Portable versions of software - stealing your files

[foxidrive]

A Trojan program, dubbed USB Thief by researchers at security firm ESET, infects USB drives that contain portable installations of popular applications such as Firefox, NotePad++, or TrueCrypt, and it also seems to be designed to steal information from so-called air-gapped computers. "In the case we analyzed, it was configured to steal all data files such as images or documents, the whole windows registry tree (HKCU), file lists from all of the drives, and information gathered using an imported open-source application called 'WinAudit'," the ESET researchers said. The stolen data was saved back to the USB drive and was encrypted using elliptic curve cryptography. Once the USB drive was removed, there was no evidence left on the computer, the ESET researchers added.

Oh oh.

 

[misi]

As ESET’s statistics shows, that malware is not very widespread. However, it possesses the ability to be used in targeted attacks – especially at computers that are not connected to the internet for security reasons.
Thanks God for that!

 

[foxidrive]

It's a bit odd in the way they say it uses the USB stick as the storage device.
1) a USB stick is limited in size, and more importantly, very slow to write
2) How is the malware author going to get the files?

Is it all BS, or does the malware upload the files?

 

[misi]

2) How is the malware author going to get the files?

What to do with them?

Is it all BS, or does the malware upload the files?

There is no explanation. Fear mongering.
Seems it's very specialized BS.