Recent “BadUSB” attacks serve as a reminder of the big damage that small devices can cause.
The FBI recently warned of advanced USB-based attacks by a group called FIN7. The campaign, believed to have started last August, targets American companies, including those in key critical infrastructure industries such as transportation, insurance, and defense. The attackers targeted victims by sending them packages that contain advanced attack tools on the USB devices. These “BadUSBs” pose a significant threat. Here’s what you need to know — and do — about them.
The Attack Technique and Tools
It is believed there are two variations of the packages, each of which is designed to trick users into using the USB devices. The first references COVID-19 guidelines, while the second claims to be a gift in decorative packaging with a fake gift card and thank-you letter.
These BadUSBs are actually penetration testing tools. A BadUSB looks like a normal USB, but it presents itself to the operating system of a computer as another device, one that is more naturally trusted by a computer, such as a keyboard. Once inserted into the computer, the device invokes the Windows command line and executes a script that downloads an exploit. This causes an infection on the endpoint that enables attackers to initiate an attack sequence on the organization — in the case of the FIN7 attacks, ransomware. Read more:https://bit.ly/3tXNJBG