Don’t Fall for this USB Drive Scam from China


USB Drive

USB Drive Received in the Mail

I definitely want to put this out to the masses – especially to people in my network within the promotional products industry. In my regular USPS mail, I received a key chain USB Drive that was packed-out in a small padded envelope. The product was addressed from Factory A, on Ground Floor Gee, Gang Ind Bldg., No 108 Lok Shange Road, Tokwawan KowLoon J-BSJ. Nothing else was inside the package but the device itself.

In addition to being a children’s picture book author, I also own a 21 year-old marketing business specializing in the wholesale distribution of promotional products (logoed merchandise). Needless to say, receiving a sample of this nature would be fairly commonplace, especially since we sell imprinted USB drives to our clientele – except the package was addressed to me personally and not to my promotional products business, Tagsource, LLC.  The mailing label also had my home phone number on it – a number that is never given out by me or anyone on my staff. That mere fact alone probably saved me from throwing the USB drive into the company sample bin or a desk drawer, or worse yet, letting curiosity get the better of me enough to plug it in to see what was on it.

So, I did a little research on this little USB, and discovered that the “probability” is high that the device has an autorun feature installed on it, malware or other potential virus. Plug it in and your laptop or desktop could be fried, or you may even expose yourself to identity theft. While I can’t be sure that this particular drive is part of a scam, I’m posting several links below which cause me a great deal of concern. Any additional shared insight from other promotional products professionals would be great. This is definitely something we should start talking about within the promotional products industry as a whole. Note that I have sent a tip to the FBI about the device I received. I will let you know if I hear back from anyone there about any known cyber attacks with USB Drives being sent via the USPS from China.

Perhaps maybe our days of reselling imprinted USB drives should be over?

http://www.slate.com/articles/technology/technology/2010/10/dont_stick_it_in.html

http://www.dailymail.co.uk/sciencetech/article-2997401/The-killer-USB-FRIES-laptops-Malicious-drive-uses-high-voltage-destroy-computer-s-circuit-board.html

https://www.reddit.com/r/sysadmin/comments/1ozisp/this_suspicious_little_usb_device_that_our_it_got/

http://www.wired.com/2014/10/unpatchable-usb-malware-now-patchsort/

http://www.ucs.cam.ac.uk/support/windows-support/winsupuser/usbinfections

http://magazine.promomarketing.com/blog/yes-we-should-be-scared-about-bad-usb-drives-dale-denham

Tonia Allen Gould/CEO

Tagsource, LLC

www.tagsource.com

#USBSCAM

biobag_specsUpdate:  We took the liberty of querying one of our USB Drive suppliers, iClick, about the security risk.  Here’s their response on the matter:

From: Jacquie Little [mailto:jacquiel@iclick.com]
Sent: Wednesday, August 26, 2015 2:21 PM
To: kelley@tagsource.com
Cc: TJ Vail

Hi Kelley,

Thanks for sending this our way. We have been aware of these types of scams and our solution to combat was to provide a sealed security packaging for all of our USB drives. See the specs attached. This may be something you would like to share with your team.  It’s another element of our commitment to product safety and protecting our customer’s from potential hazards associated with USB distribution.

If you have any questions or further concerns, please let me know how I can assist.

Thanks for reaching out and have a great day.


Jacquie Little
Decorate and Customer Resolutions Lead / iClick

Custom Ninja USB Drive produced by Tagsource.com

3 thoughts on “Don’t Fall for this USB Drive Scam from China

  1. So the other night, I get this small, padded envelope from China through the mail. “What’s this?” I open it, there’s this small carved bamboo box inside with tiny hinges and a little magnetic clasp. Inside is a carved bamboo USB casing with a flash drive mounted in it. I look back in the envelope, no paperwork. I double check the ship to address: it’s my name and my address on it. I didn’t order anything on the internet. I don’t know anyone in China. Unlike Ms. Gould, I’m not in the promotionals industry. Not even close. But I’ve seen enough Jason Statham and Jackie Chan movies to know that a gang of ninjas and a corrupt corporate henchman are going to show up any moment now threatening to beat me up if I don’t give them “the flash drive.” So, my life’s not complicated enough trying to study my way out of the ghetto? now I have to battle ninjas and derail international corporate espionage and Triad plots just because I went browsing on the deep web with my firewall down?? Lmao. Bring it on fat-man-with-scar-on-face, or well-dressed-Asian-gangster-with-Persian-cat-on-arm. :-p :-p :-p I did have enough sense not to let it anywhere near the USB port on my laptop though. 🙂 The return address it was sent from (in case anyone’s interested, typos included as on the label):

    tanxinxin
    4TH FLOOR, C BULIDING, MINLE
    INDUSTRIAL PARK, MEIBAN ROAD BAOAN
    SHENZHEN Guangdong
    China 518131

  2. Ok, that’s funny. Made me think of an actual NINJA custom USB drive we produced for Dell once. I’ll add a picture of it to my original post.

  3. Those USB devices are called BadUSBs in the infosec business, they don’t contain any data, but they do pretend to be a keyboard and can sneakily install a secret backdoor into the PC which the bad guys can then use to do bad guy stuff. This particular model can be reprogrammed to do useful stuff (I guess if you need something typed in very quickly)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s