New Zero day virus


Yesterday thru one of the many tech mailing lists I became aware of a new zero day virus…  This virus is new in some of its infection vectors…  I’ll cover them in a bit.


Symptoms of infection


The central symptom of an infected system is not being able to do any network activity.  I.E. web surfing email the like.  The network interface port on the system is up and active but no local system traffic or shall I say computer owner traffic is going out that interface.


The new and interesting infection vector is the use of USB based thumb drives or USB based external hard drives.  Seems that when USB external removable devices i.e. thumb drive is attached to an infected system. The system writes an autorun file and creates a system restore file on the usb device. 


Since the use of USB removable is a normal practice when looking at systems by Help desk or pc techs.  In this case the USB diagnostic device is now the infector of any system that it is plugged into…. This is due to autorun file and the system restore


If you are a Case Western Reserve university student, faculty or staff member and are having these symptoms on your computer please get in contact with help desk and email security@case.edu.


Trackbacks

Trackback URL for this entry is: http://blog.case.edu/lou.changeri/mt-tb.cgi/18836

Comments

Post a comment





If you have entered an email address in the box, clicking this checkbox will subscribe your email address to this entry so that you are notified if any updates or additional comments occur on the entry.