Title Hand-delivered hacking: malicious USBs left in mailboxes Degree of recognition International Media name/outlet Associated Press Media type Web Country/Territory United Kingdom Date 22/09/16 Description Memory sticks, also called thumb drives or USBs, are sometimes used to spread malicious software from computer to computer. This USB was branded, but Ascoet said the device appeared used and that he doubted there was any connection between the brand and the mysterious delivery.
Ascoet, who also works as a security researcher, eventually threw the device out — although not before photographing it and posting the picture to Twitter .
“Never EVER plug in such present,” he said by way of caption.
Stories like Ascoet’s are anecdotal, but as web users get wise to rogue links and booby-trapped attachments, there are signs that cybercriminals are experimenting with hand-delivery of malware to people’s homes.
On Wednesday, Australian police drew international attention when they announced that “extremely harmful” memory sticks had been left in mailboxes across the suburban town of Pakenham, about 60 kilometers (37 miles) southeast of Melbourne. Pakenham Police Sgt. Guy Matheson said in a telephone interview Thursday that the unmarked thumb drives started showing up several days ago.
Disguised as offers for Netflix or a similar service, Matheson said rogue programs lurking on the drives instead held victims’ computers hostage, demanding a hefty payment in the electronic currency Bitcoin as ransom.
Matheson said two or three people had fallen for the ruse.
The technique of dropping a malicious USB somewhere and hoping someone will pick it up and plug it in has long been favored by spies to hack into hard-to-reach computers, said University of Manchester doctoral student Nikola Milosevic, who has studied the history of malware. The New York Times reported that the infrastructure-wrecking Stuxnet worm spread to Iran’s nuclear facilities using a thumb drive placed in the hands of an unwitting employee, for example. And despite the risks inherent in walking up to someone’s house and dropping malicious software through their mail slot, leveraging people’s inherent curiosity can mean a bigger potential payoff.
Producer/Author RAPHAEL SATTER URL https://apnews.com/d3cb25840dd54f2c90a560c718c0ce24/police-malicious-usb-sticks-left-australians-mailboxes Persons Nikola Milosevic Title Hand-delivered hacking: malicious USBs left in mailboxes Degree of recognition National Media name/outlet Daily Mail Country/Territory United Kingdom Date 22/09/16 URL www.dailymail.co.uk/wires/ap/article-3802009/Police-Malicious-USB-sticks-left-Australians-mailboxes.html Persons Nikola Milosevic