undefined | Better HN

0 pointslmm2y ago0 comments

What's the realistic threat model here? Someone hacks your company and during their exploitation window they're going to focus on... keylogging/MITMing random devs (likely far more paranoid/observant than the average computer user) so that they can get access to their personal machines via some artisan crafted attack to maybe make a fraudulent transfer from one person's bank account? In what world is that a low-hanging fruit to go after?

0 comments

sneak2y ago

Devs in small companies often have a ton of access to systems and almost certainly aren’t heavily scrutinized about random novel binaries (being devs), so those are some of the first machines you’d target in an org.

You wouldn’t keylog “random devs”, you’d keylog all of the ones doing ops.

lmmOP2y ago

Would someone making a serious, targeted attack on the company focus on ops staff, and maybe go to the trouble of keylogging them? Sure. But those are precisely the attackers who wouldn't get distracted (and risk detection) going after those staff's personal machines.

j / k navigate · click thread line to collapse

0 pointslmm2y ago0 comments

0 comments

sneak2y ago

You wouldn’t keylog “random devs”, you’d keylog all of the ones doing ops.

lmmOP2y ago

j / k navigate · click thread line to collapse