Showing posts with label hacking. Show all posts
Showing posts with label hacking. Show all posts

Monday, 11 February 2019

First Clipper Malware Discovered on Google Play

Clipper malware
Android/Clipper.C impersonating MetaMask on Google Play
Clippper malware was discovered on Google Play, the official Android app store. This malicious malware was discovered in Feb 2019.

What is the clipper malware? 


Addresses of the online cryptocurrency wallets have a long string of characters that includes alphabets and numbers.These addresses are basically long for security reasons. The users generally copy and paste the addresses using the clipboard instead of taking the trouble to type them out.

The people who steal the cryptocurrency, take advantage of this lapse and replace the wallet address in the clipboard. This is the clipper malware.

The attacker intercepts the address on the clipboard and changes it to the address belonging to him.
The user then ends up with the wallet address that has been switched by the attacker.

Though the clipper malware is relatively new, where the cryptocurrency stealers alter the address, it is considered an established malware.

The origins of clipper malware


The clipper malware was first discovered in 2017 on the Windows platform.

Later it was noticed in the shady Android app stores in the summer of 2018.

In August 2018, the first Android clipper malware was discovered. It is sold on underground hacking forums and subsequently seen in shady Android app stores.

The clipper malware was also hosted on download.cnet.com. This is one of the most popular software hosting sites. This malware was discovered by ESET researchers.

In February 2019, the malware was found on Google Play, which is the official Android app store.

How does the clipper malware function? 


The clipper malware was detected on the Google Play store. This malicious malware was found out by ESET security solutions. The malware, Android/Clipper.C, impersonates a genuine service known as MetaMask.

The clipper malware basically steals the user’s credentials and private keys in order to access the user’s Ethereum funds. This malware can also change the Bitcoin or Ethereum wallet address of the user and replace it with the address of the hacker. The wallet address of the user is replaced by the wallet address of the hacker using the clipboard.

When and how was the clipper malware discovered? 


On 1st Feb 2019, the ESET security solutions discovered the clipper malware, Android/Clipper.C on Google Play, the official Android app store. This was then intimated to the Google Play security team. They immediately removed the app from the Store.

This hacking targets the users who make use of the mobile version of the MetaMask service. The MetaMask service runs Ethereum decentralized apps in the browser without any need of running a complete Ethereum node.

Currently, the MetaMask service is not offering the mobile app. They are available as add-ons for desktop browsers like Chrome and Firefox.

Previously too, malicious apps were discovered on Google Play impersonating MetaMask in order to access the victim’s cryptocurrency funds.

Security measures against clipper malware


Users should update their Android devices and use reliable mobile security solution.

Download apps from the official Google Play store.

For any Google Play search, stick to the official website of the app developer or service provider for the link to the official app.

For any sensitive transactions involving information or money, double check every step.

Wednesday, 6 December 2017

What is KRACK Hack vulnerability

KRACK Hack

What is Krack

Krack is said to be an abbreviation for Key reinstallation attack which tends to involve an attacker utilising a one-time key which has been provided to the device of a client intending to connect to Wi-Fi network.

According to KU Leuven’s Mathy Vanhoef the researcher who discovered the vulnerability, his discoveries had been reported by tech site Ars Technica recently. He states that in some of the instances, hackers tend to exploit Krack in order to inject malware like ransomware in websites.

Vanhoef, informs that on doing so, the hacker has the potential to decrypt information which has been swapped from the access point with the client device wherein the personal details such as credit card numbers, together with messages and password can be exposed. It is here that the process of the hack can take place as described on the website of Vanhoef.

This latest discovered vulnerability can permit attackers to seize sensitive data which is transmitted between Wi-Fi access point and a computer or a mobile device which can be encrypted. This error is known as Krack that affects WPA2 which is a security protocol extensively utilised in the up-to-date Wi-Fi devices.
 

Four-Way Process Handshake

 
When a device tends to connect with a protected Wi-Fi network, there is a four-way process handshake for Krack , which occurs wherein this handshake warrants that both the client and the access point have the precise login authorisations for the network.

This tends to generate a new encryption key in order to protect web traffic wherein the encryption key is installed at step three of the four-way handshake. However the access point at times tends to resend the same key if it considers that the message could have been misplaced.

