AusCERT 2008: Telstra Distributed Infected USB
May 27, 2008
Leave a comment
Telstra is red-faced after handing out malware-infected USB drives to tutorial attendees at the AusCERT security conference on the Gold Coast. [Read Patrick Gray @ SearchSecurity]~~~oOo~~~
The folks at Australian mega-telco Telstra are wiping eggs from their faces after distributing malware-infected USB drives to attendees at this year’s AusCERT security conference. [Read Ryan Naraine @ ZDNet Blog]
~~~oOo~~~
What an embarring moment… The good thing is that most of AntiVirus scanners already detects that piece of malicious program and if you have a good AV scanner installed with latest or updated signature on it and with an agressive features such as Real-Time detection or AutoScanning for all mounted drives, then definitely no worries of infection.
Virus Total returned 96.88% detection rate which is 31/32 different AntiVirus scanners detect this malware. [VirusTotal Detection]
The culprit … As you can see in the screenshot below, autorun.inf contains instructions that allows USB to auto play once it is mounted in the computer and thereafter, automatically execute sys.exe.
McAfee detects this malware as W32/CEP.worm!33925d66 and has already published a malware report found here.
ThreatExpert Report here.
Recent Comments