Thursday, April 26, 2007

Malware Infected Removable Media

In a previous post I discussed various thought to be outdated physical security threats such as leaving behind CDs and DVDs malware ready and taking advantage of the auto loading feature most people conveniently have turned on by default. Seems like on purposely leaving behind pre-infected removable media with the hope that someone will pick them up and act as a trojan horse themselves, still remains rather common. Unless your organization has taken the necessary removable media precautions, a story on USB sticks with malware should raise your awareness on an attacker's dedication to succeed :

"Malware purveyors deliberately left USB sticks loaded with a Trojan in a London car park in a bid to trick users into getting infected. The attack was designed to propagate Trojan banking software that swiped users' login credentials from compromised machines. Check Point regional director Nick Lowe mentioned the ruse during a presentation at the Infosec trade show on Tuesday, but declined to go into further details, citing the need for confidentiality to protect an investigation he's involved in."

From an attacker's perspective that's an investment given USB sticks are left in parking lots around major banks, and finding a 1GB USB stick laying around would make someone's day for sure. Despite that in this case it's a banking trojan we're talking about, on a more advanced level, corporate espionage could be the main aim though the exploitation of various techniques.

No comments:

Post a Comment