What just happened? More details surrounding the Chinese woman who was arrested at Donald Trump's Mar-a-Lago resort have arrived. It's been reported that the malware-loaded USB drive she was carrying contained self-executing code, and she also had a device used to detect hidden cameras.
32-year-old Yujing Zhang gained access to a restricted area of Mar-a-Lago on March 30 by lying to a federal agent. She initially claimed she was there to use the pool---staff allowed her in as they thought she was related to a guest with the same family name---but once inside, Zhang said she was there for a non-existent event.
Secret Service agents escorted her off the property and questioned Zhang at their local office. She was interviewed for over four hours, but agents accidentally recorded video-only footage---there's no audio.
In addition to the malware-loaded USB drive and two passports, Zhang was also carrying four mobile phones, a laptop, and an external hard drive, but no swimming gear. The Miami Herald reports that an agent inserted the USB stick into a computer and it started to install files. The agent had to stop the analysis immediately to halt any further corruption. The incident has drawn mockery from the security community, though the agency has tried to defend itself by saying the computer in question was "controlled, off-network device."
.@sifutweety pointed out that the fact that this is getting so many retweets is a credit to infosec education – everyone knows this is a stupid idea.
--- Chris Wysopal (@WeldPond) April 8, 2019
It's been reported that Zhang had a fifth phone, nine USB drives, five SIM cards, and a device used to detect hidden cameras all stored in her hotel room. Investigators also found several credit and debit cards and $8,000 in cash, including $700 in Chinese currency, according to the New York Times.
Zhang said someone called "Charles," whom she only knew through a Chinese social media app, told her to travel from Shanghai to the fake event. Charles had also asked Zhang to speak to a member of Trump's family about Chinese-American economic relations.
Zhang's public defender argued that the US government has no reason to believe she is a spy. "She did not have the type of devices that can be associated with espionage activities," he said. Still, not many tourists carry that amount of electrical equipment and a malware-packed USB drive.
Zhang has not yet entered a plea to the criminal charges she faces. Prosecutors plan to indict her formally in the coming week, writes CNN.