USB THIEF
T he Researchers at ESET have found a data - stealing USB Trojan which leaves no trace on the compromised system. Nicknamed as USB Thief (detected as Win32/PSW.Stealer.NAI trojan), this is the most complex trojan ever discovered, it uses encryption and self-protection procedures to infect and hide. The trojan binds on the USB stick using the USB drive's details as an encryption key using AES 128 encryption. If the trojan is copied to another USB, the encryption breaks and the content cannot be determined. The malware injects itself as a plugin or a dynamically linked library (DLL) file. When the victim launches the app from an infected USB, the Trojan starts executing in the background. As the malware is executed using a USB device, it does not leave any trace on the machine. The Trojan consists of six files. Four files are executables and the other two contain the configuration data. To protect it from reverse engineering, it uses two techniques. 1.