In the first half of 2023, there has been a significant increase in cyber-attacks utilizing infected USB drives as an initial access point. This information comes from recent findings by Mandiant, which revealed two specific campaigns, SOGU and SNOWYDRIVE, targeting various public and private sector organizations worldwide.
These attacks have been linked to a China-based group known as TEMP.Hex is also tracked under Camaro Dragon, Earth Preta, and Mustang Panda. The targets of these campaigns encompass industries like construction, engineering, business services, government, health, transportation, and retail in regions such as Europe, Asia, and the U.S.
Mandiant’s analysis of the infection chain demonstrates similarities with another Mustang Panda campaign, uncovered separately by Check Point.
Read More: Malicious USB Drives Targetinging Global Targets with SOGU and SNOWYDRIVE Malware
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.