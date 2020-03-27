Infosecurity Group Websites

Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more
Latest
News

BadUSB Stick Mailed to Company From ‘Best Buy’

Security experts have intercepted a highly targeted attack in which a malicious USB device was mailed out to a US company.

Trustwave was alerted to the attempted attack on one of its customers’ partners, after they were sent an unsolicited letter in the post purporting to come from Best Buy.

A brief message thanked the company for being a loyal customer and enclosed a ‘$50 gift card’ alongside the USB, which the sender claimed contained a list of the items the gift balance could be spent on.

In fact, the device was a “BadUSB,” in other words, its firmware had been overwritten to automatically inject malicious commands once connected to a PC.

On analysis, Trustwave discovered a PowerShell payload designed to download second stage PowerShell code from the internet, which in turn installed malicious JavaScript.

“The JScript code could be anything, but when we decoded it, it reveals a code that gathers system information from the infected host,” the vendor explained.

Information including username, hostname, domain name, computer model, running processes, Office and Adobe Acrobat installations and OS info are encoded and sent back to the C&C server.

“The main Jscript code [then] enters an infinite loop sleeping for two minutes in each loop iteration then getting a new command from the command and control,” said Trustwave.

It’s unclear what the end goal was for these attackers, but a USB attack of this kind, whilst used by pen testers, is rare to see used in anger, the vendor concluded.

“These types of USB devices are widely known and used by security professionals. The fact that they are also cheap and readily available to anyone meant that it was just a matter of time to see this technique used by criminals in the wild,” it explained.

“Since USB devices are ubiquitous, used and seen everywhere, some consider them innocuous and safe. Others can be very curious about the contents of an unknown USB device. If this story teaches us anything, it's that one should never trust such a device.”

Related to This Story

What’s Hot on Infosecurity Magazine?

1
News

Malicious 'Corona Anti-Virus' Software Discovered

2
News

#COVID19 Drives Phishing Emails Up 667% in Under a Month

3
News

APT41 Exploited Cisco, Citrix and Zoho Bugs in Wide-Ranging Campaign

4
News

All 4G Networks Susceptible to DoS Attacks

5
News

Canadian Volunteers to Form Cyber Civil Defense Brigade

6
News

Cincinnati Firm Faces $5m Data Breach Lawsuit

1
News

Domain Registrars Take Action Against Fraudulent COVID-19 Websites

2
News

US Plans to Dig Up the Dead for New Cyber-Defense Building

3
News

LORCA Launches Open Call for Fifth Cohort of Cyber-Scaleups

4
Opinion

COVID-19, Geo Tracking, and Privacy - Where to Draw the Line?

5
News

FBI Issues Child Sextortion Warning Amid School Closures

6
News

Virgin Media Facing Huge Compensation Bill Over Data Breach

1
Webinar

Using SIEM to Protect Against Top Cybersecurity Threats

2
Webinar

The Impact of #COVID19 on the Infosec Industry

3
Webinar

Gain Control and Security of Your File Collaboration

4
Webinar

2FA or MFA: Which Authentication is Right for Your Business?

5
Webinar

Zero Trust: A Cybersecurity Essential and the Key to Success

6
Webinar

How to Build a Program to Manage Your Third Parties and Supply Chain

1
News Feature

Infosec Industry Shows Compassionate Side Amid #COVID19 Pandemic

2
Interview

Interview: Doug Dooley, COO, Data Theorem

3
Blog

Best Practices in Designing a Data Decommissioning Policy

4
News Feature

The Unique Dangers Posed by #COVID19 Phishing Scams

5
Opinion

Respecting Data Privacy Rights Through Data Encryption

6
Interview

Interview: Len Shneyder, Co-Chair, Election Security Working Group, M3AAWG