this post was submitted on 31 Jul 2025
215 points (99.1% liked)

Technology

73534 readers
2864 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
215
In search of riches, hackers plant 4G-enabled Raspberry Pi in bank network (arstechnica.com)
submitted 2 days ago by Captainautism@lemmy.dbzer0.com to c/technology@lemmy.world
29 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] halcyoncmdr@lemmy.world 55 points 2 days ago* (last edited 2 days ago) (4 children)

Also our bank had some kind of port security so if it wasn't a recognized MAC address, the port just switched off.

And serious company will have this as basic security. It's a fundamental function even available on your consumer grade router at home. While it's overkill for that use, it's basic security for a company.

That's why it's not surprising at all that a bank didn't bother to do that. Banks have some of the most egregious security issues.

[–] AreaKode@lemmy.world 23 points 2 days ago* (last edited 2 days ago) (2 children)

... Which financial company do you work for?

[–] TropicalDingdong@lemmy.world 12 points 2 days ago (2 children)

That’s why it’s not surprising at all that a bank didn’t bother to do that. Banks have some of the most egregious security issues.

[–] FauxLiving@lemmy.world 5 points 2 days ago

Same as anywhere else. Complacency, lax auditing, temporary fixes which are in place for years, non-technical people making technical decisions (choosing convenience over security, generally).

[–] Lost_My_Mind@lemmy.world 8 points 2 days ago (1 children)

Remember when John Stewart only had SOME grey hair?

Hey, no judgement. 2020 had my hair looking like santa claus.

[–] sys110x@feddit.nl 18 points 2 days ago (2 children)

Don't stress mate. We've all aged in the 20 years between 2019 and 2025.

[–] gravitas_deficiency@sh.itjust.works 3 points 2 days ago

Yeah my beard has gone fully salt-and-pepper, and I’m getting a lot more grays on my head nowadays :/

[–] Lost_My_Mind@lemmy.world 4 points 2 days ago

2019? Wow. That's in the before times.

[–] TheRagingGeek@lemmy.world 1 points 2 days ago

Any of the major banks consider breaches as cost of doing business at their scale compared to smaller banks. My bank prides itself on never having a breach, and it is insufferable to develop code for, but I guess it’s the price of security

[–] pupbiru@aussie.zone 18 points 2 days ago (1 children)

i’d argue that any serious company wouldn’t really bother with MAC identification… they’re so easy to spoof that it adds to operational overhead far more than the benefit it brings

more likely with these things you’d have a VLAN mapped to a physical port, and if that port were disconnected you’d instantly get a notification and send someone to check it out

[–] halcyoncmdr@lemmy.world 23 points 2 days ago (2 children)

Spoofing a MAC is easy but it still requires knowing both what an existing valid address is, and ensuring that it's not already connected to the network. It's only operational overhead when a new device is onboarded, after that the impact is minimal.

A policy that requires sending a tech is fine, but if you have hundreds or thousands of individual locations then you aren't going to have a tech onsite at every one of them to quickly check and fix an issue, and you don't really want to have to trust an end user to verify and/or make physical changes on site if you can avoid it.

[–] lazynooblet@lazysoci.al 6 points 2 days ago (1 children)

This is still trivial. A Pi with 2 NICs and a Linux bridge. Using the 2 ports, effectively put the Pi in between the device you want to spoof and the rest of the network. Now you can see the traffic, the MAC addresses etc.

[–] FauxLiving@lemmy.world 5 points 2 days ago

Port security prevents this. As soon as the switch detects a physical disconnect it disables the port.

You could, with some electrical engineer-level tools and hardware, passively read the traffic to determine the MAC and then splice into the wire without disrupting the physical connection. But it would be very hard to do covertly or quickly.

[–] Zorsith@lemmy.blahaj.zone 2 points 2 days ago

Don't really need to send a tech immediately. More efficient to get a gas station clerk (or whoever works where the ATM may be located) to verify nobody is trying to fuck with it on-site and they didn't lose power/internet at their location, before escalation.

[–] jubilationtcornpone@sh.itjust.works 3 points 2 days ago

That's why it's not surprising at all that a bank didn't bother to do that. Banks have some of the most egregious security issues.

And really shitty auditors apparently. A good one would have at least spot checked for unsecured ports.

[–] Vinstaal0@feddit.nl 3 points 2 days ago (1 children)

You would be surprised how many companies don't even have something fundamental like a custom SSID and password, or a backup, etc.

[–] halcyoncmdr@lemmy.world 5 points 2 days ago

Oh I wouldn't be surprised at all, most businesses are pretty small. I would be surprised if a Bank was that irresponsible, although not very surprised.