 Research of Vanhoef has discovered that the attackers could force the access point in order to install the identical encryption key which the intruder could utilise to attack the encryption protocol and decrypt the data. Vanhoef cautions that any device that seems to support Wi-Fi could probably be affected by Krack though Linux-based devices together with Android devices running version 6.0 or higher of the Android operating system are likely to be in danger. Presently it would comprise of over 40% of Android devices.

 

Update Wi-Fi Devices

 
Proof of the concept had been displayed by Vanhoef portraying how exploitation utilising the Krack technique was possible. He cautioned on his website that he was not in a position to determine if such attacks had been actively utilised.

Vanhoef also mentioned that in order to protect the user from Krack attacked, it was essential to update Wi-Fi devices such as the smartphones, laptops and tablets no sooner the updates are made available. Users are also cautioned to update their firmware of router. A security update addressing the issue had also been released by Microsoft according to the reports of The Verge.

Wi-Fi Alliance which is a network of companies making Wi-Fi devices, defining Wi-Fi standards and programs had informed that platform providers have begun organizing patches for the purpose of addressing the problem.

Monday, 16 October 2017

SWIFT Says Hackers Still Targeting Bank Messaging System

The $81 million heist that was carried out from the Bangladesh Bank in February was done by attackers who hacked into the bank’s SWIFT software. They were able to steal the money by hacking into the software to transfer the money. The attackers were also able to cover up their tracks in a very effective manner.

The attacker, based in Bangladesh, was able to develop a malware which was highly sophisticated and could interact with the local SWIFT software in his vicinity.

SWIFT is a cooperative of 3,000 organizations, based in Belgium. It provides a platform to transfer funds internationally. SWIFT is in the know, that there exists a malware that can reduce the financial institutions systems abilities that can cause various fraudulent transactions on their local systems. They are however saying that this malware is not capable of hacking into their network or causing extreme damage as far as their messaging services are concerned. This is contrary to the reports, which suggest otherwise.

In case of any hacking to the SWIFT software can cause transfer of funds from the victim’s account to the attackers account. As seen in the Bangladesh Bank case, there were 30 SWIFT transactions on FEB 5th, for a withdrawal of $ 1 billion from the US Federal Reserve in New York using the SWIFT bank code. Only $ 81 million could be transferred and the balance $ 6.9 million was still retrievable.

The malware used in the Bangladesh Bank SWIFT software was specially designed with a complete know how of the SWIFT Alliance Access software and excellent malware coding abilities.

The malware used by the attacker was not only used to change the SWIFT transactions, but also to hide any of the changes made, since all the transfers that take place are sent by the SWIFT’s software to a printer. When the transactions are printed out, the officials of banking sector can notice any fraudulent transactions and take action immediately. They can thus prevent any malafide transactions from taking place. The malware used in this case intercepted the SWIFT messages and the altered manipulated copies of such messages were printed. In this way they were able to cover up their fraudulent transactions. The malware used, seems to be a wider attack toolkit, allowing the attacker to send forged instructions for payment and also cover up his tracks. This gave the attacker ample amount of time to carry out the transactions and enabling multiple transactions without being detected.

SWIFT is coming out with a software to counteract such related attacks, including alteration in the database records. The customers on their part are encouraged to keep all their IT systems up to date in order to prevent the attackers from hacking into any loopholes in their local security systems.

A spokesperson has advised their customers to keep an eye on any anomalies seen in their local database records whereby helping the customers to keep their accounts secure. The most vital is to adopt adequate security measures and safeguard their systems.

The authorities warn that the malware and the various related tools can be a threat for SWIFT customers. They can be configured easily and likely to cause similar attacks in future. A worrying aspect is how the attackers sent these transactions, the malware used in the systems and who are the people behind this scam.

Tuesday, 19 September 2017

Bluetooth Problem Could Let Hackers Take Control of Your Devices

Bluetooth Problem
Blueborne, the incredible Bluetooth Issue allows hacking Android phones

More than 5 billion vulnerable Bluetooth devices, including mobile phones, laptops or IoT devices

Perhaps at the worst of times to announce a security problem like this (with the iPhone X presentation monopolizing the day), security researchers have uncovered eight major Bluetooth Issues as vulnerabilities. Three of them are especially dangerous. They would allow attacking devices like Android phones without needing to connect to them.

