Malware Infections From USB Drives On The Rise

I'm willing to bet that you don't bother running any kind of security check before plugging a USB drive into your computer. That could be a mistake: research by BitDefender suggests that infections from software which automatically launches when you connect a USB drive are up significantly.

Picture by Kai Hendry

Data collected by BitDefender suggests that AutoRun-delivered infections, which spread when infected drives are plugged into a new machine, were responsible for 12 per cent of malware infections in the first quarter of this year. Any removable storage plugged into a Windows machine can potentially be a vector for this kind of infection.

BitDefender has updated its free USB Immunizer tool, which we have featured before, and which helps protect drives from AutoRun and AutoPlay exploits. As we've noted before, newer versions of Windows restricts AutoPlay and makes those attacks less likely. But the figures do highlight that if you are a regular user of USB drives, basic security precautions remain important, especially for those many, many Windows XP users.


    Between the way Win7 handles autoplay and running Microsoft Security Essentials, these aren't really a problem for me.

    The couple of times Ive plugged in a usb stick and it has been infected it's been caught pretty much immediately, at which point I proceed to have a go at the owner of the stick

    At work we've got a type of virus that hides all of the root folders on a USB stick, then creates shortcuts that infects the machine it's running on (and if you're lucky, opening the original, hidden folder afterwards). As each person basically owns and runs their machine, some don't have adequate antivirus protection on it, and as a result, infections go up.

    Of course it doesn't help when you have a crowd of 10 people come in and say "Our files have been deleted. Our USB was all shortcuts, and we clicked on them at least a dozen times to open them, but they wouldn't work" and you spend ages lecturing them as to why they haven't won a free iPad, why they should change their passwords immediately and why they should see IT before clicking anything suspicious.

    I like the lack of any links back to the original data in case we wanted to read more.

    Googling around a little found this: but that doesn't seem to be the source of the numbers - They only mention a specific autorun trojan that causes 7% and affects only unpatched XP computers (which are vulnerable to EVERYTHING. The advice to take from that would be 'apply security patches')

    Anybody have any idea where the 12% figure came from?

    Hey Stove,

    The 7% mentioned in the report are solely related to Trojan.AutorunINF. There are many more worms & Trojans that exploit the Autorun feature, such as Worm.Autorun.VHD, Trojan.Autorun.AET. There are even more e-threats that don't make it in the top 100, but they still count as Autorun-based malware. The global percentage of all these threats is around 12.

    Thanks for your input, let me know if I can assist you any further.

Join the discussion!