Cycldek APT group has added a previously unknown malware dubbed USBCulprit to its arsenal. The newly discovered malware is part of the arsenal of an APT known as CyCldek, which targets government entities in Southeast Asia. It has been deployed against targets in Vietnam, Thailand and Laos, Kaspersky says. The malware is implanted as a side-loaded DLL of legitimate, signed applications. It operates in three phases: Data scanning and recon, data exfiltration to or from a USB device, and data-stealing.
Source: https://threatpost.com/info-stealer-air-gapped-devices-usb/156262/