1.4 Malware Replication Via Removable Media

Attackers can spread their malicious program by infecting the removable media (such as a USB drive). An attacker can take advantage of Autorun features (or exploit the vulnerability in Autorun) to automatically infect other systems, when the infected media is plugged in to it. This technique typically involves copying files or modifying the existing files stored on the removable media. Once malware copies the malicious file to removable media, it can use various tricks to make that file look like a legitimate file to trick the user into executing it when the USB is plugged in to a different system. The technique of infecting removable media allows an attacker to spread their malware on disconnected ...

Get Learning Malware Analysis now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.