Shipping box with caution tape

FBI Warns Hackers are Mailing Malware on USB Drives to their Targets

Hooded hacker on laptop

We’ve continued to speak on the importance of Encrypted USB drives. Whether for enterprise, for the security of your business, the customers and clients who have entrusted you with their Personal Identifiable Information (PII), or simply the benefits of encrypted drives for personal security. From tax forms you take to your accountant, to a safe place to keep anything from important health records to beloved photos you couldn’t bear to lose. We’ve also made mention about being weary of inserting any unknown USB drives into your system. Whether it’s a USB drive you found right outside your office or school or one given out as swag, what we know is that plugging random USB drives into your work or personal systems can be BadUSBs that open you up to a world of trouble with malware, ransomware, etc.

Now, though, we’re seeing evidence that hackers and scammers are no longer waiting for poor souls to come across a myriad of USB traps they may have set. BadUSB devices are being shipped directly to unsuspecting victims. The Federal Bureau of Investigation (FBI) has cautioned there is a hacker group sending BadUSBs through the mail to companies in particular industries that might hold valuable information. Whether out of curiosity or hoping to find the owner of the drives, they’re banking on you opening the door for their attack on your network. This happens by plugging their trap into your computer.

A gift wrapped box with caution tape used as a bow

The hacker group, FIN7, has done all they can to keep suspicion away by making it as if the drives themselves carry important information from the US Department of Health and Human Services. It’s shipped as simply a “decorative gift box containing a fraudulent thank you letter, counterfeit gift card, and a USB,” says the FBI.

Kingston’s full line of hardware-based encrypted USB drives are equipped with digitally signed firmware that protects the integrity of the drive and ensures no modifications can be made, making it immune to BadUSB. If anyone attempts to maliciously tamper with the signed firmware, the device will no longer be able to operate. This prevents bad actors from attempting to hijack the USB drive firmware with malware as the controller checks the firmware’s signature using a sophisticated RSA 2048-bit cryptographic key mechanism to ensure it was not tampered with.

Additionally, the Encrypted drives feature a non-modifiable, read-only partition that stores the Kingston software and nothing else. Only when the drive is authenticated by the intended User via password and logs in, the drive’s private partition opened for data access. Kingston offers Encrypted USB drives in both Standard and Managed models, as well as Custom Product Identification so companies can whitelist approved drives to ensure employees only utilize authorized USBs.

With reports coming in since last August and likely to continue, we too shall continue to preach our sermon of:

  1. DO NOT plug in any USB drives, neither found nor delivered with a fancy presentation.
  2. When in possession of PII or any important information make sure it’s on an Encrypted USB drive.
  3. For max security, hardware-based encryption is the way to go!

To learn more about Encrypted USB, BadUSB, and best practices your company should be implementing check out these articles below.


Kingston’s Ask an Expert icon on a circuit board chipset

Ask an Expert

Planning the right solution requires an understanding of your project's security goals. Let Kingston's experts guide you.

Ask an Expert

Related Videos

Related articles