Information security experts from Mandiant published A new report describing a new use case for USB sticks in cyber attacks. Hackers used conventional storage media to spread viruses that allowed them to control infected computers.
At the reception with USB flash drives, it was noted that a highly organized group of cybercriminals (UNC4191), often associated with the Chinese government, was captured. UNC4191 distributed flash drives that, when activated, infect computers with previously unknown types of backdoors (programs for unauthorized access to the device – ed.), Mistcloak, Darkdew, and Bluehaze. Afterwards, the listed viruses were automatically copied to other removable drives connected to the infected PC. According to Mandiant, in this way the UNC4191 even gained access to systems isolated from external networks.
Information security experts did not disclose the number and names of victims of the UNC4191 campaign. However, Mandiant noted that hackers mainly attack government entities and private companies in the US, Europe, Southeast Asia, as well as in the Asia-Pacific region. Most of the victims of Chinese cyber spies were found in the Philippines.
Formerly socialbites.ca Wrote Russian hackers attack foreign Steam and Roblox users.