The Bluetooth Issue, which has been given the name BlueBorne, affect virtually every device in the world with Bluetooth, about 5.3 billion devices with vulnerabilities. Among them are laptops, connected products at home, mobile phones of all kinds with Android, iOS or Windows.

According to Armis Security, this Bluetooth Issue is considered a scenario where an attacker can intercept Android mobile information without having to connect to the computer or pair. That is, as long as the mobile has Bluetooth active, it would be in danger.

The intermediary attack, also known as Man in the Middle, does not require you to access a website or download an application or attachment from your email. The Bluetooth issue called as BlueBorne is in the libraries that integrate for the Bluetooth chip to work.

In the worst case, a hacker could access the computer, take control and execute code with bad intentions. That if, it is necessary that the attacker is really close to the victim, since Bluetooth has about 10 meters of range of action.

At home this Bluetooth Issue, the BlueBorne will not generate many problems, details of these vulnerabilities have not been made public and proximity is required. At the corporate level or even for institutions, it is not known whether anyone has used BlueBorne. In an example rather taken from a series, but plausible, a person with confidential information on his mobile could be in a cafeteria and a hacker could access his files with being close to this person.

For Android phones, Armis has published a free application that tells you if you are affected. This does not mean that they can hack your phone, but your smartphone needs an update as soon as possible.

Google will send a patch on its monthly security updates for Android 6.0 Marshmallow and Android 7.0 Nougat. Microsoft few days ago sent a security update for Windows, specifically Windows 7, 8, 8.1 and 10. Meanwhile, Apple fixed this vulnerability in one of its latest iOS 10 updates, but all computers with iOS 9.3.5 or lower, Apple TV 7.2.2 or lower are affected.

Another perfect example of an even bigger problem with an unknown dimension. All connected products that begin to expand through our homes and that have Bluetooth Issue, are mostly unprotected. Also mobile phones that never receive updates. As long as manufacturers do not send security updates regularly and install them, even the smallest of these products is at the mercy of a large-scale attack, although this in particular requires being very close.

Thursday, 14 September 2017

The Great Tech Panic: What You Should Worry About?

Tech Panic – Cause for Worry 

Technology has been making great progress in transforming our lives which has given rise to panic. Experts have been weighing on how much one should be stressed with regards to self-driving cars, malevolent AI etc.

 In cities like San Francisco; Boston, Tempe, Arizona where self-driving cars have been verified on public roads, there have been trained engineers on board to ensure that the emerging tech does not take on the pedestrians. Nidhi Kalra, co-director of the RAND Centre for Decision Making Under Uncertainty, had commented that it is that persons’ task of paying attention to what the vehicle seems to be doing.

As per the most optimistic estimates of experts, fully autonomous cars on the public roads seems to be at least three years away and that technology will never be infallible, people would still die in car crashes.

However, eventually, self-driving vehicles would probably save lives according to Mark Rosekind, chief safety innovation office at Robotaxi start-up Zoox as well as the former head of the National Highway Traffic Safety Administration, and 94% of the crashes are credited to human mistake.

Would hackers leak my emails? 

To gain access of one’s email is not at all tough. We find phishers who seems to get more refined from the increased power of ransomware attack encountered.

Seth Schoen, senior staff technologist at the Electronic Frontier foundation commented that `a cleverly composed email which states `I’m your tech support person and need to know your password’, still tends to function as a shocking percentage of the time.

When it comes to leaking those emails, the threat to the average person is quite insignificant and attacks like the DNC leaks, the Panama Papers together with the Macron campaign hack could encourage your sense of paranoia, unless you are a Kardashian or a Trump, your personal correspondence is likely to be of little interest to cyber thieves’.

Are We Prepared for Cyberwar?

Former US counterterrorism Czar Richard Clarke in his 2010 book had ranked on how well some countries tend to fare in a digital conflict As per his formula, the US had been placed dead last and on top – North Korea.

Clarke had figured that the US and Russia could have the best offensive hacking capabilities in the world. However, North Korea seemed to have a bigger advantage - absence of digital dependence. The solitary kingdom’s hackers tend to indulge in a scorched-earth cyberwar without risking much since its citizen tends to stay disconnected.

