USB malware drops have been around forever, and as always, we do not recommend you randomly plug in a flash drive you find out in the wild. However, this initial access method is still working for threat actors, which is what researchers found tracking threat actor group UNC4990.
Source: HotHardware