Languagesx
English Deutsch
Subscribe
Home Russian hackers unleash new USB-based cyber threat LitterDrifter

Russian hackers unleash new USB-based cyber threat LitterDrifter

hackers exploit WinRAR
hackers exploit WinRAR

The Russian state-affiliated hacker group, known by various aliases including Gamaredon, Primitive Bear, ACTINIUM, Armageddon, and Shuckworm, has broadened its cyber espionage efforts beyond its initial focus on Ukraine, as per reporting by Computing. This expansion has been marked by the global spread of a USB-based malware known as LitterDrifter.

Historically linked to Russia’s Federal Security Service by Ukraine’s Security Service, Gamaredon has been active since 2014. Their operations have predominantly targeted Ukrainian organizations to collect comprehensive data through various malware tools, with LitterDrifter being a notable example. This particular malware is a computer worm developed in Visual Basic Scripting language.

The mechanics of LitterDrifter’s spread

The primary mechanism of LitterDrifter involves propagation through USB drives, leading to the persistent infection of devices. These infected devices then communicate with servers controlled by Gamaredon. Check Point Research has noted that LitterDrifter has inadvertently or intentionally spread to several countries, including the USA, Vietnam, Chile, Poland, Germany, and Hong Kong.

LitterDrifter rapidly replicates, a trait typical of computer worms. Its self-replicating nature mirrors significant cyber threats like Stuxnet, but it stands out with its USB-based activation, similar to worms like NotPetya and WannaCry.

The spreading mechanism of LitterDrifter involves creating deceptive shortcut files (LNK) and hidden instances of a file named “trash.dll” on removable USB drives. It uses Windows Management Instrumentation to scan a computer’s logical drives, specifically targeting removable USB drives identified by a null MediaType value. The worm then infiltrates subfolders on these drives, generating shortcuts that aid in disseminating the malware.

The global spread of LitterDrifter signifies a worrying escalation in cyber espionage capabilities, highlighting the ongoing threat posed by state-affiliated hacking groups. The ease with which this malware spreads via USB drives emphasizes the importance of robust cybersecurity practices and awareness, particularly for organizations that handle sensitive data. As cyber threats continue to evolve, staying ahead of such risks is crucial for maintaining global cybersecurity integrity.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

tags
Maxwell Nelson
Tech Journalist

Maxwell Nelson, a seasoned journalist and content strategist, has contributed to industry-leading platforms, weaving complex narratives into insightful articles that resonate with a broad readership.

Related News

New 'Brokewell' malware threatens Android users' bank accounts. The image compares two browser screens, purportedly for Google Chrome updates. On the left is a legitimate update page featuring a clean design and a clear message, "The browser built to be yours," along with a "Get Chrome" button and a notice about Google's use of cookies. On the right is a fake update page, part of the Brokewell malware scheme, which mimics the legitimate page’s design but includes subtle differences. The text "An update is required yours" appears unprofessionally phrased, and the button reads "Update Chrome." A misleading assurance, "The secure update is here," attempts to instill a false sense of security. The image illustrates the difficulty in distinguishing between legitimate and fraudulent online content.
Scam alert for Android users as ‘Brokewell’ malware threatens users’ bank accounts
Suswati Basu
Some UK and US government sites are 'sharing data with ad brokers'. A digital collage merging iconic UK and US government buildings with floating digital ad bubbles and data streams, illustrating the sharing of visitor information with advertising brokers. The UK's Big Ben and the US Capitol building are prominently featured against a backdrop of digital elements and the Union Jack and American flag, emphasizing the intersection of governance and digital advertising.
Some UK and US government sites are ‘sharing data with ad brokers’
Suswati Basu
AI-inspired image of a team of Chinese hackers in a control room with the flag of China on the wall
Chinese hackers increasingly using AI to interfere in elections – report
Graeme Hanna
Massive hack hits AI servers, exploits Ray framework vulnerability. The image depicting the massive hack on AI servers exploiting the Ray framework vulnerability is ready above. It aims to visually represent the severity and scope of the cyber attack through an abstract and symbolic digital art piece.
Massive hack hits AI servers, exploits Ray framework vulnerability
Suswati Basu
Stealthmole secures $7m funding for its AI-powered dark web intelligence firm. A cybersecurity mole, dressed in hat and trench coat, investigating the dark web.
StealthMole secures $7m funding for its AI-powered dark web intelligence firm
Suswati Basu

Most Popular Tech Stories

Latest News

A laptop placed on a wooden table. The laptop's screen displays a large 'PASSWORDS' text with a red 'X' mark across it, indicating the prohibition of using passwords. In the background, there's a blue wall with a Microsoft logo.
Technology

Microsoft to make signing in easier with passkeys - here's how it works
Ali Rees29 mins

Microsoft is on a crusade against passwords and they've scored a huge victory this week with the introduction of Passkeys for Microsoft consumer accounts. In the hopes that they can...

Popular TopicsArrow right.svg

AI
AI
AR / VR
AR / VR
Cryptocurrency
Cryptocurrency
Gaming
Gaming
Smartphone
Smartphone
Gambling
Gambling
Wearables
Wearables
Web
Web

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.