https://www.thedailybeast.com/secret-service-agent-infects-own-computer-with-mar-a-lago-malware-and-tech-community-snickers
By Kevin Poulsen
The Daily Beast
04.08.19
A Secret Service agent investigating Yujing Zhang's visit to Mar-a-Lago
infected one of the agency's own computers with the malware carried in by the
unannounced Chinese national, a move that provoked wide derision Monday from
computer security professionals.
"You don’t put an unknown USB into your computer," said Chris Wysopal, chief
technology officer at Veracode. "That's in all the training everyone gets, even
in your dumb corporate training. You even tell your mom that."
Wysopal's tweet highlighting the apparent gaffe earned more than 3,000 retweets
Monday, as the computer security community executed a collective face-palm.
"Whoa! Never seen that USB execution thing before!" quipped Kaspersky
researcher Kurt Baumgartner. "Sounds like an agent trying to crack the case
before the cyber team got there," opined Eric O’Neill, a former FBI
surveillance specialist.
In a sworn affidavit filed at Zhang's arrest, the agency said it discovered the
“malicious malware” during a “preliminary forensic examination” of the thumb
drive. The new details that emerged at a hearing in West Palm Beach sound a lot
more like the Secret Service just plugged the USB drive into one of its
computers.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
