The malware is called the ‘USB Thief’ and is very hard to detect or analyse it, because it cannot be copied or reverse-engineered. What makes it difficult to discover is that it behaves as a plugin source of portable applications or just a library used by the portable application. For instance, if an app like Firefox portable is executed, the malware is run with it.
ESET’s malware analyst, Tomáš Gardoň, said it looks as this malware was designed for targeted attacks on systems isolated from the internet. He added that this self-protecting multi-stage malware is very powerful, leaving no traces of ever being present on a system, after the USB is removed.
The Paypers. All rights reserved. No part of this site can be reproduced
without explicit permission of The Paypers(V2.3).