Hackers using malware to steal data from USB flash drives
Fox News - Apr 20th, 2025
Cybercriminals are employing a new method to bypass traditional security systems by targeting USB flash drives. As reported by Kaspersky's Securelist, a group known as GOFFEE initiates their attacks through phishing emails carrying infected files. Once these files are opened, they install tools like PowerModul and PowerTaskel that facilitate further attacks. PowerModul connects to a command-and-control server, downloading harmful programs such as FlashFileGrabber and USB Worm. FlashFileGrabber steals data from USB drives, while USB Worm turns them into vehicles for spreading malware, capitalizing on the widespread sharing of these devices in workplaces.
USB drives are particularly vulnerable due to their ubiquity in sectors with air-gapped systems, like government and energy. These drives often store sensitive information not available on networked systems. The malware disguises itself as normal-looking shortcuts on USBs, spreading through human error and curiosity. This evolving threat highlights the need for vigilance, such as avoiding unknown USBs, being cautious with email attachments, and using strong antivirus software. Understanding these risks is crucial, as attackers exploit human habits and the perceived safety of offline data transfer.
RATING
The article provides a well-structured and clear explanation of the risks associated with USB-targeted cyber threats, backed by credible cybersecurity knowledge. It effectively raises public awareness and offers practical preventive measures, making it highly relevant to individual and organizational decision-making. However, the article could enhance its impact by incorporating more diverse sources, expert opinions, and recent statistics to provide a more comprehensive view of the cybersecurity landscape. While it lacks significant controversy or potential to drive policy change, it successfully engages readers with actionable advice and prompts for feedback. Overall, the article is a valuable resource for understanding and mitigating USB-related cybersecurity risks.
RATING DETAILS
The story accurately identifies USB flash drives as a target for cybercriminals, outlining methods like malware spread via USB drives. This is supported by existing cybersecurity research, which confirms USB drives as a common attack vector. The article's description of malware techniques, such as hiding files and replacing them with malicious scripts, aligns with known tactics. However, the specific mention of the GOFFEE hacker group and their methods lacks direct source citation, which is a minor gap in verification. Overall, the article provides a factual account of the threats posed by USB-targeted malware, backed by credible cybersecurity knowledge.
The article primarily focuses on the threat posed by USB-targeted malware, offering a detailed exploration of the methods used by cybercriminals. While it effectively highlights the risks and provides preventive measures, it lacks a broader perspective on the overall cybersecurity landscape. The article could improve balance by including expert opinions or contrasting views on the effectiveness of current security measures against USB threats. Additionally, it could explore the role of organizations and governments in mitigating such risks, providing a more comprehensive view of the topic.
The article is well-structured and uses clear, concise language to explain complex cybersecurity concepts. It effectively breaks down the methods used by cybercriminals, such as phishing emails and malware propagation via USB drives, making it accessible to a general audience. The use of subheadings and bullet points for preventive measures enhances readability and aids comprehension. Overall, the article maintains a neutral tone and presents information logically, facilitating a clear understanding of the topic.
The article references Kaspersky's Securelist as a source for information on malware techniques, which is a credible and authoritative source in the cybersecurity field. However, the article does not provide direct links or citations to specific studies or reports, which diminishes the strength of its source quality. Including more diverse sources, such as independent cybersecurity experts or additional research studies, would enhance the credibility and reliability of the information presented.
The article lacks explicit transparency regarding its sources and methodology. While it mentions Kaspersky's Securelist, it does not provide detailed citations or explain the process of gathering information. The lack of transparency in sourcing and methodology makes it difficult for readers to fully assess the basis of the claims presented. A more transparent approach, including direct links to studies or expert interviews, would improve the article's credibility and allow readers to verify the information independently.
Sources
- https://cloud.google.com/blog/topics/threat-intelligence/infected-usb-steal-secrets/
- https://www.kingston.com/en/blog/data-security/fbi-warning-companies-mailed-usb-drives
- https://www.osibeyond.com/blog/usb-drop-attacks-cause-cybersecurity-incidents/
- https://www.nyu.edu/life/information-technology/about-nyu-it/nyu-it-news/the-download/the-download-features/cybersecurity-free-usb-ransomware.html
- https://www.cmu.edu/iso/aware/be-aware/usb.html
YOU MAY BE INTERESTED IN
Forbes - Apr 6th, 2025
Microsoft’s 9 Day Warning—You Must Not Open These PDFs
Score 6.0
Forbes - Mar 30th, 2025
How To Tell If Your iPhone Was Hacked – 6 Warning Signs
Score 6.2
Yahoo! News - Mar 23rd, 2025
Does switching from Google Chrome to Edge defend against the StilachiRAT malware?
Score 7.0
Forbes - Mar 9th, 2025
New YouTube Windows Attack Warning—Three Strikes And You’re Hacked
Score 7.2
Forbes - Feb 4th, 2025