{"id":156472,"date":"2023-01-28T03:22:58","date_gmt":"2023-01-28T09:22:58","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2023\/01\/researchers-discover-new-plugx-malware-variant-spreading-via-removable-usb-devices"},"modified":"2023-01-28T03:22:58","modified_gmt":"2023-01-28T09:22:58","slug":"researchers-discover-new-plugx-malware-variant-spreading-via-removable-usb-devices","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2023\/01\/researchers-discover-new-plugx-malware-variant-spreading-via-removable-usb-devices","title":{"rendered":"Researchers Discover New PlugX Malware Variant Spreading via Removable USB Devices"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/researchers-discover-new-plugx-malware-variant-spreading-via-removable-usb-devices.jpg\"><\/a><\/p>\n<p>Cybersecurity researchers have uncovered a PlugX sample that employs sneaky methods to infect attached removable USB media devices in order to propagate the malware to additional systems.<\/p>\n<p>\u201cThis PlugX variant is wormable and infects USB devices in such a way that it conceals itself from the Windows operating file system,\u201d Palo Alto Networks Unit 42 researchers Mike Harbison and Jen Miller-Osborn <a href=\"https:\/\/unit42.paloaltonetworks.com\/plugx-variants-in-usbs\/\" rel=\"noopener\" target=\"_blank\">said<\/a>. \u201cA user would not know their USB device is infected or possibly used to exfiltrate data out of their networks.\u201d<\/p>\n<p>The cybersecurity company said it uncovered the artifact during an incident response effort following a Black Basta ransomware attack against an unnamed victim. Among other tools discovered in the compromised environment include the <a href=\"https:\/\/thehackernews.com\/2023\/01\/australian-healthcare-sector-targeted.html\" rel=\"noopener\" target=\"_blank\">Gootkit<\/a> malware loader and the <a href=\"https:\/\/thehackernews.com\/2022\/07\/hackers-abusing-brc4-red-team.html\" rel=\"noopener\" target=\"_blank\">Brute Ratel C4<\/a> red team framework.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cybersecurity researchers have uncovered a PlugX sample that employs sneaky methods to infect attached removable USB media devices in order to propagate the malware to additional systems. \u201cThis PlugX variant is wormable and infects USB devices in such a way that it conceals itself from the Windows operating file system,\u201d Palo Alto Networks Unit 42 [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34],"tags":[],"class_list":["post-156472","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/156472","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=156472"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/156472\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=156472"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=156472"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=156472"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}