top | item 46411445

(no title)

Pretty unlikely in my book. This runs OpenWRT out of the box. Given, there are still closed source binary blobs in these things, especially around WiFi 6 and frequently the customizations for the kernel isn't released, but those tend to be more expensive locations to place backdoors especially when the system is very open to inspection. These kind of devices are VERY frequently torn down by security researchers and used in WiFi shoot-outs leading to much higher potential increased detection of anything present.

A lot of this these "backdoor" style hypothesis' still need a motive justification for the cost. Who would they be targeting? What is the potential value of the backdoor?

Given the visibility and complex locations required for the firmware, this would be an expensive backdoor to put in place for any amount of time. The attack is completely untargeted, at best you may be able to say tech enthusiasts that travel. You probably can't count on executive targeting, this device requires a separate battery pack as well as per-site configuration as opposed to pairing to their iPhone and not carrying all that extra stuff.

What are the chances of an expensive, high-visibility backdoor showing up in a dirt cheap product line for a high-risk untargeted attack? Pretty low in my book but your threat model may vary.

discuss

daneel_w|2 months ago

Wow. It's as if you're completely unaware of how lucrative the market for malware in affordable IoT devices is.

It doesn't have to be targeted. The general demographic is a fantastic subject, and cheap affordable devices are a fantastic method. If one such trojan network device happen to end up in the home of an employee in a valuable position, or better yet in some office, an attacker has a chance to pivot further into a network.