Cybersecurity researchers have uncovered an instance of PlugX that uses sneaky methods to infect attached removable USB media devices to spread malware to additional systems.

Researchers noted that this malware infects USB devices in a way that hides itself from the Windows operating file system, and a user may not realize that the USB device is infected or possibly used to leak data from their network.

A Windows shortcut (.LNK) file created in the root folder of the flash drive is used to execute the malware from the hidden directory. The PlugX instance's task is not only to insert the malware into the host, but also to copy it to any removable device that may be connected to it, by camouflaging it in a recycle bin folder.

Some of the measures we need to take to protect ourselves from such attacks;

• Use advanced security products that can scan removable devices on your system,

• Do not plug unfamiliar removable devices into your system,

• Prohibit the addition of physical and software devices to the critical machines of your system,

• Get awareness training against such attacks,

• Take regular backups of the devices you use on your system.