A new cyber attack on Organizations has been detected and reported in Nigeria by ngCERT. This attack comes in form of ransomware that is aimed at attacking targeted organizations in the country. So, what is it all about and how can you stay safe?
According to ngCERT, a new cybercrime group has coined a new way to attack organizations in Nigeria. They do this by delivering ransomware to targeted organization network.
These cybercrime group would mail a USB thumb drives to many organizations hoping that these organizations will plug them into their PCs and install the ransomware on their networks.
For those who don’t know, a ransomware is a type of malware from cryptovirology that threatens to publish the victim’s personal data or perpetually block access to it unless a ransom is paid.
The report from ngCERT further explains that the USB drives contain so-called ‘BadUSB’ attacks. The BadUSB exploits the USB standards versatility and allows an attacker to reprogram a USB drive to emulate a keyboard to create keystrokes and commands on a computer. It then installs malware prior to the operating system booting, or spoofs a network card to redirect traffic.
During the process of this installation, more malware and other unwanted software are installed in the user PC. This attack was first seen in the US and such USB drives were sent via the Postal Service and Parcel Service.
Some the package of these USB drives contain message impersonating the US Department of Health and Human Services and claimed to be a COVID-19 warning. Other malicious USBs were sent in the post with a gift card claiming to be from Amazon.
How to stay safe during this Ransomware
There are couple of things you can do so that you and/or your organizations don’t fall victim to this new cyber attack.
- Don’t accept and plug an unknown USB drive into your PC or companies PC
- Be sure that any USB drive is from someone you know and trust
- Verify and USB drive to be sure its from a trusted source. This include even calling the source to confirm the authenticity of such USB drive.
Note that why this ransomware attack is primary targeted at companies, it can also be used against individuals. So, as an individual, be careful the USB drive you plug into your PC to avoid having someone else have access to your personal files and financial details.
If you need any help regarding any cyber attack, you can reach out to ngCERT technical team via firstname.lastname@example.org, for assistance.