Fuji photo print kiosks infecting some USB drives

[thewayne]

Apparently it is not standard practice to (a) install anti-virus software on these Windows kiosks, and (b) treat the customer's USB stick as read-only. As a result, some people are ending up with trojans on their sticks and an autorun.inf file to initiate it and remove their computer's anti-virus software.

Specifically mentioned stores are Woolworth's and Big W, but I would imagine most photo print kiosks at most any store could be vulnerable and should be treated as potentially hostile.

So be careful using these things! Your safest bet would be to copy the photos to be printed to a CD-R/W or CD-ROM and reformat or destroy the disk after using it. Using Linux or a Mac is also pretty safe, though if you use a non-Windows platform and get your stick infected, while your computer may be safe, you could infect a Windows machine later by using that stick on it.

http://risky.biz/big-wirus

http://security.morganstorey.com/2010/07/big-wirus.html

http://it.slashdot.org/story/10/07/06/0019234/Photo-Kiosks-Infecting-Customers-USB-Devices?art_pos=3

Comments

[silveradept]

...lacking basic security precautions. I'm more surprised someone hasn't used that vulnerability to hack/crack more sensitive company material through the kiosks. Like stealing customer names and numbers.

[deborak]

Shocking! Woolworth's is still in business? I'm amazed.

All this is going on in Australia, though, so I'm reducing your post to threat level Mauve. ;-)