The FBI has warned US companies about a hacker group that’s sending out malware-ridden flash drives disguising them as a gift.

It’s said that the hackers are victimizing US companies who are in the insurance, transportation, and defense industries. The said USB sticks are being sent via US mail.

Excited that they got a gift, employees will then plug the malware-ridden flash drives into their computers, which would give an opportunity to hackers to start the attack.

The said hackers behind this are a group called FIN7.


To make it believable, the hackers would even dress the packages to look friendly. Some packages would look like they come from the US Department of Health and Human Services with notes saying that the drives stores important information about guidelines for COVID-19.

Other packages were even dressed to appear that they were a gift box that came from Amazon.

FBI said that the scheme may have been operational for a couple of months already as the first reports they received happened way back in August of 2021.

For a quick background about the supposed perpetrators, FIN7 is said to be a sophisticated criminal group that has apparently stolen over USD1 billion through its entire career.

Such schemes could easily be carried out not just in the United States, but also in other countries like the Philippines. Studies show that people would easily plug random flash drive into their computer when given the opportunity, no matter where it came from.

Via: Gizmodo

Leave a comment

Your email address will not be published. Required fields are marked *