Slashdot Mirror

← Back to Stories (view on slashdot.org)

'Vigilante Hackers' Strike Routers In Russia and Iran, Reports Motherboard (vice.com)

Posted by EditorDavid on from the Cisco-kids dept.

An anonymous reader quotes Motherboard: On Friday, a group of hackers targeted computer infrastructure in Russia and Iran, impacting internet service providers, data centres, and in turn some websites. "We were tired of attacks from government-backed hackers on the United States and other countries," someone in control of an email address left in the note told Motherboard Saturday... "We simply wanted to send a message...." In addition to disabling the equipment, the hackers left a note on affected machines, according to screenshots and photographs shared on social media: "Don't mess with our elections," along with an image of an American flag...

In a blog post Friday, cybersecurity firm Kaspersky said the attack was exploiting a vulnerability in a piece of software called Cisco Smart Install Client. Using computer search engine Shodan, Talos (which is part of Cisco) said in its own blog post on Thursday it found 168,000 systems potentially exposed by the software. Talos also wrote it observed hackers exploiting the vulnerability to target critical infrastructure, and that some of the attacks are believed to be from nation-state actors...

Reuters reported that Iran's IT Minister Mohammad Javad Azari-Jahromi said the attack mainly impacted Europe, India, and the U.S.... The hackers said they did scan many countries for the vulnerable systems, including the U.K., U.S., and Canada, but only "attacked" Russia and Iran, perhaps referring to the post of an American flag and their message. They claimed to have fixed the Cisco issue on exposed devices in the US and UK "to prevent further attacks... As a result of our efforts, there are almost no vulnerable devices left in many major countries," they claimed in an email.
Their image of the American flag was a black-and-white drawing done with ASCII art.

42 of 121 comments (clear)

  1. Undecided by Ensign_Expendable · · Score: 4, Insightful

    Part of me wants to cheer and the other part says things like this aren't helping.

    1. Re:Undecided by ShanghaiBill · · Score: 5, Insightful

      Part of me wants to cheer and the other part says things like this aren't helping.

      The second part of you is correct. These actions are counter-productive. Russia and Iran both have closed paranoid cultures that play up their victimhood at the hands of the West. But that belief is not monolithic, and there are factions in both countries that want more openness, tolerance, and trust in the international system. These vigilante actions weaken these people while strengthening the paranoid hardliners.

      In fact, these actions play so smoothly into the hands of the hardliners, that we shouldn't dismiss the possibility that it is a false flag operation.

    2. Re:Undecided by Anonymous Coward · · Score: 1, Insightful

      Part of me wants to cheer and the other part says things like this aren't helping.

      The second part of you is correct. These actions are counter-productive. Russia and Iran both have closed paranoid cultures that play up their victimhood at the hands of the West.

      Government ordered cyber offensives designed to change the leadership of a country are an act of war.

      Acts of war cannot be ignored. That alone is a reason Trump should be impeached, since he is not doing his damn job. (If anyone can point to a real plan to stop this shit from happening again, or even serious progress...?)

      Now, do vigilante actions help? Probably not, since the scale is likely only big enough to be used internally as propaganda. A response, if given must cause enough pain that the aggressor is hesitant to do it again.

      The people that keep Putin in power, are likely the targets that must be convinced. Block all exports to their companies and subsidiaries. Block all imports to the same. Get others to do the same. Do everything you can to put severe pressure on Putin to back off. I'm fine if some of it causes problems with America, as long as the point gets made and understood.

    3. Re:Undecided by ShanghaiBill · · Score: 5, Insightful

      Government ordered cyber offensives designed to change the leadership of a country are an act of war.

      Espionage and covert activities are a normal part of government relations. Saying Russian ads on Facebook are an "act of war" is absurd.

      Acts of war cannot be ignored.

      Why not?

      That alone is a reason Trump should be impeached, since he is not doing his damn job.

      Declaring war is a congressional responsibility.

      If anyone can point to a real plan to stop this shit from happening again, or even serious progress...?

      Here's my plan: Improve education in America so we have fewer people stupid enough to believe nonsense posted on Facebook.

    4. Re:Undecided by Zontar+The+Mindless · · Score: 1

      Hit the nail on the head, did he?

      --
      Il n'y a pas de Planet B.
    5. Re:Undecided by ShanghaiBill · · Score: 3

      And how long are we supposed to wait for Russia, NK, Iran, or other similar countries to become more open?

      As long as it takes. What is the alternative? War?

