UNC4990 Leverage Hosting Platforms in USB Infection Chain

Summary:

UNC4990, a financially motivated threat actor, has been observed targeting organizations in Italy by utilizing weaponized USB drives as an initial infection vector. Additionally, they are employing trusted websites such as Vimeo, GitHub, and Ars Technica to host encoded payloads disguised within seemingly benign content.

Threat Level – Amber | Attack Report

For a detailed threat advisory, download the pdf file here

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.