Monday, July 30th 2018

Snail Mail Malware: Chinese Hackers Go Old School

In today's world, data breaches, phishing attacks, malware, and exploits are a daily occurrence. We are all familiar with the typical phishing emails that grace our inbox day in day out. You might even get a phone call from a fake Microsoft tech support employee, who attempts to gain access to your system. However, in our always-online world, it is a bit surprising to hear about hackers that would decide to use snail mail. In what will likely elicit a few giggles, U.S. state and local government agencies, along with the Multi-State Information Sharing and Analysis Center (MS-ISAC) have issued an alert, in what I can only describe as an attack from the stone age; malware infested CDs.
While no state was directly named in the alert, State Archives, State Historical Societies, and a State Department of Cultural Affairs were all targeted in this unsophisticated attack. The agencies in question received Chinese postmarked envelopes containing a poorly translated letter and an unlabeled CD. The CDs were loaded with Microsoft Word document files embedded with malicious Visual Basic scripts. There is no word on if anyone was tricked by this attempt, however, it does go to show you can't keep a good hacker down. If they can't get you via phishing emails, they might just as well try snail mail.
Source: KrebsOnSecurity
Add your own comment

28 Comments on Snail Mail Malware: Chinese Hackers Go Old School

#1
Mistral
They will soon need to enclose an optical drive with these too...
Posted on Reply
#2
Paganstomp
Next... cassette tapes. Infect that Timex Sinclair 1000, too. :D
Posted on Reply
#3
RealNeil
LOL! Hackers never quit.
Posted on Reply
#4
GoldenX
MistralThey will soon need to enclose an optical drive with these too...
My system is immune!
Posted on Reply
#5
Tomgang
What is that round thing?



Seriously is that what happens when hackers is knocked back to the stone age. Sending cd/dvd-rom in a time where these things are used less and less by the time there go and many pc are sold with out and a dvd drive.

How stupid can hackers be:banghead:
Posted on Reply
#6
R-T-B
TomgangHow stupid can hackers be
Sadly, they probably did their homework here and know most government computers still have a CD-ROM. Laughable, but true.
Posted on Reply
#7
Bones
I'm waiting for the one done with an 8-track tape..... :D
Posted on Reply
#8
peche
Thermaltake fanboy
R-T-Bthey probably did their homework here and know most government computers still have a CD-ROM.
and not only goverment computers, average computers with a CD-Rom are amazing...
Posted on Reply
#9
OneCool
I don't think I would call that " can't keep a good hacker down". More like absolute desperation really.
I say let's make our own and label them windows 11 beta and send them back.
Posted on Reply
#11
Xzibit
How long do i have to wait for the USB/HDD/SSD version
Posted on Reply
#12
Prima.Vera
The ammount of ignorance on this thread is stunning. People are making fun of people owning DVD/BluRay drives... I mean seriously??? I have a lot of BluRay movies, even 4K BluRays home, which I play using my PC since it's way cheaper than buying a dedicated player.
What's with this hate over the Optical media??
Posted on Reply
#13
Rockarola
PaganstompNext... cassette tapes. Infect that Timex Sinclair 1000, too. :D
Who cares about the Sinclair, my Commodore 64 might be at risk!
(I still own one, and the tape-deck might even work...it did 14 years ago)
Posted on Reply
#14
hat
Enthusiast
Prima.VeraThe ammount of ignorance on this thread is stunning. People are making fun of people owning DVD/BluRay drives... I mean seriously??? I have a lot of BluRay movies, even 4K BluRays home, which I play using my PC since it's way cheaper than buying a dedicated player.
What's with this hate over the Optical media??
I don't think anyone is hating on optical media... but it's rather laughable that hackers are mailing optical discs. I think that's what all the silly comments are about.
Posted on Reply
#15
robot zombie
LMAO, I don't even have an optical drive in this machine. I'd have to put it into my old laptop and rip/mount. Only thing I keep it around for... ...ripping malware disks I get in the mail so I can load them onto my main rig via USB media, that is.

