https://community.isc2.org/t5/Threats/USB-worm-unleashed-by-Russian-state-hackers-spreads-worldwide/m-p/64844#M981 <P>I find a lot of the reporting of malware falls into the fear-mongering category as it typically fails to describe the&nbsp; platform involved and vector of attack. The description points to Windows malware (Visual Basic script and Windows Management Instrumentation) and the vector doesn't really seem to qualify as a worm as it seems like some user interaction is involved, even beyond plugging in the USB drive - seems lie the malware is accessed through shortcut (i.e. .lnk) file so that would seem to say a user must click it/run it somehow?</P><P>&nbsp;</P><P>Maybe I am missing something, but it seems like it is just another flavor of VB malware.</P><P>&nbsp;</P> Fri, 24 Nov 2023 00:20:48 GMT JoePete 2023-11-24T00:20:48Z https://community.isc2.org/t5/Threats/USB-worm-unleashed-by-Russian-state-hackers-spreads-worldwide/m-p/64810#M980 <P>Hi All</P><P>&nbsp;</P><P>It appears the Russians have a successful attack vector via USB Keys "LittleDrifter", which appears to keep propagating widely.</P><P>&nbsp;</P><P>Sounds like security education and awareness needs beefing up?</P><P>&nbsp;</P><P><A href="https://arstechnica.com/security/2023/11/normally-targeting-ukraine-russian-state-hackers-spread-usb-worm-worldwide/" target="_blank">https://arstechnica.com/security/2023/11/normally-targeting-ukraine-russian-state-hackers-spread-usb-worm-worldwide/</A></P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P> Wed, 22 Nov 2023 05:13:41 GMT https://community.isc2.org/t5/Threats/USB-worm-unleashed-by-Russian-state-hackers-spreads-worldwide/m-p/64810#M980 Caute_cautim 2023-11-22T05:13:41Z https://community.isc2.org/t5/Threats/USB-worm-unleashed-by-Russian-state-hackers-spreads-worldwide/m-p/64844#M981 <P>I find a lot of the reporting of malware falls into the fear-mongering category as it typically fails to describe the&nbsp; platform involved and vector of attack. The description points to Windows malware (Visual Basic script and Windows Management Instrumentation) and the vector doesn't really seem to qualify as a worm as it seems like some user interaction is involved, even beyond plugging in the USB drive - seems lie the malware is accessed through shortcut (i.e. .lnk) file so that would seem to say a user must click it/run it somehow?</P><P>&nbsp;</P><P>Maybe I am missing something, but it seems like it is just another flavor of VB malware.</P><P>&nbsp;</P> Fri, 24 Nov 2023 00:20:48 GMT https://community.isc2.org/t5/Threats/USB-worm-unleashed-by-Russian-state-hackers-spreads-worldwide/m-p/64844#M981 JoePete 2023-11-24T00:20:48Z https://community.isc2.org/t5/Threats/USB-worm-unleashed-by-Russian-state-hackers-spreads-worldwide/m-p/64846#M982 <P><a href="https://community.isc2.org/t5/user/viewprofilepage/user-id/1005241419">@JoePete</a>&nbsp;&nbsp; In the old days, I would agree with you, but a lot of these attacks are directed in this case specifically towards Ukraine via a state nation, and it then appears to have spread further than expected.</P><P>&nbsp;</P><P>We appear to in an era of secondary outcomes, or targets, the main target being the intended victim or country, but with unintended consequences, as it is allowed to carry on after it has been released.</P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P> Fri, 24 Nov 2023 03:36:33 GMT https://community.isc2.org/t5/Threats/USB-worm-unleashed-by-Russian-state-hackers-spreads-worldwide/m-p/64846#M982 Caute_cautim 2023-11-24T03:36:33Z