this post was submitted on 22 Aug 2024
278 points (97.0% liked)

Technology

59206 readers
2539 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] SnotFlickerman@lemmy.blahaj.zone 36 points 2 months ago* (last edited 2 months ago)

I would guess the number one way he was found was internal security systems in each of the hacked systems.

Cybersecurity involves lots of automated systems that "alert" system admins when it comes to strange patterns.

Like... This user is logging in from an unrecognized IP from an unrecognized geo-location during a time the user usually would be asleep. The user in question has never logged into the system from that area or IP, nor do they do it when they're off the clock in the middle of the night. These unusual details would trigger an alert sent to a sysadmins cell phone, and from them they would begin digital forensics to try to pick up the trail of who this was.