<ciso brief/>
Tag Banner

All news with #usb worm tag

all tags →

Mon, September 15, 2025

Mustang Panda Uses SnakeDisk USB Worm to Deliver Yokai

#Mustang Panda #Backdoor Found #DLL Hijacking #IBM #Threat Report #USB Worm #Active Exploitation

🐍 IBM X-Force reports that China-aligned Mustang Panda is deploying a new USB worm, SnakeDisk, to propagate the Yokai backdoor against machines geolocated to Thailand. The actor also introduced updated TONESHELL variants (TONESHELL8/9) with proxy-aware C2 and parallel reverse shells. SnakeDisk abuses DLL side-loading and USB volume masquerading—moving user files into a subfolder and presenting a deceptive 'USB.exe' lure before restoring originals—to spread selectively on Thailand-based public IPs.

read more →