Spyware and Removable Media

Spyware in its most viral form of worms and trojans has always relied in spreading techniques inspired by plain viruses. Removable media has been seen for a long time as one of the most important vectors of this type. However with the demise of the floppy disk, this risk seemed averted. Nowadays unfortunately, malware is again spreading at an increasing rate with the help of removable media.

Flash Memory, Low Cost, Spyware Friendly

Flash memories are beginning to see an increased use in our everyday lives, either through the use of MP3 players or plain memory sticks. Not so many people are aware however that these devices can be used to spread malware. This has led to a general lax policy when dealing with them.

In 2007, the appearance of the infamous sal.xls.exe infection (especially in Asia) is now challenging these policies and people are becoming increasingly aware of the dangers they expose themselves to.

Free Antispyware Scan

Click Here to Scan your computer to  confirm it is Spyware Free!

How is the malware spread?

The methodology used by spyware programmers to employ flash devices as a vector is disappointingly simple. All versions of Windows from XP SP1 have an autorun feature for all removable device, so basically what these guys have been doing is to insert an executable file on the root of every drive they find and create an autorun.inf file which starts up this file. What’s more disappointing still is how incredibly successful this approach has been.

So basically in order to detect a spyware infection via removable device, all that you have to do is open up the autorun.inf file with just about any text processor you wish (Notepad will do just fine) and see what programs are loaded up. Removing the spyware however is a much more complicated task and should be left to a professional Anti-Spyware program. You can try the Systweak Antispyware for a Free Scan of your computer now.

1 thought on “Spyware and Removable Media”

Leave a Reply

Your email address will not be published. Required fields are marked *