Technology
Yes, officials plugged in the malware-laden USB seized at Mar-a-Lago
The first thing you want to do when you pull a USB drive off someone allegedly lying their way into presidential hangout Mar-a-Lago is plug it in your computer. Oh, wait, maybe don’t do that?
A woman by the name of Yujing Zhang was arrested on March 30 attempting to bluff her way into Donald Trump’s private Florida club. In addition to two Chinese passports, the New York Times reported that she carried with her four cell phones, a hard drive, and a USB drive infected with malware. And, according to the Miami Herald, U.S. government officials straight up plugged that bad boy into a computer — a bit of news that generated some serious double takes in the infosec community.
“[Secret Service agent Samuel Ivanovich] stated that when another agent put Zhang’s thumb-drive into his computer, it immediately began to install files, a ‘very out-of-the-ordinary’ event that he had never seen happen before during this kind of analysis,” reports the Herald. “The agent had to immediately stop the analysis to halt any further corruption of his computer, Ivanovich said.”
in todays episode of: the government discovers a thing that hackers have been using as a tool and in awareness training for almost ten years…
— D̒͂̕ᵈăᵃn̕ᶰ Ť̾̾̓͐͒͠ᵗe͗̑́̋̂́͡ᵉn̅ᶰtᵗl̀̓͘ᶫe̓̒̂̚ᵉrʳ (@Viss) April 8, 2019
Pretty sure this is not what they meant when they said “taking a bullet for the president.” This is infosec training 101, and could have just as easily corrupted the evidence as the other way around. pic.twitter.com/ME2RWqTyjV
— briankrebs (@briankrebs) April 8, 2019
It’s widely understood that plugging in random USBs is never a great idea, as they have a non-zero chance of containing malware. So, it’s of course possible that Zhang’s thumb drive was just like every other thumb drive and happened to contain some malicious files — as opposed to malware specifically designed to spy on the president or the club where he spends so much of his time.
It’s possible, but as the New York Times reported on April 8, Zhang’s hotel room contained some other interesting items discovered in a search that suggest it’s also decidedly not possible. Namely, nine additional USBs, five SIM cards, $8,000 in cash, and a radio-frequency device used to find hidden cameras.
However, all may not be terrible in the land of U.S. government cybersecurity. While at first glance plugging in Zhang’s sketchy USB drive may look like a case of a monumental security screw-up, if a cybersecurity expert were to plug it into a specific computer with the goal of checking it for malware, then we would say they were doing their job.
This, thankfully, looks to be what happened here — a fact made clear by a clarifying sentence in a New York Times article.
“Mr. Ivanovich testified that the computer analyst who reviewed Ms. Zhang’s devices said that the thumb drive she was carrying had immediately begun installing a program on his computer,” it explains.
In other words, a computer analyst plugged the device in specifically in order to review it. Which, hey, perhaps all is not lost after all.
-
Entertainment6 days ago
‘Dune: Prophecy’ review: The Bene Gesserit shine in this sci-fi showstopper
-
Entertainment5 days ago
Black Friday 2024: The greatest early deals in Australia – live now
-
Entertainment4 days ago
How to watch ‘Smile 2’ at home: When is it streaming?
-
Entertainment4 days ago
‘Wicked’ review: Ariana Grande and Cynthia Erivo aspire to movie musical magic
-
Entertainment3 days ago
A24 is selling chocolate now. But what would their films actually taste like?
-
Entertainment3 days ago
New teen video-viewing guidelines: What you should know
-
Entertainment2 days ago
Greatest Amazon Black Friday deals: Early savings on Fire TVs, robot vacuums, and MacBooks
-
Entertainment2 days ago
2024 Black Friday ads: Greatest deals from Target, Greatest Buy, Walmart, Kohls, and more