Security News > 2023 > July > USB drive malware attacks spiking again in first half of 2023
What's old is new again, with researchers seeing a threefold increase in malware distributed through USB drives in the first half of 2023.
Previously, in November 2022, the cybersecurity company highlighted a China-nexus campaign leveraging USB devices to infect entities in the Philippines with four distinct malware families.
The components undertake specific roles such as establishing persistence on the breached system, evading detection, dropping a backdoor, and ensuring malware propagation through newly connected USB drives.
For evasion, the malware uses a malicious DLL side-loaded by 'GUP.exe,' a legitimate Notepad++ updater, to hide file extensions and specific files marked with "System" or "Hidden."
Mandiant's investigation point to print shops and hotels as infection hotspots for USB malware.
New PowerExchange malware backdoors Microsoft Exchange servers.
News URL
Related news
- Defending against USB drive attacks with Wazuh (source)
- ⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More (source)
- Chinese FamousSparrow hackers deploy upgraded malware in attacks (source)
- Open-source malware doubles, data exfiltration attacks dominate (source)
- Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware (source)
- New TCESB Malware Found in Active Attacks Exploiting ESET Security Scanner (source)
- Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader (source)
- New Android malware steals your credit cards for NFC relay attacks (source)
- Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery (source)
- SuperCard X Android Malware Enables Contactless ATM and PoS Fraud via NFC Relay Attacks (source)