The FBI has warned that thieves are sending out ransomware-infected USB flash drives. They’re supposed to be after American businesses.
The FBI has warned that thieves are sending out ransomware-infected USB flash drives. During the epidemic, cybercrime has increased, with several companies claiming huge data breaches in recent years. Ransomware and phishing attacks have been among the most popular attack methods for hackers and cybercriminals in recent years, with several reports surfacing.
The Colonial Pipeline hack, which resulted in a huge fuel scarcity across broad swaths of the United States last year, was one of the most well-known recent ransomware assaults. Locky and Petya ransomware attacks in 2016, WannaCry and Bad Rabbit ransomware attacks in 2017, Ryuk ransomware attacks in 2018, and so on. The FBI believes cybercriminals adopt old-school strategies to target U.S. businesses with a new ransomware attack.
According to a recent FBI advisory, the FIN7 cybercrime gang is attempting to hack U.S. businesses, notably those in the transportation, insurance, and defense industries. To do so, they are purportedly impersonating Amazon and the U.S. Department of Health and Human Services to mail ransomware-infected USB flash drives to American businesses (HHS). According to Bleeping Computer, these shipments also include phony COVID-19 instructions and fake Amazon gift cards, in addition to malicious flash drives. If the receivers link these devices to their work P.C.s, the hackers access the organization’s networks, allowing the ransomware to be distributed.
You’ve Received Mail.
According to the FBI, the thieves send these dangerous devices to their targets via the United States Postal Service (USPS) and United Parcel Service (UPS). The hackers expanded their reach to the defense industry in November 2021, after starting with the transportation and insurance industries in August 2021. It’s unclear whether any targeted companies were hacked due to the attacks. Still, it does show how inventive and resourceful cybercriminal groups have gotten in recent years, particularly those with a vast reach and scope.
The FIN7 group is thought to be an Eastern European cybercrime ring that has caused billions of dollars in losses to businesses and consumers worldwide. The US Justice Department has also accused FIN7 of obtaining millions of people’s credit card information two years ago using a very identical method. It impersonated Best Buy and sent malicious flash discs to the hotel and retail businesses. The FBI has reportedly been after the group for numerous years, even though it is still operating.
Source: Bleeping Computer