      As bad as they are, Russia, NK, and Iran are indeed becoming more open. A generation ago, all three were worse, at least for their own people.

      The world seems to assume that the US is powerless to stop other countries from conducting cyber attacks on the US.

      We are far from powerless, but our responses should be intelligent, proportionate, and carefully targeted. The main focus should be on making our own systems less vulnerable, rather than attacking others.

    6. Re: Undecided by mapkinase · · Score: 1

      Education IS propaganda. Depending on content, it's bad or dood propaganda.

      What you are saying is that we should counteract it with good propaganda, and, as ever, I nominate myself to determine what is good or bad.

      --
      I do not believe in karma. "Funny"=-6. Do good and forbid evil. Yours, Oft-Offtopic Flamebaiting Troll.
    7. Re:Undecided by Anonymous Coward · · Score: 1

      I really hope that the increased propaganda and trolling from Russia is indeed a sign of the Kreml's fear of actual Russian people starting to open up after all the shit that has happened between the West and their country in the last century. But unfortunately to the rest of the world, that doesn't have eyes in Russia it only makes it look like the Cold War is back. Or maybe it has never stopped and is getting more support again.

    8. Re:Undecided by William+Baric · · Score: 2

      As a Canadian, I'd say "paranoid culture that plays up their victimhood" narrative perfectly describes the post-9/11 USA.

    9. Re: Undecided by Anonymous Coward · · Score: 1

      In a world where we have kindergarten teachers taking their classes out to join anti gun protests, and universities are holding classes on how to "eliminate whiteness," it's hard to argue that there isn't a propaganda component of American education.

    10. Re:Undecided by Ol+Olsoc · · Score: 1

      Government ordered cyber offensives designed to change the leadership of a country are an act of war.

      Espionage and covert activities are a normal part of government relations. Saying Russian ads on Facebook are an "act of war" is absurd.

      This is a red herring. Espionage might be a side effect of the present situation, given that some efforts were made to use secure russian communications to keep the US intelligence community from knowing what was being communicated between Russia and the Trump White house Source: http://www.businessinsider.com... But it isn't legal, and those caught are punished.

      But yeah - saying Russian ads on Facebook are the source of the concept of "Acts of war", and that we dumbass 'Murricans are only thinking of that as an act of war is bullshit. It discards everything else, and is worthy of a paranoid's conspiracy theory frame of mind. Cherry picking what supports one's argument and discarding the rest.

      But let's get onto Acts of war. That is the wrong term. What everyone is looking for is Casus belli, not specifically acts of war . There is a relationship, but not a direct tit for tat. A Casus belli can be just about anything. The Bush II administration declared a Casus belli on Iraq for non-compliance with the cease fire in the 1990-91 war. Lame, but an example. WW1 started with the Assassination of Archduke Ferdinand of Austria and was a Casus belli. No direct attack happened.

      Actual Acts of war are incidents like the Japanese attack on Pearl Harbor. No questioning that. A few have been manufactured, like the Gulf of Tonkin false flag operation. But still, there is a difference between the two, and Russia and a company in England didn't physically attack the US. Now since physical acts of war preceded the internet - there might be additions to Acts of war given that we and other countries have been stupid enough to put things like the power grid on the internet.

      But let's dig a little deeper.

      So now we get to the hacking of both the Republican and Democrat servers, but the systematic release of only the Democrat party information. https://www.snopes.com/news/20... Interestingly a Republican from Texas also broke this, then retracted it a few moments later - which in some cases indicates the veracity of the original statement. https://www.mediaite.com/onlin... But that's pretty interesting - I wonder why the Republican data wasn't presented? And if people think that the DNC's marginalization of Bernie Sanders was bad, they conveniently forget how actively Republicans worked to destroy moderate Republicans in order to replace them with ideologically pure candidates.

      So we have a really sketchy attempt to use Russian crypto equipment, selective hacked data disclosure, and an unfolding story of Russian money coming into NRA dark campaign campaign funds for the politicians they own, and more. Facebook is a blip on the screen, but disturbing on the whole because in some of the other countries it was involved in more violent activities.

      Regardless, the whole Facebook issue is that Cambridge Analytica was caught once, supposedly deleted the data, didn't, then used it and more data again, and as it turns out, are a really slimey organization. https://www.youtube.com/watch?... The shock of the whole thing was that it finally proved beyond doubt that Facebook is directly involved in the Cambridge Analytica malfeasance. That they will sell your data to organizations that are pathological in nature. That some people were naive enough to not think thair data would be used in such a fashion was hammered home.

