科技回声

8 条评论

It's worth noting that there's basically zero proper evidence that there is any malware included with this device -- it runs an exe when inserted, but that exe appears, at a glance, to be a driver installer. Definitely not the right way to do things, but there's a difference between "incompetent" and "malicious".The only actual "evidence" that was provided was a link to a falcon sandbox run, something which actually requires human analysis to draw conclusions about -- and anyone who has ever used it knows how many false positives it finds.A better proclamation might be "cheap network adapter comes with an auto-running executable which needs further analysis".

评论 #42680428 未加载

gruez4 个月前

Seems light on details. How is it executing the payload? Is it doing something like badusb where it emulates a keyboard to run the payload? Wouldn't that be super obvious? Or is it something as simple as telling the user to install a "driver"?

评论 #42680012 未加载

评论 #42687221 未加载

评论 #42679876 未加载

necovek4 个月前

I liked the graceful admission of error too: <a href="https://x.com/evapro30/status/1880123024474796107" rel="nofollow">https://x.com/evapro30/status/1880123024474796107</a>

评论 #42749187 未加载

BenjiWiebe4 个月前

Twitter is terrible and I can't remember the nitter instance that still works.

评论 #42679837 未加载

IamLoading4 个月前

Reverse engineering by OALabs - <a href="https://www.youtube.com/watch?v=3IfJSGWIrCo" rel="nofollow">https://www.youtube.com/watch?v=3IfJSGWIrCo</a>Current verdict - not malware.

ChrisArchitect4 个月前

Related blog post: <a href="https://epcyber.com/blog/f/chinese-rj45-usb-with-flash-memory-exe-recognized-as-malware" rel="nofollow">https://epcyber.com/blog/f/chinese-rj45-usb-with-flash-memor...</a>

fishstock254 个月前

"The chinese" yeah sure. Lmao. Everybody panic, there are two chips inside!Check out <a href="https://news.ycombinator.com/item?id=42743033#42743428">https://news.ycombinator.com/item?id=42743033#42743428</a> for more lulz

IronWolve4 个月前

It ain't just twitter that has armchair experts that are rude. Most social media sites allow this behavior. So many replies with horrible posts "your doing it wrong", "read the docs", etc.I've seen so many correct responses downvoted and with horrible replies. Anyone who used old moderated email lists will see how culture changed and the decline of actual conversation. Even stack overflow has went downhill.

8 条评论

elfchief4 个月前

评论 #42680428 未加载

gruez4 个月前

评论 #42680012 未加载

评论 #42687221 未加载

评论 #42679876 未加载

necovek4 个月前

I liked the graceful admission of error too: <a href="https://x.com/evapro30/status/1880123024474796107" rel="nofollow">https://x.com/evapro30/status/1880123024474796107</a>

评论 #42749187 未加载

BenjiWiebe4 个月前

Twitter is terrible and I can't remember the nitter instance that still works.

评论 #42679837 未加载

IamLoading4 个月前

Reverse engineering by OALabs - <a href="https://www.youtube.com/watch?v=3IfJSGWIrCo" rel="nofollow">https://www.youtube.com/watch?v=3IfJSGWIrCo</a>Current verdict - not malware.

ChrisArchitect4 个月前

Related blog post: <a href="https://epcyber.com/blog/f/chinese-rj45-usb-with-flash-memory-exe-recognized-as-malware" rel="nofollow">https://epcyber.com/blog/f/chinese-rj45-usb-with-flash-memor...</a>

fishstock254 个月前

IronWolve4 个月前

Cheap rj45 ethernet to USB adapter contains malware

8 条评论

Cheap rj45 ethernet to USB adapter contains malware

8 条评论