The new method of hackers to enter our system is to put a USB memory in the mailbox, in case we bite.
The security rules for our computer are very similar to the rules when it comes to flirting: never, for what you want most, connect anything without knowing where it has been before, and do not forget about protection.
It is easy to forget this, since we are so used to connecting all kinds of devices to our PC that one more or one less doesn’t really make any difference. Attackers rely on USB familiarity to mount attacks.
USB attacks, more common than you think
Don’t blame yourself for it, it happens to everyone, especially professionals; When in 2014 it was discovered that the International Space Station had been infected with malware, it was concluded that the attack occurred because a Russian cosmonaut connected his own USB stick, which contains malware that exploited the vulnerabilities of the station’s Windows XP computers.
In recent months, we are seeing a change in this attack vector: now what is in fashion among attackers is drop USB sticks on the street, for random victims to pick them up and connect them to their computers without thinking.
According to an experiment carried out in 2015, one in five people who find a USB stick on the street used it immediately after on a computer, no matter if it was yours or work. It seems like a low success rate, but the truth is that it has become a very popular attack method.
The trick of the USB stick in the mailbox to hack us
According to the Australian police, now that type of attack has evolved, and in recent weeks reports of people who found a USB memory in the mailbox, connected it to their computer, and surprise, are appearing. they ended up with malware.
Depending on the operating system you use, installing malware automatically as soon as a USB memory stick is connected is really easy, and once you have control of the computer you can do whatever you want.
Apparently, the victims complained that receive offers from fraudulent video streaming sites, probably in an attempt to get your credit card number to be able to watch videos or just to direct traffic to a site.
However, the potential damage is much greater, and the attacker could use our computer as a zombie in a DDOS attack, spy on our personal data, or install ransomware to hijack our files.
At first sight, USB sticks used by attackers are nothing special, and they are like those we could find in any Chinese at ridiculous prices. But apparently, it is a bait interesting enough for many people.
As it is, it is only a matter of time before this type of attack spreads to everyone, so if you see a USB stick in the mailbox, you already know that you should never use it.