The $50 Best Buy Gift Card Virus Scandal

When you think of getting a Best Buy Gift Card, you can either get one digitally or order one directly from them that gets mailed to you preloaded. Otherwise, you can go into a store and purchase one, as most people do. In light of the recent months, though, there has been a severe new hacker that has been taking advantage of Best Buy customers out there. With a blank gift card, the hacker mails the unsuspecting victims a USB drive to provide suggestions to spend their money on. Instead, what they get is a lot scarier than when they plug the device into their computers.

 

What Is This Best Buy Gift Card Scam?

 

Nobody has detected who it is, but it’s crazy to think that someone’s actually “paying” people $50 bucks to steal their information. The Best Buy Gift Card virus installed into the thumb drives is malware that gets the user’s information. It does this by installing a microcontroller that emulates a regular keyboard (when in turn, it’s not).

 

What happens when a user plugs it in is confusing to most, even most novice PC users? The user gets a Windows-style warning that states that the USB device doesn’t work correctly. Once this happens, then there is a text file created that gets written to with JavaScript. After that, the device’s code that’s installed takes the information from your computer and then establishes a connection to – and then uploads the user’s data – to a remote server.

 

What Information Does the Best Buy Gift Card Virus Steal?

 

The Best Buy Gift Card virus is the ultimate data miner. It steals the username, hostname, user’s system privilege (so the hacker can target or change administrator accounts) and then gets the process owner, domain name, your computer’s model, and almost all operating system information. This also includes User Account Control privilege and the number of users. It also searches for Microsoft Office and Adobe Acrobat installations and creates a list of running processes.

 

They’ve even built a defense mechanism that tells them if the host is running on a virtual machine or not (so they won’t target those since many people use them to “catch” hackers). After getting all of this information, the Best Buy Gift Card virus executes into a continuous loop every two minutes to receive remote commands.

 

That’s a Big Payload

 

You may think to yourself, “Well, what do they want with all of this information? It’s just information about my computer primarily.” But this is where the actual problem lies. With all of this information, they could gain full access to your computer. Fortunately, even though a couple of people may have fallen for the scam, many don’t have a problem NOT putting these into their networks.

 

How Do I Protect Myself Against This?

Well, first off, the Best Buy Gift Card virus is nothing new. Way back in the 1990s, this attack style, known as physical media baiting, was started when CD-ROMs and floppy disks were popular. There were people even capitalizing on selling “Linux CDs” on sites like eBay. Of course, once those are installed, the malware would run. It’s no different from a USB. Therefore, if you ever get a USB stick in the mail that you didn’t order, for Pete’s sake, don’t plug it into your computer!

 

What Else Can You Do?

 

Suppose you hire a highly professional IT team to provide extra network and business security for you on a final note. With added antivirus and anti-ransomware protection, you can keep your information and your company completely safe. You should never trust a device that has been sent in the mail (that isn’t blank) and even be cautious of where you order it from. If you don’t order it directly from a company yourself, keep in mind that they’re not going to send you a list like this – or anything other than a gift card itself – if they are trying to value you as a customer!