News

USB Thief Infects ‘Air-gapped’ Computers And Leaves No Trace

Malware (short for malicious software) is a type of program that is intended to cause harm to a system, be it in the form of ransomware, like that which has hit several hospitals in the US, or just you generic popup creating malware. A new malware named USB Thief, looks to break the chain of common threats by hiding itself and infecting systems even when they aren’t connected to the internet.

The internet is a wonderful thing but the problem with everyone being able to share and talk to one another is that sending something nasty is as easy as clicking a button (or in some cases, the software even does this for you). USB Thief avoids this by working on USB sticks, the very same ones you use to send information to and from your computer to your parents or even your friends.

The software hides by only executing under a certain set of rules, that is using a key created from the original USB drive it was created for. Even when it does spread it uses a unique key created using the ID of the USB stick and the time, meaning that traditional attempts to copy and discover the malware fail when suddenly it has unknown hardware in the mix.

Not only does it mean it won’t always execute, breaking the common rule of repeated behaviour is traceable behaviour, but it doesn’t leave any evidence on the infected computer, meaning your data could be stolen and you wouldn’t even know it. USB Thief lives up to the second part of its name, with it at the moment only working to steal data, but Tomáš Gardoň, a malware analyst with antivirus provider Ese says that “it would not be difficult to redesign the malware to change from a data-stealing payload to any other malicious payload”.

By avoiding the internet and focusing on the more traditional method of using USB drives, the virus is able to infect systems similar to how Stuxnet worked, enabling it to infect ‘air-gapped’ system (those which aren’t connected to the internet). With the USB lock in place, only the original USB created by its designers can infect systems, meaning if you didn’t create the original you won’t be able to use it.

If that wasn’t enough the USB Thief’s developer seems to have done its homework as it only runs as part of a command from portable versions of legitimate applications like Notepad++ and Firefox. If you’re running Kaspersky Lab or G Data though you should be okay as the malware won’t install itself on your system, a feature that was no doubt down to results from some initial testing.

Gareth Andrews

Disqus Comments Loading...

Recent Posts

Trust Gaming GXT 609 Zoxa 2.0 PC Speakers

SOUNDS GREAT – Full stereo sound (12W peak power) gives your setup a booming audio…

4 hours ago

PowerA Wired Controller for Nintendo Switch

Special Edition Yoshi design Ergonomic controller shape with Nintendo Switch button layout Detachable 10ft (3m)…

4 hours ago

Logitech G Saitek PRO Flight Rudder Pedals

Fluid Motion: These flight rudder pedals are smooth and accurate that enable precise control over…

4 hours ago

Logitech G Saitek Farm Sim Controller

Heavy Equipment Bundle: Includes a steering wheel for heavy machinery, gas and brake pedals, and…

4 hours ago

Razer Ornata V3 X – Low Profile Gaming Keyboard

Low-profile Keys for an ergonomic gaming experience. With slimmer keycaps and shorter switches, enjoy natural…

4 hours ago

Glorious Gaming Model O Wired Gaming Mouse

Size & style: Ambidextrous lightweight mouse for gaming. Built for speed, control and comfort, with…

4 hours ago