Ukraine says hackers abuse SyncThing tool to steal data
Ukraine says hackers abuse SyncThing tool to steal data
The Computer Emergency Response Team of Ukraine (CERT-UA) reports about a new campaign dubbed "SickSync," launched by the UAC-0020 (Vermin) hacking group in attacks on the Ukrainian defense forces.
You're viewing a single thread.
Correct me if I'm wrong, but this doesn't look like this has anything to do with Syncthing vulnerabilities. Instead it looks like a hack that uses a preconfigured Syncthing installation to transfer sensitive data. Disturbing nonetheless.
It's a Phishing scam using a tool. It's no more exploiting SyncThing than TCP/IP.
Bet they also utilize electricity these bastards! What's next? Physics? Oh the humanity!
Its physics all the way down
Just like using a remote desktop tool in a scam I suppose
Looks like a specially modified SyncThing was just used for exfil.
The article uses the word modified, but it sounds like it's just talking about configuring it and using it as normal.
Indeed.
