Deadly USB-based data stealing malware discovered

Antivirus firm ESET has discovered a unique Trojen program dubbed as the USB Thief that is almost undetectable and is designed to steal information from PC’s not connected to the internet. Win32/PSW.Stealer.NAI or the USB Thief is hugely different compared with traditional malware programs and has a unique way of spreading via USB storage devices.

USB Thief

What makes this trojan really dangerous is that it does not leave any evidence of steal on the compromised computer. Its makers have employed a unique mechanism to protect the malware from being reproduced or copied, thus making it harder to detect and analyze.

USB Thief is created for targeted attacks

USB Thief uses intelligent encryption and fools one by not following the traditional encryptions methods that malware programs have. Its special encryption ensures that it does not spread in masses outside its target environment.

While the common logic says that a malware that spreads quickly is termed as very dangerous, such programs also attract immediate attention from security researchers who ensures that fixes and updates are released immediately.  However, with USB Thief adopting an offline attack strategy by targeting only the air-gapped systems it is almost a certainty that it won’t be detected.

The malware trick users easily

As per surveys, people don’t excise much caution before using USB storage into their PC.

This malware can easily trick such users as it employs an uncommon way to spread. USB devices are commonly used to store and transfer portable applications like Firefox portable, Notepad++ portable, TrueCrypt portable and so on. The Trojan file of the USB thief can reside as a plugin source of portable applications or in the DLL file used by the portable application. Hence, whenever such an application is executed, the malware will get executed too.

How to protect from USB Thief

While USB Thief looks deadly, it is possible to prevent its spread by disabling the USB ports as far as possible. Exercising caution while inserting USB drives into PC’s from untrusted sources is also recommended, says Eset.

Posted by with Tags
Ankit Gupta is an Engineering graduate & an MBA post graduate. He brings with himself 3 years plus global writing experience on technology, travel & finance. He follows technological developments, especially on gadgets. Apart from having an interest in following Microsoft, he also has a deep liking for wild life, & travels to various wildlife conservatories, to be with nature.