With just $700 and a Raspberry Pi — you too can become a cybercriminal
The dark side of software as a service
Everyone’s favourite single-board microcomputer, the Raspberry Pi, just got sinister, as cybercriminals have been spotted selling software for the devices catering to inexperienced criminals looking to dabble in financial crime.
Don’t try this at home, obviously, but the ‘GEOBOX’ software, with proxy and network traffic routing capabilities, is being sold on Telegram for pretty extortionate prices.
For just $80 a month, or $700 as a one off fee, you too can be investigated for theft and fraud offenses by the security firm Resecurity, who supposedly uncovered the use of GEOBOX in ‘a high-profile banking theft impacting a Fortune 100 company’.
And they would have gotten away with it too...
Detailing the discovery in a blog post (via BleepingComputer), Resecurity explained that “[Pis running GEOBOX] served as proxies, significantly enhancing their anonymity. This approach complicated the investigation and tracking process, especially since, by default, GEOBOX devices do not store any logs.”
There’s nothing less cool than a ‘highly capable tool that can complicate law enforcement tracking and investigation’, but that’s what Resecurity says we’ve got on our hands. Well, even less cooler would be buying software that law enforcement agencies are now almost certainly aware of and actively trying to kill.
However it might be more complicated than that, as GEOBOX doesn’t contain any features that you can’t find in existing software or operating systems. GPS and IP spoofing, Wi-Fi access-point emulation and VPN protocol support might seem scary on paper, but can be of legitimate use, and aren’t anything that you won’t find in other tools or operating systems.
Still, the problem with GEOBOX is that it packages these features in a lightweight Linux distribution with a UI that massively lowers the barrier of entry to committing evil. Resecurity suggests that crimes well-suited to the GEOBOX include the operation of dark web marketplaces, disinformation campaigns, and, of course, financial fraud. Unsurprisingly, we don’t have buying guides for crime.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
We’ve run stories like this before, and we suspect this one won’t be the last: Raspberry Pis are cheap and small, so disposable and easily concealed - which are all legitimate strengths of the device.
This writer likes that Pis can be hidden behind a monitor or television, be basically forgotten about as they’re near-enough silent, and doesn’t think that stories like this should put you off looking into them if you think they seem neat.
More from TechRadar Pro
Luke Hughes holds the role of Staff Writer at TechRadar Pro, producing news, features and deals content across topics ranging from computing to cloud services, cybersecurity, data privacy and business software.