"Rising Threat: USB Malware Exploits News and Media Platforms"
Hackers linked to UNC4990 are using USB devices to initiate attacks, with payloads hosted on legitimate platforms like GitHub, Vimeo, and Ars Technica. These payloads, disguised as harmless text strings, are crucial in downloading and executing malware. The attackers have targeted users in Italy and have made over $55,000 in profit through a backdoor named QUIETBOARD, which also mines cryptocurrencies and has various capabilities. Despite being removed from the impacted platforms, the use of trusted sites and covert hosting makes it difficult to detect and remove the malicious code, highlighting the ongoing threat of USB-based malware and the challenge it poses to conventional security measures.
- Hackers push USB malware payloads via news, media hosting sites BleepingComputer
- Evolution of UNC4990: Uncovering USB Malware's Hidden Depths Mandiant
- Ars Technica used in malware campaign with never-before-seen obfuscation Ars Technica
- Italian Businesses Hit by Weaponized USBs Spreading Cryptojacking Malware The Hacker News
- Threat actor used Vimeo, Ars Technica to serve second-stage malware Help Net Security
Reading Insights
0
0
3 min
vs 4 min read
84%
661 → 105 words
Want the full story? Read the original article
Read on BleepingComputer