malware pendrive

Be careful with these pendrives! Have viruses

Malicious USB drives

The FBI has warned of a campaign in which cybercriminals are attacking companies, but which could also affect home users. It is about sending USB sticks through courier services. They pretend to be a legitimate package, such as Amazon, and there goes that memory that they expect the victim to plug into their computer.

As reported, behind these attacks is the group of cybercriminals FIN7. It has been aimed at the transportation, insurance and defense services industry as well. But it is something that we can find in everyday situations, such as a “forgotten” pendrive in a library, university, on the street …

In the case of FIN7, they are using a pendrive with the LilyGO logo. It is a type of memory that is easily found on the Internet. But what really invites the victim to open the package and use that memory? It is usually accompanied by a false gift card, a letter on guidelines related to Covid-19 and, in addition, thanks for an alleged previous purchase or similar, depending on the type of objective to which it is directed.

With this they get the victim to actually use that pendrive. Once you connect it to the system, it is automatically registered as a user interface keyboard. From there, it starts injecting fake keystrokes and installing malware payloads on that machine.

Avoid malware via pendrive

Strain ransomware, the main objective

If we talk about what the attackers’ end goal really is, mention should be made of ransomware. This includes varieties like BlackMatter and REvil. This type of malicious software is used to later request a financial ransom to free the files and systems that it has encrypted.

It is important to be protected from ransomware, since it is a type of attack that has grown a lot in recent times both in companies and also against home users. In case of being victims of this threat, our data can be encrypted and it could cripple an entire organization.

In this case we are facing an attack that obviously needs the victim interaction. We are going to have to connect that USB memory to our computer. Therefore, to avoid this type of problem, it is best to maintain common sense. It is essential to know the risks that exist by simply plugging in a memory that we do not know.

However, beyond this common sense advice, we also recommend having a good antivirus, as well as keeping your computers properly updated. In many cases, hackers take advantage of existing vulnerabilities to launch their attacks, thereby breaking down defensive barriers.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *