A new side-channel attack method is a computationally practical way to infer the structure of a convolutional neural network — meaning that cyberattackers or rival companies can plagiarize AI models and take their data for themselves.

Source: Daniel Chetroni via Alamy Stock Photo

Researchers have demonstrated how to recreate a neural network using the electromagnetic (EM) signals emanating from the chip it runs on.

The method, called "TPUXtract," comes courtesy of North Carolina State University's Department of Electrical and Computer Engineering. Using many thousands of dollars worth of equipment and a novel technique called "online template-building," a team of four managed to infer the hyperparameters of a convolutional neural network (CNN) — the settings that define its structure and behavior — running on a Google Edge Tensor Processing Unit (TPU), with 99.91% accuracy.

Practically, TPUXtract enables a cyberattacker with no prior information to essentially steal an artificial intelligence (AI) model: They can recreate a model in its entirety and save the actual data it was trained on, for purposes of intellectual property (IP) theft or follow-on cyberattacks.

**How TPUXtract Works to Recreate AI Models**

The study was conducted on a Google Coral Dev Board, a single-board computer for machine learning (ML) on smaller devices: think edge, Internet of Things (IoT), medical equipment, automotive systems, etc. In particular, researchers paid attention to the board's Edge Tensor Processing Unit (TPU), the application-specific integrated circuit (ASIC) at the heart of the device that allows it to efficiently run complex ML tasks.

Any electronic device like this, as a byproduct of its operations, will emit EM radiation, the nature of which will be influenced by the computations it performs. Knowing this, the researchers conducted their experiments by placing an EM probe on top of the TPU — removing any obstructions like cooling fans — and centering it on the part of the chip emanating the strongest EM signals. Then they fed the machine input data and recorded the signals it leaked.

To begin to make sense of those signals, they first identified that before any data gets processed, a neural network quantizes — compresses — its input data. Only when the data is in a format suitable for the TPU does the EM signal from the chip shoot up, indicating that computations have begun.

At this point, the researchers could begin mapping the EM signature of the model. But trying to estimate all of the dozens or hundreds of compressed layers that comprise the network at the same time would have been effectively impossible.

Every layer in a neural network will have some combination of characteristics: It will perform a certain type of computation, have a certain number of nodes, etc. Importantly, "the property of the first layer affects the 'signature,' or the side-channel pattern of the second layer," notes Ashley Kurian, one of the researchers. Thus, trying to understand anything about the second, 10th, or 100th layer becomes increasingly impossible, as it rests on all of the properties of what came before it.

"So if there are 'N' layers, and there are 'K' numbers of combinations \[of hyperparameters\] for each layer, then computing cost would have been N raised to K," she explains. The researchers studied neural networks with 28 to 242 layers (N) and estimated that K — the total number of possible configurations for any given layer — equaled 5,528.

Instead of having to commit infinite computing power to the problem, they figured they could isolate and analyze each layer in turn.

To recreate each layer of a neural network, the researchers built "templates" — thousands of simulated combinations of hyperparameters, and read the signals they gave off when processing data. Then they compared those results to the signals emitted by the model they were trying to approximate. The closest simulation would be considered correct. Then, they applied the same process to the next layer.

"Within a day, we could completely recreate a neural network that took weeks or months of computation by the developers," Kurian reports.

**Stolen AIs Lead to IP, Cybercrime Risk to Companies**

Pulling off TPUXtract isn't trivial. Besides a wealth of technical know-how, the process also demands a variety of expensive and niche equipment.

The NCSU researchers used a Riscure EM probe station with a motorized XYZ table to scan the chip's surface, and a high sensitivity electromagnetic probe for capturing its weak radio signals. A Picoscope 6000E oscilloscope recorded the traces, Riscure's icWaves field-programmable gate array (FPGA) device aligned them in real-time, and the icWaves transceiver used bandpass filters and AM/FM demodulation to translate and filter out irrelevant signals.

As tricky and costly as it may be for an individual hacker, Kurian says, "It can be a competing company who wants to do this, \[and they could\] in a matter of a few days. For example, a competitor wants to develop \[a copy of\] ChatGPT without doing all of the work. This is something that they can do to save a lot of money."

Intellectual property theft, though, is just one potential reason anyone might want to steal an AI model. Malicious adversaries might also benefit from observing the knobs and dials controlling a popular AI model, so they can probe them for cybersecurity vulnerabilities.

And for the especially ambitious, the researchers also cited four studies that focused on stealing regular neural network parameters. Theoretically, those methods in combination with TPUXtract could be used to recreate the entirety of any AI model — parameters and hyperparameters in all.

To combat these risks, the researchers suggested that AI developers could introduce noise into the AI inference process using dummy operations, or running random operations concurrently, or confuse analysis by randomizing the sequence of layers during processing.

"During the training process," says Kurian, "developers will have to insert these layers, and the model should be trained to know that these noisy layers need not be considered."

**About the Author**

Nate Nelson is a freelance writer based in New York City. Formerly a reporter at Threatpost, he contributes to a number of cybersecurity blogs and podcasts. He writes "Malicious Life" -- an award-winning Top 20 tech podcast on Apple and Spotify -- and hosts every other episode, featuring interviews with leading voices in security. He also co-hosts "The Industrial Security Podcast," the most popular show in its field.

With 'TPUXtract,' Attackers Can Steal Orgs' AI Models

An authenticated access vulnerability in the aspectMemory.php script of ABB Cylon Aspect BMS/BAS controllers allows attackers to set arbitrary values for Java heap memory parameters (HEAPMIN and HEAPMAX). This configuration is written to /usr/local/aam/etc/javamem. The absence of input validation can lead to system performance degradation, Denial-of-Service (DoS) conditions, and crashes of critical Java applications.

Title: ABB Cylon Aspect 3.08.02 (aspectMemory.php) Arbitrary Heap Memory Configuration  
Advisory ID: ZSL-2024-5883  
Type: Local/Remote  
Impact: Manipulation of Data, DoS  
Risk: (4/5)  
Release Date: 13.12.2024

**Summary**

ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices.

**Description**

An authenticated access vulnerability in the aspectMemory.php script of ABB Cylon Aspect BMS/BAS controllers allows attackers to set arbitrary values for Java heap memory parameters (HEAPMIN and HEAPMAX). This configuration is written to /usr/local/aam/etc/javamem. The absence of input validation can lead to system performance degradation, Denial-of-Service (DoS) conditions, and crashes of critical Java applications.

