[teruakohatu]

> Seems pretty amateurish...

It is for manually targeted attacks. Once it is deployed, the damage is done and the victim is notified. They don't need C&C. The hardcoded victim name is probably just a big FU.

You can have excellent perimeter security but this organisation might just bribe an employee to gain access.

It is far more scary than some automated bot scanning for ports.

[Memosyne]

I'm not denying its effectiveness, just remarking on its technical merit as a topic of discussion. Once the system is already compromised it becomes less about the payload and more about the attack vector involved. If the payload in question was using novel techniques then it would be a different story but the analysis shows the program to be relatively rudimentary.

[jlgaddis]

Well, no point in over-engineering a solution, right?

To put it another way, sounds like they moved fast (and maybe broke a few things?), put together an MVP that meets their needs, rolled it out, and are now likely learning and gathering feedback for their next iteration... sounds like they fit right in around here!

(This thread reminded me of something a cow-orker used to say: "If it's stupid but it works, it's not stupid".)

[cutemonster]

Keeping things simple can be a good judgement decision? (This time in a weird context)

> ELF binary contains some debug information

But that sounds weird to me

[Memosyne]

Hm, I possibly misused the term "amateurish" when I meant "simple". My apologies for the confusion.

[stevefan1999]

FU in terms of Fear & Uncertainty or f*ck you？

[jand]

I read it as f* up.