As if all the existing malware weren’t already enough, there is a virus alert for Pendrives: you need to avoid these sites, you download a payload.

We missed this too. Malware of all types is now popping up: viruses with different names but the same modus operandi, a trap where unfortunate users end up forced to provide their sensitive data willy-nilly. Which end up in the hands of cyber criminals to be used by “private individuals” or sold on the dark web.

PenDrive targeted by malicious malware – Sjbeez

Pishing or smishing, ramsonware for companies, trojans with the most disparate and bizarre names, the latest detected in chronological order is called DarkGate and is ruining Microsoft with that very dangerous phishing via group chat on Teams.

Documentation is never enough, but virus alert is the order of the day, as cybercriminals have many options to introduce malware and steal passwords or personal data. So it’s a short step from a phishing email that installs a malicious program or a fake update to pushing virus payloads through websites.

Pendrive virus, how to protect yourself from malicious encrypted payloads impersonating legitimate content

Now it is Pendrives that are being targeted by hackers who are managing, with surprising ease, to sneak malicious encrypted payloads into content that, on paper, is legitimate, using platforms like GitHub. How do they do it? They hide them in user profiles, on forums and news sites, as well as in video descriptions on streaming platforms. The alarm goes off accordingly, as hackers succeed in their intent: they sneak in malicious payloads without arousing any suspicion. How do they do it?

PenDrive, when the payload becomes malicious – Sjbeez

They use links to fake profiles on forums, video descriptions on certain platforms, or news pages. The payload, i.e. that part of the data transmitted intended for the user, in contrast with the other elements of the message necessary to make the communication protocol work, does not represent a direct threat to anyone who visits that website, so it is not seen, everything is always normal, the attention threshold is lowered.

And here the trap is triggered, when the payload is downloaded under the guise of certain contents. The victim doesn’t believe he’s dealing with something harmful, the antiviruses don’t notice the threat, we put everything in the pendrive. the damage is complete. How to protect yourself? You should not download files from links that you cannot trust 100%.

Much less install any software. It could be a trap, a malware that also spreads on your Pendrive and on another device. It is advisable to have a constantly updated system. This will help you avoid many cybersecurity problems by keeping your computer as protected as possible. Our brain can take care of everything else: before pushing a button, let’s think about it for at least two seconds.