**Vendor**

ABB Ltd. - https://www.global.abb

**Affected Version**

NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio  
Firmware: <=3.08.02

**Tested On**

GNU/Linux 3.15.10 (armv7l)  
GNU/Linux 3.10.0 (x86\_64)  
GNU/Linux 2.6.32 (x86\_64)  
Intel(R) Atom(TM) Processor E3930 @ 1.30GHz  
Intel(R) Xeon(R) Silver 4208 CPU @ 2.10GHz  
PHP/7.3.11  
PHP/5.6.30  
PHP/5.4.16  
PHP/4.4.8  
PHP/5.3.3  
AspectFT Automation Application Server  
lighttpd/1.4.32  
lighttpd/1.4.18  
Apache/2.2.15 (CentOS)  
OpenJDK Runtime Environment (rhel-2.6.22.1.-x86\_64)  
OpenJDK 64-Bit Server VM (build 24.261-b02, mixed mode)  
ErgoTech MIX Deployment Server 2.0.0

**Vendor Status**

\[21.04.2024\] Vulnerability discovered.  
\[22.04.2024\] Vendor contacted.  
\[22.04.2024\] Vendor responds.  
\[02.05.2024\] Working with the vendor.  
\[03.12.2024\] Vendor releases version 3.08.03 to address this issue.  
\[13.12.2024\] Coordinated public security advisory released.

**PoC**

abb\_aspect\_mem1.txt

**Credits**

Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk\>

**References**

\[1\] https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A7497&LanguageCode=en&DocumentPartId=&Action=Launch  
\[2\] https://www.cve.org/CVERecord?id=CVE-2024-51544  
\[3\] https://www.cve.org/CVERecord?id=CVE-2024-51550  
\[4\] https://packetstorm.news/files/id/183145/

**Changelog**

\[13.12.2024\] - Initial release  
\[15.12.2024\] - Added reference \[4\]

**Contact**

Zero Science Lab

Web: https://www.zeroscience.mk  
e-mail: lab@zeroscience.mk

ABB Cylon Aspect 3.08.02 (aspectMemory.php) Arbitrary Heap Memory Configuration

Small, easily weaponizable drones have become a feature of battlefields from the Middle East to Ukraine. Now the threat looms over the US homeland—and the Pentagon's ability to respond is limited.

A spectre is haunting the United States—the spectre of drone warfare.

Since the middle of November, unidentified unmanned aerial vehicles have lit up the skies above New Jersey, startling residents and baffling military and government officials. The US Army’s Picatinny Arsenal research and manufacturing facility in the state’s Morris County reported 11 confirmed instances of mysterious drones illegally entering its airspace since the middle of the month, while a dozen drones were spotted hovering over US Naval Weapons Station Earle in Monmouth County in early December. Similar sightings were reported in at least six other counties throughout the state; according to the Coast Guard, a group of drones even followed one of the service’s vessels “in close pursuit” near a state park.

The spate of drone sightings in the skies above New Jersey have caused alarm among state lawmakers, prompting one to call for a “limited state of emergency … until the public receives an explanation” regarding the source of the unidentified drones. One Republican US congressman even claimed the drones were originating from an Iranian “mothership” lurking off of the state’s coastline, an assertion the US Defense Department quickly batted down.

“As you know, Joint Base McGuire-Dix-Lakehurst possess \[sic\] capabilities to identify and take down unauthorized unmanned aerial systems and have utilized this capability to address overflights of the installation,” New Jersey representative Chris Smith told Defense Secretary Lloyd Austin in a December 10 letter. “I urgently request all capabilities possessed by the Department of Defense, especially those in use by JBMDL to be immediately deployed to identify and address the potential threats posed by \[drones\] over the state of New Jersey.”

Despite the growing chorus of concern from New Jersey lawmakers, the US military appears relatively unimpressed with the sudden incursions. In a December 11 statement, US Northern Command (NORTHCOM) revealed that the command had “conducted a deliberate analysis of the events, in consultation with other military organizations and interagency partners, and at this time we have not been requested to assist with these events.” The following day, White House national security communications adviser John Kirby stated that many of the alleged drone sightings that had alarmed civilian observers on the ground in recent weeks were, in fact, conventional manned aircraft. The Federal Bureau of Investigation and Department of Homeland Security echoed this assessment in a statement on Thursday, saying, “it appears that many of the reported sightings are actually manned aircraft, operating lawfully. There are no reported or confirmed drone sightings in any restricted air space.”

“At this time, we have no evidence that these activities are coming from a foreign entity or the work of an adversary. We're going to continue to monitor what is happening,” deputy Pentagon press secretary Sabrina Singh told reporters on Wednesday. “At no point were our installations threatened when this activity was occurring." (In an interesting confluence of events, the US Department of Justice that same day announced the arrest of a Chinese citizen for flying a drone over and taking photos of Vandenberg Space Force Base in California.)

The alarm over the sudden drone incursions over New Jersey, neighboring New York and Pennsylvania, and near sensitive US government sites in particular, even if overblown, isn’t completely unwarranted: Officials at North American Aerospace Defense Command (NORAD)—the joint US-Canadian military organization tasked with overseeing air sovereignty on the continent—revealed in October that they had received reports of nearly 600 incursions above domestic US military installations since 2022.

The issue is, US law severely limits how the US military can respond to these mysterious drones—even if the number of incidents has been growing for years.

Indeed, for several months earlier this year, unidentified drones repeatedly circled Plant 42 in California, the Edwards Air Force Base installation where defense contractor Northrop Grumman has been working on the Air Force’s vaunted new B-21 Raider stealth bombers. In December 2023, Langley Air Force Base in Virginia was targeted by a wave of mysterious drone overflights, prompting the Pentagon to relocate a contingent of F-22 Raptor fighter jets stationed there to another base. And the New Jersey incidents come on the heels of a mid-November series of drone incursions near RAF Lakenheath in the United Kingdom, which, while not a US domestic installation, hosts a strategically-important contingent of American fighter jets, among other capabilities.

It appears that Pentagon assets in the continental United States have been subject to such drone activity as far back as 2019, when a fleet of US Navy Arleigh Burke-class destroyers was shadowed by a swarm of drones for several days during maneuvers at a training range off the coast of southern California. Later that year, a series of mysterious drone sightings in eastern Colorado and western Nebraska and Kansas confounded not just local law enforcement and federal agencies, but alarmed Air Force officers at nearby F.E. Warren Air Force Base in Wyoming, home to one of the Pentagon’s many Minuteman III ICBM fields.

These incidents aren’t limited to US military facilities. In October 2023, several drones were detected in the airspace above the US Energy Department’s Nevada National Security Site, which is used for nuclear research and development, the Wall Street Journal recently reported. And back in 2019, the Palo Verde Nuclear Generating Station in Arizona—the most powerful nuclear power plant in the United States—was subject to a series of mass drone incursions that Nuclear Regulatory Commission officials would later characterize as a “drone-a-palooza,” albeit with grave concern over the potential vulnerability exposed by the incursion, according to email correspondence obtained by The War Zone in 2020.

“I would point out that restricted airspace will do nothing to stop an adversarial attack and even the detection systems identified earlier in this email chain have limited success rates, and there is even lower likelihood that law enforcement will arrive quickly enough to actually engage with the pilots,” one senior NRC security official at Palo Verde wrote in an email regarding the incident. “We should be focusing our attention on getting Federal regulations and laws changed to allow sites to be defended and to identify engineering fixes that would mitigate an adversarial attack before there our \[sic\] licensed facilities become vulnerable.”

While unmanned aerial vehicles have been in military use for generations for surveillance and reconnaissance, the US military is largely responsible for transforming modern drones into vehicles of precision violence during the early years of the Global War on Terrorism, a policy especially expanded under US president Barack Obama. In more recent years, the rise of cheap, commercially-available unmanned platforms like those used by hobbyists has turned the small drone into the weapon of choice for both nation states and irregular forces abroad, from militant groups like ISIS In Iraq and Syria and the Iran-backed Houthi rebels in Yemen to the Russian and Ukrainian militaries. With a potential conflict with China over Taiwan looming on the horizon amid the US military’s pivot to “great power competition,” the Pentagon is itself in the midst of a major surge in both unmanned capabilities and technology to defend against weaponized drones belonging to foreign adversaries.

The US military has been slowly but surely adjusting to the sudden spike in mysterious drone incursions near sensitive sites across the United States with an expanded counter-drone strategy. In early December, Defense Secretary Lloyd Austin signed the Pentagon’s new Strategy for Countering Unmanned Systems, which seeks to unify disparate DoD efforts to address the rise of drone threats both at home and abroad into a single coherent framework, one that implicitly acknowledges the potential for the rising tide of domestic drone threats to grow from intrusive surveillance risks to something more damaging.

“From the Middle East to Ukraine and across the globe—including in the US homeland—unmanned systems are reshaping tactics, techniques, and procedures; challenging established operational principles; and condensing military innovation cycles,” the unclassified fact sheet on the new Pentagon strategy states. “The relatively low-cost, widely available nature of these systems has, in effect, democratized precision strike.”

The Pentagon has been working overtime to field fresh counter-drone capabilities to US forces deployed overseas in recent years, including traditional firearms outfitted with computerized optics and remotely operated vehicle-mounted heavy weapons turrets, laser-guided rocket and missile systems, AI-assisted kinetic interceptors, radio frequency- and Global Positioning System-jamming electronic warfare suites, and even exotic directed energy weapons like high-energy lasers and high-powered microwaves, among others. As recently as late October, NORTHCOM was working in conjunction with the Federal Aviation Administration to demo fresh counter-drone tech as part of its Falcon Peak 2025 experiment at Fort Carson in Colorado.

“By all indications, \[small unmanned aerial systems\] will present a safety and security risk to military installations and other critical infrastructure for the foreseeable future,” NORTHCOM boss Air Force general Gregory Guillot told reporters at the time. “Mitigating those risks requires a dedicated effort across all federal departments and agencies, state, local, tribal and territorial communities, and Congress to further develop the capabilities, coordination and legal authorities necessary for detecting, tracking and addressing potential sUAS threats in the homeland.”

But US military officials also indicated to reporters that the types of counter-drone capabilities the Pentagon may be able to bring to bear for domestic defense may be limited to non-kinetic “soft kill” means like RF and GPS signal jamming and other relatively low-tech interception techniques like nets and “string streamers” due to legal constraints on the US military’s ability to engage with drones over American soil.

“The threat, and the need to counter these threats, is growing faster than the policies and procedures that \[are\] in place can keep up with,” as Guillot told reporters during the counter-drone experiment. “A lot of the tasks we have in the homeland, it’s a very sophisticated environment in that it’s complicated from a regulatory perspective. It’s a very civilianized environment. It’s not a war zone.”

Defense officials echoed this sentiment during the unveiling of the Pentagon’s new counter-drone strategy in early December.

“The homeland is a very different environment in that we have a lot of hobbyist drones here that are no threat at all, that are sort of congesting the environment,” a senior US official told reporters at the time. “At the same time, we have, from a statutory perspective and from an intelligence perspective, quite rightly, \[a\] more constrained environment in terms of our ability to act.”

The statute in question, according to defense officials, is a specific subsection of Title 10 of the US Code, which governs the US armed forces. The section, known as 130(i), encompasses military authorities regarding the “protection of certain facilities and assets from unmanned aircraft.” It gives US forces the authority to take “action” to defend against drones, including with measures to “disrupt control of the unmanned aircraft system or unmanned aircraft, without prior consent, including by disabling the unmanned aircraft system or unmanned aircraft by intercepting, interfering, or causing interference with wire, oral, electronic, or radio communications used to control the unmanned aircraft system or unmanned aircraft” and to “use reasonable force to disable, damage, or destroy the unmanned aircraft system or unmanned aircraft.”

As The War Zone points out, 130i limits when and where the US military can actually deploy counter-drone assets outside of immediate self-defense in the face of an imminent threat. Notably, it requires the defense secretary to “coordinate” with both the US transportation secretary and Federal Aviation Administration (FAA) administrator regarding any counter-drone implementation that “might affect aviation safety, civilian aviation and aerospace operations, aircraft airworthiness, or the use of airspace.” Not only that, but 130i authority is only applicable to a specific list of installations, mainly those dealing with nuclear deterrence and missile defense functions of the US national security apparatus.

This, in turn, limits what kinds of counter-drone systems the US military can actually employ domestically. Service members may be up to their eyes in fresh counter-drone tech overseas, but the regulatory environment at home is rigid enough that “hard kill” solutions like missiles, guns, and other kinetic interceptors aren't even considered potential options because there’s simply too much risk that they might end up inflicting collateral damage on innocent, unsuspecting civilians in nearby neighborhoods. Even “soft kill” solutions like RF and GPS jamming require coordination with the FAA and other federal agencies to prevent potential harm to civilian air travel, approvals that could slow down the reaction time among base security forces amid a potential drone incursion.

“Given the impact of GPS denial, just across infrastructure and all that stuff, it is a very, very difficult capability to get permissions to utilize,” as one official told The War Zone at Falcon Peak.

While the Pentagon’s broad new counter-drone strategy is a step in the right direction when it comes to bolstering domestic drone defenses, Congress is taking action as well. In the compromise version of the annual National Defense Authorization Act defense budget legislation unveiled in December, lawmakers included language calling upon the Pentagon to not just conduct an assessment of the counter-drone technology landscape at large, but generate recommendations on how policy changes could reduce the amount of burdensome bureaucratic coordination between federal agencies required to address the growing number of drone incursions—and, in an ideal world, allow the US military to move quickly and decisively to counter intrusive drones at sensitive installations before they become dangerous.

“We agree that US troops have the inherent right of self defense, including from \[drone\] attacks, wherever they may be,” the explanatory statement accompanying the compromise NDAA says.

At the moment, the Pentagon seems unconvinced that the Northeast drone sightings and earlier incursions are connected to a foreign adversary. But with lawmakers increasingly concerned with the potential threat to sensitive installations and critical infrastructure in their states, the US military’s renewed approach to counter-drone defense can’t come soon enough.

Why the US Military Can't Just Shoot Down the Mystery Drones

AI creates what it’s told to, from plucking fanciful evidence from thin air, to arbitrarily removing people’s rights, to sowing doubt over public misdeeds.

OpenAI CEO Sam Altman expects AGI, or artificial general intelligence—AI that outperforms humans at most tasks—around 2027 or 2028. Elon Musk’s prediction is either 2025 or 2026, and he has claimed that he was "losing sleep over the threat of AI danger." Such predictions are wrong. As the limitations of current AI become increasingly clear, most AI researchers have come to the view that simply building bigger and more powerful chatbots won’t lead to AGI.

However, in 2025, AI will still pose a massive risk: not from artificial superintelligence, but from human misuse.

These might be unintentional misuses, such as lawyers over-relying on AI. After the release of ChatGPT, for instance, a number of lawyers have been sanctioned for using AI to generate erroneous court briefings, apparently unaware of chatbots’ tendency to make stuff up. In British Columbia, lawyer Chong Ke was ordered to pay costs for opposing counsel after she included fictitious AI-generated cases in a legal filing. In New York, Steven Schwartz and Peter LoDuca were fined $5,000 for providing false citations. In Colorado, Zachariah Crabill was suspended for a year for using fictitious court cases generated using ChatGPT and blaming a "legal intern" for the mistakes. The list is growing quickly.

Other misuses are intentional. In January 2024, sexually explicit deepfakes of Taylor Swift flooded social media platforms. These images were created using Microsoft’s “Designer” AI tool. While the company had guardrails to avoid generating images of real people, misspelling Swift's name was enough to bypass them. Microsoft has since fixed this error. But Taylor Swift is the tip of the iceberg, and non-consensual deepfakes are proliferating widely—in part because open-source tools to create deepfakes are available publicly. Ongoing legislation across the world seeks to combat deepfakes in hope of curbing the damage. Whether it is effective remains to be seen.

In 2025, it will get even harder to distinguish what’s real from what’s made up. The fidelity of AI-generated audio, text, and images is remarkable, and video will be next. This could lead to the "liar's dividend": those in positions of power repudiating evidence of their misbehavior by claiming that it is fake. In 2023, Tesla argued that a 2016 video of Elon Musk could have been a deepfake in response to allegations that the CEO had exaggerated the safety of Tesla autopilot leading to an accident. An Indian politician claimed that audio clips of him acknowledging corruption in his political party were doctored (the audio in at least one of his clips was verified as real by a press outlet). And two defendants in the January 6 riots claimed that videos they appeared in were deepfakes. Both were found guilty.

Meanwhile, companies are exploiting public confusion to sell fundamentally dubious products by labeling them “AI.” This can go badly wrong when such tools are used to classify people and make consequential decisions about them. Hiring company Retorio, for instance, claims that its AI predicts candidates' job suitability based on video interviews, but a study found that the system can be tricked simply by the presence of glasses or by replacing a plain background with a bookshelf, showing that it relies on superficial correlations.

There are also dozens of applications in health care, education, finance, criminal justice, and insurance where AI is currently being used to deny people important life opportunities. In the Netherlands, the Dutch tax authority used an AI algorithm to identify people who committed child welfare fraud. It wrongly accused thousands of parents, often demanding to pay back tens of thousands of euros. In the fallout, the Prime Minister and his entire cabinet resigned.

In 2025, we expect AI risks to arise not from AI acting on its own, but because of what people do with it. That includes cases where it _seems_ to work well and is over-relied upon (lawyers using ChatGPT); when it works well and is misused (non-consensual deepfakes and the liar's dividend); and when it is simply not fit for purpose (denying people their rights). Mitigating these risks is a mammoth task for companies, governments, and society. It will be hard enough without getting distracted by sci-fi worries.

Human Misuse Will Make Artificial Intelligence More Dangerous

The white supremacist Robert Rundo faces years in prison. But the “Active Club” network he helped create has proliferated in countries around the world, from Eastern Europe to South America.

American neo-Nazi Robert Rundo’s six-year “battle with the feds”—a fight that spans two dismissals, three appellate reversals, and an extradition and deportation from at least two countries—concludes today with his sentencing to federal prison for attacking ideological opponents at political rallies across California in 2017.

Along with several members of the Rise Above Movement, a fight club-cum-street gang Rundo cofounded with fellow extremist Ben Daley in Southern California during the peak of the alt-right movement, Rundo was convicted on 2018 charges of conspiracy to violate the federal Anti-Riot Act for training and planning a series of attacks on political opponents at rallies across California and Unite the Right in Virginia the year prior. While Rundo may be locked behind bars for years, the movement he created is running wild around the globe.

In the interceding years since his initial arrest, indictment, imprisonment, and flight from the US after his case was initially dismissed in 2019, Rundo helped mastermind an international network of RAM clones known as “Active Clubs.” A transnational alliance of far-right fight clubs that closely overlap with skinhead gangs and neofascist political movements in North America, Europe, the Antipodes, and South America, the Active Club network is proliferating internationally. There are dozens of Active Clubs in the United States, United Kingdom, Ireland, France, Germany, Holland, Scandinavia, Australia, and Colombia, according to the groups’ presence on Telegram and extremism researchers.

Seemingly harmless from the outside, Active Clubs are small groups of young men who go on hikes, train in combat sports, weight-lift, and build camaraderie—all part of the Rise Above Movement’s original program. But the darkness is in the details: The groups’ membership often overlaps with other extremist organizations like Patriot Front, criminal skinhead groups like the Hammerskins, and other violent extremists in foreign nations. Some US-based Active Clubs are branching out into political intimidation and violence, like the Rise Above Movement before them.

“I definitely do believe that in the future there needs to be a mass movement, a mass organization, but when it comes for that, do you really want a bunch of guys coming strictly from the online world to come join a mass movement without having any experience or skills?” Rundo said in a video posted online shortly before his March 2023 arrest in Bucharest, Romania. “Active clubs are a great local way to start guys off as they come from the online world into the real world, to learn actual skills.”

Hannah Gais, a senior research analyst at the Southern Poverty Law Center who has long researched Rundo and his associates, says the Active Club model stands out for its low barrier to entry, emphasis on positive community building to draw new blood from outside of extremist circles, and a ready-made international network. “The model has really made it easier to facilitate those transnational connections,” Gais says. “If you’re not an organization, then you can network with whoever you want.”

