Infected USB sticks

FBI investigations reveal that Russian hackers are mailing malware-infected USB flash drives to several industries. They hope recipients will insert the drive into their work computers.

So far, the USBs are branded "LilyGo", and may arrive as a "thank-you gift" from Amazon. They contain several innocuous files like COVID-19 guidelines. But the drives hide BadUSB malware and being sent by the known hacker group FIN7.

FIN7 then uses a variety of tools -including Metasploit, Cobalt Strike, PowerShell scripts, Carbanak, GRIFFON, DICELOADER, TIRION - to deploy ransomware, including BlackMatter and REvil, on the compromised network.

Industries targeted so far: Transportation, Insurance, Defense.

Read more and be on the alert for Trojan flash drives.