A new worm is spreading on flash drives

Sophos has drawn attention to the spread of a new worm that is trying to infect as many computers as possible, primarily through removable storage devices, including flash drives.

USB-interfaced storage devices are becoming more and more popular, so virus writers are also paying more and more attention to creating malicious programs that can spread through these memories as well. Recently, quite a few viruses have been heard that copy their own files to flash drives and are able to infect PCs without user intervention through a simple trick.

Sophos was the first to report a worm called SillyFD-AA, which also targets removable storage. According to the security company, the malware is in principle able to copy itself to any drive, but prefers USB-attached memories the most. When the user inserts his flash drive containing the infected files into his computer, the worm starts automatically and starts performing various actions.

According to Sophos, SillyFD-AA does not cause much damage, and the risks it poses are also reduced by the fact that it does not try to hide in any particular way. For example, the worm quite noticeably changes the address bar of Internet Explorer and places the text “Hacked by 1BYTE” in it. Graham Cluley, a security expert at Sophos, said that viruses that lurk in the background, without any particular signs, open back doors on systems and "quietly" leak data from them are a greater threat.

Viruses that spread through removable data storage can be so "successful" primarily because companies and users often focus on malicious programs that attack in e-mails or via the Internet, and only check the use of USB memories in a few places.

The best protection against the SillyFD-AA worm is to use up-to-date anti-virus software and turn off Windows autorun.