January 31, 2024 at 05:37PM A financially motivated threat actor utilizes USB devices to infect and abuse online platforms such as GitHub, Vimeo, and Ars Technica to host encoded malware. These encoded payloads act as essential components in downloading and executing malware. The attackers, tracked as UNC4990 by Mandiant, predominantly target users in Italy. This … Read more
January 31, 2024 at 06:22AM UNC4990, a financially motivated threat actor, is using weaponized USB devices to infect organizations in Italy. The attacks target various industries and involve utilizing third-party websites to host and download additional stages of the attack. UNC4990 operates out of Italy and has been active since late 2020. The end goal … Read more
November 20, 2023 at 05:34PM LittleDrifter is a recently discovered worm that spreads through USB drives and has infected systems in multiple countries. It is believed to be part of a campaign by the Gamaredon state-sponsored espionage group. The malware establishes communication with the group’s command and control server and spreads through USB drives using … Read more