Windows 7: USB Malware Attacks On the Rise

USB Malware Attacks On the Rise

By: Sean Carroll
11.04.2010


Malware slips in via many weak points. It can come through e-mail, drive-by downloads, or ill-advised clicking, perhaps on a misleading popup. Increasingly, it also comes via USB devices. In fact, according to AVAST Software, 13.5 percent of more than 700,000 attacks recorded by its avast! Community IQ system in October came via USB.

The main way that malware is delivered by USB is via the AutoRun feature in Windows. AutoRun is a convenience feature that pops up a dialog to help users choose what to do with a USB device upon connection to their PCs. When a USB device infected with a particular type of worm is connected to the PC, an executable file starts that begins downloading malware onto the PC. This malware infects the OS and can replicate itself each time the computer is restarted.

The most common devices for the delivery of such malware are, unsurprisingly, USB flash drives. USB drives, in addition to being cheap and ubiquitous, are a security admin's worst nightmare. USB drives as the modern sneakernet in an office bypass an organization's gateway security, leaving defense in the hands of local machines—hence the need for adequate endpoint protection.