USB Trojan Hides In Portable Applications, Targets Air-Gapped Systems

Reader itwbennett writes: A Trojan program, dubbed USB Thief by researchers at security firm ESET, infects USB drives that contain portable installations of popular applications such as Firefox, NotePad++, or TrueCrypt, and it also seems to be designed to steal information from so-called air-gapped computers. "In the case we analyzed, it was configured to steal all data files such as images or documents, the whole windows registry tree (HKCU), file lists from all of the drives, and information gathered using an imported open-source application called 'WinAudit'," the ESET researchers said. The stolen data was saved back to the USB drive and was encrypted using elliptic curve cryptography. Once the USB drive was removed, there was no evidence left on the computer, the ESET researchers added.

I lost my USB drive. I wrote a program that autom

I lost my USB drive. I wrote a program that automatically backs up my computer when I plug it in (of course encrypted). I guess they found it.

Re:Linux? BSD?

[MobileTatsu-NJG]

That depends, does Linux and BSD finally support USB drives?

Re:Gushing?

[tlambert]

State of the art? How is this any different than the viruses that were passed around 30 years ago on c64 floppies?

USB drives are large enough to contain Java and Python programs, so that recent college graduates can finally write viruses again. C64 floppies are not large enough.

I had my info stolen

[blogagog]

I had the info stolen off my computer last year. The thieves who took it are now slightly dumber for having read it.

Re:Linux? BSD?

[MobileTatsu-NJG]

Ah yes, I remember attempting to set up wifi on both RedHat and OSX (BSD based...)... both were over-zealous in supporting air-gap-based security