What a world we live in. :rolleyes:

I was gonna mention how it almost makes sense to use optical media almost makes sense if your target is older, computer-naive users, likely with old machines that would still have optical drives... ...but then I saw the gibberish note included and I can't help but wonder what they're even going for at all, much like how I feel when I see that same gibberish in comments and emails.

And then, I read... ...microsoft word files loaded with visual BASIC MALWARE?!! Wat. That's a lot for me. It's just... I don't even know what it is. How do you even know enough to think to do that and still think it will work? Or is it one of those things where this is new information to whatever group is doing this? Like they are just so out of the loop they legitimately think this stuff is relevant and viable... ...for fooling government agencies no less.

Sometimes I think everything... ...the scam, the plan, EVERYTHING, is handled by AI's ran out of shacks dotted across the less civilized, more culturally isolated areas of the world. Like, cracked concrete shacks overgrown with vines with a dirt road leading up from the main road of some lost, old villiage in east asia. Inside is a rather impressive, if not dilapidated and post-apocalyptic cyberpunk server room - full of crossed, mildewed wires - running AI's that plan and execute various forms of meandering, nonsensical scams and compile obscure malware to release into the wilds of the net... ...and occasionally sometimes do things like initiate a cd malware mailer operation. I dunno, makes about as much sense as anything. It's hard to believe that humans, with brains just like yours and mine, come up with this stuff. It really does remind me of AI's. They only seem to comprehend - sometimes better than humans, even, but every now and then they do things that are admirably elaborate, and yet laughably nonsensical.

Naw... ...but its probably either a bunch of clueless adults meandering through their sad lives or a child prodigy super-hacker in the making.
Posted on Reply
#16
GoldenX
Office macro virus, it's pretty old.
Posted on Reply
#17
hat
Enthusiast
robot zombieLMAO, I don't even have an optical drive in this machine. I'd have to put it into my old laptop and rip/mount. Only thing I keep it around for... ...ripping malware disks I get in the mail so I can load them onto my main rig via USB media, that is.

What a world we live in. :rolleyes:

I was gonna mention how it almost makes sense to use optical media almost makes sense if your target is older, computer-naive users, likely with old machines that would still have optical drives... ...but then I saw the gibberish note included and I can't help but wonder what they're even going for at all, much like how I feel when I see that same gibberish in comments and emails.

And then, I read... ...microsoft word files loaded with visual BASIC MALWARE?!! Wat. That's a lot for me. It's just... I don't even know what it is. How do you even know enough to think to do that and still think it will work? Or is it one of those things where this is new information to whatever group is doing this? Like they are just so out of the loop they legitimately think this stuff is relevant and viable... ...for fooling government agencies no less.

Sometimes I think everything... ...the scam, the plan, EVERYTHING, is handled by AI's ran out of shacks dotted across the less civilized, more culturally isolated areas of the world. Like, cracked concrete shacks overgrown with vines with a dirt road leading up from the main road of some lost, old villiage in east asia. Inside is a rather impressive, if not dilapidated and post-apocalyptic cyberpunk server room - full of crossed, mildewed wires - running AI's that plan and execute various forms of meandering, nonsensical scams and compile obscure malware to release into the wilds of the net... ...and occasionally sometimes do things like initiate a cd malware mailer operation. I dunno, makes about as much sense as anything. It's hard to believe that humans, with brains just like yours and mine, come up with this stuff. It really does remind me of AI's. They only seem to comprehend - sometimes better than humans, even, but every now and then they do things that are admirably elaborate, and yet laughably nonsensical.

Naw... ...but its probably either a bunch of clueless adults meandering through their sad lives or a child prodigy super-hacker in the making.
Hah. I gave up trying to understand anything long ago...
Posted on Reply
#18
robot zombie
hatHah. I gave up trying to understand anything long ago...
Right? If there was any advice I could give every bright-eyed 18-year-old going out into the world for the first time, just trying earnestly to get out there and conquer life, it would be "Nobody really knows what going on." and "Nobody quite knows exactly what they're doing."

