When is AUTORUN.INF really an AUTORUN.INF?.To learn more about this risk, please read: One in every eight malware attacks occurs via a USB device. Keeping Autorun enabled on flash drives has become a significant security risk as they are one of the most common infection vectors for malware which can transfer the infection to your computer. Keep in mind that autorun.inf can also be a legitimate file which other legitimate programs depend on so the presence of that file may not always be an indication of infection. When a flash drive becomes infected, the Trojan will infect a system when the removable media is inserted if autorun has not been disabled.
Malware modifies the context menu (adds a new default command) and redirects to executing the malicious file if the "Open" command is used or double-clicking on the drive icon.
For flash drives and other USB storage, autorun.ini uses the Windows Explorer's right-click context menu so that the standard "Open" or "Explore" command starts the file. When removable media such as a CD/DVD is inserted (mounted), autorun looks for autorun.inf and automatically executes the malicious file to run silently on your computer. External storage media and flash (usb, pen, thumb, jump) drives are prone to infections which involve malware that modifies/loads an autorun.inf (text-based configuration) file into the root folder of all drives (internal, external, removable) along with a malicious executable.
0 kommentar(er)
