The FBI issued a warning after investigators discovered that hackers were sending ransomware-infected USBs to companies in the United States.
The malicious packages, often disguised as official merchandise, have been around for several months and allegedly have the potential to “compromise a network”.
the FBI now believe that the Russian hackers FIN7, who are behind the ransomware operations Darkside and BlackMatter, are responsible for its operation.
According to the US authorities, the group’s parcels were sent via the United States Postal Service or United Parcel Service and acted as official companies.
They added that the hackers usually pretended to be from the U.S. Department of Health or Amazon in order to outsmart their ransomware targets.
Since then, the FBI has warned companies that these packages have been classified as counterfeit and dangerous.
Her statement read: “As of August 2021, the FBI has received reports of multiple packages containing these USB devices that have been sent to US companies in the transportation, insurance and defense industries.”
“The packages were sent with the United States Postal Service and United Parcel Service.
“There are two variations of packages – those who mimick HHS are often accompanied by letters with references to COVID-19 guidelines attached to a USB; and those imitating Amazon arrived in a decorative gift box with a fraudulent thank you note, a fake gift card and a USB stick. “
The FBI also confirmed that all of the packages contained LilyGO-branded USBs which, if plugged into the device, could perform a “BadUSB” attack and infect it with the dangerous malware software.
The record added that in most of the cases investigated by the US agency, the group would be given administrative access and then “switch sideways to other local systems”.
The latest warning comes after similar Russian malware a large number of companies infiltrated last July in the US.
The injury that the biggest ransomware attack It reportedly hit the IT systems of up to a million companies around the world over a 24-hour period by targeting the systems of the US software company Kaseya.
Two days later, the Russian hacker REvil requested payment of $ 70 million in Bitcoin for a decryption key.
#FBI #warns #hackers #sending #ransomwareinfected #USBs #businesses