Realizing that just saves you a lot of mental anguish in the long run. People are strange. Weird things happen all over the place. For every weird thing like this you encounter, there are 10 other weirder things occurring at the same time. There's always a reasonable explanation. Goddamned if you ever find it. And sometimes things that initially appear simple and easy to understand are less so over time.
Posted on Reply
#19
windwhirl
Funny thing, at work we receive relatively major updates for our accounting software in DVDs... And it's not like it's got a nicely printed cover. Nop, it just says "software version X.XX", handwritten with a marker. Although due to strange customer service and the nature of the information that software handles, we have to ask to get the update, so if a disc showed up unexpected, I wouldn't even bother to read it.
Posted on Reply
#20
Ruru
S.T.A.R.S.
Prima.VeraThe ammount of ignorance on this thread is stunning. People are making fun of people owning DVD/BluRay drives... I mean seriously??? I have a lot of BluRay movies, even 4K BluRays home, which I play using my PC since it's way cheaper than buying a dedicated player.
What's with this hate over the Optical media??
I use Playstation 3 for watching dvd/bd movies.

For PC, this is my second case without a bay for a cup holder.

Posted on Reply
#21
Caring1
Chloe PriceFor PC, this is my second case without a bay for a cup holder.
It's annoying when that cup holder automatically retracts though. :roll:
Posted on Reply
#22
robot zombie
Haha, cupholder optical drives. I had one of those once. Once upon a time, long long ago, I had some friends over for a little drinking situation. At some point one of my friends went into my room, drunk as any of us, and attempted to pee in a water bottle sitting on top of my main computer at the time. Why, I do not know. The bathroom was one room away. I think maybe he meant to go into the bathroom next door and just got lost. Guess it couldn't wait.

He did okay I guess, but he missed a little and got pee in the optical drive. From then on it made for a great cupholder, as it never closed. Try to close it and it popped right open again. At least of all of the things he could have ruined, he got the optical drive.

I tried really, really hard not to be mad. Tried. He may have cleaned it, but I never truly forgave him for that one. I still had to swap the case on principle of not wanting to touch a case that's been peed on. And from then on, any time he got up to go to the bathroom, I gave him directions.

But I guess the real lesson is that if you're having problems with your build's retractable cupholder retracting at inopportune times, try peeing on it. Seems to work. YMMV. Also has the benefit of protecting your system from all of the latest malware CD's. Any time you try to insert one, the drive will automatically pop it back out.

Dunno how this is relevant but there it is.
Posted on Reply
#23
Prima.Vera
Chloe PriceI use Playstation 3 for watching dvd/bd movies.

For PC, this is my second case without a bay for a cup holder.

I don't own any consoles.
Posted on Reply
#24
Vayra86
Prima.VeraThe ammount of ignorance on this thread is stunning. People are making fun of people owning DVD/BluRay drives... I mean seriously??? I have a lot of BluRay movies, even 4K BluRays home, which I play using my PC since it's way cheaper than buying a dedicated player.
What's with this hate over the Optical media??
Ah so this is why you are -1'ing everyone?

Stop being so sad man. Its a simple fact that optical media are past their due date. For over a decade, just about. If that gets your panties in a bunch, you need to get help.
Posted on Reply
#25
Prince Valiant
Vayra86Ah so this is why you are -1'ing everyone?

Stop being so sad man. Its a simple fact that optical media are past their due date. For over a decade, just about. If that gets your panties in a bunch, you need to get help.
You might not use optical media but that doesn't mean it has no purpose ;). It's still plenty reliable for long term storage and the last time I looked BD at a mere 2X was still faster than the majority of US internet connections.
Posted on Reply
Add your own comment
Dec 19th, 2024 09:50 EST change timezone

New Forum Posts

Popular Reviews

Controversial News Posts