The Active Club network is seeing expanded breadth and growing significance in street politics (American members appeared alongside foreign counterparts at extreme right-wing demonstrations in Paris this May and Warsaw this fall), a fact emphasized by US prosecutors in their filing seeking prison time for Rundo. Federal attorneys scoured Rundo’s media output—which is considerable, ranging from a series of far-right “influencer” Telegram channels to the Media2Rise propaganda outlet that he ran in conjunction with stateside followers and members of Patriot Front—for their explanation of how seemingly innocuous fitness organizations like Active Clubs serve as vehicles for radicalization.

In a November 26 sentencing memorandum, prosecutors flagged Rundo’s description of the Active Cub network as “brush fire effect” that will be difficult for authorities to stamp out “because these clubs are generally small and local, helping to shield it from infiltrators and broader law enforcement actions.”

The Active Club ideology also leans heavily on young male grievances against a world that supposedly singles them out in favor of people of color and LGBTQ+ youth. “Defendant lamented that ‘\[b\]oy scouts no longer teach boys how to be men, instead softening them up, discouring \[sic\] any forms of competition, accepting girls, and promoting LGBT values,’ and encouraged Active Clubs to ‘put out propaganda’ to ‘let\[\] our own know the fight is not over,’ the government’s filing reads.

The Active Club network was not Rundo’s creation alone: He came up with the idea along with Denis Nikitin, a German-Russian neo-Nazi who started out as a soccer hooligan before moving into combat sports as a fighter, promoter, and organizer of far-right tournaments. According to exhibits filed by US prosecutors, Nikitin counseled Rundo on how to flee the US in 2018 while dodging what he believed to be his first arrest warrant, and sought to smuggle him into Ukraine with the assistance of the Azov Movement (a neo-Nazi political movement that has its own paramilitary forces integrated with the Ukrainian military and organizes with other similar extremist groups across Europe) and its allies in that country’s security services. Nikitin is not currently charged with an offense by the United States government.

Nikitin, whose legal surname is Kapustin, is one of Europe’s most influential neo-Nazi activists, starting out small with fight club events held in backwater Russian cities among amateurs from soccer hooligan and skinhead groups. In 2012, Nikitin’s MMA tournament promotion vehicle, White Rex, ran its first tournament outside Russia, in Kyiv. Soon Nikitin was hosting tournaments in Italy, Hungary, France, Germany, Greece, and elsewhere.

Nikitin also got his hands dirty. He allegedly participated in the hooligan riot during Russia’s 2016 European Championship clash with England in Marseille and trained British Nazis in armed combat tactics in 2014 at camps in England and Wales, as well as Swiss extremists in 2017. In 2019, he was reportedly banned from the European Union’s Schengen Zone for promoting extremism in several countries.

Nikitin currently leads a volunteer combat battalion of far-right wing extremists in association with Ukrainian command that spearheaded a surprise assault on Russia’s Kursk region earlier this year.

Since Rundo and Kapustin coined the concept of an Active Club in 2021 on an eponymous podcast, the neo-Nazi fight clubs have proliferated throughout Western Europe, Australia, and the United States, and are currently the preeminent organizing model for far-right streetfighters. Their members have been involved in political violence in the US and France, have been banned and arrested in Germany, and are a growing concern for UK and Irish law enforcement as the place of their recruiting has skyrocketed following this summer's riots.

Michael Vandelune, a research fellow at the American Counterterrorism Targeting & Resilience Institute, has long studied transnational networking by neo-fascist groups, including Rundo’s relationship with Nikitin. “Rundo was building on the Eastern European emphasis on hypermasculinity and physical fitness, and in many ways, he was a perfect Western mouthpiece for Nikitin and similar peoples’ ideas,” Vandelune says. Rundo’s devotion to Nikitin is apparent: While getting RAM off the ground, he repeatedly cited Nikitin’s white-nationalist clothing brand and MMA promotion company White Rex as inspiration, and got the company’s logo tattooed on his shin in 2018.

Along with members of the Azov Movement’s 3rd Assault Battalion who have been integrated into the regular units of Ukraine military intelligence directorate (HUR), Nikitin hosted a September conference in Lviv that gathered representatives from extreme right-wing organizations across Europe for a strategy conference. Italian fascist organization Casapound, which Rundo visited in 2018 and views as an exemplar, sent a representative, as did Germany’s openly neo-Nazi party Dritte Weg (Third Way).

Patrick Macdonald, a Canadian known as ‘Dark Foreigner’ who allegedly produced the neo-Nazi group Atomwaffen Division’s eyecatching signature far-right propaganda at the end of the last decade, did the same work for the Active Club network, according to testimony given during his trial in Ottawa this month (Macdonald has plead not guilty to several charges, including participating in terrorist activity). Last year, the Canadian Anti-Hate Network identified Macdonald as a participant in Canada’s Active Club.

Outside of North America, the Active Clubs have proliferated most widely in France, the first European country to start such an organization. There are currently at least 50 such organizations in operation across the country, from Normandy to Provence and the Swiss border.

Sébastien Bourdon, a French journalist with Le Monde’s video investigations unit who authored a forthcoming book on that country’s far-right, says Active Clubs are the fastest-expanding facet of far-right militancy in France.

“When they launched the first Active Club in France in early 2022, within a few months they had 10 to15 groups. That’s already quite a lot. The fact that within two years they’ve grown from 15 groups to 50-plus groups throughout the country is mad,” Bourdon says. “Historically, most far-right groups in France have been active in big cities like Paris, Lyon, but if you look at some of the places they claim, some of them I’ve never heard of before.”

In France, where far-right street violence has a decades-long history despite authorities’ attempts to ban and dissolve organized groups, Bourdon says Active Clubs have proved effective at dodging legal crackdowns while appearing to have carried out acts of violence including an attack on an asylum center near Nantes last year. At least one founding member of the Active Club in Lyon has gone on to fight in Ukraine alongside other far-right volunteers.

As for Rundo, he will likely spend years in prison—a place he’s been before. He previously served nearly two years for stabbing a rival gang member in Flushing Queens in 2009. While he did radicalize during his stint at New York’s Greene Correctional Facility, starting a small white power gang, Rundo’s forthcoming prison term will mark his first federal term as a certified domestic extremist. But it remains unlikely that federal lockup will change his ideologies.

Rundo “has not renounced the violent extremist ideology that motivated that conduct,” US prosecutors wrote in their sentencing memo. It’s also likely that Rundo will hold out for help from a friendlier government.

Prior to the US election in November, Rundo urged his supporters to vote for Donald Trump specifically in the hope that the Republican president-elect would pardon him and other extremists who plead guilty to federal crimes. Since the election, there has been a sustained pardon campaign from corners of the far-right internet, which is a possibility since Rundo will be serving time in a federal prison when the incoming administration is sworn in this January.

