Two-thirds of 'lost and found' USB flash drives infected with malware

Summary:Trust no one ... and nothing!

Security firm Sophos studied 50 USB flash drives bought at a major transit authority's lost property auction and found that two-thirds were infected with malware. What's more, examination of the drives uncovered information about many of the former owners of the devices, including their family, friends and colleagues.

The drives were all lost on RailCorp trains in Australia.

Here's a breakdown of the malware:

While no Mac OS X malware was discovered, nine of the USB flash drives had been used extensively by Mac owners, and seven of these drives were infected with malware.

The flash drives didn't just contain malware - they contained data files. 4,443 in fact, broken down as follows:

Files discovered included:

  • Lists of tax deductions.
  • Minutes of an activists' meeting.
  • School and University assignments.
  • AutoCAD drawings of work projects.
  • Photo albums of family and friends.
  • A CV and job application.
  • Software and web source code.

None of the drives examined were encrypted in any way.

The takeaway from this:

  • Don't neglect to scan USB flash drives for malware
  • Assume that any drive you are handed by someone else is infected, and scan as appropriate
  • Just because someone's a Mac user, don't assume their flash drives are clean - scan them!
  • Consider encrypting flash drives, especially if the drive contains important business or personal information

Topics: Hardware, Malware, Security

About

Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology -- whether that be by learning to program, building a PC from a pile of parts, or helping them get the most from their new MP3 player or digital camera.Adrian has authored/co-authored technic... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.