Wednesday, September 18, 2019

Warshipping: attack a target network by shipping a cellular-enabled wifi cracker to a company's mail-room via Boing Boing

The arms race between computer user and hackers continues on. The hackers are getting quite crafty and making great use of cheap (in this case, disposable) yet, powerful computers. — Douglas
 

IBM's ridiculously named X-Force Red have documented a new attack vector they've dubbed "Warshipping": they mailed a sub-$100 custom, wifi-enabled low-power PC with a cellular radio to their target's offices.

The device scans for visible wifi networks; once it senses a network associated with its target (indicating that it has arrived on the target company's premises), it alerts its controllers over the cellular radio, and then scans the local wifi for instance in which users' devices are initiating new connections to the network. It captures the handshake data from these connections, transmits them over the cellular network to its controllers, and they can then crack the password offline, send login credentials to the warshipping device, login to the target network, and attack the network from within.

Read Warshipping: attack a target network by shipping a cellular-enabled wifi cracker to a company's mail-room via Boing Boing


* A portion of each sale from Amazon.com directly supports our blogs
** Many of these books may be available from your local library. Check it out!


An interesting link found among my daily reading

No comments: