It is a very old attack, infect a USB stick and leave it somewhere. Who ever finds it may (will) plug it into a computer to see what is on it. It is human nature.
If leaving the infected drive in Starbucks seems to random – then post them out as a promotional gifts! That is one way to get malware inside the perimeter security.
USB drive malware attacks spiking again in first half of 2023 (bleepingcomputer.com)
Our AV, SOC and RMM products all address USB cyber security. You probably have an anti-virus solution that will spot and takes action when an infected USB drive is plugged. But what happens when your anti-virus does not have that trojan or virus in its database?
That is when your defence in depth comes in – that is where our various IT monitoring systems will alert our team to indications of compromise on your computer and we, and then you, can take action.
Clive Catton MSc (Cyber Security) – by-line and other articles