this post was submitted on 01 Feb 2024
254 points (98.1% liked)

Technology

58137 readers
4492 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
254
Chinese malware removed from SOHO routers after FBI issues covert commands (arstechnica.com)
submitted 7 months ago by [email protected] to c/[email protected]
49 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 19 points 7 months ago* (last edited 7 months ago) (2 children)

Your ISP knows the Mac address of your router since it requests a public IP from them using DHCP. That's why if you contact support they usually can confirm the brand of your router by doing an oui lookup.

In theory the FBI could have collected a list of MACs and optionally used an ASN lookup on the public IP and then handed each ISP their list of MACs, which the ISP could associate back to customers to contact. It would only not work for customers who spoof their router WANs ethernet mac.

But I think just patching it is a normal and fine solution imo.

[–] [email protected] 2 points 7 months ago (1 children)

Do you work in networking? How did you learn the magicks of the computer tongue?

[–] [email protected] 2 points 7 months ago* (last edited 7 months ago)

I only do web development, but my networking knowledge mostly comes from being the designated person to call the ISP for tech support and being in charge of setting up the WiFi in every place that I've lived, in addition to participating and running community scale mesh wifi tech meetups for many years (think NYCMesh except just 4 guys who never accomplished much aside from buying and flashing lots of routers with openwrt lmao)

I also ran 12Us of homelab for a few years in my basement, which was powered by an overkill fiber to the home setup (courtesy of tricking Comcast into undercharging me for gigabit pro) that necessitated a 10G switch and firewall.

[–] [email protected] 1 points 3 months ago

Or I mean, Shodan exists. I'm sure the gov has better.

A theoretical botnet I was looking at on github used shodan to identify possible targets to infect.