The trojan, designated as Win32/PSW.Stealer.NAI – and dubbed USB Thief – leaves no trace on victim computers and is hard to detect,” says Tomáš Gardoň, a malware analyst at ESET.
Gardoň says the malware – which uses multi-staged encryption – is capable of infecting networks off the internet and, he adds, because it leaves no evidence of its presence, victims are not aware their data is being siphoned away.
What also makes it unusual, he says, is each instance of the trojan depends on the particular USB device on which it is installed because its intention is to not be copied.
He believes the malware has been created for targeted attacks.
Disable USB ports when possible, he advises, and, if that’s not feasible, strict policies should be in place.