PandaLabs, which conducts research for Panda Security, attributes a large percentage of malware distribution to the unassuming USB device. It has been estimated that as much as 25% of recently created worms are specifically engineered to spread through the use of USB devices.

Luis Corrons states, “Much of the malware in circulation has been designed to distribute through these devices… ” In 2008, U.S. military networks were compromised when a USB drive was used to deliver the responsible malware.

According to PandaLabs, the malware copies itself to the USB. Then when the device is inserted in any computer the malware code automatically runs and the infection is usually unknown to the user.

Panda conducted a survey in excess of ten thousand small/mid size businesses, and the results were startling. Close to 30% of those businesses were infected with malware in the past year. The culprits were primarily flash drives.

To make matters even worse and more alarming, threats have now spread to cell phones, smartphones, mp3 players, and cameras. You need to consider that all of those devices use some kind of memory either in the form of a memory card or other internal forms. They also all connect to your PC using the versatile USB. Fabulous.

As you may know, the infamous Conficker worm received a great deal of attention several years ago as it was spreading through infected flash drives. Then there is the recent hub-bub about the Stuxnet worm. Again, it relies heavily on USB drives for proliferation.

Microsoft released a security update in early August to to stick a permanent (we hope) finger in the proverbial dike to address an infectious route used by the Stuxnet worm. How serious is this Stuxnet malware? Well…

Just this past summer Stuxnet was zeroing in on software used in industrial control systems for utility as well as manufacturing companies. This seems to be a bit more serious than annoying spam emails.

Why would anyone want to target utility companies? What could be gained by major mass infection of manufacturing industries within any particular country?

One of the keys to infection success using the USB port of entry is the ability to autorun. So one obvious measure of protection is to prevent the autorun from happening. And that is what PandaLabs has created as a solution.

They have released USB Vaccine, and it is available for free at Panda’s website.

Share/Save/Bookmark