USB stick

Taiwanese police have handed out malware-infected USB thumb drives to the winners of a cyber-security quiz at a data security expo hosted in December last year by the country's Presidential Office.

The Criminal Investigation Bureau said last week that 54 of the 250 8GB thumb drives it handed out to winners contained malware.

The incident came to light after quiz winners reported that antivirus software showed alerts when users inserted the thumb drive into computers.

The USB sticks were handed out on December 11, but police stop distributing them the next day after user complaints. The Bureau said it recovered 20 of the 54 infected USBs.

USB thumb drives infected by third-party contractor

An investigation revealed the USB thumb drives came from a third-party contractor. Police said one of the contractor's employees tested some USB thumb drives to verify that their storage capacity was 8GB, as intended.

The computer to which the employee connected the thumb drives was infected with malware, which then spread to the USB sticks.

The malware was a mundane and nondescript strain named XtbSeDuA.exe, which was tied to a cyber-fraud ring Europol shut down in 2015.

The malware was only designed to work on 32-bit systems. It collected data from infected devices and sent it to a web server located in Poland. Because the server was previously shut down, no actual harm came to the people who infected themselves via the USB thumb drives.

Police apologizes for the blunder

Albeit the USB thumb drives were manufactured in China, the Criminal Investigation Bureau ruled out the possibility of this being a cyber-espionage operation carried out Chinese government agencies.

The Bureau apologized to the Presidential Office, members of the government, and quiz participants, according to Taipei Times, a local newspaper who broke the story last week.

Related Articles:

Botnet Authors Don’t Learn Anything From Victims and Secure Databases With Root/Root

NPM Fails Worldwide With "ERR! 418 I'm a Teapot" Error

Ghostery Tries to Comply With GDPR, but Ends Up Violating GDPR in the Process

PoC Code Published for Triggering an Instant BSOD on All Recent Windows Versions