8Bit Security

😈 How to Compromise an Air-Gapped System?
Air-gapped systems, being physically isolated from the internet, often run outdated software. To install or update applications on these machines, operators may resort to using removable devices such as USB drives
It is widely recognized that removable devices of uncertain origin should never be connected to enterprise machines, and this security policy is broadly enforced

Read more in the comments (or ALT)

#cybersecurity #hacking #threatintelligence

Oct 16 at 7:26amWeb
Show thread8Bit SecurityOct 16
... However, to circumvent such protections, the threat group GoldenJackal has developed a modular toolkit capable of compromising removable drives that are considered safe, once they are connected to already infected systems.
GoldenJackal employs an unidentified worm and the GoldenDealer malware to propagate via removable device, successfully breaching even air-gapped environments. ...
Show thread8Bit SecurityOct 16
... The malware collects sensitive data from isolated machines and exfiltrates it once the infected device reconnects to a compromised network.
GoldenDealer can execute any command issued by its Command & Control (C&C) server. These commands are triggered when the infected USB drive is plugged into an air-gapped PC, typically involving data exfiltration tasks. The results of these operations are then transmitted back to the C&C server once the USB is reconnected to the compromised host