Sophos: Most USB Sticks Lost On The Subway Are Swimming In Malware And Completely Unprotected

Posted 12/07/2011 at 11:53am | by Brad Chacos

11

Comments

Print

Hard drive prices may be skyrocketing, but USB keys are almost a dime a dozen these days. Maybe that’s why people lose them so much; apparently, folks drop memory sticks at major rail lines by the literal bucket load. Misplacing all that data doesn’t sound smart, but security vendor Sophos recently tested an auction lot of 50 lost USBs on Sydney railways, and their findings show that losing those sticks may have been a good thing after all – since most of them were riddled with malware.

Sophos scanned each and every one of those USBs and found that 33 of the 50 – or right around two-thirds of them – were saturated with malicious programs. Researchers found a total of sixty two infected files in total. Check out the image above for a breakdown of the damage. Sophos found some other interesting tidbits, too:

• While none of the malware was Mac-specific, seven of the nine USBs that had seen extensive usage on an Apple machine contained some sort of badware. “If you're a Windows user, don't assume that you can automatically trust everything that comes from your Apple-loving friends,” author Paul Ducklin writes. “And even if you're one of those Mac users who is opposed to the concept of anti-virus software, consider softening your stance as a service to the community as a whole.”
• None of the USBs were encrypted. Shame on you!
• The price of three lots of USB keys (57 total, seven of which were unusable in the testing): $409.96 after the auctioneer’s fee. “We could have bought brand-new for slightly less than half that price,” Ducklin gripes. So do your homework and stay far, far away from USB keys at auctions unless you know you’re getting a good deal.

So, any thoughts? (Other than “Maybe I should encrypt my USB drive while the thought is fresh in my head,” that is.)

Image credit: software-latest.com