How do I safely use a virus infected USB drive in Ubuntu?

10.04 security usb-drive
13,105

Solution 1

Linux systems usually do not execute code from a USB stick when just connecting it. Thus copying stuff from it should be safe.

Keep in mind that the copied files may contain malicious code. For example, some evil java-script inside a html file or an evil office-script inside you word/open-office-writer documents. That means, you should be careful with these files - don't open these files with programs that are known to execute embedded scripting code.

Well, and don't directly execute binary executables that are copied from that stick.

Solution 2

Viruses that work on Linux are rare, but they do exist. I would recommend scanning the USB volume with ClamTk (It's just called "Virus Scanner" in Software Center). This will help you to identify the virus, which may be useful information. You might consider re-scanning the volume after reformatting it as well. It's probably overkill, but it shouldn't take long.

Solution 3

There is very little to worry about. Just copy the files you need to your laptop then format the drive. Don't copy files if you don't know what they are because these are likely to be the virus. Make sure you don't execute anything on the drive just to be safe.

Share:
13,105

Related videos on Youtube

suhridk
Author by

suhridk

Updated on September 17, 2022

Comments

  • suhridk
    suhridk over 1 year

    I have an USB drive which I know is virus infected (an anti-virus on my friend's machine detected it). Unfortunately neither of us know the virus name and I don't want to take the risk of plugging it to my Windows box again.

    Of course, in all probability the virus affects only Windows. (But I'm not sure) I want to know if I can safely plug the USB into my Ubuntu Lucid laptop and copy the stuff I need from the drive. If there are some precautions I need to follow what would they be?

  • dv3500ea
    dv3500ea over 13 years
    Javascript in HTML files can not harm your system because they can't access anything outside of a browser. The worst that can happen is that there is an intentional infinite loop that eats CPU (then you just close the browser).
  • Michael Gundlach
    Michael Gundlach over 13 years
    @dv3500ea that's not entirely true. The JavaScript could execute an exploit in an number of softwares other than the browsers (Flash, Java, etc) that ends up infecting a computer. However - the likelihood of it being an infection for Linux computers is very slim. Linux has the mantra "Security through obscurity". With such a relatively small market share most viruses are produced for Windows machines not Linux.
  • maxschlepzig
    maxschlepzig over 13 years
    @dv3500ea: for an example how java-script can harm you - check out en.wikipedia.org/wiki/Cross-site_scripting and get scared ;) Sure, your system is not necessarily harmed, but perhaps some homebanking data is transfered ...
  • maxschlepzig
    maxschlepzig over 13 years
    @Marco Ceppi: Linux does not have any security-by-obscurity mantra. Linux systems implement a lot of stuff that goes quite in the opposite direction: user separation, make it hard to surf as root, convenient system wide security upgrading including application programs, a major ban on proprietary software, etc. And keep in mind that the market share of linux is quite different between the (web-)server and desktop market.
  • jkinter
    jkinter over 13 years
    There is nothing wrong with just copying a file, even a virus file. It only has an effect when you execute it. You just have to make sure that, in the process of copying the file, the OS doesn't also execute it without your permission. (Linux systems in general are usually relatively good about only running things when explicitly asked to.)
  • dv3500ea
    dv3500ea over 13 years
    The idea was to leave infected files on the drive so that they are deleted when it is reformatted.
  • suhridk
    suhridk over 13 years
    Useful tip. ClamTk would not install on my system due to some locale issues with Perl. However I Googled and found BitDefender. They provide a software repository for easy installation as well. Bitdefender quickly identified the Trojan - (It was lurking inside an mp3 file) and offered to clean/delete/quarantine. So this might be a good solution for those who want to use Ubuntu to clean up their Windows drives/partitions safely.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Problems mounting an encrypted volume on a different computer
Disable auto-mount for particular partitions on USB drives
How to prevent Synaptic Package Manager from asking for password?
How can I lock down ubuntu?
Which usb_modeswitch.d file do I need to use?
How to mount a CD ROM from a USB CD ROM drive on Ubuntu 10.04.3 server
rkhunter warning about /etc/.java /etc/.udev /etc/.initramfs
chkrootkit says /sbin/init is infected, what does that mean?
How to manage OAuth flow in mobile application with server
Are compile-time variables secure in flutter?