FIN7 and Bad USBs

  |  Source: 

FIN7 and Bad USBs

A flash alert from the Federal Bureau of Investigation (FBI) warns of targeted activity against US defense industries from FIN7 delivering malicious USB devices, spotted with logo "LilyGO" on the devices. The campaign appears to have been active since August 2021 with various impersonation attempts to lure victims. They pose as Amazon, the US Department of Health & Human Services (HHS), COVID-19 guideline details and thank you letters. The malicious USB devices contain a keylogger and setups malware payload that downloads to set up ransomware. Downloaded malware includes Metasploit, Cobalt Strike, Carbanak malware, Griffon backdoor, and PowerShell scripts.


Get trending threats published weekly by the Anvilogic team.

Sign Up Now