Is buffer overrun being used to crash the software in these remote piloted drones, or is it being used along side the exploit to allow a rootkit to be installed to take total control of the craft to land it undamaged as Iran did? Rumors relative to cyber warfare are floating around relative to the recent crashes/landings. Everyone in this forum knows the capabilities of illegitimate Russian and Chinese hackers when it comes to malware; we have all dealt with it at one time or another. Maybe the next headline will read, "Russian TDL4 Rootkit Technology Allows Hackers to Safely Land Drone in Iran." I sometimes wonder if our gov't knows what terms like "binary code" and "patching" refer to? I wonder if they know anything about how code can easily be injected into Ring 0 remotely, esp. when no countermeasures are installed? It is scary. I think the US gov't may be way behind in the cyber warfare race.
I bet all of that keylogger data that was exfiltrated by the hackers back in October came in handy recently when the hackers patched the kernel and took complete control of the crafts (speculation). They had to gather intel on how to control the thing so they would not crash it once they initiated their kernel hook.
I bet all of that keylogger data that was exfiltrated by the hackers back in October came in handy recently when the hackers patched the kernel and took complete control of the crafts (speculation). They had to gather intel on how to control the thing so they would not crash it once they initiated their kernel hook.
