Self-Replicating Malware Used by Chinese Cyberspies Spreads via USB Drives

Cyber espionage group UNC4191 has been observed leveraging self-replicating malware spread via USB drives to infect entities in Southeast Asia, Asia-Pacific, Europe, and the US. The threat actor has been identified to use malware families including the Bluehaze and Mistcloak launchers and the Darkdew dropper. The malware is able to self-replicate by infecting new drives that exist on a compromised system.