USB Drives: Are You Plugging Malware
into Your PC?

Plugging malware into PC_header
It’s safe to say at one point or another, we’ve all used USB drives to transfer and retrieve files from one computer to the next. As convenient as USB drives are for this purpose, it’s also extremely easy for attackers to distribute malware in the same fashion.

Why You Should Be Cautious
According to a study, 25% of malware is spread through the use of USB drives. This usually happens when a malware-infected PC transfers itself onto a USB drive, without the user ever knowing. These “dirty” USB then pass along the infection to new computers they encounter. Attackers commonly spread malware by leaving dirty drives in places where a curious person might be susceptible to plug the infected device into their computer.

Preventing Malware from Dirty Drives
Disable Autorun
Depending on the operating system of your computer, users can enable or disable Autorun, which allows the malware to automatically run. While for Windows 7 and above, Autorun feature has been removed, AutoPlay is still available. You can learn the differences between Autorun and AutoPlay here.

Protect Your PC with an Antivirus and Firewall
While disabling the Autorun feature on your PC prevents malicious programs from automatically launching, it does not prevent malware from initiating if you open the file infected with malware. It’s important that your computer is equipped with, at the minimum, a two-way firewall and antivirus software, which can stop the malware from executing and damaging your system or stealing your personal information.

Keep Your Operating System Up-to-date
Make sure to run your recommended system updates. Security updates apply necessary patches that repair vulnerabilities in software. You can turn on automatic updates for Windows here.

Be Cautious About What You Plug In
Just as you should exercise caution when deciding to click on links or to download programs, you should be just as vigilant when it comes to plugging in just any USB drives into your computer. Think twice before plugging in that free USB drive or letting a friend retrieve a file on your computer. That little device could be putting your computer and your personal information at risk.

Get ZoneAlarm Extreme Security

Get it now

8 comments on “USB Drives: Are You Plugging Malware
into Your PC?

  • William Junger says:

    So what can we do to protect those USB drives? Which AV programs automatically (or can be set to) check them?

    • Several things to take into consideration. If you find a USB lying on floor, it’s probably not a good idea to plug it into your PC to see what is in it. That USB could actually have been intentionally left there by someone in anticipation that someone will pick it up and plug it into their PC, which then could infect your PC with malware.

      Next, making sure your own PC has ample security is one way to prevent malware from infecting your system, should a USB you received from a friend was infected as a result of their PC being infected.

  • I currently have 3 USB sticks I use for imaging that have come in contact with a malware infected pc. What would be the best way of ‘zeroing’ these out? Take into consideration that they are bootable USB sticks, and that plugging them into my PC when Windows 7 is running could spread the malware to my machine.

    • If you’re pretty certain those three USB drives have been compromised by some malware and you just want to see what’s on it, you need to ask yourself if it’s worth the risk. We think not. USB sticks nowadays are relatively cheap, and it’ll probably be better for you to just purchase a new one.

      However, if you really need to retrieve some important file in that USB drive, you can always right-click on the drive and scan with the antivirus you are running. Do note that AutoRun has been disabled in Windows 7 and above.

  • I keep very important files on usb drive. Not my pc or laptop. This way I plug in when I need them on what ever pc I want to use. Keep the drive locked up in firesafe. SO now one or more have some dam malware on them. I started with a fresh new drive and os build of win7. Autostart turned off. Plugged drive in to scan for virus and malware. BAM. MALWARE still infected the pc. NONE of the removal methods get rid of this one. It setsup a virtual session on PC. So the pc infects the usb. The usb infects the PC. I HAVE REAL WORK TO DO. I HATE DAM MALWARE.


Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

This site uses Akismet to reduce spam. Learn how your comment data is processed.