The US on the other hand is in need of the internet than its opponents. Hence Clarke found America more susceptible to what he termed `the next threat to national security’. Seven years thereafter we need to quit worrying that the period of cyberwar is approaching and we need to admit the fact that the digital attacks on infrastructure are unavoidable.

On the contrary we need to focus on how we should recover from them. This would mean bringing down our reliance on digital systems and enhance on maintaining our consistent, out-dated, analog systems, in order that we can fall back on them when digital disaster occurs.

Essential to Hold On to Era of Physical Override 

When a team of hackers had blacked dozens of electrical substations in Ukraine, in 2015, the utility companies had the technician equipped to switch the power back manually, within a period of six hours.

They had been alert since the Soviet-era grid of Ukraine seems to be stiff on a normal day. The modern, highly automated grids of America do not tend to break often. US institutions should develop the readiness of Ukrainian-style, in an event of a grid attack. In case of interference, it is essential for voting machines to have auditable paper ballots as a backup.

 Organisations of all types should be kept updated, offline data backups for speedy recovery when cyber-attacks like the global WannaCry ransomware outburst. There is no need to relinquish on hyper-connected infrastructure though it is essential to hold on to the era of physical override – since when hackers tend to hijack the elevator of your high-rise apartment, one can be glad that the stairs was another option to resolve the issue.

Would Hackers Launch Nuclear Weapons?

Senior researcher at RAND, Bruce Bennett who seems to specialize in counter proliferation and risk management had stated that `in spite of the act flicks imagining that very scenario, it seems highly improbable. Nuclear weapon does not seem to be connected to the internet, making it complex for anyone to hack them.

On the contrary such weapons seems to be organized by standalone computers together with code keys that are distributed by human couriers, which is a method developed and maintained precisely with security in mind according to an aerospace engineer and analyst John Schilling, for 38 North a Korea-focused analysis group.

He informed that there could be a possibility of sabotaging a nuclear bomb by hacking its secondary as well as tertiary guidance system, which is a tactic the US could have utilised on the missiles of North Korea, though there seems little chance that the troublemaker agents could launch bombs.

Would AI Turn Against Humans? 

Paul Christiano, a researcher at the non-profit Open Ai had mentioned that AI ultimately would be capable of directing science experiments executing construction projects as well as develop more AI without human involvement. He together with his colleagues does not seem to worry that the evil robots would destroy us someday.

 Engineers at Google’s DeepMind unit and Oxford’s Future of Humanity Institute however are collaborating in understanding which kind of AI systems could take actions in reducing the chance of being turned off. Their concern lies in the fact that as AI tends to progress beyond human understanding, the behaviour of the technology may deviate from our intended goals. Hence it is up to the researchers to construct a foundation which tends to have human values at heart.

Am I Being Spied on Through my Microphone – Equipped Device? 

Third-party developers, cyber-criminals and at times also the companies which tend to develop smart devices could have the means of accessing your audio stream. Mordechai Guri, head of R&D for Cyber Security Research Centre at Ben-Gurion University in Israel had stated that they are always accompanied by high-quality microphones and your smartphone or smart TV can be turned into a spying device for advertising purposes. Python for network engineers books helps to Mastering Python Networking.


It is also the same in the case of smart home devices such as Amazon Echo and Google Home with far-field always-on microphones. Furthermore apps are probing to access smartphone microphone in order to feed on hyper-targeted ads.

Saturday, 9 September 2017

Catching the Hackers While They Act

Catching the Hackers
How investigators trying to catch hackers work

The role of the computer expert becomes increasingly relevant to the proliferation. Nowadays, the attacks such as phishing or data hacking for ransomware purposes are the main issues. Hence, these specialists perform a thorough analysis on the affected devices to solve the issues. And also they obtain the digital evidence to get it right.
While hackers try not to leave traces, their footprints are not so easy to erase. That is why their job is to shed light on the hacking. This can be done by the reconstruction of the activity of the electronic device that has been used by the hackers. This is explained by Telam Maximiliano Bendinelli, the computer forensic expert.
A specialist works with Pablo Rodríguez Romeo in the CySI, said that last year they received a large number of queries from companies about the attack.