As the Mastermind of Far-Right ‘Active Clubs’ Goes to Prison, His Violent Movement Goes Global

A sophisticated social engineering cybercrime campaign bent on financial gain was observed being run from Tencent servers in Singapore.

Source: Rastislav Sedlak via Alamy Stock Photo

The Dubai Police are the latest victims of impersonation by fraudsters in the United Arab Emirates (UAE), who are sending thousands of text messages out to unwitting mobile users while purporting to represent the law enforcement agency.

Researchers at BforeAI observed a recent surge in phishing attacks leveraging alleged police communications, which encourage text recipients to click on a malicious URL to respond to supposed legal trouble or to register with an "official" online portal. The included links redirect victims to fake websites designed to harvest sensitive information, including bank details or personal identification details.

The campaign uses well-crafted lures with official branding, suggesting a moderate level of sophistication, according to BforeAI. But while the lures are tailored to UAE citizens, the phishing methodology resembles a 'spray-and-pray' model in its broad reach.

"The campaign targets individuals likely to respond to law enforcement-related communications, of which legitimate comms of this nature are not uncommon in the UAE — targeting particularly those with a limited understanding of digital threats," Abu Qureshi, lead for threat intelligence and mitigation at BforeAI, tells Dark Reading.

"The most striking aspect of this campaign is the calculated misuse of Dubai Police branding to establish credibility and deceive victims," he adds. "This demonstrates a sophisticated understanding of social engineering techniques and reliance on psychological manipulation, exploiting fear and trust in law enforcement — which for citizens of the UAE is of utmost importance."

Related:Governments, Telcos Ward Off China's Hacking Typhoons

**Cybercriminals Increasingly Target UAE, Middle East**

Cybercrime campaigns targeting organizations and individuals in Dubai and other parts of the UAE are noticeably on the rise. According to research from Kaspersky earlier this year, 87% of companies in UAE have faced some form of cyber incident in the past two years.

"The UAE is a high-value target due to its affluent population, high Internet penetration, and reliance on digital services," Qureshi says. "Cybercriminals exploit these factors alongside vulnerabilities in newly adopted technologies."

The cybercrime spree is part of a larger trend in the targeting of individuals and organizations in some areas of the Middle East in general, he notes.

"There's a focus on wealthy regions and individuals to maximize financial gain," he says. "There are also regional geopolitical interests and an increased focus on Middle Eastern entities due to economic and political dynamics."

Related:African Law Enforcement Nabs 1,000+ Cybercrime Suspects

To boot, because the area has embraced digital transformation and IT modernization with gusto, cybercriminals are targeting digital adoption vulnerabilities that come from the rapid implementation of advanced technologies without adequate protections, according to Qureshi.

**Anchoring a UAE Cybercrime Campaign in Singapore**

The cyberattackers behind the Dubai Police offensive appear to have used an automated domain generation algorithm (DGA) or bulk registration to quickly cycle through different domains to host malicious Web pages bent on financial fraud. Each domain is short-lived, in order to better avoid detection.

Most of those domains originated from Tencent servers based in Singapore, according to BforeAI researchers, who noted the company's servers have hosted malicious activity before, including spam, phishing, and botnets.

"Tencent, a Chinese-based technology giant, maintains a significant hub in Singapore, leveraging the city-state's strategic location and robust digital infrastructure," says Qureshi. "Despite Singapore's strong cyber-resilience and rigorous policies to address malicious activity, its status as a global tech hub makes it a prime location for abuse of legitimate platforms by cybercriminals."

Related:Yakuza Victim Data Leaked in Japanese Agency Attack

Qureshi adds that the presence of malicious activity on Tencent servers could be due to the exploitation of legitimate services.

"High-traffic servers can be abused to host or relay malicious content without the company's direct knowledge," he explains, adding that jurisdictional complexity could also be at play: "Singapore's law enforcement may face challenges in coordinating with foreign entities and differentiating criminal use from legitimate operations. While Tencent is based in Singapore — they are a Chinese firm."

Two of the registrants were found to be from India and Dubai itself, with suspicious names suggesting that they originate from a legitimate company, according to the research. For the most part though, the cyberattackers have managed to keep their identity anonymous.

Tencent did not immediately return a request for comment.

**How Organizations in the Middle East Can Protect Against Cyber Fraud**

For organizations in the region, campaigns like this should prompt changes in risk management, Qureshi advises. Although the phishing messages are broad-based, in the age of the mobile office, even campaigns designed to hit individuals can end up affecting companies.

Common-sense security hygiene includes the basics, like double-checking the official domain of the Dubai government and the payment portal before proceeding with any payment, as well as looking for red flags like missing HTTPs protocol, broken links, out-of-place Web designs, or suspicious phrasing or grammar.

Qureshi advises organizations to take several additional steps to mitigate their risk, including:

*   Enhanced monitoring: Implement robust predictive phishing detection systems and actively monitor for misuse of branding;
    
*   Awareness programs: Train employees on phishing recognition and reporting;
    
*   Collaboration: Work with CERTs and law enforcement to address identified threats;
    
*   Incident response: Develop and test response plans to address phishing-related breaches;
    
*   Reporting: Alert phishing reporting websites such as Etisalat and DU when employees receive phishing messages;
    
*   And continuous vigilance: Adopt a proactive cybersecurity stance to protect brand reputation and customer trust.
    

And finally, "this Dubai Police campaign highlights the globalized nature of cybercrime, where local targets are exploited using international infrastructure," Qureshi warns. "The importance of cross-border cooperation and leveraging threat intelligence to stay ahead of evolving tactics cannot be overstated."

**About the Author**

Tara Seals has 20+ years of experience as a journalist, analyst and editor in the cybersecurity, communications and technology space. Prior to Dark Reading, Tara was Editor in Chief at Threatpost, and prior to that, the North American news lead for Infosecurity Magazine. She also spent 13 years working for Informa (formerly Virgo Publishing), as executive editor and editor-in-chief at publications focused on both the service provider and the enterprise arenas. A Texas native, she holds a B.A. from Columbia University, lives in Western Massachusetts with her family and is on a never-ending quest for good Mexican food in the Northeast.

'Dubai Police' Lures Anchor Wave of UAE Mobile Attacks

Open source Prometheus servers and exporters are leaking plaintext passwords and tokens, along with API addresses of internal locations.

Statue of PrometheusSource: luminous via Alamy Stock Photo

Reseachers have discovered hundreds of thousands of servers running Prometheus open source monitoring software on the open Web are exposing passwords, tokens, and opportunities for denial of service (DoS) and remote code execution.

