Overview
Malware has been detected from a company called Red Canary. The malware has been tracked since September 2021 and has infected company computer networks.
Infection
The malware is stored on an infected USB drive and contains a malicious .LNK file. Once the drive is plugged in to your computer it will run a process in cmd.exe and launch the malicious file on to your computer or computer network.
Once the file has been launched it will use Microsoft’s legitimate msiexec.exe process to establish an external network connection to a malicious domain.
Additionally, it has been known to create its own DLL file which allows the virus to resist removal between computer restarts.
Safety
Always be cautious using USB drives. Never plug a USB drive in to your computer that you have found or are unaware of the originator of the USB. Make sure your antivirus is up to date as well as all computer updates are installed.
If you feel like you have malicious files on your computer reach out to Jellie Tech.
Don’t miss an article when it’s published by following and subscribing for email updates!
Tell us what you think of the article by commenting below!
Jellie Tech 