Home > Computer Hardware, General, Software > Flash disk trojans

Flash disk trojans


Lately, I’ve seen an increase in this scourge at work, as well as having it hit me at home. In simple terms, the flash drive gets plugged into a computer running Windows, which has been infected by any one strain of the dozens of these things. It creates a hidden protected Autorun.inf file in the root of the drive, as well as hiding in the RECYCLER folder (not every strain does.)

When you take that disk to another computer, it jumps onto that computer, hides itself, and creates some obscure entries in the Windows Registry. As far as I can tell, that’s mainly all it does, sitting and waiting till the next flash drive comes along. The AutoRun file on the flash drive basically is the trigger for the trojan, as the majority of Windows installations have AutoRun enabled by default. The trojan runs without the user being aware of it, and the only evidence may be an error message popping up after a minute or 2.

Now the above has happened on computers that were “protected” by Symantec Corporate Anti Virus, but Symantec did nothing. At home, my Avast Anti Virus found and removed the file right after plugging the flash drive in. It also deleted the AutoRun file, which was a nice touch. On the work computers, I’ve had to clean them out manually, which is a tedious task. Most of the staff at my school probably have infected disks by now. I luckily have a SUSE Linux computer in my office which serves as a proxy server, but I can plug the drives in without fear, since the AutoRun file can’t execute under Linux.  That’s going to be the only way I can clean the darn disks out, but it may be in vain, since if the staff members’ computers are infected at home, it will just get infected again.

In short, be careful. If your flash drive supports a read only switch on the drive itself, toggle it to locked mode before plugging into another computer. The trojan will not be able to jump onto the disk. If your disk is already infected, get a good anti-virus program like Avast, and scan the flash disk as well as your hard drive. These trojans are mainly designed to steal passwords to online games I believe, and do little other damage that I can tell or am aware of. Still, rather be safe than sorry. Things may not be so simple in the future, knowing cyber criminals.

Advertisements
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: