Fancy Bear is back to its old tricks of exploiting IoT and doing network recon

By Jonathan Terrasi Published August 6, 2019

In a new intelligence report on threats was released this week by Microsoft, which claims to have detected resumed activity, in the form of Internet of Things (IoT) device compromise, from Russian hacking group Fancy Bear.

The group, alternatively known by its STRONTIU or APT28 designations and thought to be an arm of Russian state intelligence, was found to have taken control of networked appliances such as printers as a way of pivoting deeper into the network. Once inside, the attackers would then find vulnerable, secluded portions of it to establish persistence and, finally, phone home to command and control servers. According to Microsoft’s findings, the attackers primarily targeted critical government or civic infrastructure including political, defense, medical, and engineering networks.

Recommended Videos

It is not clear whether the organizations whose networks were breached were the ultimate intended targets, or simply cover for hiding resources for later use. If the attribution to Fancy Bear is accurate, these reported intrusions would constitute the latest in a long string of attack from the group that depends heavily on IoT compromise.

Fancy Bear is most famous for infiltrating the network of the Democratic National Committee in 2016, but their oeuvre is otherwise largely based on breaking into routers and other small network appliances. In 2017, the group turned its attention to hotel networks, which they seized control of by exploiting network equipment. The group followed that up with the VPNFilter attack last year, which also took over routers.

This recent pattern from Fancy Bear brings an evolving picture of the Russian state-sponsored hackers into sharper resolution. Whereas the group formerly appeared content to break into specific kinds of networks simply to monitor them, Fancy Bear’s attack on hotel Wi-Fi positioned them to spy on guests of those hotels. The IoT compromise that Microsoft detailed fits a new pattern of conducting reconnaissance on networks they breach and following up with corresponding next steps.

The fact that Fancy Bear’s predisposition toward IoT has not changed should come as no surprise, as the perennially weak security of this class of devices provides ample attack surface. It is for this reason that some of the biggest DDoS attacks to date have been executed by enormous global botnets of IoT devices, such as the Mirai botnet.

Topics

Jonathan Terrasi

Former Digital Trends Contributor

Jonathan has studiously followed trends in technology, particularly in information security and digital privacy, since 2014…

Computing

ChatGPT now interprets photos better than an art critic and an investigator combined

OpenAI press image

ChatGPT's recent image generation capabilities have challenged our previous understing of AI-generated media. The recently announced GPT-4o model demonstrates noteworthy abilities of interpreting images with high accuracy and recreating them with viral effects, such as that inspired by Studio Ghibli. It even masters text in AI-generated images, which has previously been difficult for AI. And now, it is launching two new models capable of dissecting images for cues to gather far more information that might even fail a human glance.

OpenAI announced two new models earlier this week that take ChatGPT's thinking abilities up a notch. Its new o3 model, which OpenAI calls its "most powerful reasoning model" improves on the existing interpretation and perception abilities, getting better at "coding, math, science, visual perception, and more," the organization claims. Meanwhile, the o4-mini is a smaller and faster model for "cost-efficient reasoning" in the same avenues. The news follows OpenAI's recent launch of the GPT-4.1 class of models, which brings faster processing and deeper context.

Computing

Microsoft’s Copilot Vision AI is now free to use, but only for these 9 sites

Copilot Vision graphic.

After months of teasers, previews, and select rollouts, Microsoft's Copilot Vision is now available to try for all Edge users in the U.S. The flashy new AI tool is designed to watch your screen as you browse so you can ask it various questions about what you're doing and get useful context-appropriate responses. The main catch, however, is that it currently only works with nine websites.

For the most part, these nine websites seem like pretty random choices, too. We have Amazon, which makes sense, but also Geoguessr? I'm pretty sure the point of that site is to try and guess where you are on the map without any help. Anyway, the full site list is as follows:

Computing

Fun things to ask ChatGPT now that it remembers everything

ChatGPT on a laptop

If you hadn't heard, ChatGPT's memory just got a whole lot better. Rolled out across the world to Plus and Pro users over the past few days, ChatGPT's various models can now reference almost any past conversation you had. It doesn't remember everything word for word, but can pull significant details, themes, and important points of reference from just about anything you've ever said to it.

It feels a little creepy at times, but ChatGPT can now be used for much more personalized tasks. OpenAI pitches this as a way to improve its scheduling feature to use it as a personal assistant, or to help you continue longer chats over extended periods of time. But it's also quite fun to see what ChatGPT can tell you by trawling throughh all your chatlogs. It's often surprising some of the answers it spits out in response.