As a leader among open source observability tools, Prometheus is used widely by organizations to monitor the performance of their applications and cloud infrastructure. But it comes with a catch: As noted in its documentation, "It is presumed that untrusted users have access to the Prometheus HTTP endpoint and logs. They have access to all time series information contained in the database, plus a variety of operational/debugging information."

Apparently, a whole lot of users either aren't aware of the ways in which Prometheus is exposed by default, or don't realize the value of the data that's exposed along the way. Using Shodan, researchers from Aqua Nautilus discovered more than 40,000 exposed Prometheus servers, and more than 296,000 exposed "exporters," which the program uses to collect data from monitored endpoints. The researchers found sensitive data in those servers and exporters, and opportunities for "repojacking" and DoS attacks.

**What Prometheus Exposes**

On first impression, the data Prometheus collects might seem rather bland: application performance metrics, metrics associated with particular cloud tools, CPU, memory, and disk usage, for example.

"We think that it's only statistics — it's only information about the health of the system. That's the problem," says Assaf Morag, director of threat intelligence at Aqua Nautilus. Probing the data from the perspective of an attacker reveals all kinds of information that could lubricate cyberattacks.

"We noticed that we can actually see plaintext passwords and tokens, and API addresses of internal locations that should be kept hidden," Morag says. For example, he found one exposed and unauthenticated instance of Prometheus belonging to Skoda Auto, the Czech automobile manufacturer, which revealed some of the company's subdomains, and Docker registries and images.

Besides exposing secrets, open Web Prometheus servers and exporters also carry a risk of DoS. There's the '/debug/pprof' endpoint, for example, which helps users profile remote hosts, and is enabled by default by most Prometheus components. In their testing, the researchers demonstrated that they could overload the endpoint to disrupt communications or outright crash Amazon Web Services Elastic Compute Cloud (AWS EC2) instances or Kubernetes pods.

"The result was conclusive: We ended up stopping virtual machines each time we ran our script," Morag reports. To drive home the significance of such an attack scenario, he jokes, "I read somewhere that Kubernetes clusters run in fighter jets. I don't think that they are exposed to the Internet, but \[it goes to show\] we run Kubernetes in lots of places today."

**Repojacking Opportunities in Prometheus**

Users can protect their Prometheus servers and exporters by taking them offline, or at least adding a layer of authentication to keep out prying eyes. And, of course, there are tools designed to mitigate DoS risks.

Less easily solved is a third issue in the platform: Several of its exporters were found vulnerable to repojacking attacks.

The opportunity for repojacking can occur whenever a developer changes or deletes their account on GitHub and doesn't perform a namespace retirement. Simply, an attacker registers the developer's old username, then plants malware under the same title as the developer's old, legitimate projects. Then any projects that reference this repository but aren't updated with the correct redirect link can end up ingesting the malicious copycat.

Prometheus' official documentation referenced several exporters associated with freely claimable usernames, meaning that any attacker could have stepped in and taken advantage to perform remote code execution. Aqua Nautilus reported the issue to Prometheus, and it has since been addressed.

Repojacking opportunities are likely far more widespread than is realized, Morag emphasizes, so organizations need to be monitoring any discrepancies between the projects they rely on and the links they follow to access them. "It's not that difficult," he says. "But if you're doing it for millions of open source projects, that's where the problem starts. If you use an automated \[scanning tool\], you could be safe."

**About the Author**

Nate Nelson is a freelance writer based in New York City. Formerly a reporter at Threatpost, he contributes to a number of cybersecurity blogs and podcasts. He writes "Malicious Life" -- an award-winning Top 20 tech podcast on Apple and Spotify -- and hosts every other episode, featuring interviews with leading voices in security. He also co-hosts "The Industrial Security Podcast," the most popular show in its field.

336K Prometheus Instances Exposed to DoS, 'Repojacking'

In Operation PowerOFF, global authorities aim to deter individuals from engaging in malicious cyber acts.

Source: M4OS Photos via Alamy Stock Photo

NEWS BRIEF

Law enforcement agencies around the world have seized 27 of the most popular Web platforms used to launch distributed denial-of-service (DDoS) attacks.

The international operation, which remains ongoing, is known as PowerOFF and was coordinated by Europol, involving 15 countries. The operation targeted various levels of operatives in the groups engaged in the cybercriminal activities, including three administrators who were arrested in France and Germany. It also identified 300 other cybercriminals.

Three of the so-called "booter" and "stresser" websites that were taken down as part of Operation PowerOFF include zdstresser.net, orbitalstress.net, and starkstresser.net.

"While these platforms are often marketed as legitimate tools for stress-testing, they are frequently misused to facilitate malicious attacks," said Sarah Jones, cyber threat intelligence research analyst at Critical Start, in an emailed statement to Dark Reading. "By dismantling these services and identifying more than 300 customers, law enforcement agencies aim to disrupt the entire ecosystem addressing both the supply of these tools and the demand from those who use them for illegal activities."

The holiday season in particular has in the past been a peak period for hackers to carry out DDoS attacks, ultimately leading to financial loss, reputational damage for retailers, and operational disruption.

Law enforcement agencies launched an online ad campaign using Google search ads and YouTube to deter individuals from engaging in criminal activities like DDoS, highlighting the consequences of such attacks. Law enforcement also plans to conduct knock-and-talks, and use warning letters and emails.

**About the Author**

Skilled writer and editor covering cybersecurity for Dark Reading.

Europol Cracks Down on Holiday DDoS Attacks

Security isn't just about tools — it's about understanding how the enemy thinks and why they make certain choices.

Source: Andriy Popov via Alamy Stock Photo

COMMENTARY

In the past, security professionals were true hackers at heart — passionate individuals who made money doing what they loved: breaking systems, pushing boundaries, and constantly learning. They grew their skills out of sheer curiosity and dedication.

Today, however, many in security are simply "professionals" who found a well-paying job but lack that hacker spirit. They're not driven by a love of the challenge or a hunger to learn. They may take the occasional course or learn a few technical tricks — but often, they're doing the bare minimum. This leads to weak security. Meanwhile, attackers? They still have that old-school hacker passion, constantly learning and evolving for the love of the challenge.

We've completely misunderstood how to do security. Instead of genuinely simulating bad guys and preparing for the real thing, we play around with automated tools and call it "offensive" security. Many red-team exercises simply follow a checklist of known exploits without adapting to the specific environment. In contrast, a genuine adversary simulation requires creativity and a deep understanding of the target's weaknesses — crafting custom attack paths and adjusting tactics on the fly. It's about going beyond technical skills and truly getting into the adversary mindset.

Let's be real — technical skills alone aren't going to save anyone. To outsmart attackers, we need to cultivate a hacker mindset: understand the motivations, tactics, and psychology behind attacks, focusing on creativity and adaptability rather than just checking boxes.

