Security News > 2020 > June > Chinese Hackers Target Air-Gapped Systems With Custom USB Malware
For years, a China-linked threat actor named Cycldek has been exfiltrating data from air-gapped systems using a previously unreported, custom USB malware family, Kaspersky reports.
Both malware versions were used to target diplomatic and government entities, but each was focused on a different geography, Kaspersky believes.
One such tool is USBCulprit, a piece of previously unreported malware that was observed being downloaded by RedCore implants and which can scan various paths in victim machines and collect specific documents and pass them on to USB drives that are connected to the system.
The malware is also capable of lateral movement: based on the existence of another marker, it would copy its binary to the same folder on the USB drive where the files for exfiltration are located.
"The characteristics of the malware can give rise to several assumptions about its purpose and use cases, one of which is to reach and obtain data from air-gapped machines. This would explain the lack of any network communication in the malware, and the use of only removable media as a means of transferring inbound and outbound data," the researchers note.
News URL
Related news
- Chinese hackers target Linux with new WolfsBane malware (source)
- Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries (source)
- US says Chinese hackers breached multiple telecom providers (source)
- Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services (source)
- Microsoft: Chinese hackers use Quad7 botnet to steal credentials (source)
- Sophos reveals 5-year battle with Chinese hackers attacking network devices (source)
- Sophos Versus the Chinese Hackers (source)
- FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions (source)
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)