USB memory keys 'pose virus risk'

Attacks on PCs will increasingly be launched from infected USB keys and other solid-state memory devices, according to makers of computer security software.

The ease with which hackers can harness such devices, used in cameras, picture frames, and other consumer electronics, to infect PCs has been highlighted by F-Secure and McAfee.

One example found this month by F-Secure shows how fraudsters are using the autorun.inf files to spread the Downadup worm via flash memory devices. In the install and run category, the worm replicates the open folder action in order to install itself.

McAfee said this trend will continue due to the almost unregulated use of flash storage across enterprise environments as well as their popularity among consumers.

Computeractive is conducting a short survey on the use of USB keys - we would be grateful if you would take a moment to complete it.

Fraudsters will also continue to exploit the current financial crisis this year, according to McAfee.

In its latest threat predictions, the security company said it expected to see an increasing number of fake financial transactions services, money mule adverts, bogus investment firms and legal services.

McAfee said hackers will continue to use mainstream practices in an effort to “sell” software that is either misleading or outright fraudulent.

Jeff Green, senior vice-president of McAfee Avert Labs, said: “Computer users face a dangerous one-two punch today. The current economic crisis is delivering a blow to our financial well-being, while malware authors are taking advantage of our distraction to deliver a roundhouse strike.”

McAfee also warned that hackers will continue to find ways to beat security measures. One example is the existence of single-use binary files; an attacker’s equivalent of a single-use credit card number used by consumers when shopping online.

These binaries help to create a vast sea of threats, which will make it harder for victims to ‘describe’ and catch hackers. Additionally, McAfee said hackers will continue to make greater use of Web 2.0; eventually displacing more traditional vectors of malware distribution.

On the plus side, the company predicts a change in how organisations work together. It said it expects this to shift from passive support of law enforcement to an active role of working collaboratively with internet service providers and global internet entities such as ICANN; the not-for-profit organisation responsible for keeping the internet stable and secure.