Virtual Hijacking of Data

Bendinelli cited virtual hacking of data for extortionate purposes known as ransomware. The hacking of data stored in a technological device to be later released in exchange for a ransom.

With their experience in the cases, the experts dealt with in the study. They found that the cost for the release of the data usually ranges from the US $ 300 to the US $ 1,500, always in Bitcoins.

These experts found sometimes interesting turns in the case of ransomware. They could even solve the situation without paying the hackers.

The hackers trick the users with some fraudulent methods that intend to direct them to some other page. If the user gets into to the page, paves the way to download some malicious codes into their computer for hacking their data.

Some reputed banks are also victims of these attacks, but they don't want to expose it. Rather, they get the experts' consultation to solve the issues.

The intervention of the computer expert becomes crucial in the field. They carry out the corresponding analysis, obtain and safeguard the digital evidence of the users. And also to implement the necessary methods to avoid invalidating the test.

The investigation of the issues arises from an audit, working with those who might be involved. And also identifying the correlation of facts and equipment.

The victims or the users never work with the original evidence. Because the users run the risk of damaging it. Hence, they proceed to preserve the evidence from a forensic copy.

The Forensic copy helps to identify the hacker


The forensic copy allows recovering all the information on the disk. Even the deleted, and also rebuilding the hacker's steps on the computer.
Currently, it is very common to use the forensic investigation software. It allows the analysis and processing of a lot of information with unmatched speed. This kind of software showed very good results. It makes technology a top-quality alternative to the old forensic computer applications.

The specialists summarized the work of the computer expert as a researcher and consultant. This is to carry out the processes, using the benefits offered by the research software and the management of various analytical tools to find hackers. This allows the identification of relevant data and cross-referencing of fundamental information.

Wednesday, 2 August 2017

How Hackers Hijacked a Bank’s Entire Online Operation

Hackers

Extraordinary Incident of Wholesale Bank Fraud Done by Hackers


Hacking a bank is not different from the out-dated means of raiding it and hackers can get in and out with the goods quite easily. However a particular enterprising team of hackers aiming a Brazilian bank seemed to take a much more inclusive and a scheming method of operation.

On a certain weekend afternoon, they had rerouted all the online customers of the bank to effortlessly reconstructed fakes of the bank’s properties wherein the marks offered over their information of the accounts. The researchers at Kapersky the security firm had defined an extraordinary incident of wholesale bank fraud, which had basically hijacked the complete internet footprint of the bank.

 Last year, on October 22 at 1 pm, the researchers had stated that the hackers had altered the Domain Name System registration of all 36 online properties of the bank, taking the desktop and mobile website domains of the bank to take users to phishing site. That meant that the hackers had the potential of stealing login credentials at the sites which had been hosted at the legitimate web addresses of the bank.

The researchers of Kaspersky were of the belief that the hackers could have also simultaneously redirected most of the transactions at ATMs or point-of-sale systems to their own servers, gathering the details of the credit card of anyone who utilised their card on that Saturday afternoon.

Malware Infecting Customers


One of the researchers of Kaspersky, Dmitry Bestuzhey, who had analysed that attack in real time on seeing malware infecting customers from what seemed to be the fully valid domain of the bank, had stated that absolutely all of the bank’s online operations had been under the control of the attackers for five to six hours.

From the point of view from the hackers, according to Bestuzhey, the DNS attack meant that `you become the bank and everything belongs to you now’. Kaspersky has not revealed the name of the bank which had been targeted in the DNS redirect attack. He has stated that it seems to be a major Brazilian financial company with hundreds of branches, operations in the US and the Cayman Islands, with 5 million customers and over $27 billion in assets.

Though Kaspersky is not aware of the full extent of the damage caused due to the takeover, it should be a warning to banks all over to consider how the insecurity of their DNS would support a nightmarish loss of control of their core digital assets. Bestuzhev had commented that they have never seen it exploited in the wild on such a big scale.

DNS – Vital Decorum Under Cover of Internet


The Domain Name System – DNS tends to serve as a vital decorum running under the cover of the internet and translates domain names in alphanumeric characters such as Google.com, to the IP addresses such as 74.125.236.195, which tends to represent the definite locations of the computers hosting websites or other services related on those machines.

