Bkav's HoneyPot system has recently detected a new virus which spreads at a dizzy pace. Bkav dubs it W32.UsbFakeDrive. Experts state this malware to be replacing AutoRun viruses which used USB drives to propagate before.
When an infected USB drive is run, another drive will appear and users must open it to see their data. In fact, this second drive is a shortcut which contains the virus file. When the data stored is opened, it's when users' machines get infected.
The fake shortcut on USB drive created by the virus
Before, with the mechanism for malware to be activated upon USB drives' being run, AutoRun viruses had been raging out of control. This made Microsoft decide to eliminate USB drives' AutoRun feature on OS from Windows 7 and above as well as on the update of Windows XP. Despite this decision by Windows' manufacturer, the appearance of W32.UsbFakeDrive might create another dizzy spread of virus simply through the running of drives.
Bkav recommends users to be vigilant if open their USB drives and see, instead of the stored data, another drive. In this case, users should think of the chance that it might be a malware. The best solution is to employ an antivirus software for auto protection.
Bkav