How USB Malware Attacks Are Surging

Subscribe to our cybersecurity blog

Attacking networks through malware-infected USB drives used to be a popular tool for cybercriminals before cloud-based storage became more widespread.

We know that cybercriminals will always try to find the low-hanging fruit by catching anyone who will let their guard down. That shouldn't make it a surprise that it has been reported that these attacks have tripled in the first half of 2023.


There are two types of cyber attacks from malware-infected USB drives to be vigilant against: SOGU and SNOWYDRIVE.

SOGU is considered to be a widespread, aggressive attack targeting the public and private sectors that can launch a backdoor on your network once the USB is plugged in and executed, tracking keystrokes and can take screenshots.

SNOWYDRIVE also creates a backdoor and gives attackers the ability to remotely issue system commands.


Organizations should proceed with caution using any external device and a found USB device should NEVER be plugged into a computer connected to an internal network.


Drives should always be scanned for malicious codes or files before any use on an internal network.

Cyber attacks from infected USB flash drives target systems and networks that are bypassing security updates and have outdated security patches to spread through networks.

Cyber awareness training is one of the most effective and foremost ways to help you and your staff keep your networks safe from these types of threats.

Find out more and schedule a cyber awareness training with our team today!

You may also like

Public Safety and Services Already Feeling Wide Impact of Kronos Ransomware Attack

Kronos, a widely used multinational workforce management platform, was hit with ...

Read More

What to Know About the Cyber Incident Reporting for Critical Infrastructure Act of 2022

If you haven’t been living under a rock, it would be hard not to notice the ...

Read More

NOC vs SOC: What is the Difference?

A Network Operations Center (NOC) and a Security Operations Center (SOC) are ...

Read More

CISA MS-ISAC Publish Updated Ransomware Guide

September, 2020 CISA (Cybersecurity Infrastructure Security Agency) and MS-ISAC ...

Read More

Prioritize Network Monitoring, Vigilance with CISA’s Cloud Security Technical Reference Architecture

Last year, Executive Order 14028 was signed to help with, “Improving the ...

Read More