I took some files today to a local print shop on a usb stick to get them printed. They have the very sensible procedure that, when given files on a stick, they first insert the stick into a laptop which is not on their network, and scan it. The stick is a Maxell FAT32, and my systems are Debian 11.
To my horror they came back and said it had trojans! There were two
phishbank.ajy
JSI:trojan.cryos.3892
This last had three copies installed, the first only one.
I'm pretty confident these are not false positives, they get their systems and network from a very competent IT shop. I don't know what AV they use. They are a windows shop of course, so it will be one of the usual windows AV products. So I am pretty sure these trojans were the real thing.
They asked what did I want to do. Leave them alone, delete them? I said delete, after making a note of what they were.
At the moment I am downloading and installing clamav for my Debian installation. I did a scan of the Windows 10 VM that I have running in Virtual Box, using the MS antivirus that comes with Windows, and it came up clean.
I'm also proposing to insert the stick, hopefully now disinfected, into my Debian system, copy a few files to and fro, and go back to the shop to see if it has got itself reninfected from Debian. Unlikely, but it seems like a useful precaution.
Should I be worried, and what else should I do? Be grateful for any thoughts.
The only other thing about my Debian machine that I've noticed lately is that on one Wordpress site I sometimes get a 429 too many requests error, in Firefox. This happens on first clicking on a link on the site or first visiting it, so there has not in fact been more than one request. Don't see how that could be related but thought it best to mention, just in case.
Peter