Postal Service) to deliver malware, according to a report fromBleepingComputer.

The cybercriminal group FIN7 (akaCarbanak) is adopting a new modus operandi to deliver GRIFFON malware.

In this case, the computer thinks that the connected USB machine is a keyboard.

badusb

This fake keyboard launches a PowerShell command to recover malware from the server controlled by the attacker.

Then, the USB contacts the domain or IP address which is located in Russia.

After the surveillance phase, the attacker moves laterally to look for administrative rights, the FBI said.

BestBuyBadUSB

Fortunately, the person who spotted the suspicious rig had computer security training and didnt plug it in.

The package was sent for further analysis to Trustwave.

Targeted attacks using physical means are not as common as phishing or social engineering.

spot_img

A quick Google search for this string found a BadUSB Leonardo USB ATMEGA32U4 for sale at shopee.tw.

attacks are regularly used in penetration tests, where the most versatile sells for $100.

These new campaigns leveraging physical devices are the direct continuation of their highly sophisticated social engineering campaigns.

source: www.techworm.net