this post was submitted on 23 Nov 2023
171 points (95.2% liked)

Technology

69891 readers
2723 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
171
USB worm unleashed by Russian state hackers spreads worldwide | Ars Technica (arstechnica.com)
submitted 1 year ago by [email protected] to c/[email protected]
14 comments fedilink hide all child comments
top 14 comments
sorted by: hot top controversial new old
[–] [email protected] 52 points 1 year ago (1 children)

Once again, it’s an exploit for VB, on Windows. So, don’t use Windows and you’re fine. 😎

[–] [email protected] 6 points 1 year ago (4 children)

What do you recommend that is exploit free?

[–] [email protected] 36 points 1 year ago (1 children)

Pen and paper

[–] [email protected] 15 points 1 year ago (1 children)

Stylus and cuneiform tablets

[–] [email protected] 9 points 1 year ago (1 children)

Grunting and hand gestures

[–] [email protected] 15 points 1 year ago (2 children)

Pheromones and farts

[–] [email protected] 8 points 1 year ago

Now that's a new band name

[–] [email protected] 2 points 1 year ago

There's were I see myself.

[–] [email protected] 15 points 1 year ago* (last edited 1 year ago) (1 children)

A properly educated user.

Absent that, a properly secured thin client.

All of my excel jockeys have about as many userspace privileges as my dog on a 737.

[–] [email protected] 11 points 1 year ago

I’ve got some tin cans if you’ve got the string.

[–] [email protected] 1 points 1 year ago

You're gonna have to settle for VB free

[–] [email protected] 7 points 1 year ago

This is the best summary I could come up with:

A group of Russian-state hackers known for almost exclusively targeting Ukrainian entities has branched out in recent months, either accidentally or purposely, by allowing USB-based espionage malware to infect a variety of organizations in other countries.

“Gamaredon continues to focus on [a] wide variety [of] Ukrainian targets, but due to the nature of the USB worm, we see indications of possible infection in various countries like USA, Vietnam, Chile, Poland and Germany,” Check Point researchers reported recently.

The image above, tracking submissions of LitterDrifter to the Alphabet-owned VirusTotal service, indicates that the Gamaredon malware may be infecting targets well outside the borders of Ukraine.

The data suggests that the number of infections in the US, Vietnam, Chile, Poland, and Germany combined may be roughly half of those hitting organizations inside Ukraine.

The core essence of the Spreader module lies in recursively accessing subfolders in each drive and creating LNK decoy shortcuts, alongside a hidden copy of the “trash.dll” file.

“Comprised of two primary components—-a spreading module and a C2 module—it’s clear that LitterDrifter was designed to support a large-scale collection operation,” Check Point researchers wrote.

The original article contains 739 words, the summary contains 185 words. Saved 75%. I'm a bot and I'm open source!