• AutoTL;DRB
    link
    fedilink
    English
    71 year ago

    This is the best summary I could come up with:


    A group of Russian-state hackers known for almost exclusively targeting Ukrainian entities has branched out in recent months, either accidentally or purposely, by allowing USB-based espionage malware to infect a variety of organizations in other countries.

    “Gamaredon continues to focus on [a] wide variety [of] Ukrainian targets, but due to the nature of the USB worm, we see indications of possible infection in various countries like USA, Vietnam, Chile, Poland and Germany,” Check Point researchers reported recently.

    The image above, tracking submissions of LitterDrifter to the Alphabet-owned VirusTotal service, indicates that the Gamaredon malware may be infecting targets well outside the borders of Ukraine.

    The data suggests that the number of infections in the US, Vietnam, Chile, Poland, and Germany combined may be roughly half of those hitting organizations inside Ukraine.

    The core essence of the Spreader module lies in recursively accessing subfolders in each drive and creating LNK decoy shortcuts, alongside a hidden copy of the “trash.dll” file.

    “Comprised of two primary components—-a spreading module and a C2 module—it’s clear that LitterDrifter was designed to support a large-scale collection operation,” Check Point researchers wrote.


    The original article contains 739 words, the summary contains 185 words. Saved 75%. I’m a bot and I’m open source!