153
Ukraine says hackers abuse SyncThing tool to steal data
(www.bleepingcomputer.com)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 08 Jun 2024
153 points (100.0% liked)
Technology
69109 readers
1808 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
Correct me if I'm wrong, but this doesn't look like this has anything to do with Syncthing vulnerabilities. Instead it looks like a hack that uses a preconfigured Syncthing installation to transfer sensitive data. Disturbing nonetheless.
It's a Phishing scam using a tool. It's no more exploiting SyncThing than TCP/IP.
Bet they also utilize electricity these bastards! What's next? Physics? Oh the humanity!
Its physics all the way down
Relevant xkcd
Relevant edited xkcd
Just like using a remote desktop tool in a scam I suppose
Looks like a specially modified SyncThing was just used for exfil.
The article uses the word modified, but it sounds like it's just talking about configuring it and using it as normal.
Indeed.