Andrew Brandt

Yeah, I mean, it could.

And that was one of the reasons that I was brought in basically on day zero of this happening.

The company realized that they had a potential public relations nightmare on their hands, and they needed to communicate as openly and as forthrightly as possible everything that they knew and everything that they were doing to fix it.

And credit goes to the people in leadership at the company who decided that

possibly against the conventional wisdom at the time, that they were going to go public with everything we knew about this attack.

It was not a common thing at that time.

But as I said, I've worked for a long time in this kind of role where I do investigations and then publish about them to the public to warn people about bad things that are happening on the internet.

It's been my experience that the more information that you get out, the better protected people are.

And that being radically transparent benefits everyone.

It helps the customers who are affected.

It also warns the public that like, hey, this is something that you need to be aware of in the future.

And it might also put the threat actors on notice that, hey, we're watching you and we're taking action to stop you.

Yeah, so there's a lot of interest within the company.

Well, we know that there's these firewalls that have been registered to people who have non-corporate or non-enterprise level email addresses, like free webmail addresses.

The firewalls are checking in all from Chengdu.

We know their serial numbers, so we know the exact count of the number of firewalls that are being used in these places.

And we could see from some of the log telemetry that the threat actors are running commands that are testing how these exploits are going to work.

But we don't have the exploit code itself.

So the security team decides they're going to build something that they just call the implant, or sometimes they call it the kernel implant.

And it's a small elf binary that gets distributed only to the machines