My Chromebook was hacked after opening a zip file, which then proceeded to attack other devices on my network. The first device to be attacked was a an IoT device which then activated its access point.

After realizing what had happened, I first reinstalled Chrome OS on the notebook using a USB recovery medium. Therefore, I no longer have the zip file and the attacker has already deleted it. However, since a VirusTotal scan was performed beforehand, the file is still available there.

Here is the link to the zip file: https://www.virustotal.com/gui/file/cb9ed576250226295cc07bd2049efedab052d64b955c852f37e6a5270381cc15?nocache=1

It would be great if someone could review the Zip file. I had assumed that Chrome OS devices were very secure and such a scenario was unthinkable, especially considering the content of the Zip file for Windows PCs. Therefore, I did not see any real threat in taking a look.

Now I know that a zip file is all you need.

Maybe, my Pixel7 is also hacked now!

Can anyone tell me how reverse DNS requests are possible on a Pixel phone?

For all that care here is my full dns log right afte the Attack:

https://www.file-upload.net/download-15275317/DNS_LOGs_27_02_2024.zip.html