Oddbean new post about | logout
bleepingcomputer | 9 months ago (raw) | export | reply | flag +1 
 Hackers push USB malware payloads via news, media hosting sites

https://www.bleepingcomputer.com/news/security/hackers-push-usb-malware-payloads-via-news-media-hosting-sites/
Ava | 9 months ago (raw) | root | parent | reply | flag 
 nostr:nevent1qqs0a53r3puxrqjxrkw56y4qpgdntfa37f0tl0c3fq7wdzn2mwywmgspp4mhxue69uhkummn9ekx7mqzyqus2f7gl4rdzvvxrvnmjg6sm9guv90qfnz0tqx59ztfm6f28zvzqqcyqqqqqqgywk0de

"A financially motivated threat actor using USB devices for initial infection has been found abusing legitimate online platforms, including GitHub, Vimeo, and Ars Technica, to host encoded payloads embedded in seemingly benign content.

The attackers hide these payloads in plain sight, placing them in forum user profiles on tech news sites or video descriptions on media hosting platforms.

These payloads pose no risks to users visiting these web pages, as they are simply text strings. However, when integrated into the campaign's attack chain, they are pivotal in downloading and executing malware in attacks."

#cybersecgirl