Wormongers - The Curse of Autorun.inf

Filed Under: Malware, SophosLabs

In an age in which boot sector viruses are almost extinct, a new force to reckon with is emerging.

This Summer, behold, the revitalised threat of the USB worm. Lurking on your USB device, it uses autorun.inf to run itself on your computer. You plug, it plays.

From the creators of W32/QQRob-ADN and W32/Brontok-DN and many others, comes a nefarious program to a computer near you!

The horror, the horror!

You have been warned!

Note: Worms spreading via removable devices may be due to injudicious use of public computers. Caution and common sense should apply. No purchase necessary.

Note 2: Even with the autorun feature disabled (via a Registry tweak) autorun.inf files provide opportunities for subtle social engineering tricks to encourage the victim to run the malicious file.

Social Engineering with autorun.inf

You might like