USB Switchblade malware targets corporate endpoints

An endpoint threat that steals sensitive company data from PCs has been detected by researchers.

USB Switchblade targets Windows and captures corporate information such as passwords, IP data, browser history and auto-fill records, including those used for online banking and other payment systems.

Moreover, researchers said the threat lets hackers into the network where they can set up "ghost admin" accounts and administer virtual network computing (VNC). This allows criminals to change the configuration of the computer, set up privileges to obtain more data and gain remote access to other network PCs.

A malicious user can download the malware from the internet and install it onto a USB device, gaining access to data from any unsecured endpoint on a computer in an office, call center or bank.

The new threat works in the opposite way as USB Dumper, detected in October, that steals files from portable storage devices.

"Organizations need to be ever vigilant as thieves develop more creative and ingenious ways to steal both personal and corporate data," said Andy Burton, CEO at Centennial Software. "USB Switchblade is particularly clever as it is capable of not only stealing information such as user names and passwords, but can also set up a back door for thieves to enter the PC and selectively take data."