The FBI has warned the US defense industry that a cybercrime group is mailing malicious flash drives to companies in an attempt to infect the target networks with malware.
Getting a flash drive via mail might sound as it came straight out of a spy novel, but unless you know exactly who sent it, it’s almost certainly carrying malware and should be disposed of, immediately.
Malicious teddy bear in the mail
The devices carried malware which, as soon as plugged in, registers as a Human Interface Device (HID) Keyboard, allowing it to remain operational even after the drive was removed from the computer.
It then starts installinfg additional malware, with the end goal, according to the FBI, to install one of the more popular ransomware strains.
This is not the first time FIN7 mailed malware to people. BleepingComputer reminds that two years ago, the same group impersonated Best Buy and mailed similar packages to hotels, restaurants, and retail businesses via USPS. Back then, they even called their targets on the phone to persuade them into connecting the devices, and in May 2020, they mailed teddy bears to “soften up” their victims.
The HID attacks only work when the target willingly connects the flash drive to the target device, and can be avoided by having employees only connect USB devices based on their hardware ID or those that have been approved for use by the IT security team.
- These are the best identity management software right now
Via: BleepingComputer