Carding
Professional
- Messages
- 2,870
- Reaction score
- 2,495
- Points
- 113
Africa is the first place where viruses can spread comfortably.
The days when USB flash drives were the main tool for spreading malware seemed like a distant past. However, according to the information security company Mandiant, the Chinese hacker group UNC53 used this method to attack at least 29 people around the world since the beginning of last year.
According to Mandiant, most infections occur in African countries, including Egypt, Zimbabwe, Tanzania, Kenya, Ghana and Madagascar. The virus, known as Sogu, has in some cases spread through public computers in Internet cafes and print shops.
Old methods in the new version
The old method of infection was surprisingly effective, especially in developing countries, where flash drives are still actively used. This is especially true for multinational companies with remote employees in these regions.
Sogu uses a number of simple but sophisticated methods to infect computers and steal data. The virus can even infect Air Gap systems that are not connected to the Internet. After being embedded on the computer, the malware establishes a connection to a remote server, where the stolen data is sent. This method allows hackers to create a wide network of infected systems, among which you can choose the most valuable victims. "This means that hackers have enough human resources to process the stolen information, as the researchers note.
Surprisingly, Sogu is just part of a broader resurgence of USB viruses that was discussed back in July. In addition, in June, security researchers at Check Point discovered that the Chinese group Camaro Dragon (Mustang Panda) uses a new strain of malware called WispRider, which is designed to steal data and is distributed through compromised USB drives.
African countries have previously been exposed to computer viruses. For example, in March, multiple infections of the PlugX USB worm were detected in Africa, as well as in Papua New Guinea and Mongolia. PlugX is able to collect system information, bypass antivirus and firewalls, manage user files, execute malicious code, and even give attackers remote access over an infected computer.
The researchers emphasize that information security specialists should not consider the problem of USB viruses solved, especially in global networks that include operations in developing countries. For example, in North America and Europe, researchers believe that this is an outdated infection vector that has been eliminated, but there are vulnerabilities in other geographical regions that are still being exploited.
The days when USB flash drives were the main tool for spreading malware seemed like a distant past. However, according to the information security company Mandiant, the Chinese hacker group UNC53 used this method to attack at least 29 people around the world since the beginning of last year.
According to Mandiant, most infections occur in African countries, including Egypt, Zimbabwe, Tanzania, Kenya, Ghana and Madagascar. The virus, known as Sogu, has in some cases spread through public computers in Internet cafes and print shops.
Old methods in the new version
The old method of infection was surprisingly effective, especially in developing countries, where flash drives are still actively used. This is especially true for multinational companies with remote employees in these regions.
Sogu uses a number of simple but sophisticated methods to infect computers and steal data. The virus can even infect Air Gap systems that are not connected to the Internet. After being embedded on the computer, the malware establishes a connection to a remote server, where the stolen data is sent. This method allows hackers to create a wide network of infected systems, among which you can choose the most valuable victims. "This means that hackers have enough human resources to process the stolen information, as the researchers note.
Surprisingly, Sogu is just part of a broader resurgence of USB viruses that was discussed back in July. In addition, in June, security researchers at Check Point discovered that the Chinese group Camaro Dragon (Mustang Panda) uses a new strain of malware called WispRider, which is designed to steal data and is distributed through compromised USB drives.
African countries have previously been exposed to computer viruses. For example, in March, multiple infections of the PlugX USB worm were detected in Africa, as well as in Papua New Guinea and Mongolia. PlugX is able to collect system information, bypass antivirus and firewalls, manage user files, execute malicious code, and even give attackers remote access over an infected computer.
The researchers emphasize that information security specialists should not consider the problem of USB viruses solved, especially in global networks that include operations in developing countries. For example, in North America and Europe, researchers believe that this is an outdated infection vector that has been eliminated, but there are vulnerabilities in other geographical regions that are still being exploited.