 However attacking the records could take the sites down or redirect them to a destination of a hackers’ choice. For instance, in 2013, the Syrian electronic Army groups of hacker had changed the DNS registration of The New York Times in redirecting visitors to a page with their logo. Recently, the Mirai Botnet attack on the DNS provider Dyn had cracked a main portion of the web offline inclusive of Amazon, Reddit and Twitter.

However the attackers of Brazilian bank had subjugated their victim’s DNS in a much more directed and profit-driven manner. Kaspersky was of the belief that the hackers compromised the account of the bank at Registro.br which is the domain registration service of NIC.br, the registrar for the sites ending in the Brazilian .br top-level domain which is said that it also manages the DNS for the bank.

Changing Registrar – Domains of Bank


The researchers are of the opinion that with that access, the hackers had been capable of changing the registrar at the same time for all the domains of the bank, redirecting them to servers which the attackers had set up on the Cloud Platform of Google.

With the hijacking of the domain, those visiting the website URL of the bank were redirected to the duplicate sites where those sites also had valid HTTPS certificates issued in the name of the bank. Hence those visitors’ browsers portrayed a green lock together with the name of the bank like they would in the real sites. Kaspersky also observed that the certificates was provided six months earlier by Let’s Encrypt, the non-profit certificate authority which makes obtaining an HTTPS certificate easy in case of increasing HTTPS acceptance.

 Josh Aas, founder of Let’s Encrypt had stated that `if an entity had gained control of DNS and had gained effective control over a domain, there could be a possibility for that entity to get a certificate from them. Such issuance would not constitute mis-issuance on their part since the entity receiving the certificate would have been able to properly demonstrate control over the domain’.

Hoaxed Sites Infected with Malware


Eventually the hijack had been so thorough that the bank was unable to even send email. Bestuzhev stated that they could not even communicate with the customers to send them an alert and if your DNS is in control of the cybercriminals, you are basically screwed’. Besides phishing, the hoaxed sites also infected victims with malware download which had disguised itself as an update to the Trusteer browser security plug-in which the Brazilian bank provided the customers.

As per the analysis of Kaspersky the malware gathers not only banking logins from the Brazilian banks but also eight others as well as email and FTP credentials together with contact lists from Outlook and Exchange. All of these had gone to command-and-control server hosted in Canada. The Trojan also comprised of an operation intended to disable antivirus software for infected victim, and could have persisted much beyond the five hour window when the attack had taken place.

The malware had scraps of Portuguese language, implying that the attackers could have been Brazilian. Bestuzhev of Kaspersky debates that for the banks the incident could have been a clear warning to check on the security of their DNS. He notes that half of the top 20 banks ranked by total assets do not manage their DNS but tend to leave it in the hands of a potentially hackable third party and irrespective of who tends to control the DNS of a bank they can take special precautions in preventing their DNS registrations from being changed without safety checks such as `registry lock’, which some registrars tend to provide together with two-factor authentication making it difficult for hackers to change them.

Tuesday, 23 May 2017

Are Wi-Fi signals letting hackers see into your home?

Wi-Fi Signals – Windows to Home

It has been discovered that Wi-Fi signals can be a window to your home. Researchers have observed that cyber thieves could utilise the microwave radiation of the signal in creating three-dimensional image so a location together with the objects as well as the individuals within it.

 It has been suggested by the team that this hack has the potential of generating scans of buildings and also track the individuals indoors, though it could also be utilised in locating people buried by an avalanche or earthquake. The scientist at Technical University of Munich – TUM, had made this discovery, which had developed a holographic imaging process depicting the radiation of a Wi-Fi transmitter to generate three-dimensional images of the surrounding environment.

The system of the team enabled them in creating holograms that tends to develop a three-dimensional image alike to that of peering through a window of a home. According to Dr Friedenmann Reinhard and Philipp Holl ‘s report in the study published in the scientific journal Physical Review letters, though the optical holograms tend to need an elaborate laser technology, generating hologram together with microwave radiation of a Wi-Fi transmitter would need one fixed as well as one movable antenna.

Holographic Processing of Wi-Fi

Friedemann Reinhard, director of the Emmy Noether Research Group for Quantum Sensors at the Walter Schottky Institute of the TU Munich had stated that `utilising this technology we can generate a three-dimensional image of the space around the Wi-Fi transmitter, as if our eyes could see microwave radiation.

