By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Gun GravyGun GravyGun Gravy
Notification Show More
Font ResizerAa
  • Home
  • Latest News
  • Firearms
  • Tactical
  • Videos
Reading: Hackers using malware to steal data from USB flash drives
Share
Font ResizerAa
Gun GravyGun Gravy
  • Latest News
  • Firearms
  • Tactical
  • Videos
Search
  • Home
  • Latest News
  • Firearms
  • Tactical
  • Videos
Have an existing account? Sign In
Follow US
Gun Gravy > Latest News > Hackers using malware to steal data from USB flash drives
Hackers using malware to steal data from USB flash drives
Latest News

Hackers using malware to steal data from USB flash drives

Jim Flanders
Last updated: April 20, 2025 3:22 pm
Jim Flanders Published April 20, 2025
Share
SHARE

Cybercriminals are constantly finding new ways to steal your data. As people become more aware of common threats like phishing links, fake websites, fraudulent emails and impersonation scams, attackers are becoming more creative in their approach.

One of the newer methods they are using involves targeting USB flash drives. It may seem surprising that they would focus on something as simple as a flash drive, but the data it holds can be valuable. 

Plus, flash drives can be used to spread malware to other devices.

STAY PROTECTED & INFORMED! GET SECURITY ALERTS & EXPERT TECH TIPS — SIGN UP FOR KURT’S THE CYBERGUY REPORT NOW

Why target USB flash drives?

USB drives are ubiquitous in workplaces, especially in environments with air-gapped systems or restricted internet access, such as those in government and energy sectors. This makes them an easy target for data theft and malware propagation. Often, these drives store sensitive files that are not available on networked systems. 

WHAT IS ARTIFICIAL INTELLIGENCE (AI)?

When infected, USB drives can spread malware not just within a single organization but also across multiple entities if shared. These attacks don’t rely on network vulnerabilities, allowing them to bypass traditional security tools. 

flash drive hacker 2

200 MILLION SOCIAL MEDIA RECORDS LEAKED IN MAJOR X DATA BREACH 

How hackers are targeting your USB drives

As reported by Kaspersky’s Securelist, a cybersecurity research platform, hackers are using USB drives to spread malware in ways that can easily bypass traditional security systems. One group, known as GOFFEE, kicks off its attacks with targeted phishing emails. These emails often carry infected RAR files or Office documents with harmful macros. Once opened, they install sneaky programs like PowerModul and PowerTaskel on the victim’s system.

These tools don’t just sit around. They lay the groundwork for more attacks. PowerModul, in particular, plays a big role. It’s a PowerShell script introduced in 2024 that talks to a command-and-control (C2) server. From there, it can download and run other tools, including two especially dangerous ones, FlashFileGrabber and USB Worm.

FlashFileGrabber is made to steal data from USB drives. It can either save stolen files locally or send them back to the hacker’s server. Then there’s USB Worm, which infects any USB drive it finds with PowerModul, turning that drive into a tool for spreading malware to other systems.

What makes this method effective is that USB drives are often shared between people and offices. That physical movement allows the malware to spread even without an internet connection. The malware hides original files on the USB and replaces them with malicious scripts disguised as normal-looking shortcuts. When someone clicks one of these, they unknowingly trigger the infection.

flash drive hacker 3

MALWARE EXPOSES 3.9 BILLION PASSWORDS IN HUGE CYBERSECURITY THREAT

4 practical ways to stay safe from USB-targeted attacks

1. Don’t plug in unknown USB drives: It might sound obvious, but this is one of the most common ways malware spreads. If you find a USB drive lying around or someone gives you one you weren’t expecting, avoid plugging it into your system. Attackers often rely on human curiosity to get the malware onto your machine.

2. Be extra cautious with email attachments: GOFFEE’s campaigns often begin with phishing emails carrying malicious RAR files or Office documents with macros. Always double-check the sender’s address and never open unexpected attachments, especially if they ask you to “enable macros” or come from unknown contacts. When in doubt, confirm through a different channel.

3. Avoid clicking on suspicious links and use strong antivirus software: Many attacks like GOFFEE’s start with emails that look legitimate but contain malicious links. These links might lead you to fake login pages or silently download malware that sets the stage for USB-targeting tools like PowerModul.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.

4. Scan USB drives before use: The USB Worm infects USB drives by hiding original files and planting malicious scripts disguised as shortcuts, which trigger PowerModul when clicked. FlashFileGrabber also steals files silently from USBs, often going unnoticed. Always scan USB drives with updated antivirus software before opening any files. Use a reputable security tool to check for hidden scripts, unusual shortcuts or unexpected executables. If files appear renamed or hidden, don’t click them until verified safe. 

DATA REMOVAL DOES WHAT VPNS DON’T: HERE’S WHY YOU NEED BOTH 

Kurt’s key takeaway

Cybercriminals thrive where convenience meets oversight. However, it’s worth considering why USBs remain such a soft target. They’re not just storage but a cultural artifact of workplaces, especially in high-stakes sectors like energy or government, where offline data transfer feels safer than the cloud. But that trust is a blind spot. Attackers like GOFFEE don’t need zero days because they can exploit human habits such as sharing drives, skipping scans and clicking without thinking.

How often do you plug in a USB drive without scanning it first? Let us know by writing us at Cyberguy.com/Contact

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter

Ask Kurt a question or let us know what stories you’d like us to cover

Follow Kurt on his social channels

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2025 CyberGuy.com.  All rights reserved.

Read the full article here

You Might Also Like

Footage shows LGBTQ protester attacking conservative at California track championship amid trans athlete drama

Rep. Anna Paulina Luna blasts DOJ over Epstein address book: ‘GET US THE INFORMATION WE ASKED FOR’

Vikings receiver Jordan Addison pleads no contest in DUI case, agrees to lesser charge

Boulder terror attack latest in antisemitic incidents rising across US in 2025

Was It Just Too Late to the Game?

Share This Article
Facebook Twitter Email Print
Leave a comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

We Recommend
Trump: Biden Gave Away 0 Billion Worth of Equipment or Cash”
Tactical

Trump: Biden Gave Away $350 Billion Worth of Equipment or Cash”

Jim Flanders Jim Flanders July 24, 2025
Hamas ‘hardens’ stance in ceasefire talks as Netanyahu recalls negotiation team
Student suspended for saying ‘illegal aliens’ in class gets cash, apology from school
Trump assassination attempt suspect Ryan Routh can represent himself at trial, federal judge rules
New FIRE Act Aims To End Magazine Capacity Limits Nationwide
Jeffrey Epstein accomplice Ghislaine Maxwell to see how feds meeting plays out amid subpoena: brother
This flashlight kicks ass. @olightworld #shorts #gear #flashlight
Videos

This flashlight kicks ass. @olightworld #shorts #gear #flashlight

Tactical Rifleman Tactical Rifleman July 24, 2025
Soaring Electricity Bills: Biggest US Power Grid Sets Power Costs At Record High To Feed Artificial Intelligence
Tactical

Soaring Electricity Bills: Biggest US Power Grid Sets Power Costs At Record High To Feed Artificial Intelligence

Jim Flanders Jim Flanders July 24, 2025
Epstein and Odds of War, CFNAI, Jobless, and “Enteric Religion”
Tactical

Epstein and Odds of War, CFNAI, Jobless, and “Enteric Religion”

Jim Flanders Jim Flanders July 24, 2025
  • Latest News
  • Videos
  • Tactical
  • Firearms
2024 © Gun Gravy. All Rights Reserved.
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?