Global USB Virus Propagates Cryptocurrency Mining Software Across All Continents
In the year 2025, a multi-stage malware attack was identified, marking a significant cybersecurity concern for organisations worldwide. The attack was delivered via infected USB devices, targeting government agencies, financial institutions, and critical infrastructure companies primarily in the United States, Germany, and South Korea.
The malicious campaign began with a Visual Basic script on USB drives. This script initiated a chain of processes, including the use of xcopy.exe to move files into the Windows System32 directory. The files enabled the side-loading of a malicious DLL designed to download a cryptominer.
The malware employed tactics that closely resemble an international cryptocurrency mining scheme called "Universal Mining," exposed by Azerbaijan's CERT in October 2024. It used DLL search order hijacking and PowerShell to bypass security controls, making it a persistent issue affecting both developed and developing regions.
The malware attempted to install a cryptominer. To prevent such threats, it's crucial to harden endpoint security with EDR solutions capable of detecting obfuscated scripts. Additionally, organisations lacking strict USB policies remain vulnerable to cryptominer infections and insider threats that can escalate into more damaging breaches.
To reduce exposure to USB-based malware, it's recommended to disable autorun and autoplay features on all systems. Furthermore, implementing device control policies to block unsigned executables from USBs can provide an extra layer of protection.
The attack was ultimately blocked during the final stage by endpoint detection and response (EDR) tools. However, it underscores the importance of maintaining robust cybersecurity measures. Organisations should also enforce physical security measures, including restricting or locking USB ports, and protect key system processes such as lsass.exe from credential theft attempts.
As the threat landscape continues to evolve, it's essential for organisations to stay vigilant and adapt their security strategies accordingly. By following best practices and staying informed about new threats, we can collectively work towards a safer digital future.
Read also:
- Peptide YY (PYY): Exploring its Role in Appetite Suppression, Intestinal Health, and Cognitive Links
- House Infernos: Deadly Hazards Surpassing the Flames
- Rare Genetic Disease Affecting a Child: Lend a Hand to Those in Need
- Aspergillosis: Recognizing Symptoms, Treatment Methods, and Knowing When Medical Attention is Required
