"Russian Hackers Use PowerShell USB Malware to Drop Backdoors"

The Russian state-sponsored hacking group Gamaredon, also known as Armageddon or Shuckworm, continues to target critical organizations in Ukraine's military and security intelligence sectors using updated tools and novel infection techniques. Previously, the Russian hackers with ties to the FSB, were observed using information-stealing malware against Ukrainian state organizations. They were using new variants of their "Pteranodon" malware and a default Word template hijacker. Symantec's threat research team has reported that the threat actors have recently begun using USB malware to spread to additional systems within infected networks. Gamaredon's newest campaign targets HR departments, suggesting that the threat actors are aiming for spear-phishing attacks within breached organizations. This article continues to discuss the Gamaredon hacking group using USB malware to spread to additional systems inside infected networks.

Bleeping Computer reports "Russian Hackers Use PowerShell USB Malware to Drop Backdoors"