TetrisPhantom: Cyber Espionage via Secure USBs Targets APAC Governments


Level 85
Thread author
Honorary Member
Top Poster
Content Creator
Malware Hunter
Aug 17, 2014
Government entities in the Asia-Pacific (APAC) region are the target of a long-running cyber espionage campaign dubbed TetrisPhantom.

"The attacker covertly spied on and harvested sensitive data from APAC government entities by exploiting a particular type of secure USB drive, protected by hardware encryption to ensure the secure storage and transfer of data between computer systems," Kaspersky said in its APT trends report for Q3 2023.

The Russian cybersecurity firm, which detected the ongoing activity in early 2023, said the USB drives offer hardware encryption and are employed by government organizations worldwide to securely store and transfer data, raising the possibility that the attacks could expand in the future to have a global footprint.

The clandestine intrusion set has not been linked to any known threat actor or group, but the high-level of sophistication of the campaign points to a nation-state crew.

"These operations were conducted by a highly skilled and resourceful threat actor, with a keen interest in espionage activities within sensitive and safeguarded government networks," Noushin Shabab, senior security researcher at Kaspersky, said. "The attacks were extremely targeted and had a quite limited number of victims."

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.