The researchers visualized arenas of positioning particularly in the domain of industry 4.0-automated industrial amenities wherein localizing parts and devices tends to be difficult. Earlier work has portrayed that there is a possibility of utilising microwave radiation to view through walls though the team at TUM have developed a new system which enables them in creating an image of the total space through holographic processing of Wi-Fi or cell phone indicators.

Creation of images through microwave radiation tends to require special purpose transmitter having large bandwidths. The very small bandwidths of distinctive household Wi-Fi transmitters operating in the 2.4 as well as 5 gigahertz bands had been adequate for the researchers with the utilisation of holographic data processing.

Bluetooth/Cell Phone Signals 

Besides this Bluetooth as well as cell phone signals can be utilised. It is said that the wavelengths of these devices tend to match to spatial resolution of a little centimetres. Philipp Holl executing the experiment commented that instead of using a movable antenna, that measures the image point by point, one could utilise a larger number of antennas in obtaining a video-like image frequency.

Future Wi-Fi frequencies like the proposed 60 gigahertz IEEE 802.11 standard would enable resolutions down to the millimetre range. The notion of treating microwave hologram such as optical images permits the microwave image to be joined with the camera images.

 The extra information removed from the microwave images could be implanted in the camera image of a smart phone for instance in tracing a radio code which may be attached to a lost item. However the scientists are only at the commencement of the technological improvement

Friday, 24 March 2017

The Spy Device in Your Pocket

mobile phone

Well-known Smartphones/Televisions – Remote Spying Devices

Volatile claims done by WikiLeaks recently stated that the CIA have the tendency of turning well-known smartphones as well as televisions into remote spying devices, emphasizing how unwitting consumers have enabled their passion for electronics in making them susceptible to concealed scrutiny.

According to Tyler Cohen Wood, former senior U.S. intelligence office, states that `it is a boon for the good guys as well as the bad guys. There is just so much information which is out there and everywhere one goes, our politics, when they are at home or not, their health, their pattern of life is out there which is owing to these devices’.

The accusations made by WikiLead along with the releaseof thousands of documents, claimed to be robbed from the CIA, has not been confirmed though officials state that they seem to be reliable.Presuming the accuracy of the documents, the leaked documents draws attention to how the consumers have unknowingly made themselves susceptible to hacking via the widespread utilisation of smart mobile devices. For the past 10 years, smartphones had overtaken the consumer electronic market. As per a research of November 2016, by the Pew Research Centre, around 77% of the people in the U.S. now tend to be in possession of a smartphone.

Procedure Enabled CIA Evade Encryption

This is a noticeable increase from 2011, when about 35% of the Americans had owned a smartphone. WikiLeaks had claimed that CIA spies had 24 exploits for smartphone which had been controlled by Android operating system of Google together with various exploits for iOS operating system ofApple.

The procedure seems to be further than wiretaps together with spooks probably with the ability of secretly activating the microphone on the smartphone or smart TV without any clue to their target. Moreover WikiLeaks also claimed that the procedure enabled the CIA to evade the encryption of WhatsApp, Signal, Telegram, Wiebo, and Confide together with Cloackman by hacking the smartphone which they tend to run on, collecting audio as well as message traffic before applying the encryption.

Apple had mentioned in a statement to ABC News that `while their initial analysis indicated that many of the issue leaked were already patched in the updated iOS and that they would continue to work to address any identified vulnerabilities rapidly.They would urge customers to download the latest iOS in order to ensure that they have the most recent security updates.

Spy Software Capable of Scooping Messages

After the original publication of this, the Director of Information Security and Privacy at Google, Heather Adkins had mentioned in a statement to ABC News that as they had reviewed the documents they are confident that security updates as well as protections in Chrome and Android have a tendency to shield users from several of these alleged susceptibilities.

 Their analysis seems to be on-going and they would implement any future essential protections. They have always made security a top priority and would continue to invest in their defenses’. As reported in August by ABC News, cybersecurity researchers had found at the time three main weaknesses in the operating system of Apple iPhone which had affected users all over the world, provoking the software company to release a security update. In that case the spy software was capable of scooping up messages of any number of apps inclusive of encrypted chat applications such as WhatsApp due to its sophistication.

