25% of Worms Spread Via USB

An anonymous reader writes "In 2010, 25 percent of new worms have been specifically designed to spread through USB storage devices connected to computers, according to PandaLabs. This distribution technique is highly effective. With survey responses from more than 10,470 companies across 20 countries, it was revealed that approximately 48 percent of SMBs (with up to 1,000 computers) admit to having been infected by some type of malware over the last year. As further proof, 27 percent confirmed that the source of the infection was a USB device connected to a computer."

No, really?

[oodaloop]

Since pretty much everything is connected with USB these days, is this any kind of surprise? Were there any worms spread using a serial port?

Surprise?

[Joce640k]

It's only going to surprise people who thought nobody would be stupid enough to enable autorun by default in a consumer OS.

Re:Surprise?

[Jedi Alec]

Honestly, that has been annoying the crap out of me since the very first release of Windows 95. How *anyone* could think that is a good idea continues to baffle me.

Then again, turning it off for all possible devices and situations is very satisfying :)

Re:Surprise?

[Darkness404]

Remember the days of DOS and having to try to walk someone through installing something through DOS (with a CLI mind you) and how many people couldn't just type the drive right? Misspelled Install every single time, etc?

Yeah, autorun might be a security nightmare, but its a lot nicer for anyone who has had to do tech support with clueless users.

Re:Big surprise

[gstoddart]

Hm, software vendors put enormous effort into preventing attacks over the Internet. Did anyone really think that virus writers were not going to find new attack vectors?

How is this a "new" attack vector?

Microsoft has had auto-run on things like CDs and USB drives for years, and you usually need to turn it off. Otherwise, it would happily run any old shit you plug in without even asking.

When I plug my iPad into my Vista box, the auto-run dialog comes up and asks me if I want to either download pictures or open it like a file storage. There is no "do nothing" option, which I find kind of amusing, since I've usually turned off auto-run for everything.

I'm not even remotely surprised that USB is a popular attack vector -- they're the new floppies. Microsoft has defaulted to "easy" mode (run everything), which also happens to be the most trusting and dangerous mode you could get. I think this was kind of inevitable.

Re:Big surprise

[gad_zuki!]

>There is no "do nothing" option, which I find kind of amusing, since I've usually turned off auto-run for everything.

That's not what people call autorun, especially in the context of USB viruses. Autorun means when the OS just launches the .exe listed in the autorun.inf file automatically. That's how this stuff spreads. Vista and 7 no longer support this and throw a "What would you like to do" screen, which is fine by me.

Re:I thought USB devices were safe

[Ukab the Great]

Good News: Assuming a certain level of competence where the windows machines formatting the drives in China were not recycled from somewhere else, had their hard drives given a clean wipe, and weren't hooked up to the Internet and used to browse Pr0n on lunch break, then yes drives in the blister pack are secure.

Bad News: It's highly dangerous to assume a certain level of competence.

Moral Of The Story: When you buy a flash drive, immediately format it and bypass and "value-added gravy" the manufacturer tries to shove down your throat.

Re:PS -- a little more googling shows...

[AndrewNeo]

To their credit they did fix it in Vista.

Re:"D:\Setup.exe"

[jedidiah]

Fortunately, this thing called the GUI that was introduced to the world in 1984 solved most of those problems.

No need to search for the disk.
Searching for something to run is pretty straightforward.

Knowing what a program looks like in a GUI will probably be declared a "burden" by some. However, you can't completely abdicate responsibility for a sophisticated tool without severe consequences.

Sooner or later, something like Email Phishing will require the end user to plug their brain back in.

Re:Surprise?

[Jimmy King]

While I agree with you, this is unfortunately not the way the world works. It was more profitable to insist that everyone needs computers and that they are easy to use and require no training or knowledge and would just work.

So now we've got a few people who can't and never would be able to manage that who have computers and use them daily. Then we have a bunch more people who could manage that, except marketing (and even some IT pros that seem to give advice based on what would be ideal rather than what actually is) has told them that it just works and they don't need to have a clue what's actually happening or how to do anything because it will all just happen for them. So now, even though they could learn how it works and how to do things, they don't and are convinced they shouldn't have to and get upset when something doesn't just work, trouble and risk free.

The best solution, of course, would be to get it through to people that computers are actually not simple and are very complex and require some level of understanding and research to use effectively and safely. That's a lot easier said than done, though, since no one wants to hear our opinion on the situation. The ones that do want to hear it likely don't need us to tell them.

REALLY? Re:No, really?

[Anonymous Coward]

25% eh. Sounds like bullshit to me. Ought to sound like bullshit to you too. Think about it a minute. What this is is another press release trying to get a company's name in the press. Shame on /.ters for believing such nonsense.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Big surprise

[FoolishOwl]

I've seen the conspiracy theory pre-emptively denied, but this is actually the first time I've seen it asserted.

When I've seen lists of viruses, I've been puzzled that some of them -- a small proportion -- have the annotation that they have been seen "in the wild." Occasionally, I'll see hints that many viruses are only theoretical. Is it the case that the security companies are competing to invent computer viruses, then using those computer viruses, which exist only in their own labs, to inflate the ever-increasing numbers of computer viruses they supposedly defeat?

Re:PS -- a little more googling shows...

[FoolishOwl]

To be fair, I think part of what people hated about Vista was that Microsoft finally implemented some decent security. Users complained about being asked to enter passwords to authorize software installation and the like. Vista was a tremendous resource hog, but it looked to me like Microsoft decided to upgrade security and stability first, then optimized performance later in Windows 7. That's the responsible thing to do, and I think Microsoft got burned for doing the right thing for a change.

Re:No, really?

[DrgnDancer]

As someone already pointed out, it's faster for large data transfers, but I don't think that's a majority of the problem. It's mostly just convenience. Let's say I have a presentation to give to your company. It's the same presentation I give to every company that has shown an interest in my product. I could e-mail each and every company a copy of my presentation before I show up (and hope that the person I e-mailed it to remembers to put it on the presentation machine), or I can carry it on a thumb drive. Or maybe I was working on the presentation on the flight, and didn't have Internet access to send it to you. Or I'm a tech support guy who carries a bunch of diagnostic tools around with me. There's a ton of reasons why people carry these things around, speed not a huge factor for most of them.