      --
      The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
    11. Re:Undecided by Rakarra · · Score: 1

      Speaking of false flags...

    12. Re: Undecided by Rakarra · · Score: 1

      The parents are the parents. It is naturally their call, not the teachers'.

  2. Doing them a favor. by WolfgangVL · · Score: 2, Interesting

    This little circle-jerk just closed off viable attack vectors that could have been used in a real defense situation.

    Retaliation in 3...2....1.....

    --
    You are being ripped off every second of every day, so that advertisers can help rip you off even more tomorrow.
    1. Re:Doing them a favor. by schlumpf_louise · · Score: 1

      I came to Slashdot just now to see if anything was going on as we have had problems for the last few hours, websites such as channel4 and BBC keep becoming temporarily unavailable and some sites seem slow. Now I'm sure I'm not paranoid, maybe.

  3. Re:Vigilante ? More like the NSA. by Luckyo · · Score: 5, Interesting

    That's also why this is highly unlikely to be NSA. The folks doing intelligence work for government intelligence agencies don't fuck around like this. They go for the throat, and they go hard.

    And it's not like it's limited to US. In fact, one of the biggest complaints of FBI doing investigations of Russian for profit hackers was that almost every one they reported on to Russian authorities ended up being recruited for their intelligence apparatus.

  4. Valid targets now by Anonymous Coward · · Score: 1

    hope russia targets them for execution they are now valid combatants

  5. Re:get ready by ravenshrike · · Score: 2

    Ehhh, not entirely true. You could burn one set of exploits to to test response patterns, especially if you had other unknown hooks in both the systems you hit and at least some of the systems doing the cleanup. That requires you to have an entirely unrelated chain ready to go for part 2 of course. Course, this is relatively unlikely to be the case if a bunch of amateurs are behind it.

  6. 'Vigilante Hackers'? by rsilvergun · · Score: 1

    Attacking two politically sensitive countries? There are no air quotes big enough....

    --
    Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
  7. Re:Vigilante ? More like the NSA. by PolygamousRanchKid+ · · Score: 4, Interesting

    Don't kid yourselves, the baddest motherfuckers in the world of computers are employed by governments.

    . . . when "The Pros" hack into a system . . . they don't tell anyone about it.

    . . . when "The Schmoes" hack into a system . . .they brag about it on Facebook.

    One of the oldest rules in the book is that you never let your enemy know that you have compromised them. That way, they will continue to expose valuable information that you can exploit.

    If you leave behind an email stating, "You've been hacked!" . . . that's game over for that exploit.

    There used to be an ancient joke that "spooky folks" would pass around, that went something like:

    "Did you hear the story of the greatest spy coup of all time . . . ?"

    "No . . . you didn't . . . and you never will."

    --
    Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
  8. Re:Vigilante ? More like the NSA. by cdsparrow · · Score: 1

    Hope these script kiddies have somebody to taste their food and open their mail for them. Assuming anything of worth was actually touched. If not, meh....

  9. Re:Right by johanw · · Score: 1, Troll

    Says who? Any script kiddy in the west that gets a website down is immediately refered to as "Russian state hacker", so don't be surprised when the Russians react the same.

  10. Re:Stop blaming the Russians by johanw · · Score: 2

    > to not accept that so many Americans willingly voted for the current president is hiding the head in the sand.

    I prefer to think that is was mostly a choice for the lesser evil.

  11. Re: Vigilante ? More like the NSA. by Anonymous Coward · · Score: 1

    Thank you for joining the Russians Not Pretending To Be Other Nationalities Club.
    We welcome new members.

  12. Dear TLAs and Trump by Snotnose · · Score: 1

    So, somebody broke the routers in 2 countries. We all know you know the holes used. We all know you aren't the only ones who know the holes used.

    Wouldn't it be nice if you could be pro-active for once and tell the router makers about all the holes you exploit?

    My bad. I understand your job is to fuck the other guy, even if the other guy can fuck us the same way.

    1. Re:Dear TLAs and Trump by slashdot_commentator · · Score: 3, Informative

      Wouldn't it be nice if you could be pro-active for once and tell the router makers about all the holes you exploit?

      Stupid, the router makers already know about the holes. They're just too languid in their response time to issue a patch. And even worse, admins and infrastructure managers are too slow to apply those patches and replace unpatchable (too old) machines.

