Home > Cyber Intelligence & Terrorism Research > Worm Tries AutoRun, Then Social Engineering to Infect

Worm Tries AutoRun, Then Social Engineering to Infect

Sophos and TrendMicro, and anumber of other security firms, are reporting a dramatic increase in the prevalence of a worm using AutoRun and social engineering to proliferate.

If you thought Microsoft solved the AutoRun problem, you aren’t alone. They tried to shut it down after it was famously and cleverly used to spread earlier variants of the Stuxnet worm that targeted the industrial control systems that controlled centrifuges at Iran’s Natanz nuclear enrichment facility. However, as we continue to move further and further from that date, and we continue to see the word AutoRun popping up in headlines, it is increasingly becoming one of those network security nuisances that just won’t go away.

Part of the problem here, according to Sophos, is that users still aren’t very good about patching their machines. It’s the same, simple old problem that never seems to change. Despite the fact that Microsoft shipped a patch to disable AutoRun nearly two years ago, some users still haven’t gotten around to implementing it. So the worm is spreading, in large part, through autorun.inf files loaded onto removeable media and writeable network shared.

Read more here: http://threatpost.com/en_us/blogs/worm-tries-autorun-then-social-engineering-infect-113012

  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: