Taiwanese cops give malware-laden USB sticks as prizes for security quiz
What was second prize? We think we'd rather have that
Winners of a security quiz staged by Taiwan's Criminal Investigation Bureau may be wondering why they tried so hard to do well after some of the USB drives handed out as prizes turned out to be wretched hives of malware and villainy.
According to the Taipei Times, the Bureau hosted an infosec event in December 2017, and gave 250 drives to people who won a cybersecurity quiz.
It's since emerged that 54 of the 8GB drives were infected by a computer used by an employee of supplier Shawo Hwa Industries Co “to transfer an operating system to the drives and test their storage capacity”.
While the dongles were manufactured in China, the Taipei Times said there's no suggestion that espionage was a motive.
The good news is that the infection was an old virus Chinese-language site Liberty Times names as “XtbSeDuA.exe” that tries to steal personal data from 32-bit machines.
The CIB says stolen data was forwarded to a relay IP address in Poland which in 2015 was associated with 2015 Europol raids on an electronic funds fraud ring. The police added that the server receiving the data from the latest infections has been shut down.
The prizes were handed out from December 11 to December 12, when complaints from the public started arriving, but 34 of the drives are still in circulation somewhere. ®