Beware of Lost and Found USB Flash Drives, They're Brimming with Malware, Sophos Says - HotHardware
Beware of Lost and Found USB Flash Drives, They're Brimming with Malware, Sophos Says

Beware of Lost and Found USB Flash Drives, They're Brimming with Malware, Sophos Says

If you should happen to run across a USB flash drive on the subway, you may want to leave it there, assuming you weren't planning to take it to lost and found to begin with. There's a good chance it's infected with malware, and that doesn't just apply to USB keys you find on the ground, but ones you buy at auction, too.

Security firm Sophos said it studied 50 USB keys bought at a major transit authority's Lost Property auction, and of those 50, two-thirds were infected with malware. That's bad news for the buyer, and the previous owner doesn't get off scot-free either. The study also revealed that drives were filled with information about many of the former owners, including their family, friends, and colleagues.


"We found 62 infected files in total. The worst key contained six infected files, representing four separate items of malware," Sophos said in a blog post. "We didn't find any OS X malware. But nine of the keys appeared to belong to Macintosh owners (or at least had been used extensively on Macs); seven of these were infected.

"In other words, if you're a Windows user, don't assume that you can automatically trust everything that comes from your Apple-loving friends. And even if you're one of those Mac users who is opposed to the concept of anti-virus software, consider softening your stance as a service to the community as a whole."

Another fun tidbit: none of the 50 USB keys were encrypted, though none contained any "smoking guns," like insider trading tips, credit card dumps, criminal plots, etc. There were, however, files containing tax deductions, minutes of an activists' meeting, photo albums of family and friends, software and web source code, and other information you typically wouldn't want to go around sharing willy-nilly.
0
+ -

Use a Linux system to format it. Problem solved.

0
+ -

my rule when approaching any wild storage drive: nuke first, ask questions later. curiosity gets you a virus.

0
+ -

And then have the problem of having a Linux system on your computer that can't do anything actually productive.

0
+ -

Now your being rude. linux is incredible with all sorts of productivity. the most productive years of my life was surfing through all the illegal programs i got from the bittorrent pre downloaded on my linux computer, adobe photoshop , rosseta stone, everry movie ever, ........etc.

0
+ -

Ya, always wipe before using. :D I haven't found one usb laying around yet :)

+1
+ -

LoL at the data found, I wonder how many nudes were found on them :p

Anyway my NOD32 always scans any USB device as soon as it's plugged in, clean away NOD!

0
+ -

Ha! thats exactly what I was thinking Manduh...lol

0
+ -

Thanks for pointing this out... Earlier this year I found like 10~ USB's at my school and I'm not sure if they have viruses because I never plugged them in yet.

Now I'll be precaution and plug them in my friend's laptop first before plugging into mine ;) lol jk

0
+ -

Also haven't found and USB keys but I have enough systems at my disposal that I can wipe any drives first before attempting to use them lol. Agree a ubuntu live CD is great for handling stuff like this.

0
+ -

This is a little bit shocking. but i have never had a very large need for a usb port. those grenades look sweet though and i may have to get one, but sounds like illl be buying new for sure not used.

What i wonder is whether getting malware from a flash drive is worse than getting it from the internet and if one is harder for your anti virus to find and remove?

0
+ -

virus is virus... they all are dangerous :(

not sure if as soon as you plug the USB in the virus will stream into my system or there's a specific program that I must click on to enable them?

0
+ -

some earlier versions of windows actually autostart some features on U3 enabled devices. For example, sandisk had some software that was installed on most of their U3 drives that would run as soon as you inserted the stick in. This was a horrible security flaw in the windows system, and was finally removed in one of the last major updates to windows 7.

0
+ -

you could also always get deep freeze and never have to worry about an infection again. oh, new virus out that hasn't got a fix yet? Reset -- fixed.

Login or Register to Comment
Post a Comment
Username:   Password: