A $2.27 million profit was earned in 2021 by Fairphone, which started off as an awareness campaign. This shows there is a demand for smartphones produced from sustainably derived materials. “After several years of advocacy, we came to the conclusion that we are not developing a substitute. We made the decision to join this sector, “Eva Gouwens, the CEO, remarked. “We have sold more than 300,000 units during the course of Fairphone’s existence.”

In a recently updated flash notice, the Federal Bureau of Investigation (FBI) cautioned US businesses that the financially driven FIN7 cybercriminal gang has been targeting the US military industry with packages carrying infected USB sticks to spread ransomware.

The attackers sent out shipments with “BadUSB” or “Bad Beetle USB” devices marked with the LilyGO brand, which are often sold online.

Since August 2021, they have been mailing harmful packages to companies in the transportation and insurance sectors as well as defence companies beginning in November 2021 via the United States Postal Service (USPS) and United Parcel Service (UPS).

Networks that have been hacked by ransomware such as BlackMatter or REvil
Targets were duped into opening the shipments and plugging the USB drives onto their computers by FIN7 agents posing as representatives from Amazon and the US Department of Health & Human Services (HHS).

According to allegations the FBI has received since August, these harmful shipments may also include letters concerning COVID-19 regulations, fake gift cards, or forgeried thank-you notes, depending on the impersonated party.

The USB drive immediately registers as a Human Interface Device (HID) Keyboard as the targets insert it into their PCs (allowing it to operate even with removable storage devices toggled off).

Once keystrokes have been injected, malware payloads are subsequently installed on the infected systems.

FIN7’s ultimate objective in such assaults is to get access to the targets’ networks and use a variety of tools, including Metasploit, Cobalt Strike, Carbanak malware, the Griffon backdoor, and PowerShell scripts, to instal ransomware (including BlackMatter and REvil) within a compromised network.

Teddy bears were used to spread malware

The FBI previously issued a warning about a previous string of events in which FIN7 actors pretended to be Best Buy and sent identical shipments containing malicious flash drives to lodging facilities, dining establishments, and retail establishments via USPS.

Reports about these assailants first surfaced in February 2020. Additionally, several of the targets said that the hackers threatened them through phone or email to connect the discs to their systems.

The infected parcels supplied by FIN7 also contained objects like teddy bears intended to deceive targets into relaxing their guard, starting at least in May 2020.

Assaults like the ones made by FIN7 are referred to be HID or USB drive-by attacks, and they are only effective if the targets are coerced into inserting unfamiliar USB devices into their workstations or voluntarily do so.

By limiting employee access to USB devices based on their hardware ID or if they have been approved by the company’s security staff, businesses may protect themselves from such assaults.

Facebook’s acquisition of CRM firm Kustomer has been approved by the UK’s Competition and Markets Authority. The rumoured $1 billion acquisition was disclosed in November of last year, but it has been delayed for regulatory review. The CMA cited “adequate competitive limitations would exist” as justification for its choice. The European Commission has not yet made a judgement on the agreement, though.