Russian spies—likely Russia's GRU intelligence agency—used a new trick to hack a victim in Washington, DC: They remotely infected another network in a building across the street, hijacked a laptop there, then breached the target organization via its Wifi. https://www.wired.com/story/russia-gru-apt28-wifi-daisy-chain-breach/
=> More informations about this toot | More toots from agreenberg@infosec.exchange
Security firm Volexity whose founder Steven Adair will speak about this at @CYBERWARCON today, calls it a "nearest neighbor attack." Adair spotted it in 2022 while investigating how hackers linked to the group APT28 had breached a customer network seeking intel on Ukraine. 2/4
=> More informations about this toot | More toots from agreenberg@infosec.exchange
Adair found not only had Russian hackers jumped to the target network via wifi from a compromised network across the street, but also that the prior breach had also likely been carried out over wifi from a 3rd network in the same building—“daisy-chaining” wifi-based breaches. 3/4
=> More informations about this toot | More toots from agreenberg@infosec.exchange
It makes sense APT28 would do this, given members of the group were arrested carrying out close-access Wifi hacking in the Netherlands in 2018 with an antenna hidden in a car. This is a logical evolution: all the advantages of Wifi-based hacking without ever leaving Russia. /fin https://www.wired.com/story/russian-spies-indictment-hotel-wi-fi-hacking/
=> More informations about this toot | More toots from agreenberg@infosec.exchange This content has been proxied by September (3851b).Proxy Information
text/gemini