USB flash drives are the current most popular data transport media. Convenience of USB interface, small size and less chance of data corruption are the main reasons for this popularity. Malicious software writers target this platform due to this popularity and due to security flaws in Windows operating systems.
There are currently around thousands of various bugs, including viruses, worms and malicious software using USB flash drives as a vector. Many of them transmit through multiple other ways including internet and email as well.
How do these bugs spread through USB drives?
One of the security flaws, in windows is running code that is linked to Autorun.inf file in removable media without users consent. These bugs create an autorun.inf file and links themselves to it in an infected USB Flash drive. Once user inserted infected drive to USB port, windows (Especially Windows XP) runs the linked bug without users consent. Then it will infect the host system and the infected host infects every USB drive that is inserted to it.
Sometimes viruses infect every possible file in USB flash drive, including executable and document files. Some worms overwrite themselves into user’s files, effectively destroying users data. Clean computers will get infected once these files are executed.
How to prevent these bugs?
Sometimes running updated antivirus software alone won’t solve the problem. Usually antivirus software scans every possible file in a flash drive, including compressed files. This presents a problem for people like me, who carry awful lot of files in Flash drives. E.g. my flash drive is 16 GB in size and even the fastest antivirus software needs at least 45 mins to completely scan it. So if I want to get a printout of a document in my drive, I have to wait for 45 mins.
One solution is using only Antivirus Resident programme without manually scanning the drive. But there are lot of virus variants using flash drives and since classic antivirus software is using signature based detection methods, these bugs may evade. Other thing is some viruses are so quick and they will act before resident software.
Another solution is upgrading to Windows 7. This latest OS is inherently resistant to these Autorun viruses. User account protection is quite useful in this scenario, even though some people hate it. It informs the user when programme tries to change dangerous changes to the system, so user can stop it. So when you insert infected flash drive in Windows 7, suddenly you might get a prompt saying “kfkjf.exe tries to change system settings”. Then you can stop it and delete the file.
There is third party software called Autorun Virus Remover, which I use. It will load at system startup, consume extremely little system resources and detect if there is an autorun file in USB flash drive. After that it will go through that file and delete the virus attached to it. So you can safely open your flash drive. If you are to get print out of a file in USB drive, you can safely copy it to your hard drive, scan only the needed file with antivirus software and then get the print out. But running files directly with viruses, inside USB drive manually is a different story. This software does not offer protection for this. For this you need proper antivirus software. But software like AutorunVirus remover can save your time, if you know exactly what you are doing. There are free alternatives to Autorun Remover in the internet as well.
No comments:
Post a Comment