Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Malicious CD ROMs mailed to banks - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Malicious CD ROMs mailed to banks

The National Credit Union Administration (NCUA) published an interesting advisory here:

Member credit unions evidently are reporting receiving letters which include two CDs. The letters claim to originate form the NCUA and advertises the CDs as training materials. However, it appears that the letter is a fake and the CDs include malware.

We have not heard about this scheme affecting any other targets, but please let us know if you see something like this. Malware delivery via USPS has certainly been suggested before.

Johannes B. Ullrich, Ph.D.
SANS Technology Institute

I will be teaching next: Application Security: Securing Web Apps, APIs, and Microservices - SANSFIRE 2022


4511 Posts
ISC Handler
Aug 26th 2009
There must have been a contest to see how many federal laws you can break at once
These are unsophisticated, but very effective. There are still so many businesses that don't lock down their workstations. I did something similar recently for a penetration test with a high rate of success.
Wow, the system worked! The malware got noticed, the word was spread rapidly through the industry and the appropriate agencies also also got alerts out.Pretty cool!

Sign Up for Free or Log In to start participating in the conversation!