The malware is called the ‘USB Thief’ and is very hard to detect or analyse it, because it cannot be copied or reverse-engineered. What makes it difficult to discover is that it behaves as a plugin source of portable applications or just a library used by the portable application. For instance, if an app like Firefox portable is executed, the malware is run with it.
ESET’s malware analyst, Tomáš Gardon, said it looks as this malware was designed for targeted attacks on systems isolated from the internet. He added that this self-protecting multi-stage malware is very powerful, leaving no traces of ever being present on a system, after the USB is removed.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now