The Nearest Neighbor Attack

41 points by throwaway99210 3 days ago | 9 comments

kmeisthax 5 hours ago |
So, as I understand it, you 0wn a machine in one organization, then use it to tunnel over to Wi-Fi in the building next door, 0wn another machine there, rinse and repeat until you've created the world's least consensual mesh network?
mandevil 5 hours ago |
From thousands of kilometers away, to make attribution/legal issues even more complex.
_nalply 4 hours ago |
They are exploiting that Wifi didn't have 2fa, because they couldn't overcome 2fa. A company accross the street had a machine that both was accessible by ethernet and wifi and they used that as a bridge.
Conclusions:
1. Anything that doesn't have 2fa is leaking like a sieve.
2. The targeted company needs to implement 2fa for their Wifi as well.
Not mentioned, but I assume that their 2fa is using specialised hardware gadgets like Yubikey and not texts or totp, because else they could target the cell phones, and like everything else they are leaking, or they are attacking the cell phone base stations.
Final conclusion:
A network is as strong as the weakest link. In that case Wifi was not protected by strong 2fa and could be used to breach.
eru 2 hours ago |
> A network is as strong as the weakest link.
Depends on how you look at it. We have end-to-end security with things like https, so we don't need to worry about the links in the middle.
Sesse__ an hour ago |
> Final conclusion: A network is as strong as the weakest link.
Final conclusion: Do not trust a device just because it happens to be on your local network.
thrdbndndn 2 hours ago |
why do you type 0wn (zero) instead of own?
0xEF 2 hours ago |
Putting the "hacker" back in Hacker News, I guess
dijksterhuis 9 minutes ago |
i believe it’s pronounced H4x0r
_hl_ 31 minutes ago |
What’s wrong with the tried-and-tested technique of flying a guy or girl over there to drop a small gadget in WiFi proximity?