Malware PlugX: propagation via USB devices
Analyzing a ransomware attack, Unit 42 found the PlugX malware. This variant first identifies all connected USB removable media devices, such as floppy, thumb, or flash drives, and then infects all inserted media. If an infected USB stick is connected, the infection immediately spreads to all connected USB devices. Palo Alto Networks Unit 42 released an investigation into tools the team observed responding to a ransomware attack by hacker group Black Basta. Upon investigation, Palo Alto Networks identified several tools of interest on victims' machines, including: the GootLoader malware,...