Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Wipe off, rub out, reappear...

From: seclist <seclist () bexish com>
Date: Wed, 12 Oct 2011 02:44:09 +0800
Just a little bit of creative thinking here... If the communications between the base and the drone are not encrypted and these communications have successfully been intercepted - Is it possible that in addition to the ability to collect videos transmitted by the drone, data could be sent to the drone while it's airborne? and perhaps the malware waits until it receives a signal from the perpetrator on the ground before it transmits its collected data? The drones are rumored to carry out airborne network attacks so if this is the case theoretically it would be communicating with more than just the operation centre and someone could have exploited this?
I also view this article with great skepticism. It's "exclusive" with an unnamed source. If the source is credible why have they chosen to speak to Wired? and why on earth would these technicians be following "removal instructions posted on the website of the Kaspersky security firm"?
Perhaps this is a precursor to the hunt for "weapons of mass disruption" or perhaps it's just a cleverly disguised advert... how many product placements can you spot in that article? ;) 

On 11/10/2011 7:31 AM, Michael Schmidt wrote:

If its bot net code and it is behind an air barrier then it will never phone home. They can take their time to kill it 
because it will never get instructions to do anything. If it's something more destructive then maybe they need to call 
in someone more experienced. But it does not sound destructive and it does sound like it is on a disconnected network.

From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of 
xD 0x41
Sent: Monday, October 10, 2011 3:53 PM
To: Daniel Sichel
Cc: full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] Wipe off, rub out, reappear...

I will say, with Botnets, and bots in general, i dont see much talented people on FD... although, seems many can decrypt them, so, makes me 
wonder , it is a train-of-thought also, i guess this is where hat colors take control.. black hats would say, go read some bot src and wake 
up FD, while white hats would say, "but we can just kill it anyhow...' "oh, we decrypted it"... etc...
another pintless neverneding arguement..


On 11 October 2011 07:22, Daniel Sichel<daniels () ponderosatel com<mailto:daniels () ponderosatel com>>  wrote:
Somebody posted the following;


I'm just curious to these questions. It's strange to hear someone
saying "we basically have no idea what's going on".****


Doesn't sound funny to me, happens to me all the time. That's how I
learn.

Dan S.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: