Using USB sticks that look like a vector distribution program is a crime as old as the internet which, and, apparently, is still very popular with criminals.
On Thursday, the FBI warned that a gang of thugs had been using the U.S. send USB drives with malware to security companies, systems and insurance companies, and hope that employees will be able to install them on their computers, History reports. If it is connected to a computer or laptop, hackers have tried to use USB drives to send ransomware software or other malicious software onto the target device.
A gang of perpetrators of the crime – a group called FIN7 – has been working hard to make their packages look harmless, according to the FBI. In some cases, packages are packaged if sent by the health department to the United States Department of Health and Human Services, with notes stating that the drive contains the necessary information about. covid disease-19 instructions. In some cases, they are provided as if they were sent via Amazon, along with “a box of decorative gifts containing a fake thank-you note, a fake gift card, and USB,” according to a FBI warning.
The plot appears to have been going on for months. TThe FBI says it has been receiving reports about this since last August.
The culprit, FIN7, is a well-known cybercrime group that, throughout its career, is said to have. more than $ 1 billion was stolen through various means of spending money. In the past, it has been linked to popular ransomware families – such as DarkSide and BlackMatter – and, last September, security analysts. he said FIN7 faced the challenge of creating a fake cybersecurity company to acquire IT talent in its criminal activities.
While it may seem silly for someone to plug a USB stick into their computer, education has shown that, in fact, that is what most people do when they have an opportunity. Hence the popularity of the method of “tearing down”., where a bad car is left in the company parking lot and I expect the weakest link in the company to pick up and, in fact, put it in their laptop. Basically, if you believe one senior security officer, a deadly, worm-infested attack on the Pentagon in 2008 began like this.
Hackers also tried to use USBs as a ransomware vector. Last September, it was said that terrorists have been reaching out to employees of other companies and trying to bribe them to bring out redemption tools at their companies through poles protected by thieves.
All of this is a roundabout way to say a few important things: Do not receive gifts from strangers, avoid bribes, and, if you do not know where the USB stick comes from, it is best to stop.