153
Ukraine says hackers abuse SyncThing tool to steal data (www.bleepingcomputer.com)
submitted 10 months ago* (last edited 10 months ago) by queue to c/technology@lemmy.world
26 comments fedilink hide all child comments
all 28 comments
sorted by: hot top controversial new old
[-] spaghettiwestern@sh.itjust.works 99 points 10 months ago

Correct me if I'm wrong, but this doesn't look like this has anything to do with Syncthing vulnerabilities. Instead it looks like a hack that uses a preconfigured Syncthing installation to transfer sensitive data. Disturbing nonetheless.

[-] just_another_person@lemmy.world 72 points 10 months ago

It's a Phishing scam using a tool. It's no more exploiting SyncThing than TCP/IP.

[-] Holzkohlen@feddit.de 12 points 10 months ago

Bet they also utilize electricity these bastards! What's next? Physics? Oh the humanity!

[-] laurelraven 3 points 10 months ago

Its physics all the way down

[-] blackbarn@lemm.ee 9 points 10 months ago

Just like using a remote desktop tool in a scam I suppose

[-] treadful@lemmy.zip 5 points 10 months ago

Looks like a specially modified SyncThing was just used for exfil.

[-] Deebster@programming.dev 17 points 10 months ago

The article uses the word modified, but it sounds like it's just talking about configuring it and using it as normal.

[-] vext01@lemmy.sdf.org 2 points 10 months ago

Indeed.

[-] Nobilmantis@feddit.it 77 points 10 months ago

The attack begins with a phishing email sent to the target

Okay bro im not reading past this its 2024

[-] treadful@lemmy.zip 18 points 10 months ago

Just click this link bro. Just one more link man. Just click it I need it.

[-] tgxn@lemmy.tgxn.net 6 points 10 months ago

Your links do nothing! I'm invincible!

[-] Steamymoomilk@sh.itjust.works 8 points 10 months ago* (last edited 10 months ago)

1000016170

Best i can do is chineese bootleg subway surfers riddled with malware and ads.

[-] Cargon@lemmy.ml 7 points 10 months ago

Gets drenched in liquid nitrogen

[-] olof@lemmy.ml 63 points 10 months ago

Please dont link with a Google Amp link.

[-] can@sh.itjust.works 23 points 10 months ago

Non-amp link.

OP, edit this in.

[-] queue 6 points 10 months ago

Done.

[-] queue 10 points 10 months ago

Sorry about that, on my mobile firefox it looked fine. Fucking google.

[-] autonomoususer@lemmy.world 13 points 10 months ago

They can't even type Syncthing right.

[-] sapient_cogbag@infosec.pub 5 points 10 months ago* (last edited 10 months ago)

It's a convenient file transfer/sync tool. Copying data has to happen somehow, I'm not surprised someone thought to use syncthing for that purpose >.<, since it can do that. But its not really different than any other tool here.

[-] Caboose12000@lemmy.world 2 points 10 months ago

This is upsetting

this post was submitted on 08 Jun 2024
153 points (100.0% liked)

Technology

68495 readers
3264 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws