Lucene search
K

6 matches found

The Hacker News
The Hacker News
added 2025/09/15 6:45 p.m.4 views

Mustang Panda Deploys SnakeDisk USB Worm to Deliver Yokai Backdoor on Thailand IPs

The China-aligned threat actor known as Mustang Panda has been observed using an updated version of a backdoor called TONESHELL and a previously undocumented USB worm called SnakeDisk. "The worm only executes on devices with Thailand-based IP addresses and drops the Yokai backdoor," IBM X-Force...

7.4AI score
Exploits0
Schneier on Security
Schneier on Security
added 2023/11/24 12:4 p.m.19 views

LitterDrifter USB Worm

A new worm that spreads via USB sticks is infecting computers in Ukraine and beyond. The group­--known by many names, including Gamaredon, Primitive Bear, ACTINIUM, Armageddon, and Shuckworm--has been active since at least 2014 and has been attributed to Russia’s Federal Security Service by the...

6.7AI score
Exploits0
hivepro
hivepro
added 2023/11/20 11:43 a.m.16 views

Gamaredon Deploys LitterDrifter USB Worm in Cyber Espionage Operations

Summary: Russian cyber espionage group Gamaredon aka Primitive Bear has been observed utilizing a USB-propagating worm known as LitterDrifter in attacks targeting Ukrainian entities. This group has recently adopted LitterDrifter, a worm written in VBS, designed to spread through removable USB...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/11/18 6:32 a.m.116 views

Russian Cyber Espionage Group Deploys LitterDrifter USB Worm in Targeted Attacks

Russian cyber espionage actors affiliated with the Federal Security Service FSB have been observed using a USB propagating worm called LitterDrifter in attacks targeting Ukrainian entities. Check Point, which detailed Gamaredon's aka Aqua Blizzard, Iron Tilden, Primitive Bear, Shuckworm, and...

7.8CVSS7.7AI score0.97798EPSS
Exploits49
Malwarebytes
Malwarebytes
added 2022/10/31 8:0 p.m.23 views

Raspberry Robin worm used as ransomware prelude

Raspberry Robin aka Worm.RaspberyRobin started out as an annoying, yet relatively low-profile threat that was often installed via USB drive. First spotted in September 2021, it was typically introduced into a network through infected removable drives, often USB devices. Now the worm has been foun...

0.8AI score
Exploits0
The Hacker News
The Hacker News
added 2022/07/30 9:53 a.m.52 views

Microsoft Links Raspberry Robin USB Worm to Russian Evil Corp Hackers

Microsoft on Friday disclosed a potential connection between the Raspberry Robin USB-based worm and an infamous Russian cybercrime group tracked as Evil Corp. The tech giant said it observed the FakeUpdates aka SocGholish malware being delivered via existing Raspberry Robin infections on July 26,...

0.8AI score
Exploits0
Rows per page
Query Builder