Slashdot Mirror

← Back to Stories (view on slashdot.org)

25% of Worms Spread Via USB

Posted by CmdrTaco on from the to-your-mom dept.

An anonymous reader writes "In 2010, 25 percent of new worms have been specifically designed to spread through USB storage devices connected to computers, according to PandaLabs. This distribution technique is highly effective. With survey responses from more than 10,470 companies across 20 countries, it was revealed that approximately 48 percent of SMBs (with up to 1,000 computers) admit to having been infected by some type of malware over the last year. As further proof, 27 percent confirmed that the source of the infection was a USB device connected to a computer."

15 of 190 comments (clear)

  1. No, really? by oodaloop · · Score: 3, Insightful

    Since pretty much everything is connected with USB these days, is this any kind of surprise? Were there any worms spread using a serial port?

    --
    Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
    1. Re:No, really? by DrgnDancer · · Score: 3, Insightful

      As someone already pointed out, it's faster for large data transfers, but I don't think that's a majority of the problem. It's mostly just convenience. Let's say I have a presentation to give to your company. It's the same presentation I give to every company that has shown an interest in my product. I could e-mail each and every company a copy of my presentation before I show up (and hope that the person I e-mailed it to remembers to put it on the presentation machine), or I can carry it on a thumb drive. Or maybe I was working on the presentation on the flight, and didn't have Internet access to send it to you. Or I'm a tech support guy who carries a bunch of diagnostic tools around with me. There's a ton of reasons why people carry these things around, speed not a huge factor for most of them.

      --
      I don't need a million points of light, just two points of multi-mode fiber and a 10 Gig-E router.
  2. Surprise? by Joce640k · · Score: 5, Insightful

    It's only going to surprise people who thought nobody would be stupid enough to enable autorun by default in a consumer OS.

    --
    No sig today...
    1. Re:Surprise? by Jedi+Alec · · Score: 2, Insightful

      Honestly, that has been annoying the crap out of me since the very first release of Windows 95. How *anyone* could think that is a good idea continues to baffle me.

      Then again, turning it off for all possible devices and situations is very satisfying :)

      --

      People replying to my sig annoy me. That's why I change it all the time.
    2. Re:Surprise? by Darkness404 · · Score: 3, Insightful

      Remember the days of DOS and having to try to walk someone through installing something through DOS (with a CLI mind you) and how many people couldn't just type the drive right? Misspelled Install every single time, etc?

      Yeah, autorun might be a security nightmare, but its a lot nicer for anyone who has had to do tech support with clueless users.

      --
      Taxation is legalized theft, no more, no less.
    3. Re:Surprise? by Jimmy+King · · Score: 3, Insightful

      While I agree with you, this is unfortunately not the way the world works. It was more profitable to insist that everyone needs computers and that they are easy to use and require no training or knowledge and would just work.

      So now we've got a few people who can't and never would be able to manage that who have computers and use them daily. Then we have a bunch more people who could manage that, except marketing (and even some IT pros that seem to give advice based on what would be ideal rather than what actually is) has told them that it just works and they don't need to have a clue what's actually happening or how to do anything because it will all just happen for them. So now, even though they could learn how it works and how to do things, they don't and are convinced they shouldn't have to and get upset when something doesn't just work, trouble and risk free.

      The best solution, of course, would be to get it through to people that computers are actually not simple and are very complex and require some level of understanding and research to use effectively and safely. That's a lot easier said than done, though, since no one wants to hear our opinion on the situation. The ones that do want to hear it likely don't need us to tell them.

    4. Re:Surprise? by hairyfeet · · Score: 2, Insightful

      You've obviously never worked tech support. Trying to walk a totally clueless user by phone through installing software can be a fricking nightmare! So yeah, while we can see in hindsight it was a bad idea, at least on CDs I could see why they did it. BTW for those that have to deal with clueless users by phone? Let you old pal Hairyfeet hook up up with Ninite which is a fricking Godsend. More than 90 of the most common apps, including Chrome, Firefox, Flash, Java, .NET, even free AV, and all you have to do is tell them which boxes to check and then run. That's it! Oh and for those working corp they have a pay version that sets those and any other apps you want on an on site server to save bandwidth.

