Image for the article titled Hackers sent USB sticks disguised with malware to US companies

photo: Christian Ohde / McPhoto / ullstein image (Getty Images)

Friendly looking USB sticks are a malware spreading vector that is as old as the internet itself and apparently still popular with criminals.

On Thursday, the FBI warned that a group of hackers was using the US Post to send malware-laden USB drives to defense, transportation and insurance companies. The criminals hope that employees are gullible enough to plug them into their computers, creating the opportunity for ransomware attacks or other malware to be deployed. The record reported.

The hacking group behind this bad behavior – a group called FIN7 – have gone to great lengths to make their packages appear harmless. In some cases, packages were disguised as if they had been sent by the U.S. Department of Health with notices that the drives contained important information about COVID-19 guidelines. In other cases, they were sent as if from Amazon, along with a “decorative gift box containing a fraudulent thank you note, a forged gift card and a USB stick,” the FBI warning said.

This little plan appears to have been underway for at least several months – as the FBI says it received reports of such activity back in August.

The culprit, FIN7, is a particularly sophisticated cybercriminal who has been reported throughout her career over $ 1 billion stolen through various financial hacking programs. It has also been linked to well-known ransomware families such as DarkSide and BlackMatter in the past, and to security researchers last September reported that FIN7 had gone out of their way to create a fake cybersecurity company to recruit IT talent for its criminal operations. Suffice it to say, they are innovative.

While it may seem ridiculous for someone to plug any USB stick into their computer, Studies have shown that many people do just that when presented with the opportunity. Such is the popularity of the “drop” trickwhere a malicious drive is left in a company’s parking lot in the hope that the company’s weakest link will pick it up and plug it into their laptop out of curiosity. Actually, if you believe one senior defense officerIn 2008, a catastrophic worm-propelled attack on the Pentagon was launched in this way.

Hackers have also tried to use USBs as a vector for ransomware attacks in the past. Last September, it was reported that gangs had turned to employees of certain companies and tried to bribe them in order to unleash ransomware on the servers of their companies using sticks secured by the hackers.

All of this is a detour to say a few basic things: don’t accept gifts from strangers, avoid bribes, and if you don’t know where the pen drive came from, leave it alone.

Source link

Leave a Reply