Security researchers have come across an attack where an USB dongle designed to surreptitiously behave like a keyboard was mailed to a company under the guise of a Best Buy gift card. This technique has been used by security professionals during physical penetration testing engagements in the past, but it has very rarely been observed in the wild. This time it’s a known sophisticated cybercriminal group who is likely behind it.
The attack was analyzed and disclosed by security researchers from Trustwave SpiderLabs, who learned about it from the business associate of one of their team members. Ziv Mador, vice president for security research Trustwave SpiderLabs, tells CSO that a US company in the hospitality sector received the USB sometime in mid-February.