Russian Spies Jumped From One Network to Another Via Wi-Fi in an Unprecedented Hack (www.wired.com)

submitted 19 hours ago by PhilipTheBucket@ponder.cat to c/cybersecurity@sh.itjust.works

6 comments fedilink hide all child comments

top 6 comments

sorted by: hot top controversial new old

[-] jia_tan@lemmy.blahaj.zone 6 points 14 hours ago* (last edited 14 hours ago)

TLDR: they hacked a less secure network in range of their target network, then SSHed into a laptop on the less secure network and used it to hack the target network. Possibly even daisy chained less secure networks. The point of this was to not sit in a suspicious car next to your target while you brute force their wifi password (they have been caught previously).

My question is: how do you get caught while hacking wpa2? I’m not an expert, but I assume you can get the data you need to do an offline bruteforce just by driving by and sitting at a red light a few times, which is not suspicious at all even if you have a laptop out. Or did they try to hack wpa3? If so, I assume it’s trivial to detect online bruteforce attempts and stop responding to them, or even just whitelist MAC addresses?

[-] PhilipTheBucket@ponder.cat 4 points 14 hours ago

Maybe they detected the compromise on the secure network, and only after some forensics did they work out that it came from a compromised laptop in a neighboring building.

[-] gencha@lemm.ee 1 points 13 hours ago

“If a target is important enough, they’re willing to send people in person. But you don’t have to do that if you can come up with an alternative like what we’re seeing here,” Hultquist says.

From the article

[-] dumbass@leminal.space 14 points 18 hours ago

I'm not gonna read the article so I can believe they teleported through the WiFi to escape.

[-] Telorand@reddthat.com 11 points 16 hours ago

It's a way cooler picture than the reality, which is probably that they hacked a laptop on a different network that could access the target endpoint.

I dunno, I won't read it either, because I want to believe in your vision.

[-] card797@champserver.net 4 points 16 hours ago

Thanks, dumbass.

this post was submitted on 22 Nov 2024

40 points (97.6% liked)

Cybersecurity

5722 readers

131 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 1 year ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social