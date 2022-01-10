Cybercriminals pass their packages as shipments from Amazon or the US Department of Health and Human Services.

The US Federal Bureau of Investigation (FBI) warns that a prolific group of cybercriminals called FIN7 has attempted to hack American companies in the transportation, defense, and insurance sectors by shipping malicious USB drives these organizations, hoping to infect their systems with ‘malware’ and carry out future attacks.

“Since August 2021, the FBI has received reports about several packages containing these USB devices,” reads the alert issued by the FBI and reviewed by the specialized cybersecurity media Bleeping Computer. “The packages were sent using the United States Postal Service,” the statement said.

According to the FBI, criminals use two procedures to make shipments: by means of a package apparently sent by the US Department of Health and Human Services (“often accompanied by letters that make reference to the covid-19 guidelines attached with a USB “); and through an alleged Amazon shipment consisting of” a decorative gift box containing a fraudulent thank you letter, a counterfeit gift card and a USB “.

In both cases, the packages contained branded USB devices. LilyGO, with ‘malware’ that were downloaded and installed on the computers to which the USBs were connected. In this way, criminals gain administrative access, and can then move to other local systems.

This is the second time that the FBI warns about the malicious actions of FIN7, a group that, according to the US agency, operates from Eastern Europe. The first alert was issued in March 2020, after the security firm Trustwave found one of the USB devices that FIN7 sent to one of its clients.