USB drive malware attacks spiking again in first half of 2023


What’s old is new again, with researchers seeing a threefold increase in malware distributed through USB drives in the first half of 2023

A new report by Mandiant outlines how two USB-delivered malware campaigns have been observed this year; one named ‘Sogu,’ attributed to a Chinese espionage threat group ‘TEMP.HEX,’ and another named ‘Snowydrive,’ attributed to UNC4698, which targets oil and gas firms in Asia.

Previously, in November 2022, the cybersecurity company highlighted a China-nexus campaign leveraging USB devices to infect entities in the Philippines with four distinct malware families.

Also, in January 2023, Palo Alto Network’s Unit 42 team uncovered a PlugX variant that could hide in USB drives and infect Windows hosts they’re connected to.

Read more…