Rebirth of Floopy Viruses?

Submitted by feiming on 17 September 2008 - 6:36pm.

Due to the popularity of CD and DVD killed viruses that transfered through floppy which I like to call "Floppy Viruses".The read only method prevented "Floppy Viruses" from getting into the media.

But the recent dirt cheap USB Thumbdrive/Pendrive/Flashdrive(whatever you call it) had increase the usage of USB Flashdrive.Is this the rebirth of "Floppy Viruses"? from my recent experience.I see hundreds of student who most of the time had their Autorun enabled and did not put effort to scan USB Flashdrive.Why do we still need Autorun on a USB Flashdrive while we all knew that most of the "Floppy Viruses" take advantage of Autorun.

I seen alot of "RECYCLE" virus and a few more weird VBA viruses.All of them are hidden in Microsoft Windows and couldn't delete through Window's Explorer.
Some might suggest to format the flashdrive in Windows.But of couse,virus creater ain't stupid.The alternative solution other then antivirus(which might not all work) is to use Linux(if you have 1).You could delete those file in Linux using root.

So you might ask why I wrote is long and weird title.
Because I seen a guy's Flashdrive filled with 5 different viruses and a brand new computer which is less then 1 month old was infected with 2 viruses.

autorun.inf

Submitted by Opcode0x90 on 18 September 2008 - 2:43am.

Never trust any portable media. :) Another concern is bootable USB drive. Heh when this gets popular it might revive the long lost Floppy Viruses era. Bootkit anyone? :) Also, you dont need to format the pendrive or boot into Linux to delete those viruses. IceSword can easily wipe those file.

I tried to read 1 of the VBA

Submitted by feiming on 19 September 2008 - 8:59am.

I tried to read 1 of the VBA code and found the comment amusing.It say "forgive me" before the codes start.

disable autorun

Submitted by wan on 18 September 2008 - 11:21am.

tweak your windows to disable autorun. you can follow these guides:

http://antivirus.about.com/od/securitytips/ht/autorun.htm

http://www.engadget.com/2004/06/29/how-to-tuesday-disable-autorun-on-win...

btw, i think this "floppy viruses" method can also be used to attack linux through auto-play feature.

I 'm not so sure about

Submitted by feiming on 19 September 2008 - 9:12am.

I 'm not so sure about that.So far,I only seen Gnome opens the USB Flashdrive with nautilius by default.When a digital camera is plug in,it's normally prompt related apps for the user to choose.Never seen it execute autorun.inf.

The virus design also need to run independent,without dependency(unless direct interface with the kernel).If all those are sort out,it'll probably work and will cause more damage if the user login as root.

User login

Navigation

Who's online