@bruce @timbray @lcamtuf @rfc6919 @projectgus oh, absolutely...

lcamtuf :verified: :verified: :verified:'s posts Post Back to profile

@bruce @timbray @lcamtuf @rfc6919 @projectgus oh, absolutely agreed on all that. furthermore, whether or not THIS attack was state-sponsored, now everybody has seen the strategy.

Like 30 March at 4:17 | Wall-to-wall | Open on mastodon.social

4 comments

Bruce Heerssen

@irenes @timbray @lcamtuf @rfc6919 @projectgus

Yup. And to be clear, I don't necessarily think the US or UK in particular is behind this. I think it's more likely China, or perhaps Russia. The point is, we don't know. And like you implied, it could still turn out to have been an individual with an agenda.

30 March at 4:19 | Open on darkmoon.social

Janne Moren

@bruce @irenes @timbray @lcamtuf @rfc6919 @projectgus
Or, an individual with the idea of selling backdoors as a service. That'd be one reason to be this patient and persistent: you'd not use it (and presumably other created vulnerabilities) yourself once; you sell access to other people. With luck you could perhaps sell this a half a dozen times before it gets discovered and patched.

30 March at 4:52 | Open on fosstodon.org

lcamtuf :verified: :verified: :verified:

@jannem @bruce @irenes @timbray @rfc6919 @projectgus This is an awful lot of effort to put into a "product" that has a non-trivial chance of getting burned on first try if your customer is careless.

It's something you use when a really compelling need arises, and where you can control most of the variables to minimize the risk of loss.

30 March at 5:06 | Open on infosec.exchange

sabik

@irenes @bruce @timbray @lcamtuf @rfc6919 @projectgus
It seems like a pretty obvious strategy?

30 March at 6:44 | Open on rants.au

Go Up