Home > Events, malware report > AusCERT 2008: Telstra Distributed Infected USB

AusCERT 2008: Telstra Distributed Infected USB

Telstra is red-faced after handing out malware-infected USB drives to tutorial attendees at the AusCERT security conference on the Gold Coast. [Read Patrick Gray @ SearchSecurity]
~~~oOo~~~
The folks at Australian mega-telco Telstra are wiping eggs from their faces after distributing malware-infected USB drives to attendees at this year’s AusCERT security conference. [Read Ryan Naraine @ ZDNet Blog]
~~~oOo~~~
What an embarring moment… The good thing is that most of AntiVirus scanners already detects that piece of malicious program and if you have a good AV scanner installed with latest or updated signature on it and with an agressive features such as Real-Time detection or AutoScanning for all mounted drives, then definitely no worries of infection.

Virus Total returned 96.88% detection rate which is 31/32 different AntiVirus scanners detect this malware. [VirusTotal Detection]

The culprit … As you can see in the screenshot below, autorun.inf contains instructions that allows USB to auto play once it is mounted in the computer and thereafter, automatically execute sys.exe.

McAfee detects this malware as W32/CEP.worm!33925d66 and has already published a malware report found here.

ThreatExpert Report here.

  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: