USBStealer (50eab018-8d52-46f5-8252-95942c2c0a89)
USBStealer is malware that has been used by APT28 since at least 2005 to extract information from air-gapped networks. It does not have the capability to communicate over the Internet and has been used in conjunction with ADVSTORESHELL. [ESET Sednit USBStealer 2014] [Kaspersky Sofacy]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| USBStealer (50eab018-8d52-46f5-8252-95942c2c0a89) | Tidal Software | APT28 (5b1a5b9e-4722-41fc-a15d-196a549e3ac5) | Tidal Groups | 1 |