Custom USB Flash, Thumb or Stick Drive Bypasses Autorun or AutoPlay Protection
Would you share this Article with others?
The Autorun or Autoplay feature works by modifying the autorun.info file on the Flash or Thumb Drive.
But, in February 2011, Microsoft disabled this Autorun or Autoplay feature because it was responsible for a lot of malware infections. This Autorun or Autoplay feature was a great idea before virus writers took advantage of it, because it helped novice computer users installed computer programs faster without the need to navigate to the setup or installation programs, which most computer users are not familiar with.
Now, cybercriminals have found another way to Autorun or Autoplay a malicious program or script on a Flash Drive or bypass Windows Autorun or Autoplay protection, when a custom Flash Drive is inserted into a computer's USB port.
The custom USB Flash drive bypasses the Autorun or Autoplay protection by tricking Microsoft Windows into thinking that it is a 'Human Interface Device', a USB device like a mouse or keyboard, when inserted into the computer. Once Windows detects the device as a 'Human Interface Device', it will try to execute the scripts or program on the custom USB Flash drive, thinking it is the device driver software that is needed in order for the device to work.
But, the script is no device driver software; it is instead, a malicious script or program inserted on the USB Flash Drive. Once this malicious script or program is executed or open, it will infect the computer the USB Flash drive is inserted into.
There may be a cross-platform custom USB Flash drive that will work on the following operating systems: Windows, Mac OS and Linux.
Now, to help protect your computer against this threat, please ensure that you have antivirus software installed on your computer and be careful of the USB Flash, Thumb or Stick Drives that you insert into your computer.
For more information about this custom USB Flash Drive that bypasses the Autorun or Autoplay Protection, please go to Webroot blog by clicking here.
Note: Some of the names, addresses, email addresses, telephone numbers or other information in samples on this website may have been impersonated or spoofed.
Please share what you know or ask a question about this article by leaving a comment below. Also, check the comment section below for additional information, if there is any.
Remember to forward suspicious, malicious, or phishing email messages to us at the following email address: info@onlinethreatalerts.com
Also, report missing persons, scams, untrustworthy, or fraudulent websites to us. Tell us why you consider the websites untrustworthy or fraudulent.
If you want to quickly find answers to your questions, use our search ![]()
engine.
You can help maintain Online Threat Alerts (OTA) by paying a service fee. Click here to make payment.
Comments, Questions, Answers, or Reviews
To help protect your privacy, please do not post or remove, your full name, telephone number, email address, username, password, account number, credit card information, home address or other sensitive information in or from your comments, questions, or reviews.
Write Your Comment, Question, Answer, or Review
Write your comment, question, answer, or review in the box below to share what you know or to get answers. NB: We will use your IP address to display your approximate location to other users.