14 DAY TRIAL // With the purpose of making an experiment, Sophos researchers obtained a number of 50 USB sticks lost by their former owners on the trains owned by Australian Rail Corporation New South Wales (RailCorp).
Researchers analyzed the data and the pieces of malware found on them just to see how many contained infections and how many of them contained malicious elements.
An interesting find is that, even though nine of the sticks appeared to belong to Macintosh owners and they contained no traces of Mac malware, seven of them were actually infected with Windows-targeting malware.
“In other words, if you're a Windows user, don't assume that you can automatically trust everything that comes from your Apple-loving friends. And even if you're one of those Mac users who is opposed to the concept of anti-virus software, consider softening your stance as a service to the community as a whole,” said Paul Ducklin, Sophos’ head of technology, Asia Pacific.
It turns out that 33 of the 50 devices were infected and in total, 62 malicious files were stored on them. Most were plagued with the infamous Mal/AutoInf-A and almost the same number was found to host Mal/Palevo-A. Mal/Inject-H, Mal/VB-AD, Mal/Generic-L and VBS/Joint-A were also present.
While they didn’t find any information indicating that any of the former owners were planning anything big, a lot of personal data popped up, even if they didn’t go as deep as “an unethical hacker” would.
Lists of tax deductions, minutes of an activists' meeting, school and university assignments, AutoCAD drawings of work projects, photo albums of family and friends, and software were found spread out on the 50 USB sticks.
The most worrying fact is that none of them had any sort of encryption mechanism, which means that if they would have landed into the wrong hands, all the information may have been used in a malicious scheme that targeted the former owner.