USB drive malware is on the rise, so watch out

Thought USB attacks were over? Think again…

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Despite an increase in cloud adoption, physical storage drives are once again responsible for hostingmalware, new resarch has claimed.

Cybersecurity experts atMandiantrecorded a spike in USB-based incidents during the first half of 2023, with a threefold increase in the number of attacks usingUSB drivesto steal secrets.

Previously, Mandiant had recorded somewhat isolated attacks concentrated on the Philippines, but attacks now look to be spreading globally.

USB malware attacks on the rise

For many, USB drives have had their day. In years gone by, as their popularity soared, cybercriminals capitalized on security weaknesses to spread malware through external drives. Today, attackers have had to become more sophisticated, but it looks like some are reverting to the good old USB drive.

These are the best privacy tools around today>Your USB drive could be hiding some awful new malware>Top NAS devices are being targeted by this dangerous malware

The SNOWYDRIVE malware is one such modern-day example, which gives attackers the ability to remotely issue system commands via a backdoor on the host system. Attributable to UNC4698, the campaign looks to be targeting the oil and gas industries in Asia.

The second, which Mandiant describes as “the most prevalent USB-based cyber espionage attack using USB flash drives,” looks to be targeting both the public and private sectors. Deploying SOGU malware, the attacker seeks to steal sensitive information across the construction, engineering, business services, government, health, transportation, and retail industries in Europe, Asia, and the United States. Analysts have attributed this attack to TEMP.Hex, a China-linked cyber espionage actor.

With attentions turning away from USB-based attacks in favor of protecting victims from more sophisticated attacks, turning back to spreading malware via USB drives could prove fruitful for attackers who are currently great success bypassing many security measures.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

Nokia confirms data breach leaked third-party code, but its data is safe

Best CDN provider of 2024

3 reasons why PIA fell in our best VPN rankings