Kaspersky Finds Attacks On USB Drive To Steal Secret Data

Illustration of USB cyber dive attacks (photo: Kaspersky)

JAKARTA - Kaspersky found that a secure USB drive had been compromised with a malicious code injected into its access management software.

This Drive was developed by government agencies in Southeast Asia to securely store and transfer files between machines in sensitive environments.

The malicious code injected into it is designed to steal confidential files stored in secure drive partitions, as well as act as USB wormholes and spread infections to USB drives of the same type.

Although this tactic is similar to infiltration of a drive that used USB UTetris management software last year, attributed to Kaspersky with TetrisPhantom, the malicious code embedded in the drive in the last incident is new.

Throughout 2024, Kaspersky services have succeeded in detecting and blocking more than 3 billion local threats globally.

The software hack on a secure USB drive is unusual. But it underscores the fact that digital spaces from protected removable devices can be hacked by sophisticated schemes, "said David Emm, head of security research at Kaspersky.

However, according to David, cybercriminals will continue to update their devices and expand the scope of their activities and targets, both in terms of targeted scopes, and geographically.