this post was submitted on 08 Jun 2024
130 points (85.3% liked)

Technology

59410 readers
3201 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
130
submitted 5 months ago* (last edited 5 months ago) by [email protected] to c/technology
all 28 comments
sorted by: hot top controversial new old
[–] [email protected] 102 points 5 months ago (3 children)

Correct me if I'm wrong, but this doesn't look like this has anything to do with Syncthing vulnerabilities. Instead it looks like a hack that uses a preconfigured Syncthing installation to transfer sensitive data. Disturbing nonetheless.

[–] just_another_person 74 points 5 months ago (2 children)

It's a Phishing scam using a tool. It's no more exploiting SyncThing than TCP/IP.

[–] [email protected] 12 points 5 months ago (1 children)

Bet they also utilize electricity these bastards! What's next? Physics? Oh the humanity!

[–] [email protected] 3 points 5 months ago (1 children)

Its physics all the way down

[–] [email protected] 10 points 5 months ago

Just like using a remote desktop tool in a scam I suppose

[–] [email protected] 5 points 5 months ago (1 children)

Looks like a specially modified SyncThing was just used for exfil.

[–] [email protected] 18 points 5 months ago

The article uses the word modified, but it sounds like it's just talking about configuring it and using it as normal.

[–] [email protected] 0 points 5 months ago
[–] [email protected] 79 points 5 months ago (1 children)

The attack begins with a phishing email sent to the target

Okay bro im not reading past this its 2024

[–] [email protected] 20 points 5 months ago (2 children)
[–] [email protected] 6 points 5 months ago (2 children)

Your links do nothing! I'm invincible!

[–] [email protected] 8 points 5 months ago* (last edited 5 months ago)

1000016170

Best i can do is chineese bootleg subway surfers riddled with malware and ads.

[–] [email protected] 7 points 5 months ago (1 children)

Gets drenched in liquid nitrogen

[–] [email protected] 4 points 5 months ago

Wow, that second one... 🤣

[–] [email protected] 63 points 5 months ago (3 children)

Please dont link with a Google Amp link.

[–] [email protected] 22 points 5 months ago (2 children)
[–] aodhsishaj 8 points 5 months ago (1 children)
[–] [email protected] 9 points 5 months ago (1 children)
[–] [email protected] 2 points 5 months ago
[–] [email protected] 6 points 5 months ago
[–] [email protected] 10 points 5 months ago

Sorry about that, on my mobile firefox it looked fine. Fucking google.

[–] autonomoususer 12 points 5 months ago

They can't even type Syncthing right.

[–] [email protected] 5 points 5 months ago* (last edited 5 months ago)

It's a convenient file transfer/sync tool. Copying data has to happen somehow, I'm not surprised someone thought to use syncthing for that purpose >.<, since it can do that. But its not really different than any other tool here.

[–] Caboose12000 -2 points 5 months ago

This is upsetting