Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Wi-Fi Exploited in Nearest Neighbor Attack

November 25, 2024
Reading Time: 2 mins read
in Alerts
Wi-Fi Exploited in Nearest Neighbor Attack

A new, sophisticated attack technique called the “Nearest Neighbor Attack” has emerged, demonstrating the growing capabilities of cybercriminals. Discovered by cybersecurity firm Volexity in February 2022, the attack was traced back to Russian state-sponsored hacking group GruesomeLarch (also known as APT28 or Fancy Bear). This technique enables attackers to breach a target’s network from thousands of miles away by exploiting Wi-Fi networks of nearby businesses. The attack, which took place just before the Russian invasion of Ukraine, highlights the evolving nature of cyber threats.

The Nearest Neighbor Attack targets organizations by first compromising user credentials through password spraying attacks. When multi-factor authentication (MFA) prevented access to the primary services, the attackers shifted focus to the organization’s Enterprise Wi-Fi network, which only required a username and password for access. Unable to directly exploit this network, the attackers compromised systems in neighboring buildings, looking for machines with both wired and wireless connections. By leveraging these compromised systems, the attackers were able to connect to the Wi-Fi network remotely.

Once inside the target organization’s network, the attackers employed living-off-the-land techniques to avoid detection. They used native Windows tools, such as Cipher.exe, to cover their tracks and hinder secure file recovery. The attackers moved laterally within the network, compromising additional organizations in proximity to the target. Eventually, they were able to exploit a vulnerability in the Guest Wi-Fi network of the primary target, which was improperly isolated from the corporate network, granting them access to sensitive data.

This attack underscores the need for organizations to reassess their Wi-Fi and network security strategies. Volexity recommends the implementation of multi-factor authentication for Wi-Fi access, ensuring proper segregation between Wi-Fi and Ethernet networks, and vigilant monitoring for suspicious use of native Windows tools. The Nearest Neighbor Attack represents a new class of cyber threats that exploit physical proximity in creative ways, urging organizations to adopt stronger security measures to mitigate such risks.

Reference:
  • Wi-Fi Exploited in Sophisticated Nearest Neighbor Attack by Russian Hackers
Tags: APT28Cyber AlertsCyber Alerts 2024Cyber threatsCybercriminalsFancy BearGruesomeLarchNearest Neighbor AttackNovember 2024RussiaUkraineVolexityWi-Fi
ADVERTISEMENT

Related Posts

Windows Defender Flaw Enables Hijack

GPUGate Abuse of Google Ads and GitHub

September 9, 2025
Windows Defender Flaw Enables Hijack

Windows Defender Flaw Enables Hijack

September 9, 2025
Windows Defender Flaw Enables Hijack

Npm Packages Compromised In Attack

September 9, 2025
Atomic Stealer Masquerades As Cracked App

iCloud Calendar Used For Phishing Emails

September 9, 2025
Atomic Stealer Masquerades As Cracked App

Czech Cyber Agency Warns On Chinese Tech

September 9, 2025
Atomic Stealer Masquerades As Cracked App

Atomic Stealer Masquerades As Cracked App

September 9, 2025

Latest Alerts

Windows Defender Flaw Enables Hijack

Npm Packages Compromised In Attack

GPUGate Abuse of Google Ads and GitHub

iCloud Calendar Used For Phishing Emails

Czech Cyber Agency Warns On Chinese Tech

Atomic Stealer Masquerades As Cracked App

Subscribe to our newsletter

    Latest Incidents

    Hackers Steal Secrets In GitHub Attack

    Plex Users Told To Reset Passwords

    Lovesac Confirms Breach After Attack

    Azure Cloud Hit By Red Sea Cable Cuts

    Tenable Confirms Breach Of Customer Data

    US Probes Malicious Email On China Talks

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial