UNC4990 Leverage Hosting Platforms in USB Infection Chain

Threat Level – Amber | Vulnerability Report
Download PDF

UNC4990, a financially motivated threat actor, has been observed targeting organizations in Italy by utilizing weaponized USB drives as an initial infection vector. Additionally, they are employing trusted websites such as Vimeo, GitHub, and Ars Technica to host encoded payloads disguised within seemingly benign content.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox