Scam of the Week – Infected Memory Sticks

January 12, 2018 4:25 pm Paul Mullin

This may not seem like an unusual occurrence as there are undoubtedly thousands of infected memory sticks in operation across the globe. Nevertheless, we should always remain cautious of the prevalence of infected memory sticks. However, the circumstances of this latest story is enough to make it into our Scam of the Week series.

Taiwan’s National Police Agency said 54 of the flash drives it gave out at an event highlighting the governments cybercrime crackdown contained malware.

The country’s Criminal Investigation Bureau (CIB) has apologised for the mistake and placed the blame solely on a third-party contractor. They have so far managed to claim back 20 of the infected USB drives to minimise damage. However, around 250 flash drives had been given out at the event.

The CIB said that the bug originated from a Taiwan-based supplier which transferred data onto 54 of the drives to ‘test their storage capacity’ and in the process infected the devices.

The malware, known as the XtbSeDuA.exe program, is designed to collect personal data and transmit it to a Polish IP address which then bounces it to unidentified servers.

The CIB said it had been used by a cyber-fraud ring uncovered by Europol in 2015.

Only older, 32-bit computers are susceptible to the bug and thankfully most common anti-virus software can detect and quarantine it.