      --
      There is no America. There is no democracy. There is only IBM and AT&T and DuPont, Dow, General Electric, and Exxon
  13. ShanghaiBill, what you said seems reasonable. by Futurepower(R) · · Score: 2

    ShanghaiBill, what you said seems reasonable to me. For example, I recently had a very helpful discussion with a Russian immigrant here in the U.S. about the main Russian culture. I've had many discussions with Iranian immigrants. So I think I may have some basic understanding of those cultures.

    I'm surprised that other responses to your comment were so negative and so hostile.

    Hostile people: Be leaders. Don't be destructive. Use logic, not anger.

    1. Re:ShanghaiBill, what you said seems reasonable. by ShanghaiBill · · Score: 1

      I'm surprised that other responses to your comment were so negative and so hostile.

      Two of the responses were hostile, and were most likely written by the same AC. I don't think his comments were directed at anything I said, but rather at me personally. I seem to have attracted my own private little AC troll who follows me from discussion to discussion to fling insults, like "Trump-supporting-Nazi" (I didn't vote for Trump) and "treasonous faggot" (I am heterosexual). I actually find the attention to be quite flattering.

  14. Re:Vigilante ? More like the NSA. by AHuxley · · Score: 1

    NSA likes to get in and stay in for decades. Hide and enjoy no crypto on the trusted side of a network.

    --
    Domestic spying is now "Benign Information Gathering"
  15. Re:Vigilante ? More like the NSA. by Zontar+The+Mindless · · Score: 2

    I have read your rambling wall-o'-text 3 times.

    It made no more sense the third time than it did either of the first two. Which is to say, little or none.

    Some review of grammar and punctuation might enable you to *communicate* rather than merely *express*. Seriously.

    --
    Il n'y a pas de Planet B.
  16. They lost.. by wolfheart111 · · Score: 1

    that card :|

    --
    [($)]
  17. Re:Vigilante ? More like the NSA. by Zontar+The+Mindless · · Score: 1, Offtopic

    The Slashdot message centre informed me that there was a response to my post, but I see this isn't the case.

    --
    Il n'y a pas de Planet B.
  18. Useful idiots by comodoro · · Score: 1

    This is what Lenin called "useful idiots". People who believe propaganda and do dirty work for its creators. Were it the other way round, it would be considered hostile and criminal attack. If people just realized that there is no substantial difference from what they are doing, there would be much less warfare (probably).

  19. ASCII art by DontBeAMoran · · Score: 3, Insightful

    Their image of the American flag was a black-and-white drawing done with ASCII art.

    What really troubles me about this is the choice of image format used to save the screenshot of the ASCII art. Why are people still using JPEG for non-photographic images in 2018?

    --
    #DeleteFacebook
    1. Re:ASCII art by DontBeAMoran · · Score: 1

      Don't get me started about the current abuse of animated GIFs. Sometimes I view a page where there's a 50MB animated GIF instead of a 2MB video. People are insane and those making those technical decisions should lose their job.

      --
      #DeleteFacebook
    2. Re:ASCII art by Galaxyunlock · · Score: 1

      why so much comment on this slash compare to others.

      --
      @galaxyunlocks
  20. Re:Vigilante ? More like the NSA. by Zontar+The+Mindless · · Score: 1

    Whoever modded this Off-Topic is a fucking moron.

    --
    Il n'y a pas de Planet B.
  21. Fuck off with this neocon BS on a tech site .. by najajomo · · Score: 1

    "We were tired of attacks from government-backed hackers on the United States and other countries," someone in control of an email address left in the note told Motherboard Saturday"

  22. Re:Vigilante ? More like the NSA. by rtb61 · · Score: 1

    Proof reading would Indicate I give a fuck, rather than just having fun, except for the Puerto Rico bit, which I will repeat https://www.youtube.com/watch?..., Australia Puerto Rico volume 2, just more profitable, fuck off.

    --
    Chaos - everything, everywhere, everywhen
  23. How'd they get Cisco routers? by sabbede · · Score: 1

    Considering all the controls and export bans, I'm a bit surprised. Especially with Iran. I didn't think they were allowed to buy such devices.

  24. Sounds like CIA to me... by PortHaven · · Score: 1

    Vigilante hackers (or nation-state in disguise, with famed reputation of being behind the vast majority of cyberhacks of nation-states.)

  25. Re:Vigilante ? More like the NSA. by Rakarra · · Score: 1

    The trolls have lots of mod points and get vindictive these days. You just have to shrug, ignore the mod totals you get (because they don't mean shit), and move on.