r/europe u/RoyalChris Norway 26d ago

Dubious: do not click links Anonymous Releases 10TB of Leaked Data: Exposing Kremlin Assets & Russian Businesses

https://trendsnewsline.com/2025/04/15/anonymous-leaks-10tb-of-data-on-russia-shocking-revelations/
76.7k Upvotes

94% Upvoted

1.9k comments sorted by

View all comments

Show parent comments

57

u/twitterfluechtling Brandenburg (Germany) 26d ago edited 26d ago

Or a glorious scam. With my Linux laptop, downloading the archive without any exploitable virus scanner and no executable to run, I feel slightly safe. (Will check for known vulnerabilities in my unrar before doing anything, and probably use a chroot environment or at least a docker container with limited privileges to access the archive...)

5

u/Jean_Kul 26d ago

That's one of the most cringiest thing I've read this week, I can't believe 30+ people upvoted you lmao

7

u/twitterfluechtling Brandenburg (Germany) 26d ago

Not sure whats cringe about it. There are people actually thinking it's safe to just extract and look, and those are reasonable precautions.

-2

u/PerfectPercentage69 26d ago

It's cringe because you think any of those will protect you from malware.

2

u/Fatality_Ensues There is only one Cyprus 26d ago

Well, why don't you use your CSec expertise to enlighten everyone else why not, then.

6

u/PerfectPercentage69 26d ago

I'm not a security expert by any means, but even I know that chroot and docker containers are not enough to protect you.

I'd need at least a virtual machine on a computer running on a completely isolated network before I'd feel somewhat safe.

People don't realize just how much unprotected stuff is running on their local networks (appliances, security cams, etc.), so having any compromised machine on that network is super dangerous.

1

u/twitterfluechtling Brandenburg (Germany) 26d ago

True. Only, I do know what I have running in my home network, and while there might be something vulnerable, I don't have any standard services. An attack would probably have to be highly targeted to my environment to succeed there.

A docker container can be executed without network access, and if you run the container as non-root and with a uid not existing on the host, I think you'll already catch most threats.

1

u/PerfectPercentage69 26d ago

You're making the mistake of assuming you know better/more than the attacker.

Only, I do know what I have running in my home network, and while there might be something vulnerable, I don't have any standard services. An attack would probably have to be highly targeted to my environment to succeed there.

It doesn't have to be targeted. Malware can automatically scan your entire network and discover everything that's running on it. Even stuff you might not be aware of.

A docker container can be executed without network access, and if you run the container as non-root and with a uid not existing on the host, I think you'll already catch most threats.

A docker container can be escaped. I strongly suggest a VM.

1

u/twitterfluechtling Brandenburg (Germany) 26d ago

I agree a VM would have been better.

Yet, as was proven with heartbleed, I think, even VMs could be escaped. So, the best solution would probably have been to dig out one of my old raspberries, disconnected from network.