Two-thirds of 'lost and found' USB flash drives infected with malware

Two-thirds of 'lost and found' USB flash drives infected with malware

Summary: Trust no one ... and nothing!

SHARE:
43

Security firm Sophos studied 50 USB flash drives bought at a major transit authority's lost property auction and found that two-thirds were infected with malware. What's more, examination of the drives uncovered information about many of the former owners of the devices, including their family, friends and colleagues.

The drives were all lost on RailCorp trains in Australia.

Here's a breakdown of the malware:

While no Mac OS X malware was discovered, nine of the USB flash drives had been used extensively by Mac owners, and seven of these drives were infected with malware.

The flash drives didn't just contain malware - they contained data files. 4,443 in fact, broken down as follows:

Files discovered included:

  • Lists of tax deductions.
  • Minutes of an activists' meeting.
  • School and University assignments.
  • AutoCAD drawings of work projects.
  • Photo albums of family and friends.
  • A CV and job application.
  • Software and web source code.

None of the drives examined were encrypted in any way.

The takeaway from this:

  • Don't neglect to scan USB flash drives for malware
  • Assume that any drive you are handed by someone else is infected, and scan as appropriate
  • Just because someone's a Mac user, don't assume their flash drives are clean - scan them!
  • Consider encrypting flash drives, especially if the drive contains important business or personal information

Topics: Hardware, Malware, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

43 comments
Log in or register to join the discussion
  • RE: Two-thirds of 'lost and found' USB flash drives infected with malware

    What tools exist to scan USB drives for malware?
    dtrebbien@...
    • RE: Two-thirds of 'lost and found' USB flash drives infected with malware

      @dtrebbien@...

      The same tools that exist to scan your computer from Malware. If your XP and Vista computer is up to date with security patches then Autorun on USB Flash drives should be disabled. Win7 does not launch Autorun in the same way so it is generally safe.
      bobiroc
    • RE: Two-thirds of 'lost and found' USB flash drives infected with malware

      @dtrebbien@...
      Any anti virus program thats available you choose what drives to scan with all anti virus software... You need a basic computer class lol
      Fletchguy
  • By inference

    There must be a lot of infected systems out there. USB sticks don't get infected without being plugged into an infected machine. Two thirds of absent-minded PC users have malware ridden PCs? Scary thought.
    keebaud@...
    • RE: Two-thirds of 'lost and found' USB flash drives infected with malware

      @keebaud@...

      Many flash drives come preloaded with software for various reasons and some of that preloaded software is malware.

      Plus there have been instances of flash drives coming with malware in the drive's firmware (a US DOD IT person told me of this). Unfortunately I cannot find anything on the intertubes to confirm this, however it's not impossible, so I'm going to have to put it into the "probable" column.
      PollyProteus
    • RE: Two-thirds of 'lost and found' USB flash drives infected with malware

      @keebaud@... You bet it is, But it's true. I fix computers for a hobby and almost every one of them has some critter in it. Of the last twenty computers I fixed only one was clean. People just don't give a sh*t till it slows down to an unusable box of junk.
      Rick Sos
  • Even though I run linux........

    I have set up all my linux systems with anti-virus (clam). This is to insure that any emails, attachments or files from a non-linux system (mostly windows), are cleaned before forwarding/transferring to another system.

    I may not get malware, but I am making sure that my systems don't inadvertently transfer malware to anyone else.
    linux for me
    • RE: Two-thirds of 'lost and found' USB flash drives infected with malware

      @linux for me

      You are a good guy! Thanks.
      mlashinsky@...
    • RE: Two-thirds of 'lost and found' USB flash drives infected with malware

      @linux for me
      You, sir, deserve a drink on the house.
      WozNotWoz
  • Why?

    "Just because someone???s a Mac user, don???t assume their flash drives are clean - scan them!"
    "no Mac OS X malware was discovered"
    So, why would I scan the USB drive?
    davebarnes
    • RE: Two-thirds of 'lost and found' USB flash drives infected with malware

      @davebarnes

      Are you seriously that dense? So you are saying that because just a file was downloaded or created on a Mac that there is no chance of it being infected?

      Oh and there is Mac Malware. I sure hope your post was sarcasm otherwise you are a perfect example how Mac users live their life with security blinders on. Thinking MacOS is perfectly secure and will protect them.
      bobiroc
      • I rely on

        the ghost of Steve to protect me.
        davebarnes
      • RE: I rely on the ghost of Steve to protect me.

        @davebarnes

        More like haunt you
        bobiroc
    • RE: Two-thirds of 'lost and found' USB flash drives infected with malware

      @davebarnes

      You've got to be kidding... right?
      The one and only, Cylon Centurion
    • You do have AV running constantly on OS X

      @davebarnes
      Apple embedded it into the kernel and constantly has to add new definitions.

      All OS X users run AV. They have no choice.
      toddybottom
      • RE: Two-thirds of 'lost and found' USB flash drives infected with malware

        @toddybottom

        Constantly? Have they updated it since the Mac Guard fiasco?
        The one and only, Cylon Centurion
    • You Don't Care If You Pass Malware On?

      @davebarnes
      It said that several of the drives that had been used on Macs extensively still contained Windows malware. Even if your machine doesn't get infected, it might be nice to stop the malware from being passed on to another machine.
      CFWhitman
      • I've noticed something about OS X users

        @CFWhitman
        They are not typically nice, considerate people. Just look at the crop of OS X users that frequent ZDNet.
        toddybottom
    • RE: Two-thirds of 'lost and found' USB flash drives infected with malware

      @davebarnes

      For one thing, to prevent infection of others.
      CobraA1
    • RE: Two-thirds of 'lost and found' USB flash drives infected with malware

      @davebarnes
      As a teacher, there are many assignments that I collect from USB stick drives--video and powerpoint files, for example--and fully half of them trigger my antivirus scanner the moment they are inserted. As a courtesy, I clean them out for the student before I give them back. And, yes, I am running a Mac. This article does not surprise me at all.
      kg6ygs@...