Russia Fronton Tool ‘Will Take Down Entire Countries’

A hacking group that’s a thorn in the side of the Russian state is at it again. Digital Revolution has dumped a trove of documents alleging Putin’s FSB commissioned a powerful DDoS tool called Fronton.

The idea is to hack IoT devices, corralling them into a huge botnet. Then they can be unleashed onto, say, a country’s DNS servers.

Social isolation is beginning to sound like a good thing. In today’s SB Blogwatch, we wash our hands of the whole thing.

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: radioactive irony.


IoT DDoS BBQ

What’s the craic, Zak? Mister Doffman reports—“Putin’s Secret Intelligence Agency Hacked: Dangerous New ‘Cyber Weapons’ Now Exposed”:

 Red faces in Red Square, again. … Reports have emerged from Russia of another shocking security breach within the FSB [which] has exposed “a new weapon,” … that can execute cyber attacks on … the millions of [IoT] connected devices now in our homes and offices.

The security contractors highlight retained default “factory” passwords as the obvious weakness, one that is easy to exploit. … The intent of the program is … to herd them together into a botnet that can be used to attack … internet platforms, or the infrastructure within entire countries [for example] social networking sites, file hosting services, [or] DNS servers.

there are countless warnings about the insecurity of IoT devices. These need to have regular firmwares updates and factory-set credentials reset before setup. [And] IoT devices now represent the easiest route into many enterprises. Hacking a printer, VoIP phone, network switch, smart appliance or insecure mobile device is much easier.

[FSB] is the successor to the KGB and reports directly to … Putin. The fact that these kind of tools are being contracted out … given the current geopolitical climate should give us all serious pause for thought.

Nation shall hack unto nation? Aunty Beeb’s Andrey Soshnikov is lost in translation—“A new cyber weapon ordered by the FSB”:

 The Fronton technical documentation was released by hackers … Digital Revolution. … Fronton, Fronton-3D and Fronton-18 … allow you to infect “smart” devices (from digital assistants to entire “smart” houses), integrate them into a network, and “crash” the servers responsible for the stability of large internet services and the internet in entire countries.

[The dump] consists of 12 technical documents, diagrams, and code fragments created in 2017-2018. … One of the documents is a “prototype development work order”, which, according to the leak, was allegedly prepared by InformInvestGroup CJSC by order of military unit No. 64829, better known as the FSB Information Security Center.

And Kirill Sergeev, too—“Cyber weapon could leave entire country without a network”:

 Judging by the data from the leak, Fronton is able to infect a large list of “smart” devices, integrate them into a network and then use it to attack DNS servers responsible for the Internet in entire countries. … the published documents say that an attack of several hundred thousand machines can paralyze the work of Internet services across the state for several hours.

But is it true? Maybe not this specific report, but melted thinks it doesn’t matter:

 I’d be surprised if they weren’t doing this. Your average IoT gadget has more holes in it than Swiss cheese, and it never gets updated.

I’d frankly ban them at the federal level until they get their **** together.

Meanwhile, it’s a welcome return to form for arglebargle_xiv:

 It is pretty brave of them to admit to hacking an FSB-affiliated organisation. I half expected the report to say “the FSB contractor was hacked by the group that used to operate from where that large smoking hole in the ground is.”

In other news, Robin Emmott and Anastasia Teterevela report—“Russia deploying coronavirus disinformation to sow panic in West”:

 The EU document said the Russian campaign, pushing fake news online in English, Spanish, Italian, German and French, uses contradictory, confusing and malicious reports. … “The overarching aim of Kremlin disinformation is to aggravate the public health crisis in Western countries … in line with the Kremlin’s broader strategy of attempting to subvert European societies,” the document produced by the EU’s foreign policy arm, the European External Action Service, said.

The EU document cited examples from Lithuania to Ukraine, including false claims that a U.S. soldier deployed to Lithuania was infected and hospitalized. … It quoted fake news created by Russia in Italy … alleging that the 27-nation EU was unable to effectively deal with the pandemic.

“Pro-Kremlin disinformation messages advance a narrative that coronavirus is a human creation, weaponized by the West,” said the report. … An EU spokesman accused Moscow of “playing with people’s lives” and appealed to EU citizens to “be very careful” and only use news sources they trust.

The Kremlin denied the allegations … saying they were unfounded and lacked common sense. … Kremlin spokesman Dmitry Peskov pointed to what he said was the lack … of a specific example or link to a specific media outlet.

Can two play at that game? dimitar:

 Not a single person has been reported to have died in Russia even though [it] has a border with China and there is a huge interaction between the two countries.

The Russian government is not taking this seriously and will try to cover up cases. This will be Chernobyl all over again.

Does it really matter? Matt Leo illustrates:

 There was a guy, probably in his 60s, at the drug store the other day loudly proclaiming that he wasn’t afraid of this virus, that it was “just another flu” and if he got it he’d “kick its ass in three days.”

These are the kinds of morons that are the target of disinformation campaigns. All you need is a few hundred of them in an area and you can force the government to extend the shutdown orders by weeks.

Meanwhile, zapttt elevates eyerolling to high art:

 We’ve always been at war with Eastasia.

And Finally:

Speaking of healthcare fakery

Previously in And Finally


You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites… so you don’t have to. Hate mail may be directed to @RiCHi or sbbw@richi.uk. Ask your doctor before reading. Your mileage may vary. E&OE.

Image source: Digital Revolution

Featured eBook
How Your Vendor Access Management Tools Are Putting Your Company at Risk

How Your Vendor Access Management Tools Are Putting Your Company at Risk

If third parties are accessing your network, whether you’re using a VPN, a vendor-supplied support tool, or a Privileged Access Management (PAM) solution to manage network vendor access, the limitations of those tools leave you vulnerable to breaches. But you can’t manage risks that you don’t know you have. Vendor Privileged Access Management (VPAM) is ... Read More
SecureLink

Richi Jennings

Richi is a foolish independent industry analyst, editor, writer, and fan of the Oxford comma. He’s previously written or edited for Computerworld, Petri, Microsoft, HP, Cyren, Webroot, Micro Focus, Osterman Research, Ferris Research, NetApp on Forbes and CIO.com. His work has won awards from the American Society of Business Publication Editors, ABM/Jesse H. Neal, and B2B Magazine.

richi has 115 posts and counting.See all posts by richi