learned something new today : Warshipping. apparently, it's a thing

turkeydance

Well-Known Member
Life Member
Supporting Member
Joined
Jul 17, 2017
Messages
4,433
Location
nc
Rating - 100%
4   0   0
quote:
Why break into a company’s network when you can just walk right in — literally?

Gone could be the days of having to find a zero-day vulnerability in a target’s website, or having to scramble for breached usernames and passwords to break through a company’s login pages.
And certainly there will be no need to park outside a building and brute-force the Wi-Fi network password. Just drop your exploit in the mail and let your friendly postal worker deliver it to your target’s door.

This newly named technique — dubbed “warshipping” — is not a new concept.

https://techcrunch.com/2019/08/06/warshipping-hackers-ship-exploits-mail-room/
 
Last edited:
The more sophisticated hackers just drop it in the parking lot. Someone is bound to find it and curiosity gets it into a USB port.
 
Stuxnet. Pretty much how the Iranian centrifuges got taken out when they had air gapped systems.

I would just mail thumb drives as swag gifts with hidden viruses. When someone pops it into a computer, and someone will, bam, keylogger that phones home. Would cost a buck or two.
 
I would just mail thumb drives as swag gifts with hidden viruses. When someone pops it into a computer, and someone will, bam, keylogger that phones home. Would cost a buck or two.
Just leave them in the bathroom, if you want to make it even easier make a doc that's called pending layoffs.
 
Stuxnet. Pretty much how the Iranian centrifuges got taken out when they had air gapped systems.
The whole Stuxnet thing was pretty amazing.
 
Last edited:
Just leave them in the bathroom, if you want to make it even easier make a doc that's called pending layoffs.

Or Company Salary/Pay spreadsheet

Even IT nerds who know not to mess with stuff like a random thumb drive can’t resist something like that
 
Back
Top Bottom