Incident Response, Malware, TDR

New USB-based data stealing malware detected in wild

Share

A new malware type that spreads using USB devices has been detected, according to ESET's blog.

The trojan, designated as Win32/PSW.Stealer.NAI – and dubbed USB Thief – leaves no trace on victim computers and is hard to detect," says Tomáš Gardoň, a malware analyst at ESET.

Gardoň says the malware – which uses multi-staged encryption – is capable of infecting networks off the internet and, he adds, because it leaves no evidence of its presence, victims are not aware their data is being siphoned away.

What also makes it unusual, he says, is each instance of the trojan depends on the particular USB device on which it is installed because its intention is to not be copied.

He believes the malware has been created for targeted attacks.

Disable USB ports when possible, he advises, and, if that's not feasible, strict policies should be in place.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.