Technology @lemmy.world Queue @lemmy.blahaj.zone 5mo ago

Ukraine says hackers abuse SyncThing tool to steal data

www.bleepingcomputer.com Ukraine says hackers abuse SyncThing tool to steal data

The Computer Emergency Response Team of Ukraine (CERT-UA) reports about a new campaign dubbed "SickSync," launched by the UAC-0020 (Vermin) hacking group in attacks on the Ukrainian defense forces.

Cybersecurity @sh.itjust.works Kid @sh.itjust.works 5mo ago

www.bleepingcomputer.com /news/security/ukraine-says-hackers-abuse-syncthing-tool-to-steal-data/

30 16

27 comments

Correct me if I'm wrong, but this doesn't look like this has anything to do with Syncthing vulnerabilities. Instead it looks like a hack that uses a preconfigured Syncthing installation to transfer sensitive data. Disturbing nonetheless.
- It's a Phishing scam using a tool. It's no more exploiting SyncThing than TCP/IP.
  
  Bet they also utilize electricity these bastards! What's next? Physics? Oh the humanity!
  
  Just like using a remote desktop tool in a scam I suppose
- Looks like a specially modified SyncThing was just used for exfil.
  
  The article uses the word modified, but it sounds like it's just talking about configuring it and using it as normal.
- Indeed.
The attack begins with a phishing email sent to the target

Okay bro im not reading past this its 2024
- Just click this link bro. Just one more link man. Just click it I need it.
  
  Your links do nothing! I'm invincible!
  
  Wow, that second one... 🤣
Please dont link with a Google Amp link.
They can't even type Syncthing right.
It's a convenient file transfer/sync tool. Copying data has to happen somehow, I'm not surprised someone thought to use syncthing for that purpose >.<, since it can do that. But its not really different than any other tool here.
This is upsetting

27 comments