Unexpectedly received a USB stick in the post? Well… don’t plug it in!

Police in the Australian state of Victoria are warning the citizen about a strange cybercriminal attack: randomly send unmarked USB sticks containing malware through letterboxes.

USB sticks

The criminals hopes that the unsuspecting recipients will plug the USB drives into their computers?

The state police’s online news warns:

Police are urging residents in Pakenham to be wary following reports last week of corrupt USB flash drives being left in residential letterboxes.

Members of the public are allegedly finding unmarked USB drives in their letterboxes.

Upon inserting the USB drives into their computers victims have experienced fraudulent media streaming service offers, as well as other serious issues.

The USB drives are believed to be extremely harmful and members of the public are urged to avoid plugging them into their computers or other devices.

Below is an image of USB drives similar to those believed to be involved in the scam.

Anyone with information about those behind the scam is urged to contact Crime Stoppers on 1800 333 000 or submit a confidential report at www.crimestoppersvic.com.au

Luke Zammit

Media Officer


Another security exercise?

In 2011 the Western Australian Auditor General carried out a security exercise in which it left USB sticks in public places, with a software on them that “calls home” when started.

Eight of fifteen government agencies involved failed the test, with agency staff connecting the USB sticks to their computers, allowing the devices to access their agency’s network.

The experiment has been mirrored in part in the US with similar results.

But TheHackerNews smartly says:

Keeping this human psychology in mind, just last month a Hong Kong-based company started selling a USB stick, dubbed USB Kill v2, that can fry any computer it’s plugged into.


My suggestion?

Beware of unexpectedly free USB stick!