CDs full of malware have been sent to US state officials, seemingly from China.
When was the last time you used a non-music CD? They aren’t particularly common these days, but that hasn’t stopped a bevy of Chinese hackers sending them to US government officials.
A garbled letter accompanies them and clearly the hope is that the target will be so baffled that they put the CD into their PC.
At this point the .doc files contained on the CD will deploy a malware payload onto the PC.
Mark James, ESET Security Specialist, discusses the evolution of digital scams and how to protect yourself from similar techniques.
“Phishing and scams are a major factor in modern computing for all devices: laptops, desktops, even TV’s these days are fair game for malware writers.
“We often see techniques being reused; this approach while unusual does not surprise me. A disk appears unexpectedly in the post, it looks harmless, the only way to determine its contents is to place it in your machine. From there the trap is set, triggered and infected.
“This type of attack is not aimed at the security conscious; it’s an opportunistic attack that will without doubt successfully target a number of unsuspecting victims.
“As with all techniques it has its limitations, this particular one could be limited by the decline of the optical drive as more and more machines are produced without them.
“Always be on your guard, question everything, if you’re not expecting it and you’re not able to contact the sender then treat it with extreme caution!”
How would you react to a random letter and CD being posted through your door? Let us know on Twitter @ESETUK.
ESET’s home security software includes Device Control, which allows you to block CDs, DVDs, USBs and other storage devices. Find out more here.