Be careful with these pendrives! Have viruses

There are many methods that hackers can use to infect a system with viruses and malware. For example, something common is when downloading files from the Internet. Also when installing a program or even updating a browser extension. But in this case we are echoing a somewhat more sophisticated and also striking method: sending a flash drive to the victim.

Malicious USB drives

Be careful with these pendrives! Have viruses

The FBI has warned of a campaign in which cybercriminals are attacking companies, but which could also affect home users. It is about sending USB memory sticks through courier services. They pretend to be a legitimate package, such as Amazon, and there goes that memory that they expect the victim to plug into their computer.

According to reports, behind these attacks is the group of cybercriminals FIN7 . It has been aimed at the transportation, insurance and defense services industry as well. But it is something that we can find in everyday situations, such as a “forgotten” pendrive in a library, university, on the street …

In the case of FIN7, they are using a flash drive with the LilyGO logo . It is a type of memory that is easily found on the Internet. But what really invites the victim to open the package and use that memory? It is usually accompanied by a false gift card, a letter on guidelines related to Covid-19 and, in addition, thanks for an alleged previous purchase or similar, depending on the type of objective to which it is directed.

With this they get the victim to actually use that pendrive. Once you connect it to the system, it is automatically registered as a user interface keyboard. From there, it starts injecting fake keystrokes and installing malware payloads on that machine.

Evitar el malware a través de pendrive

Strain ransomware, the main objective

If we talk about what the attackers’ end goal really is, mention should be made of ransomware. This includes varieties like BlackMatter and REvil . This type of malicious software is used to later request a financial ransom to free the files and systems that it has encrypted.

It is important to be protected from ransomware, since it is a type of attack that has grown a lot in recent times both in companies and also against home users. In case of being victims of this threat, our data can be encrypted and could paralyze an entire organization.

In this case we are facing an attack that obviously requires the interaction of the victim . We are going to have to connect that USB memory to our computer. Therefore, to avoid this type of problem, it is best to maintain common sense. It is essential to know the risks that exist by simply plugging in a memory that we do not know.

However, beyond this common sense advice, we also recommend having a good antivirus, as well as keeping your computers properly updated. In many cases, hackers take advantage of existing vulnerabilities to launch their attacks, thereby breaking down defensive barriers.