A group of hackers known as the “Cycldek” has deployed a strain of malware called “USBCulprit” to steal private information via USBs and other mobile storage devices as newly discovered by cybersecurity firm Kaspersky.
Cybersecurity experts warn that the new threat remains challenging to block because it appears to be a new type of security risk for computers. Likewise, it involves the manipulation of firmware, thereby allowing USB and other mobile storage devices to snoop on computers while remaining undetected.
According to a recent report from Gov Info Security, the custom-built malware was developed by an advanced persistent threat (APT) group called Cycldek known to be active since 2013, targeting both public and private organizations within the energy and defense sectors in Vietnam and a few other countries in Southeast Asia.
More About The Cycldek USBCulprit Malware
“This malware is hard to detect with its almost perfect disguise, pretending to be a keyboard, a network adapter, or even a webcam haven been hidden on tiny chips located in these portable storage devices to infuriate the firmware of a computer without being noticed.” Says Robin Cumpl, a technology journalist based in Germany.
Cumpl continued by saying “The security risk remains high as major virus scanning programs cannot detect a manipulated firmware which gives the malware full control to remotely strike a user’s computer by evading any direct control while using the hacked firmware to feed the malware into the computer to steal valuable data.” “You cannot predict the origin of the virus. It is almost like a magic trick.” He concluded.
Security researchers, Mark Lechtik and Giampaolo from Kaspersky, revealed that “the malware can copy itself into any connected external portable storage device”. While the USBCulptrit tends to be deployed via phishing emails, once the malicious code is installed on a computer with air-gap, it then copies and exfiltrates data contained in that device to the USB drive, which must be connected to a computer physically before the process can happen.
How To Protect Yourself From USBCulprit
It would be challenging to ask the public not to use USB devices since there are no known security programs that can stop this newly discovered threat from stealing victim’s data, which means cybersecurity experts, USB device developers, and researchers must urgently upgrade the standard of USB as the only means to curtailing the threat from USBCulprit.