      And for those that still have XP boxes on their networks (which I would be switching to Windows 7 right about now, its better on security and really stable) allow me to give you the reg fix for disabling autorun. Ironically you can point an autorun.inf on a flash at it and use it to disable autorun on any PC it is plugged in to. But ultimately I'd say the problem with Windows, or any other OS for that matter, is still PEBKAC by far. Just look at how many clueless users would pick up a flash drive out of the parking lot and plug it into a PC in the office? Hell I still get one or two a week that fall for that fake Windows dialog box on websites. To quote the Gump "Stupid is as stupid does" and anyone that hasn't killed autorun at this point is nuts.

      --
      ACs don't waste your time replying, your posts are never seen by me.
  3. Re:Big surprise by gstoddart · · Score: 4, Insightful

    Hm, software vendors put enormous effort into preventing attacks over the Internet. Did anyone really think that virus writers were not going to find new attack vectors?

    How is this a "new" attack vector?

    Microsoft has had auto-run on things like CDs and USB drives for years, and you usually need to turn it off. Otherwise, it would happily run any old shit you plug in without even asking.

    When I plug my iPad into my Vista box, the auto-run dialog comes up and asks me if I want to either download pictures or open it like a file storage. There is no "do nothing" option, which I find kind of amusing, since I've usually turned off auto-run for everything.

    I'm not even remotely surprised that USB is a popular attack vector -- they're the new floppies. Microsoft has defaulted to "easy" mode (run everything), which also happens to be the most trusting and dangerous mode you could get. I think this was kind of inevitable.

    --
    Lost at C:>. Found at C.
  4. Re:Big surprise by gad_zuki! · · Score: 2, Insightful

    >There is no "do nothing" option, which I find kind of amusing, since I've usually turned off auto-run for everything.

    That's not what people call autorun, especially in the context of USB viruses. Autorun means when the OS just launches the .exe listed in the autorun.inf file automatically. That's how this stuff spreads. Vista and 7 no longer support this and throw a "What would you like to do" screen, which is fine by me.

  5. Re:I thought USB devices were safe by Ukab+the+Great · · Score: 4, Insightful

    Good News: Assuming a certain level of competence where the windows machines formatting the drives in China were not recycled from somewhere else, had their hard drives given a clean wipe, and weren't hooked up to the Internet and used to browse Pr0n on lunch break, then yes drives in the blister pack are secure.

    Bad News: It's highly dangerous to assume a certain level of competence.

    Moral Of The Story: When you buy a flash drive, immediately format it and bypass and "value-added gravy" the manufacturer tries to shove down your throat.

  6. Re:PS -- a little more googling shows... by AndrewNeo · · Score: 2, Insightful

    To their credit they did fix it in Vista.

  7. Re:"D:\Setup.exe" by jedidiah · · Score: 2, Insightful

    Fortunately, this thing called the GUI that was introduced to the world in 1984 solved most of those problems.

    No need to search for the disk.
    Searching for something to run is pretty straightforward.

    Knowing what a program looks like in a GUI will probably be declared a "burden" by some. However, you can't completely abdicate responsibility for a sophisticated tool without severe consequences.

    Sooner or later, something like Email Phishing will require the end user to plug their brain back in.

    --
    A Pirate and a Puritan look the same on a balance sheet.
  8. REALLY? Re:No, really? by Anonymous Coward · · Score: 1, Insightful

    25% eh. Sounds like bullshit to me. Ought to sound like bullshit to you too. Think about it a minute. What this is is another press release trying to get a company's name in the press. Shame on /.ters for believing such nonsense.

  9. Re:Big surprise by FoolishOwl · · Score: 2, Insightful

    I've seen the conspiracy theory pre-emptively denied, but this is actually the first time I've seen it asserted.

    When I've seen lists of viruses, I've been puzzled that some of them -- a small proportion -- have the annotation that they have been seen "in the wild." Occasionally, I'll see hints that many viruses are only theoretical. Is it the case that the security companies are competing to invent computer viruses, then using those computer viruses, which exist only in their own labs, to inflate the ever-increasing numbers of computer viruses they supposedly defeat?

  10. Re:PS -- a little more googling shows... by FoolishOwl · · Score: 3, Insightful

    To be fair, I think part of what people hated about Vista was that Microsoft finally implemented some decent security. Users complained about being asked to enter passwords to authorize software installation and the like. Vista was a tremendous resource hog, but it looked to me like Microsoft decided to upgrade security and stability first, then optimized performance later in Windows 7. That's the responsible thing to do, and I think Microsoft got burned for doing the right thing for a change.