• capital@lemmy.world
    link
    fedilink
    English
    arrow-up
    6
    ·
    3 months ago

    The basic flow of the attack is, first, infecting an Internet-connected device through a means ESET and Kaspersky have been unable to determine. Next, the infected computer infects any external drives that get inserted. When the infected drive is plugged into an air-gapped system, it collects and stores data of interest. Last, when the drive is inserted into the Internet-connected device, the data is transferred to an attacker-controlled server.

    Guys, storage devices move data from one machine to another. /pikachuface