In A Hack Never Seen Before, Russian Spies Used Wi - Fi To Hop From One Network To Another.
By Taking Control Of A Laptop In A Different Building Across The Block, Russia's APT28 Hacker Collective Appears To Have Remotely Compromised An Espionage Target's Wi-Fi For The First Time.
For a long time, a successful but dangerous method for determined hackers has been to sit in a car outside a target's building and use radio equipment to access the Wi-Fi network. When Russian GRU military intelligence spies were apprehended in 2018 on a dutch city street attempting to hack into the organization for the prohibition of chemical weapons' Wi-Fi using an antenna concealed in their car's trunk, these damages were made abundantly evident.
The same group of Russian military hackers, however, seems to have created a new and much safer method of hacking Wi-Fi since that incident. Rather than going into the target's radio range, they discovered another weak network in a building across the street, remotely compromised a laptop in that building, and used the antenna of that computer to gain access to the target's Wi-Fi network. This method of radio hacking never even required leaving Russian territory. Volexity finally learned in this recently made public case from early 2022 that the Russian hackers had not only used Wi-Fi to get to the target network from another compromised network across the street, but that this previous breach had also possibly been carried out using Wi-Fi from another network in the same building - a process known as " Daisy- Chaining " of Wi-Fi network breaches , as Adair puts it.
" This is the first instance in which an attacker from a great distance actually broke into other US organization that were physically close to the intended target before turning around over Wi-Fi to access the target network across the street," adds Adair. " We have never seen an intriguing attack vector before. They are willing to deploy someone in person if the goal is significant enough. However, if you can think of an alternative like what we are can see here, you don't have to do that," Hultquist says. " This has the potential to significantly improve those operations, and if it hasn't already, we will likely see more of it."