FBI warns companies against hacker group that sends USB sticks with malware

Spread the love

The FBI has issued a warning to companies to be aware of rogue USB sticks sent by post. There are reports of USB sticks allegedly coming from Best Buy, accompanied by a coupon.

According to the American authorities, the USB sticks have recently been sent to various companies and organizations, according to Bleeping Computer, which has seen the warning from the FBI. An example was also given of a USB stick with a cover letter that appeared to be from Best Buy. In some cases, teddy bears were also sent along.

The FBI thinks that the hacker group FIN7 is behind the sending of the USB sticks. Once plugged into a PC or laptop, the USB stick is recognized as a keyboard, but it appears that connection to Russian IP addresses is made in the background via PowerShell commands, according to research by security company Trustwave. Griffon malware eventually ends up on the PC or laptop via the servers that are connected to.

Hackers are more often trying to tempt companies to put infected USB sticks in their computers. These are often programmed in such a way that they can connect unseen with malicious servers to download malware. In this case, the FIN7 group uses microcontrollers recognized as Arduino Leonardo as a base. This programmable board is intended to be recognized as a keyboard or mouse when connected to a PC or laptop.

You might also like