Cybercrooks
I fuckin love these dumbass names they give to hackers.
Cybercrooks use Raspberry Pi to steal ATM cash
Submitted 3 weeks ago by fne8w2ah@lemmy.world to technology@lemmy.world
https://www.theregister.com/2025/08/01/cybercrooks_bribed_lackeys_in_physical/
Comments
baduhai@sopuli.xyz 3 weeks ago
db2@lemmy.world 3 weeks ago
I love how the name “hacker” was successfully vilified by associating it with criminals, something we already had a word for.
jbloggs777@discuss.tchncs.de 3 weeks ago
www.urbandictionary.com/define.php?term=Hacker
“The media’s definition of the real term malicious cracker. A hacker used to be a well respected individual who loved to tinker with gadgets.”, plus a few other definitions.
AdamEatsAss@lemmy.world 3 weeks ago
They needed a lot of physical interactions to pull off this cybercaper.
homesweethomeMrL@lemmy.world 3 weeks ago
The backdoor, for example, appeared to be the LightDM display manager often used by Linux systems, demonstrating the group’s skillset, which the researchers said spanned Linux, Unix, and Oracle Solaris environments.
The backdoor was the display manager. Well goddamn.
peopleproblems@lemmy.world 3 weeks ago
01189998819991197253@infosec.pub 3 weeks ago
UNC2891 also used Linux bind mounts to hide its backdoor processes, which, at the time, had not been documented in public threat reports, Group-IB said.
The technique is now recognized by MITRE’s ATT&CK framework as T1564.013.
Holy crap. They discovered, and successfully implemented a novel technique. That’s impressive af
Sir_Kevin@lemmy.dbzer0.com 3 weeks ago
I’m surprised the article went into so much detail as to how they pulled it off.
takeda@lemmy.dbzer0.com 3 weeks ago
It’s the Register, it is targeted to people familiar with technology.
melroy@kbin.melroy.org 3 weeks ago
Nice
Pika@sh.itjust.works 3 weeks ago
honestly, pretty poor security here. I can’t say much cause I don’t have inter-device restrictions either… but I’m also not a bank that handles money.
There’s no reason a random device should have been able to interface with any of the other devices tbh, I’m guessing the switch wasn’t smart so didn’t support Mac filtering or port disabling cause that should have not been a valid attack vector.
ExcessShiv@lemmy.dbzer0.com 3 weeks ago
I just work a pretty standard engineering job at a large company (basically regular office work, not a critical industry like power or pharma), and any MAC that isn’t approved by IT is simply not a allowed to interface with anything whatsoever. It’s insane that a bank has this loose IT security.
Pika@sh.itjust.works 3 weeks ago
, Agreed. Like, I’m not surprised that it was allowed to interface with the ATM because at that layer, I think the jump would have been from the switch to the ATM(although the ATM should habe not accepted the connection imo). So it would have never gone through any security. But it blows my mind that it was allowed to access a mail server as part of the routing, And even more so that it was allowed to go from that mail server to the outside world to establish a second route into the establishment. Like, how did it never hit any type of security or blocker anywhere in that process?
the_doktor@lemmy.zip 3 weeks ago
Were they going to the Galleria to play Missile Command?
“Easy money…”
EpicFailGuy@lemmy.world 2 weeks ago
Watch them try to ban raspberry pi now … like they did with the flipper
Cattail@lemmy.world 2 weeks ago
Lol another reason why adafruit sucks
Theoriginalthon@lemmy.world 3 weeks ago
They hooked a raspberry pi up to the network switch. At this point i think they fucked up security pretty bad
FauxLiving@lemmy.world 3 weeks ago
They’re kind of skipping over an important detail here.
Sure the technical details are interesting, but it’s a bit like discussing the alloys of the tumblers of the safe deposit box after the team has unexplainably bypassed the main safe door…
SoftestSapphic@lemmy.world 3 weeks ago
Yeah that implies physical access.