The FBI has alerted business owners across the United States regarding a new attack wherein a suspected hacker group is sending out USB devices infected with ransomware.
Believed to be Russian hackers FIN7, who are behind the Darkside and BlackMatter ransomware operations, packages sent via the United States Postal Service or United Parcel Service contained USB devices that came infected with malicious ransomware aimed at targeting US-based businesses.
The FBI mentioned that the hackers usually pretended to be from the US Department of Health & Human Services or from Amazon as a means to trick their ransomware targets. The FBI also confirmed that all packages contained LilyGO-branded USBs which, if plugged into the device, could execute a ‘BadUSB’ attack and infect it with the dangerous malware software.
The detailed statement from the FBI reads, “Since August 2021, the FBI has received reports of several packages containing these USB devices, sent to US businesses in the transportation, insurance, and defense industries. The packages were sent using the United States Postal Service and United Parcel Service. There are two variations of packages—those imitating HHS are often accompanied by letters referencing COVID-19 guidelines enclosed with a USB; and those imitating Amazon arrived in a decorative gift box containing a fraudulent thank you letter, counterfeit gift card, and a USB.”