They hooked a raspberry pi up to the network switch. At this point i think they fucked up security pretty bad

I saw cybercrooks and had to take the opportunity

The backdoor, for example, appeared to be the LightDM display manager often used by Linux systems, demonstrating the group’s skillset, which the researchers said spanned Linux, Unix, and Oracle Solaris environments.

The backdoor was the display manager. Well goddamn.

UNC2891 also used Linux bind mounts to hide its backdoor processes, which, at the time, had not been documented in public threat reports, Group-IB said.

The technique is now recognized by MITRE’s ATT&CK framework as T1564.013.

Holy crap. They discovered, and successfully implemented a novel technique. That’s impressive af

honestly, pretty poor security here. I can’t say much cause I don’t have inter-device restrictions either… but I’m also not a bank that handles money.

There’s no reason a random device should have been able to interface with any of the other devices tbh, I’m guessing the switch wasn’t smart so didn’t support Mac filtering or port disabling cause that should have not been a valid attack vector.

Were they going to the Galleria to play Missile Command?

“Easy money…”

Watch them try to ban raspberry pi now … like they did with the flipper

deleted by creator

deleted by creator

Lol another reason why adafruit sucks