FBI Warns FIN7 Campaign Delivers Ransomware via BadUSB

  /     /     /  
Publicated : 23/11/2024   Category : security


FBI Warns FIN7 Campaign Delivers Ransomware via BadUSB


An FBI warning says the FIN7 cybercrime group has sent packages containing malicious USB drives to US companies in an effort to spread ransomware.



The FBI has warned of a FIN7 cybercrime campaign in which attackers mail USB thumb drives to US organizations with the goal of delivering ransomware into their environments.
In an alert sent late last week, the FBI said it has received reports of several packages containing malicious USB devices that were sent to US companies in the transportation, insurance, and defense industries. The activity has been ongoing since August 2021, the FBI said, and packages were sent via the United States Postal Service and United Parcel Service.
There are two versions of packages sent: One is disguised to appear as though its from the US Department of Health and Human Services; these parcels often contain messages about COVID-19 guidelines in addition to the USB. The second type is designed to imitate Amazon; these come in a decorated gift box with a thank-you message, fake gift card, and the malicious USB.
According to the FBI, recipients who plug these USB drives into their devices would become the victims of a BadUSB attack in which the USB would register itself as a keyboard and send preconfigured keystrokes and commands to the machine. These would run PowerShell commands that installed malware and became a backdoor for future access.
FIN7 has reportedly used several tools — including Metasploit, Cobalt Strike, Carbanak, and PowerShell scripts — to deploy ransomware, such as BlackMatter and REvil, on target networks, reported The Record, citing the FBI alert.
Read more details
here
.

Last News

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security

▸ Criminal Possession of Government-Grade Stealth Malware ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
FBI Warns FIN7 Campaign Delivers Ransomware via BadUSB