Cross platform malware is a Thing now, and has been for several years. It's
fortunately not very prevalent yet.
On Apr 10, 2016 3:36 PM, "Bill Prince" <part15...@gmail.com> wrote:
> I don't believe it.
>
> We have a friend that comes to some outrageous conclusions with scant
> information, and practically zero technical knowledge. Yet when he explains
> something, he sounds perfectly reasonable with impeccable logic. It just
> never is.
>
> bp
> <part15sbs{at}gmail{dot}com>
>
>
> On 4/10/2016 1:29 PM, That One Guy /sarcasm wrote:
>
> So we have this customer who experienced a ferocious malware, still
> waiting on more details from the customer, its very interesting because it
> crossed multiple platforms. multiple cell phones, a satellite DVR, a PC
> etc. Im not sure how he verified infection, but he did have to factory his
> phones, his PC he said required a hard drive replacement (not sure what or
> who decided this) not sure how the satellite DVR was mitigated. He thinks
> it came from a Rise Broadband (formerly Prairie Inet ESSID (I doubt this,
> the ESSIDs prairie inet ran were open, with other security for the access)
> With it being as cross platform as it was im wondering how i would check
> the air router we provide to see if it got hit as well. All we do is a dump
> file on the current firmware that sets a password, ensures 443 is open,
> sets a DMZ to an IP out of the DHCP scope, and we manually set the ESSID
> with WPA2, the key being the MAC on the label ( it think this is the WLAN)
> (we disable snmp, telnet, but leave ssh open), we also turn off CDP and the
> ubnt discovery
>
>
> Im hoping he has some good info on what this actually was, and its not
> just a case of his buddy jim telling him all this.
>
> Anybody know of something in the wild capable of hitting all these devices
> across a network (wired/wireless)
>
> Im asking about the airrrouter in particular, considering if it were
> impacted, that could be a mess at the POP since most customer NAT are in
> the same subnet, with duplicate configs
>
> --
> If you only see yourself as part of the team but you don't see your team
> as part of yourself you have already failed as part of the team.
>
>
>
