Everyone’s favorite single-board microcomputer, the Raspberry Pi, just got sinister as cybercriminals have been spotted selling software for the devices aimed at inexperienced criminals looking to dabble in financial crime.
Don’t try this at home, of course, but the ‘GEOBOX’ software, with proxy and routing capabilities for network traffic, is sold for quite extortionate prices on Telegram.
For just $80 a month, or $700 as a one-time fee, you can also be investigated for theft and fraud by the security company Resecurity, which allegedly discovered the use of GEOBOX in “a high-profile bank theft impacting a Fortune 100 company.” ‘.
And they would have gotten away with it too…
Detailing the discovery in a blog post (through BleepingComputer), Resecurity explained that “(Pis with GEOBOX) acted as a proxy, significantly increasing their anonymity. This approach complicated the investigation and tracking process, especially since GEOBOX devices do not store logs by default.”
There’s nothing less cool than a “highly capable tool that can complicate law enforcement tracking and investigation,” but that’s what Resecurity says we have on our hands. Even less cooler would it be to buy software that law enforcement agencies are now almost certainly aware of and are actively trying to kill.
However, it can be more complicated than that as GEOBOX does not include features that you cannot find in existing software or operating systems. GPS and IP spoofing, Wi-Fi access point emulation and VPN Protocol support may seem scary on paper, but it can be of legitimate use and is nothing you won’t find in other tools or operating systems.
The problem with GEOBOX, however, is that it packs these features into a lightweight Linux distribution with a user interface that greatly lowers the barrier to commit evil. Resecurity suggests that crimes that fit well with the GEOBOX include the exploitation of dark web marketplaces, disinformation campaigns and, of course, financial fraud. Unsurprisingly, we don’t have crime buying guides.
We ran away stories like this beforeand we suspect it won’t be the last: Raspberry Pis is cheap and small, so it’s disposable and easy to hide – all of which are legitimate strengths of the device.
This writer likes that Piss can be hidden behind a monitor or television, and basically forgotten about because they are almost silent enough, and doesn’t think stories like these should stop you from watching them if you think they look decent .