'Silly' worm targets USB sticks

Experts are warning of a new worm which spreads via USB keys in a reversion to the earliest methods of virus distribution.

SillyFD-AA installs itself onto systems and puts a message in Internet Explorer reading 'Hacked by 1BYTE'. It also installs an autorun.inf on any removable drives, such as USB sticks or floppy discs.

"USB keys are becoming so cheap that marketing people are prepared to use them as 'throwaways' with the aim of securing sales leads," said Graham Cluley, senior technology consultant for Sophos.

"Computer owners should tread very carefully when plugging an unknown device into their PC, however, as it could have malicious code planted on it.

"With a significant rise in financially motivated malware it could be an obvious backdoor into a company for criminals bent on targeting a specific business with malicious code."

Once the drive is connected to another computer the worm automatically installs itself on the new computer and repeats the exercise in an attempt to spread further. Users are advised to turn off the Autorun feature in Windows.

The technique mimics the very earliest methods of virus propagation when viruses were spread solely via floppy discs.

Virus protection then was easy; users simply had to cover the indented tab on a 5.25in floppy with sticky tape, the so called 'virus condom'.