them around town, so people will plug them into their PC. Once the victim plug in the flash drive, their PC might be infected with a virus and controlled by the hacker if their antivirus isn't good.
It is pretty weird that by just displaying a shortcut icon. It can infect a PC and the file does not even have to be opened by double clicking it.
