Counterfeit Chinese USB Drives Compromise Japan's Self-Defense Forces

Japan's Ground Self-Defense Force used counterfeit USB drives infected with malware linked to Chinese hackers for nearly a year. The malicious software was discovered in February 2025 after personnel noticed abnormal computer performance. Six out of eight tested drives contained the same malware, affecting over 50 computers, many of which were connected to closed systems handling sensitive information. The counterfeit drives were labeled as 1TB but had only 240GB of actual storage. They were transferred during disaster relief operations in March 2024, and the original procurement records are no longer verifiable. The incident highlights a significant oversight in cybersecurity protocols, as antivirus software did not scan USB drives, allowing the malware to persist undetected. A U.S. cybersecurity firm confirmed that the malware is associated with known Chinese hacking groups.

Key Points: • Counterfeit USB drives used by Japan's Self-Defense Forces contained malware linked to China. • Malware went undetected for nearly a year, affecting over 50 computers with sensitive data. • Antivirus software failed to scan USB drives, highlighting critical cybersecurity gaps.