Humans, the attack vehicle that never fails

Social engineering, employee training, and protection, in light of the FBI advisory against BadUSB devices.
FIN7, a financially motivated cyber threat group associated with Eastern Europe, has been targeting various US industries with BadUSB devices, according to a new FBI flash alert sent to relevant businesses last week. The devices were mailed via the US Postal Service and UPS, as supposedly originating from Amazon or the US Department of Health and Human Services.

According to Bleeping Computer, which first broke this story, the packages were sent to businesses in the transportation and insurance industries as of August 2021, and to defense firms as of November 2021.

Cybersecurity company Recorded Future explains, that according to the FBI, if recipients plug the USB containing the malware into their computers, then the device would register itself as a keyboard, sending a series of preconfigured automated keystrokes to the computer, which would then run PowerShell commands to download and install various malwares that acted as backdoors.

Depending on recipient’s identity, the malicious packages also contained letters regarding supposed Covid-19 guidelines, fake thank you notes, or counterfeit gift cards.

January 11th, 2022