A group of Russian hackers, known for focusing their attacks primarily on Ukrainian companies, has expanded its operations, allowing a malware USB-based spying spreads to all types of companies around the world.
This group, identified by various names, such as Gamaredon, Primitive Bear, ACTINIUM, Armageddon and Shuckworm, has been active since at least 2014, being attributed to the Russian Federal Security Service by Ukraine.
Unlike other groups that are backed by the Kremlin and seek to go unnoticed, Gamaredon does not hide its intentions, directed at this other country, with the aim of collecting information.
One of the most famous tools in these operations is a computer worm called LitterDrifter, designed to spread through USB drives. This malwarewritten in Visual Basic Scripting, It has the double function of spreading between devices that use it and forever infecting those that connect to units that have already been contaminated.
The rapid expansion of Gamaredon raises alarms around the world
Although the main idea of ​​Gamaredon is still to do as much damage as possible to Ukraine, the nature of the USB worm seems that it has already reached other countries such as the United States, Vietnam, Chile, Poland, Germany and Hong Kong, according to reports from Check Point Research .
This new threat reminds some of past incidents, such as the Stuxnet casea worm created by the US National Security Agency and its Israeli counterpart, which was intended to affect only a limited number of Iranian targets related to the uranium enrichment program.
However, Stuxnet spread unexpectedly, infecting approximately 100,000 computers worldwide. There is no doubt in this case that international cooperation and exhaustive information that allows us to know the registered cases and their effects is of vital importance.
