The China-aligned threat actor known as Mustang Panda has been actively deploying an updated backdoor named TONESHELL alongside a previously undocumented USB worm, SnakeDisk. This worm poses a particular threat as it only activates on devices with IP addresses originating from Thailand, which indicates a targeted attack strategy.
The implications of this kind of targeted malware are significant, as it not only compromises individual devices but could also lead to larger network vulnerabilities. The installation of the Yokai backdoor via the SnakeDisk worm suggests that attackers are looking to maintain persistent access to affected systems. Organizations in Thailand, particularly those handling sensitive information, need to enhance their security measures to counter such threats.
👉 Pročitaj original: The Hacker News
