In January 2022, the FBI issued a public warning over a USB attack campaign in which numerous USB drives, laced with malicious software, were sent to employees at organizations in the transportation, defense, and insurance sectors between August and November 2021. The USBs came with fake letters impersonating the Department of Health and Human Services and Amazon, sent via the U.S. Postal Service and UPS. The campaign has been dubbed “BadUSB,” and the FIN7 hacker organization has been named as the culprit. Here is what you need to know about BadUSB and mitigating the risks of this USB attack.
BadUSB definition
“The BadUSB attack provides the victim with what looks like a physical USB stick and a lure to plug it into the victim’s system, such as promising a gift card as a thank you or invoices that need to be processed,” explains Karl Sigler, senior security research manager at Trustwave SpiderLabs. His malware research team initially discovered the campaign in 2020 while examining a malicious thumb drive as part of a forensic investigation for a U.S. hospitality provider.
More Stories
Chained Vulnerabilities Exploited in Ivanti Cloud Service Appliances
Threat actors chained Ivanti CSA vulnerabilities for RCE, credential theft & webshell deployment Read More
Bookmakers Ramp Up Efforts to Combat Arbitrage Betting Fraud
Arbitrage betting fraud rises, forcing bookmakers to adopt stricter measures against automated scams Read More
Third Interdisciplinary Workshop on Reimagining Democracy (IWORD 2024)
Last month, Henry Farrell and I convened the Third Interdisciplinary Workshop on Reimagining Democracy (IWORD 2024) at Johns Hopkins University’s...
CISOs Dramatically Increase Boardroom Influence but Still Lack Soft Skills
Splunk reveals that 82% of CISOs now report directly to the CEO, but many lack EQ Read More
Cisco Fixes Critical Vulnerability in Meeting Management
The network equipment giant urged customers to patch immediately Read More
New GhostGPT AI Chatbot Facilitates Malware Creation and Phishing
Cybercriminals are selling access to the malicious GenAI chatbot via Telegram, providing rapid assistance for a range of nefarious activities,...