S0136Windows

S0136USBStealer

Platforms
1
ATT&CK
14.1
References
3

Description

[USBStealer](https://attack.mitre.org/software/S0136) is malware that has been used by [APT28](https://attack.mitre.org/groups/G0007) since at least 2005 to extract information from air-gapped networks. It does not have the capability to communicate over the Internet and has been used in conjunction with [ADVSTORESHELL](https://attack.mitre.org/software/S0045). (Citation: ESET Sednit USBStealer 2014) (Citation: Kaspersky Sofacy)

Platforms· 1

Windows

Attributed to1

TypeTargetConfidenceTier
GroupAPT28g0007100%live

References

  1. https://attack.mitre.org/software/S0136
  2. http://www.welivesecurity.com/2014/11/11/sednit-espionage-group-attacking-air-gapped-networks/
  3. https://securelist.com/sofacy-apt-hits-high-profile-targets-with-updated-toolset/72924/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
FLASHFLOOD
Software
SPACESHIP
Software
SHIPSHAPE
Software
AuTo Stealer
Software
HIDEDRV
Sub-technique
Exfiltration over USB
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.