**Why Adversaries Do What They Do**

Too many defenders get stuck on the "how" of an attack — the technical exploits, tools, and vulnerabilities — but to stay ahead, we need to ask "why." Attackers aren't just pushing buttons; they're making strategic decisions, choosing the path of least resistance and maximum gain specific to their objectives.

Attackers know defenders are predictable. They know defenders — often too focused on what looks scary instead of what's actually vulnerable — will patch the big vulnerabilities while ignoring the misconfigurations or overly trusted third-party integrations. Red teams might overlook these, but real adversaries know they're prime opportunities. Attackers exploit trusted integrations to move laterally or exfiltrate data without triggering alarms. This is why understanding the "why" behind attacks is crucial. Attackers aren't just targeting technology — they're going after the path of least resistance, and too often, that's where we're late.

**Stop Being a Button-Pusher**

Here's the harsh truth: Relying solely on automated tools and predefined processes is a recipe for failure. While those tools are useful, attackers thrive on predictability, so the more security teams rely on the same tools and scripts, the easier it is for them to slip through.

Think about the SolarWinds breach, where attackers leveraged a trusted, automated process to compromise thousands of systems — because defenders didn't critically assess their own tools. SolarWinds is a lesson in the danger of blind trust in automation. If you're just pushing buttons, you're making their job easy.

Attackers are constantly testing the boundaries — doing the unexpected, finding unnoticed cracks. To defend against that, you need to do the same. Be curious, be creative, and don't be afraid to challenge the rules. That's what attackers are doing every day.

**Detecting Intent in the Cloud**

The cloud is a whole new ballgame. Old perimeter defenses don't cut it anymore — it's about understanding intent. Attackers aren't just exploiting vulnerabilities; they're using legitimate cloud services against you, moving laterally, escalating privileges, and blending in with regular user activity.

Take the Sisense breach: The attacker exploited cloud misconfigurations and legitimate credentials to access sensitive data. They didn't break in — they logged in. The attacker understood how to blend in with typical user activity. Recognizing intent in the cloud is critical; it's about seeing the attacker's goals and cutting them off before they succeed.

If you notice unusual activity, don't wait for an alert. Assume intent and start digging. The faster you understand why something is happening, the faster you can stop it.

**Building a Hacker Culture**

Growing and honing a hacker mindset is a journey, and it won't come from reading a book or taking a course. It takes time, practice, mentorship, and hands-on experience. Pair up newer team members with people who've been through the trenches, involve the defense team in red team exercises, and let them make mistakes. Real learning happens by doing.

Want to know if you have a hacker mindset? Try the Jack Attack Test (JAT), where creativity — not content — reveals true hacker thinking. For example, finding 10 different ways to "turn off the light" is similar to finding 10 ways to perform a denial-of-service (DoS) attack. Hackers think conceptually, while security professionals might get lost in the details, saying they "don't know anything about electricity."

Another thing: Give your team members the chance to think like attackers. Run attack simulations where they must step into the hacker's shoes. Get a threat intel report, and make them explain the why, not the how. Challenge them to take unconventional approaches. Attackers are masters of the unexpected, and if defenders want to keep up, they need to be too.

**Embracing the Adversary Mindset**

At the end of the day, security isn't just about tools — it's about understanding how the enemy thinks and why they make certain choices. Every move they make — each target, exploit, and escalation — is deliberate. To stay ahead, defenders must adopt this mindset. By understanding the strategy behind their actions, defenders can identify weak points in their defenses. It's not just about technology; it's about understanding intent, anticipating the unexpected, and challenging the norm. No tool can replace a curious mind ready to step into an adversary's shoes and do whatever it takes to stay ahead.

**About the Author**

Field CTO, Mitiga

Roei Sherman, field chief technology officer (CTO) at Mitiga, is a leading expert in cloud incident response and adversarial cybersecurity. With more than a decade of experience, he specializes in red team operations, adopting an adversarial mindset and guerrilla tactics for proactive defense.

Roei’s background includes serving in the field intelligence unit of the Israel Defense Forces, where he remains active in the reserve. He has held notable roles, including global director of offensive services at AB InBev and red team leader at EY Israel. His expertise spans red team engagements, social engineering, physical security, and incident response across various platforms. 

Holding a BA in business administration with a cybersecurity focus and an MA in criminology, Roei merges technical skill with academic insight. He co-organizes BSidesTLV and serves on the CFP team for Diana’s Initiative, underscoring his dedication to advancing the cybersecurity field.

Cultivating a Hacker Mindset in Cybersecurity Defense

The ABB BMS/BAS controller suffers from an unauthenticated blind OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the 'portValue' HTTP GET parameter called by obtainPorts.php script.

Title: ABB Cylon Aspect 3.07.00 (obtainPorts.php) Remote Code Execution  
Advisory ID: ZSL-2024-5882  
Type: Local/Remote  
Impact: Security Bypass, System Access, DoS  
Risk: (5/5)  
Release Date: 12.12.2024

**Summary**

ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices.

**Description**

The ABB BMS/BAS controller suffers from an unauthenticated blind OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the 'portValue' HTTP GET parameter called by obtainPorts.php script.

**Vendor**

ABB Ltd. - https://www.global.abb

**Affected Version**

NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio  
Firmware: <=3.07.00

**Tested On**

GNU/Linux 3.15.10 (armv7l)  
GNU/Linux 3.10.0 (x86\_64)  
GNU/Linux 2.6.32 (x86\_64)  
Intel(R) Atom(TM) Processor E3930 @ 1.30GHz  
Intel(R) Xeon(R) Silver 4208 CPU @ 2.10GHz  
PHP/7.3.11  
PHP/5.6.30  
PHP/5.4.16  
PHP/4.4.8  
PHP/5.3.3  
AspectFT Automation Application Server  
lighttpd/1.4.32  
lighttpd/1.4.18  
Apache/2.2.15 (CentOS)  
OpenJDK Runtime Environment (rhel-2.6.22.1.-x86\_64)  
OpenJDK 64-Bit Server VM (build 24.261-b02, mixed mode)  
ErgoTech MIX Deployment Server 2.0.0

**Vendor Status**

\[21.04.2024\] Vulnerability discovered.  
\[22.04.2024\] Vendor contacted.  
\[22.04.2024\] Vendor responds.  
\[02.05.2024\] Working with the vendor.  
\[01.06.2023\] Vendor released version 3.07.01 to address this issue.  
\[12.12.2024\] Public security advisory released.

**PoC**

abb\_aspect\_rce15.txt

**Credits**

Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk\>

**References**

\[1\] https://packetstorm.news/files/id/183118/

**Changelog**

\[12.12.2024\] - Initial release

**Contact**

Zero Science Lab

Web: https://www.zeroscience.mk  
e-mail: lab@zeroscience.mk

Tag

#intel