The FBI has warned that cybercriminals are mailing out USB flash drives infected with ransomware. Cybercrime has seen an upswing during the pandemic, with many companies reporting massive data breaches over the past couple of years. Ransomware and phishing attacks have been among the most preferred means of attack for hackers and cybercriminals, with many such reports coming to light in recent times.
One of the most prominent recent ransomware attacks was the Colonial Pipeline hack that resulted in a massive fuel shortage across vast parts of the United States last year. Some of the other notable ransomware attacks over the past few years include Locky and Petya in 2016, WannaCry and Bad Rabbit in 2017, Ryuk in 2018, etc. Now, the FBI believes cybercriminals are targeting U.S. companies with a new ransomware attack by using old-fashioned tactics.
In a new alert posted recently, the FBI said that the FIN7 cybercrime group is trying to hack U.S. companies, particularly those in the transportation, insurance, and defense sectors. To do this, they are reportedly sending out ransomware-infused USB flash drives to American companies by impersonating Amazon and the U.S. Department of Health & Human Services (HHS). As reported by Bleeping Computer, these packages reportedly contain supposed guidance about COVID-19 or fake Amazon gift cards alongside the malicious flash drives. If the receivers connect these devices to their office computers, it gives the hackers access to that organization's networks to deploy the ransomware.
You've Got Mail
According to the FBI, the criminals are using the United States Postal Service (USPS) and United Parcel Service (UPS) to mail these malicious devices to their targets. While it started with the transportation and insurance industries in August 2021, the hackers reportedly expanded their reach to the defense sector in Nov. 2021. It's not immediately clear whether any of the targeted firms were compromised in the attacks, but it does indicate how innovative and resourceful cybercriminal groups have become of late, especially the larger ones with massive reach and scope.
The FIN7 group is believed to be an Eastern European cybercrime organization that the U.S. law enforcement agencies claim has been responsible for billions of dollars in losses to businesses and consumers globally. The U.S. Justice Department has also accused FIN7 of stealing the credit card information of millions of people two years ago by using a very similar modus operandi. It mailed malicious flash drives to target the hospitality and retail industries by impersonating Best Buy. The group has reportedly been in the crosshairs of the FBI for several years, although it remains operational.
Source: Bleeping Computer