At the end of last year, the Taiwanese investigating office organized a quiz to check knowledge of cyber security. The prize for the participants turned out to be … virus-locked pendrives.
The malicious software implanted on devices was supposed to steal confidential data of users, then transfer them to Polish servers, from which they were further transmitted to unknown cybercriminal servers. As the ESET expert points out, the distribution of infected media by known and considered safe organizations has been repeated many times in the past.
The malicious software called XtbSeDuA.exe was included in every fifth of 250 eight-gigabyte flash drives distributed among the winners of the cyber security quiz. Distribution of prizes has been suspended, when the winners informed the organizer of the competition – the National Bureau of Investigation (CBI) – about the suspicious content of devices, which was detected by antivirus programs.
During the investigation, it turned out that the infection was vaccinated at the local counterparty’s station of the National Bureau of Investigation. Infection occurred while testing the device’s capacity – copying the operating system’s memory to a USB drive. Modified pendrives steal confidential user data, which were then transmitted to Polish servers – information from them was passed on to unidentified cybercriminal servers. As a reason for the attack, spy actions of the Chinese government were excluded. It was possible to confirm that the virus implanted on pendrives was used by cyber criminals, who have been chasing Europol since 2015.
As indicated by ESET experts, the disruption of the distribution of infected flash drives has in the past counted large and well-known organizations. In 2008, an Australian telecommunications company distributed infected USB carriers during a security conference. Two years later, IBM did exactly the same.
– Large corporations should have specific safety procedures developed, which can significantly reduce the risk of such mishaps. However, caution is not only on the side of companies, but also users – is translating Kamil Sadkowski, a threat analyst with ESET.
This thesis is confirmed by the results of Google’s experiment with scientists from the University of Illinois and Michigan in 2016, in which 300 flash drives were left at various places on the campus. Half of them have been used without fear by the students’ unconscious threats.
– This example showed how low level of cybersecurity knowledge prevails among computer users. An effective element of protection against hidden threats on pendrives is the use of an anti-virus application, each time after connecting the USB device to the computer, it will check whether it contains dangerous content for the user – Kamil Sadkowski from ESET advises.