Ein sehr schönes Video von #veritasium, @srlabs und #LinusTechTips zu #SS7-Hacking, in dem sie gut verständlich demonstrieren, wie SMS und Gespräche unbemerkt vom Opfer zu beliebigen Dritten in der Welt umgeleitet werden können und wie jedes Mobiltelefon weltweit getrackt werden kann.

https://www.youtube.com/watch?v=wVyu7NB7W6Y

It has long been known that timing analyses are a *theoretical* attack on Tor. By distributing the circuits across different jurisdictions, the goal was to make these attacks impractical to implement:

Only a "global adversary" should be able to break the anonymity by correlating the traffic from entry and exit nodes. Correlation becomes even easier if delays or content can be actively introduced into the traffic pattern.

Just as we could (theoretically) become a "global adversary" by renting enough servers, law enforcement agencies can (practically) achieve this through close cooperation, especially since Tor nodes are not evenly distributed across jurisdictions but tend to cluster in certain regions.

Western law enforcement agencies seem to have reached the "global adversary" level through collaboration (in isolated cases and certainly with significant effort). What is problematic for Tor is that other "law enforcement agencies," whose focus is on dissidents, whistleblowers, and journalists, could do the same.

So, it is finally time for cover traffic and random delays: nodes in the Tor network would introduce a random traffic background noise as well as random delays to make targeted correlations more difficult. This would make Tor even slower. This is probably why it has been avoided until now.

In conclusion, we would like to emphasize that there is no reason for regular users of the Tor browser to worry about their anonymity. These are highly targeted attacks on individual accounts of the messenger "Ricochet" over extended periods of time. Because the messenger, unlike a browser, is also reachable, it naturally has an increased attack surface for timing analyses.

https://www.tagesschau.de/investigativ/panorama/tor-netzwerk-100.html

CCC researchers had live access to 2nd factor SMS of more than 200 affected companies - served conveniently by IdentifyMobile who logged this sensitive data online without access control.
You had one job.

https://www.ccc.de/en/updates/2024/2fa-sms

In the red team at @srlabs we became increasingly frustrated with ineffective detection and response for the late stages of our hacking attacks.

The frustration became high enough to develop an internal honeypot / deception strategy that would be good enough to catch us.

It's finally ready and together with my colleague Niklas van Dornick, I'll be at @WEareTROOPERS next week to present it!

We'll tell you why expensive deception tooling is often a waste of money and how we developed an internal honeypot that looks too juicy to ignore for attackers.

PS: implementation is _almost_ done, see you next week :)

Der @kantorkel und sein Team waren mal wieder auf Datenreise.

Zeit, Guardian und Le Monde berichten über #bogusbazaar, das Fake Shop Netzwerk as a service mit Millionenumsätzen auf Zehntausenden Domains.

Zeit für ein @lnp Spezial ;)

From: @srlabs
https://infosec.exchange/@srlabs/112403491531265492

#bogusbazaar

The Guardian: Chinese network behind one of world’s ‘largest online scams’
https://www.theguardian.com/money/article/2024/may/08/chinese-network-behind-one-of-worlds-largest-online-scams

Le Monde: Arnaques en ligne : dans les coulisses du plus grand réseau de faux sites marchands au monde
https://www.lemonde.fr/pixels/article/2024/05/08/arnaques-en-ligne-dans-les-coulisses-du-plus-grand-reseau-de-faux-sites-marchands-au-monde_6232138_4408996.html

Die Zeit: Fake-Shops von der Stange
https://www.zeit.de/2024/21/gefaelschte-online-shops-fake-shops-betrug-china

SRLabs: BOGUSBAZAAR: A CRIMINAL NETWORK OF WEBSHOP FRAUDSTERS
https://www.srlabs.de/blog-post/bogusbazaar

Kudos, @kantorkel and team!