Definition: A type of malware that spreads by copying itself onto USB removable drives to infect multiple systems.
Explanation
A USB worm is a malicious software program designed to propagate by copying itself onto connected USB removable drives. When the infected USB device is plugged into another computer, the worm executes and infects the new system, continuing the cycle of infection. This method leverages the physical transfer of data via USB devices, bypassing many network-based security controls. USB worms often hide within directories mimicking legitimate system folders to avoid detection and can deliver additional payloads such as remote access tools, keyloggers, and data stealers.
Example
In a recent cyberespionage campaign, a USB worm named USBFect (also known as HIUPAN) was used to infect government systems by copying itself onto USB drives. When these drives were connected to other computers within the network, the worm spread further, enabling attackers to maintain long-term access and deploy additional malware components.
Who This Is For
This term is relevant for cybersecurity professionals, IT administrators, and anyone responsible for endpoint security or managing removable media policies within organizations that rely on USB devices for data transfer.
Related Terms
malware, removable media security, USB security, remote access trojan, information stealer
Also Known As
USB-propagated worm, USB malware