We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

USB sticks lost by railway commuters are unencrypted and often infected

Two-thirds of USB sticks lost on trains were infected with malware, a Sophos analysis reveals

An analysis of USB memory sticks lost on trains in Sydney revealed that two thirds of them were infected with one or more strains of malware and none was secured with an encryption solution.

The experiment was done by antivirus firm Sophos, which acquired three bags of USB sticks lost by commuters on trains in the Greater Sydney metro area at an auction organized by the Rail Corporation New South Wales.

According to Sophos, the analysis was performed on 50 USB sticks that ranged from 256MB to 8GB in size and revealed that 33, or 66 percent, of them were infected, some with multiple types of malware.

One interesting aspect of the results was that based on their data and formatting seven of the infected storage devices belonged to Mac OS X users or had been extensively used under this OS.

"If you're a Windows user, don't assume that you can automatically trust everything that comes from your Apple-loving friends," said Paul Ducklin, Sophos' head of technology for the Asia Pacific region. "And even if you're one of those Mac users who is opposed to the concept of anti-virus software, consider softening your stance as a service to the community as a whole," he added.

Ducklin said that the likelihood of the USB sticks being left on trains on purpose by hackers or penetration testers so they are picked up by corporate users and plugged into their work computers, is very low.

"We didn't find any evidence to support the theory that the USB sticks had been deliberately planted," said Graham Cluley, a senior technology consultant at the company.

"The malware involved was mostly very prevalent, general-purpose, zombie stuff," Ducklin explained. The security expert believes that this method of malware distribution is not even viable because most lost USB sticks are being handed into lost property rather than being plugged into computers by users.

"Sadly, I think the malware prevalence tells a simple story of poor PC hygiene," Ducklin concluded. This is also the reason for none of the USB sticks being encrypted or password-protected.

The Sophos researchers found personal information belonging to the former owners of the devices, as well as their families, friends and colleagues. The recovered files included images, documents, source code, audio files, video files, XML files and even AutoCAD drawings.

Fortunately, none of the files contained overly sensitive material like government secrets, weapon designs, law enforcement data, credit-card details or other similar information that has been found on lost memory sticks before.


IDG UK Sites

iPhone 6 review: best ever iPhone is very good... but no longer the best phone you can buy

IDG UK Sites

Why Apple and Samsung, Google and Microsoft's schoolyard spats make them all look stupid

IDG UK Sites

How to successfully bridge the gap between clients and creatives

IDG UK Sites

How to update your iPhone or iPad to iOS 8: including how to install iOS 8 if you don't have room ()......