USB Stick Bombs Mailed to Ecuadorian Journalists

Everybody knows that you’re not supposed to plug a random USB stick into your computer. Worst case scenario, you’re typically looking at a desktop full of malware. However, it now appears that someone has come up with a much worse thing to load USBs with than malicious software: bombs.

Multiple news outlets are reporting that USB sticks rigged with explosives have been mailed to journalists throughout Ecuador. The little clandestine incendiaries have been sent to at least five different newsrooms, sometimes accompanied by threatening notes. Authorities say the drives are designed to explode when a user plugs them into their computer.

So far, only one journalist has been injured as a result of the campaign. Broadcast news reporter Lenin Artieda, who works for a TV station in the city of Guayaquil, is said to have plugged the drive into his computer, causing it to explode. He subsequently suffered “mild hand and face injuries” but was not seriously wounded by the blast, France24 reports.

In the handful of other cases, journalists either opted not to plug in the drive, plugged it in incorrectly, or some other sort of hardware issue appears to have stopped the explosives from igniting, Ars Technica reports. The outlet also notes that the USB sticks were rigged with RDX, the chemical agent commonly used in C-4 and other plastic explosives.

It’s unclear who is behind the malicious campaign, though the Ecuadorian government has publicly condemned the incidents—releasing a statement that says it “categorically rejects any form of violence perpetrated against journalists and media outlets.” Fundamedios, an Ecuadorian organization dedicated to protecting press freedoms, has also issued a statement condemning the attacks and demanding that the government investigate the source of the bombs.

Historically speaking, USB drives have been a devious vector for malware distribution. A number of famous incidents (including, allegedly, one involving the Pentagon) are reputed to have started with someone picking up a USB stick in a parking lot and making the genius decision to plug it into their work computer. That said, there’s a pretty clear distinction between blowing up a hard drive and blowing up an actual person. In short, I hope they catch whoever did this, though it’s just one more reminder to abide by that oldest pearl of digital wisdom: if you don’t know where that drive came from, don’t plug it in.

Everybody knows that you’re not supposed to plug a random USB stick into your computer. Worst case scenario, you’re typically looking at a desktop full of malware. However, it now appears that someone has come up with a much worse thing to load USBs with than malicious software: bombs.

Multiple news outlets are reporting that USB sticks rigged with explosives have been mailed to journalists throughout Ecuador. The little clandestine incendiaries have been sent to at least five different newsrooms, sometimes accompanied by threatening notes. Authorities say the drives are designed to explode when a user plugs them into their computer.

So far, only one journalist has been injured as a result of the campaign. Broadcast news reporter Lenin Artieda, who works for a TV station in the city of Guayaquil, is said to have plugged the drive into his computer, causing it to explode. He subsequently suffered “mild hand and face injuries” but was not seriously wounded by the blast, France24 reports.

In the handful of other cases, journalists either opted not to plug in the drive, plugged it in incorrectly, or some other sort of hardware issue appears to have stopped the explosives from igniting, Ars Technica reports. The outlet also notes that the USB sticks were rigged with RDX, the chemical agent commonly used in C-4 and other plastic explosives.

It’s unclear who is behind the malicious campaign, though the Ecuadorian government has publicly condemned the incidents—releasing a statement that says it “categorically rejects any form of violence perpetrated against journalists and media outlets.” Fundamedios, an Ecuadorian organization dedicated to protecting press freedoms, has also issued a statement condemning the attacks and demanding that the government investigate the source of the bombs.

Historically speaking, USB drives have been a devious vector for malware distribution. A number of famous incidents (including, allegedly, one involving the Pentagon) are reputed to have started with someone picking up a USB stick in a parking lot and making the genius decision to plug it into their work computer. That said, there’s a pretty clear distinction between blowing up a hard drive and blowing up an actual person. In short, I hope they catch whoever did this, though it’s just one more reminder to abide by that oldest pearl of digital wisdom: if you don’t know where that drive came from, don’t plug it in.