USB drives now being mailed with ransomware

FBI has issued a warning to all companies about ransomware being spread through mailed pen drives by a cyber crime group dubbed FIN7. So, corporate companies must be vigilant while receiving USB drives through mail, and be aware that it can contain malicious software like ransomware that can disrupt a business network for weeks or sometimes months.

Federal Bureau of Investigation( FBI) says that a few of the American companies received a parcel last week to their security desks impersonating United States Postal Service(USPS) and United Parcel Service (UPS).

Some parcels were having the sender’s address as Department of Health and Human Services of the Joe Biden led nation. And were thought to be containing COVID-19 related guidelines to be followed in the work environments.

And a parcel or two contained the subject-lines as Thank-You Note and Gift cards meant for some C-level employees and sent by their colleagues to commemorate New Year 2022.

When opened these parcels contained Flash Drives that when viewed on a system contained Human Interface Device Keyboards that was actually a malware spreading tool that then downloads malicious software onto the PC and then spreads into the network to either lock down access to a database with ransomware or spy on the internal activities that are taking place in the corporate environments.

In the year 2019-20, the same hacking group that is suspected to be funded by Russian Intelligence was involved in spreading malware through USB flash drives via mail and most of its targets were restaurant chains, retail outlets and healthcare service providers.

So, how to counter this situation?

It is simple, recheck all the parcels that are being delivered and put them through security checks and make sure that it was really meant to the person intended on the mail.

Note- Remember a few years ago (in 2012), every parcel or mail that was being delivered would go through a security check where the security person would scan the parcel for any kind of white powder or Anthrax powder threat. Now, also most of the international airports that are dealing with the cargo segment are sanitizing the container goods that are being imported from China in order to avoid the entry of COVID or Corona Virus Infection into their country whilst handling. So, follow the same and scan or see what is inside the parcel and then check whether the flash drive(in any) was delivered with any malevolent intention by connecting it to a non-networked workstation.

Ad
Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display