Photo: Christian Ohde/McPhoto/ullstein bild (Getty Images)
Using friendly-looking USB sticks as vectors for malware distribution is a trick as old as the internet itself and apparently still quite popular with criminals.
On Thursday, the FBI warned that a hacker group has used the U.S. Postal Service to send malware-laden USB drives to companies in the defense, transportation and insurance sectors, hoping employees are gullible enough to plug them into their computers. The record reports. When connected to a computer or laptop, criminals have attempted to use the USB drives to deploy ransomware or other malicious software on target systems.
The group of hackers behind this bad behavior, a group called FIN7, has gone to great lengths to defuse their packages, according to the FBI. In some cases, packages were disguised as if they had been shipped by the U.S. Department of Health and Human Services, with notes explaining that the discs contained important information about Covid-19 guidelines. In other cases, they were delivered as if they had been shipped via Amazon, along with a “decorative gift box containing a fraudulent thank you letter, a fake gift card and a USB,” according to the FBI warning.
This little plan seems to have been going on for at least several months. The FBI says it began receiving reports of such activity as early as August of last year.
The culprit, FIN7, is a highly sophisticated cybercriminal group that has reportedly been harassed throughout its career more than $1 billion stolen through various financial hacking programs. In the past, it was also associated with prominent ransomware families, such as DarkSide and BlackMatter, and, last September, security researchers reported that FIN7 had gone to the trouble of creating a fake cybersecurity company to recruit IT talent for its criminal activities.
While it may seem ridiculous that someone would plug any USB stick into their computer, studies have shown that that’s actually exactly what a lot of people do when faced with the opportunity. So the popularity of the “drop” trick, where a malicious drive is left in a company’s parking lot in hopes that the weakest link in the company will pick it up and plug it into their laptop out of curiosity. Actually, if you believe one senior defense officer, a disastrous worm-powered attack on the Pentagon in 2008 was launched just like this.
Hackers have also previously attempted to use USBs as a vector for ransomware attacks. Last September, it has been reported that gangs had approached employees of certain companies and tried to bribe them to release ransomware on their company’s servers via sticks secured by the hackers.
All of this is a roundabout way of saying a few basic things: don’t accept gifts from strangers, avoid bribes, and, if you don’t know where that USB stick came from, you’d better leave it alone.
Stay tuned for more such real estate news and updates at zavalinka.in