Up next
Author

THE FBI has issued a warning after investigators discovered that hackers were sending USBs infected with ransomware to businesses across the US.  

The malicious packages, often disguised as official goods, have been in circulation for several months and reportedly have the potential to “compromise a network.”

Hackers have been sending infected USBs to businesses in the 'transportation and defense industries'

1

Hackers have been sending infected USBs to businesses in the ‘transportation and defense industries’

The FBI now believe that Russian hackers FIN7, who are behind the Darkside and BlackMatter ransomware operations, are responsible for the operation.

According to the US agency, the group’s packages were being sent via the United States Postal Service or United Parcel Service – appearing as official companies.

The hackers usually prented to be deom the te US Department of Health & Human Services or from Amazon as a means to trick their ransomware targets.

It prompted the FBI to issue a warning to businesses that these packages were certified as fake and dangerous,

Their statement read: “Since August 2021, the FBI has received reports of several packages containing these USB devices, sent to US businesses in the transportation, insurance, and defense industries,”

“The packages were sent using the United States Postal Service and United Parcel Service.

Most read in Tech

iPhone 14 leak: New design looks different to ANY Apple phone we've seen

“There are two variations of packages—those imitating HHS are often accompanied by letters referencing COVID-19 guidelines enclosed with a USB; and those imitating Amazon arrived in a decorative gift box containing a fraudulent thank you letter, counterfeit gift card, and a USB.”

The FBI also confirmed that all packages contained LilyGO-branded USBs which, if plugged into device, could execute a ‘BadUSB’ attack and infect it with the dangerous malware software.

The Record added that, in most cases investigated by the US agency, the group would obtain administrative access and then “move laterally to other local systems.”

The latest warning comes after similar Russian malware infiltrated a huge number of companies across the US last July.

The breach, which is the largest ransomware attack on record, reportedly hit the IT systems of up to one million companies across the globe over a 24-hour period, by targeting the systems of US-based software firm Kaseya.

Two days later, Russian hackers REvil demanded a $70 million payment in Bitcoin for a decryption key. 

Cyber security company show how hackers could use your PRINTER to access your Gmail in new cyber security threat

This post first appeared on Thesun.co.uk

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Trump’s Indictment Marks a Historic Reckoning

The literally unprecedented indictment against Donald Trump marks an outright dangerous—and politically…

Android Users Can Finally ‘Like’ Messages From iPhones

Texting between Android and iPhones isn’t always the smoothest experience. Photos and…

Billions of Chrome users warned as Google removes key safety feature

GOOGLE Chrome’s 2billion users have been warned that a key safety feature…

Asian elephants living in captivity have a lower body fat percentage than the average HUMAN

Asian elephants in captivity have a lower body fat percentage than the…