Hackers have developed a malware that spreads via USB using the previous security vulnerabilities in Windows, including handling the shortcut file in Windows. Malware entering because of security weaknesses in the handling of shortcut files. Lnk has been discovered by security firm origin of Belarus, VirusBlokAda. Malware using rootkit style functions to disguise himself in the infected system. The malware also has the signatures of legitimate software developers, Realtek Semiconductor.

According to report from a security blogger Brian Krebs, even when the system Windows 7 already getting a patch, but the campaign will appear when users view files on an infected USB using Windows Explorer. In addition to using the Windows Autoplay, the spread of this malware is also utilizing the weakness of the shortcut file. Dangerous shortcut on the USB according to Krebs can perform auto-execution when a user opens a storage device with Windows Explorer, and is normally a user would open any links that appear later.

Meanwhile, according to independent researchers, Frank Boldewin, this malware has targeted to SCADA control system, used to control industrial machinery in the plant and particularly in the Siemens WinCC SCADA system. Meanwhile, according to F-Secure, the worm Windows autorun from USB can be prevented by disabling autorun, but it seems a weakness in the handling of shortcut files in the Windows Control Panel can provide a ‘profit’ is more to this malware.

source : http://www.beritanet.com