Hacker groups often prefer to use vulnerabilities to attack targets, but software-based security vulnerabilities are not always effective. Therefore, attacks through social engineering are also common tactics used by many hacking groups, although social workers are relatively complex but have a very high success rate. For example, the FIN7 Hacking Group has recently successfully used Best Buy rewards to penetrate multiple targets, and the success rate of this penetration method has been surprisingly high.
A certain East treasure to send you a excellent plate do you want to?
Best Buy is a more popular foreign e-commerce shopping site, although not as Amazon but Best Buy also has a very large number of customers, with a domestic East and a treasure similar. The hacking group’s approach is this: in the name of Best Buy, it sends physical packages to target companies containing premium plates and so-called loyalty gift cards. Gift cards are also specifically marked only to buy a uefa so Best Buy sends the usb form directly, which is a reward to the customer while reducing the hassle of the shipping process.
Most employees receive such packages in the belief that it is really Best Buy’s customer feedback, so these employees of the Harvest Of e-baked to use. Of course, this kind of social engineering means is really difficult to be easily identified, even users with a safety basis encounter edified such good things may not be able to distinguish in time.
Researchers transform data lines into malicious keyboards
You think this is a uefa but it’s not just a ukip:
The ubers sent by the hacking group were actually custom-developed, and last year Blue Dot said researchers had transformed the line into an external keyboard. The makeover doesn’t really turn the data cable into an external keyboard, but rather makes the operating system think the external device is the keyboard through custom circuit boards and firmware. When this data line-shaped keyboard is connected to a computer, the input method is activated, and the hacker’s built-in automatic keyboard input in the firmware quietly executes some malicious commands.
And the hacker group sent the excellent disk is also after a similar customization, but not the data line but to the ordinary excellent disk as a carrier for the circuit board transformation. Even these uefas have the ability to store the usb form, so it’s really a good disk, but it’s not just a usb stick because it’s a keyboard with different shapes.
Hackers use the carrier of the udisk, this excellent disk in the domestic price of about 10 yuan is often used as a giveaway
Malware and backdoors built into the USB stick:
If employees really believe that Best Buy’s customer feedback, then the hacker group’s goal is achieved, at least using social engineering attacks. Next just wait for the enterprise employees can’t wait to connect this usb stick to the computer, as long as the connection to the computer disk built-in input program will automatically work. You don’t even need the user to open the USB stick and you don’t need the user to execute any programs, just connect to the computer hacking group to take advantage of automated programs. Next, the hacker will through a series of operations to avoid anti-virus software to kill, and eventually this disk can break the blockade successfully loaded from the remote server backdoor program.
After the dismantling, hackers can be seen retrofitting internal components
This custom-made offer costs only $5:
It is understood that the custom BadUSB device previously cost around $100 and comes with many features, and the FIN7’s premium drive costs just $5. So even sending a malicious usb stick to every department of the target enterprise is not a problem, so many departments will always think that the use of pie-making. There’s really no good way to deal with this kind of social engineering attack unless the business administrator directly disables the USB function of all devices. Of course, after such attacks, enterprise administrators are best to carry out security training for enterprise employees in a timely manner to avoid future unknown external devices connected to any computer.