SECURITY ALERT: Malicious actors mailing out USB drives which install ransomware

Published

The FBI has just reported that the cybercrime group has been mailing out large numbers of USB drives which, if plugged into computers, will install ransomware.

The malicious USB drives carry a variety of so-called “BadUSB” attacks.  Recent instances have been sent through US Mail and UPS accompanied by differing explanations of why the target is receiving the device.  For example, one includes a message purporting to be from the US Department of Health and Human Services claiming to be a COVID-19 warning.  Another comes with what pretends to be a gift card from Amazon.   Previous instances of similar attacks pretended to come from BestBuy, claiming that the USB included information on special sales.

The USB attacks are designed to exploit vulnerabilities on USB drives which allow them to be reprogrammed to emulate keyboards, create keystrokes and commands or a range of other functions useful to a malign actor.

Please, be extremely skeptical of any USB or other storage devices which you might receive in the mail or from other shippers such as UPS, particularly if they are unsolicited or unusual from a business you know.  You should be equally cautious of such devices offered as gifts at in person events or found in public places.