Security Market Segment LS
Wednesday, 23 March 2016 17:50

USB flash drives load malware and steal data


One of the oldest pre-internet tricks to spread virus/malware was to leave a floppy disk or CD around with ‘must see’ content or programs on it. This concept has migrated to USB flash drives given out at trade shows, posted, or left around offices.

ESET,  a digital protection company, discovered a new data-stealing Trojan malware called USB Thief (Win32/PSW.Stealer.NAI) that affects Windows computers.

USB drives purporting to contain valuable content are infected and generally salted by cyber criminals around victim’s offices. This is important as the USB device also can collect information – the computer need not be connected to the internet – requiring someone to repatriate it to the cyber-criminal.

Once inserted, it uses Auto-run (executes on insertion) or shortcuts to get users to run it. USB thief has been found portable versions of popular applications such as Firefox, NotePad++ and TrueCrypt but it could infect any .exe file by inserting malware into the command chain via a plugin or a dynamically linked library (DLL).

It doesn’t leave any evidence on the infected computer. Users can have their data stolen without even noticing and without being online.

It also has mechanisms to protect the malware from being reproduced or copied, which makes it even harder to detect and analyse. “It seems that this malware was created for targeted attacks on systems isolated from the internet,” comments Tomáš Gardo, ESET Malware Analyst.

“Because it is USB-based, the malware is capable of attacks on systems isolated from the internet without leaving any traces. So the victims don’t notice that their data were stolen,” Gardo says.
“Another feature which makes this malware unusual is that not only it is USB-based, but it is also bound to a single USB device since it is intended that the malware shouldn't be duplicated or copied. This makes it very difficult to detect and analyse.”

How to protect against this threat:

  • Do not use USB storage devices from non-trustworthy sources!
  • Turn off Auto-run – but that will not help if you click to execute the program
  • Format all ‘stray’ USBs on a sandboxed computer – if you don’t need the content
  • If you suspect a USB stick use it on a sandboxed computer with no important information on it
  • Be aware that targeted organisations will require someone to repatriate the device to the cyber-criminal. They pay well for this service.
  • Regularly backup your data
  • Ask your organisation to implement policies for external digital storage devices to avoid information theft
  • Warn colleagues and your organisation to carefully work with USB storage
  • If you have very sensitive data to protect, protect USB devices with ESET or another antivirus application that specifically checks USB drives

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinatrs and campaigns and assassistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.



iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.


Ray Shaw

joomla stats

Ray Shaw  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News