[alanfranz]

That's an amateur job. Resin explains it - you try to do some exfiltration via an external commercial service? Come on.

If the author had setup an encrypted partition where all the "real stuff" was found, and the key for such partition was in-memory only, possibly going alone one of the small rpi UPS/batteries to prevent minor electrical hiccups to make the whole operation fail.... it would have been almost impossible to get back at the author.

Also, using a nice "black box" that looked like a sort of electronic device, instead of some randomly put together rpi+pieces, would have made the device mostly invisible.

So: an amateurish hacking job.

[dingaling]

> Also, using a nice "black box" that looked like a sort of electronic device

Disguised as one of those generic thermostat boxes on a wall it'd go unnoticed by 99.999% of people. Bonus points for a twiddly wheel.

[theamk]

Or even better: find an old ethernet switch, gut it (but keep the connectors) and put Raspberry PI inside. You will need to solder 6 wires for ethernet and power, but the pins are fairly large so this should be easy.

Even if discovered, most people would not bother taking it apart --- they'll just assume it is broken and throw it away.

[jordan801]

This is exactly what I was thinking. Even the network admin would probably be like, "well, I don't think so but I'd better not mess with it, just in case it's how the CEO is getting internet". Unless of course they engineered the network originally.

[jandrese]

Or as a PoE injector. Even better is to make it piggyback on an actual PoE injector plugged into legitimate hardware.

[bigiain]

I have a 4 outlet "surge protection" power board with a Pi Zero W, and USB power supply, and 4 240V mains relays and drivers all neatly tucked/hidden inside... I use it as Wi-Fi controllable power points, not for pen testing, but at this stage that's just a software update...

[ParanoidShroom]

Or a power plug...

Article: https://www.hln.be/regio/antwerpen/rechter-straft-it-special...

Check out the image in the article. They attached keyloggers and sent the strokes to the box. Saving them and once in a week dump them over to a car in the parking lot.

The original article is great, but the guy was really not putting any effort into it.

[cm2187]

Or a box with a high voltage warning sticker. Unlikely anyone will want to toy with it.

[GuB-42]

A high voltage warning sticker is likely to gather a lot of attention, especially inside a network closet.

There are many rules related to where high voltage stuff should be, how it should be installed and who can access it. And unless you do it by the rules (unlikely), it will get caught up during a safety inspection.

[cerberusss]

Okay what about one of those biohazard stickers then?

[jplayer01]

The goal is to avoid being noticed or drawing attention. Do you really think a biohazard sticker in a server closet wouldn't draw attention?

[Piskvorrr]

Probably just the "meh, another wannabe logo" type - abuse of nuclear/biohazard warning signs is becoming an issue.

https://99percentinvisible.org/article/biohazard-symbol-desi...

[fps_doug]

Encryption was the first thing I expected when he showed the partition table; so much about the "gifted child" :-)

But even if you don't care, at least DON'T SIGN UP WITH YOUR REAL NAME to that service. What the freaking heck? I really hope they get what they deserve.