USB Thief, a new threat to data, is capable of stealthy attacks against air-gapped systems and also well protected against detection and reverse-engineering.
ESET researchers have discovered a new data-stealing Trojan malware, detected by ESET as Win32/PSW.Stealer.NAI and dubbed USB Thief. This malware exclusively uses USB devices for propagation, without leaving any evidence on the compromised computer. Its creators have also employed special mechanisms to protect the malware from being reproduced or copied, which makes it even harder to detect and analyze.
“It seems that this malware was created for targeted attacks on systems isolated from the internet,” comments Tomáš Gardoň, ESET Malware Analyst.
The fact that USB Thief is run from a USB removable device means that it leaves no traces, and thus, victims don’t even notice that their data were stolen. Another feature – and one that makes USB Thief unusual – is that it is bound to a single USB device which prevents it from leaking from the target systems. On top of all that, USB Thief has sophisticated implementation of multi-staged encryption that is also bound to features of the USB device hosting it. That makes USB Thief very difficult to detect and analyze.
USB Thief can be stored as a plugin source of portable applications or as just a library – DLL – used by the portable application. Therefore, whenever such an application is executed, the malware will also be run in the background. “This is not a very common way to trick users, but very dangerous. People should understand the risks associated with USB storage devices obtained from sources that may not be trustworthy,” warns Tomáš Gardoň.
Additional details about the USB Thief Trojan can be found in an interview with Tomáš Gardoň or in a technical article on ESET’s official IT security blog, WeLiveSecurity.com.
[su_box title=”About ESET” style=”noise” box_color=”#336588″][short_info id=”60260″ desc=”true” all=”false”][/su_box]
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…