Don’t stick it in if you don’t know where it’s been

Don't stick it in if you don't know where it's been
Well, if you found a lonely USB flash drive 
in the parking lot of your company, 
what would you do?

Criminals laced a parking lot of the Dutch chemical company DSM with USB flash drives that when inserted would autorun a malicious program and send usernames and passwords to a remote site.

The hacker’s hope was that their social engineering ploy would compel employees to stick the drive into their company’s computers to discover the USB owner’s identity.

However, after an employee gave a drive to the IT department, they discovered the infection, blocked the IP address of the remote site, and recovered the other "lost" drives.

(And yes, someone actually made a flash drive out of a condom package.)

– Dropped infected USB in the company parking lot as a way of getting malware onto the company network, Boing Boing>>
– Condom USB Flash Drive, Design Fetish>>

Tagged : /

2 thoughts on “Don’t stick it in if you don’t know where it’s been

  1. If you’re going to be a serious cheese taster, you need serious tools or at least to be able to identify them.

Leave a Reply

Your email address will not be published. Required fields are marked *