Day: May 17, 2024

This Week In Security: The Time Kernel.org Was Backdoored And Other Stories

May 17, 2024 by 1 Comment

Researchers at Eset have published a huge report on the Ebury malware/botnet (pdf), and one of the high profile targets of this campaign was part of the kernel.org infrastructure. So on one hand, this isn’t new news, as the initial infection happened back in 2011, and was reported then. On the other hand, according to the new Eset report, four kernel.org servers were infected, with two of them possibly compromised for as long as two years. That compromise apparently included credential stealing or password cracking.

The Ebury attackers seem to gain initial access through credential stuffing — a huge list of previously captured credentials are tried one at a time. However, once the malware has a foothold in the network, a combination of automated and manual steps are taken to move laterally. The most obvious is to grab any private SSH keys from that system, and try using them to access other machines on the local network. Ebury also replaces a system library that gets called as a part of sshd, libkeyutils.so. This puts it in a position to quietly capture credentials.

For a targeted attack against a more important target, the people behind Ebury seem to go hands-on-keyboard, using techniques like Man-in-the-Middle attacks against SSH logins on the local network using ARP spoofing. In this case, someone was doing something nasty.

And that doesn’t even start to cover the actual payload. That’s nasty too, hooking into Apache to sniff for usernames and passwords in HTTP/S traffic, redirecting links to malicious sites, and more. And of course, the boring things you might expect, like sending spam, mining for Bitcoin, etc. Ebury isn’t exactly easy to notice, either, since it includes a rootkit module that hooks into system functions to hide itself. Thankfully there are a couple of ways to get a clean shell to look for the malware, like using systemd-run or launching a local shell on the system console.

And the multi-million dollar question: Who was behind this? Sadly we don’t know. A single arrest was made in 2014, and recovered files implicated another Russian citizen, but the latest work indicates this was yet another stolen identity. The rest of the actors behind Ebury have gone to great lengths to remain behind the curtain.

Continue reading “This Week In Security: The Time Kernel.org Was Backdoored And Other Stories”

Betta Aims To Bring Wire EDM To The Desktop

May 17, 2024 by 35 Comments

Just as practical nuclear fusion has been “only 20 years away” for the last 80 years or so, the promise of electrical discharge machining (EDM) in the home shop seems to always be just around the corner. It’s hard to understand why this is so — EDM is electrically and mechanically more complicated than traditional subtractive manufacturing techniques, so a plug-and-play EDM setup seems always just out of reach.

Or perhaps not, if this 3D printed 4-axis wire EDM machine catches on. It comes to us from [John] at Rack Robotics and is built around the Powercore EDM power supply that we’ve previously featured. Since wire EDM is a process that requires the workpiece to be completely immersed in a dielectric solution, the machine, dubbed “Betta,” is designed to fit inside a 10-gallon aquarium — get it?

A lot of thought went into keeping costs down. for example, rather than use expensive sealed motors, [John] engineered the double CoreXY platform to keep the motors out of the water bath using long drive shafts and sealed bearings. The wire handling mechanism is also quite simple, at least compared to commercial WEDM machines, and uses standard brass EDM wire. The video below shows the machine going to town of everything from aluminum to steel, with fantastic results on thin or thick stock.

While Rack Robotics is going to be offering complete kits, they’re also planning on open-sourcing all the build files. We’re eager to see where this leads, and if people will latch onto EDM with the same gusto they did with 3D printing.

Continue reading “Betta Aims To Bring Wire EDM To The Desktop”

Running Four Brushless Motors With A Single Pi Pico

May 17, 2024 by 15 Comments

Sometimes, you have to drive four motors, and you need to do so with a certain level of control. You could throw a lot of parts at the problem, but you don’t necessarily have to. As [Shaun Crampton] demonstrates, you can run four brushless DC motors with a single Pi Pico.

[Shaun] set about developing a brushless motor controller from scratch with the Pico, relying on its PIO hardware and the TI DRV8313 — a handy three phase motor driver. Before he knew it, he was implementing field oriented control (FOC) in MicroPython, only to find that it was a little too slow for proper motor control work. He soon switched to C for the lower overheads, and was readily driving a brushless motor with his own code. Before long, he’d implemented torque limiting and PID speed control. He was even able to optimize things to the point where he had four motors hanging off a single Pi Pico, complete with Hall sensors for feedback.

The full story is well worth reading, as it goes from “Hello, World” all the way to the end of the project. If you’ve never experienced the joy of your own code getting a motor to spin, you might enjoy following in [Shaun’s] footsteps. Files are on GitHub for the curious.

We’ve seen a lot of motor controllers around here, many of which draw heavily from other projects online. It’s a great way to learn the basics of what is a very well established field. Meanwhile, if you’re cooking up your own project in this space, do drop us a line!