#UNC4990

Hackers push USB malware payloads via news, media hosting sites

by

January 31, 2024 at 05:37PM A financially motivated threat actor utilizes USB devices to infect and abuse online platforms such as GitHub, Vimeo, and Ars Technica to host encoded malware. These encoded payloads act as essential components in downloading and executing malware. The attackers, tracked as UNC4990 by Mandiant, predominantly target users in Italy. This … Read more

Italian Businesses Hit by Weaponized USBs Spreading Cryptojacking Malware

by

January 31, 2024 at 06:22AM UNC4990, a financially motivated threat actor, is using weaponized USB devices to infect organizations in Italy. The attacks target various industries and involve utilizing third-party websites to host and download additional stages of the attack. UNC4990 operates out of Italy and has been active since late 2020. The end goal … Read more