Tuesday, 28 February 2017

Stop Charging Your Phone in Public Ports

charger
Credit:Selena Larson, CNN
As the time period of smartphones increases, its battery begins to retard. First 1 year is very enjoyable; when you are just required to charge your phone only once a day and get all the privileges all throughout of the day. In the beginning the battery even stays for two consecutive days if you do not use your phone very frequently, but as time passes you get to experience a huge lot of problems related to your phone, especially your battery.

It generally happens that when you forget to charge your phone completely, that very day you end up with an emergency when your battery runs out and you are forced to take the help of some unknown source to charge your phone, but this alternative can turn out to be very risky. Recent discoveries have been made where a different kind of scamming was discovered. The public plug-ins that are available on roads, railway stations or hospitals can turn out to be your major enemy in lieu of the benefit of charging.

The hackers are inflicting this public USB ports with some hacking device, which as soon as you connect your mobile with these ports in order to get the battery charged immediately all your information gets copied on the other side. In this world of digitalization, cashless society, paytm, mobicash all your data are mainly saved on your phone because with the help of your smartphones you avail these benefits and the data remain on your phone.
You know that this datas includes all your personal details related to your bank account details and if any scammer gets hold of it you will feel to get penalized without any mistake of yours. Just your casualty will force you to face several consequences.

This whole process involves many technicalities where as you plug in your phone into an unreliable source, your device gets infected, just like your phone gets inflicted by virus when you unknowingly visit unauthorized sites. In this case also the problem is the same by connecting your phone into a public outlet your data gets compromised.

Drew Paik who belongs to a security firm known as authentic8. This Authentic8 develops Silo, which is a high defined security browser that safeguards all the activities related to web.

Remember, the cord that you use to charge your phone is also used to share data from one phone to another. So, you can well imagine that when you plug in the cord to an infected socket what can the consequences be. If the port is truly hacked by the hackers then you cannot even imagine that to what extent they can draw your data.

The easiest way to charge your phone will turn out to be the biggest mistake of your life. So, never connect your phones to this public ports this can lead to serious consequences; you might have to face such problems that you didn’t expect to come across ever in your life.

Monday, 9 January 2017

Code Associated with Russia Hacking Found on Vermont Utility Computer

Russia Hacking
Hacking of the Russian campaign which dubbed Grizzly Steppe was discovered by the Obama administration and they found that the code associated with the hacking was found on a laptop that was associated to a Vermont electric utility computer but was not connected with the grid.

The Burlington Electric Department said that they took immediate measures in figuring out the laptop by issuing alerts everywhere for its detection. They even assured that their officials are working over it to stop any further infiltration of the utility system by tracing the malware.

The Burlington Electric Department said, that the Department of Homeland Security have discovered a malicious code in Grizzly Steppe, which needs to be decoded. After this discovery they without wasting any time scanned all the computers in their system to locate the malicious software. The infected code was figured out in one of the Laptop which was of Burlington Electric Department and wasn’t connected to the organization’s grid system.

The detected malicious code was intended to have resulted from a comparatively less hazardous episode, due to visiting a website related to certain queries or questions. One of the team working with the concerned problem said that the Russian hackers might not have been involved directly in this case. The exact date of the incident is yet to be detected.

President Barack Obama issued an order where he expelled 35 Russian spies and passed ordinance on two Intelligence Agencies of Russia regarding their involvement in hacking U.S political parties in the election of 2016 presidential chair.

A declaration was passed after the Washington post where it was reported that the hackers of Russia infiltrated a Vermont utility. The government and the officials of utility industry judiciously monitored the nation’s electrical grid on a regular basis because it is all immensely computerized and any malfunctioning might lead to severe disruptions in the functioning of services related to any emergency or medical aid.

One of the senior most official of the administrative department under President Obama declared that all defenders of several networks based in United States can defend themselves against the unauthorized activity related to cyber crime by Russia.

No immediate response towards the request was answered by the Department of Homeland Security. The officials investigating with the case considered the incident as a minor one that on the long run did not lead to any disastrous results. But still they are alert and extremely critical regarding any disturbances that might occur by the disgraced action of the Russians in the field of cyber activities.

The officials have become entirely serious and have kept a strict watch eye on the Russians to avoid further malicious implications from their end. They have traced the infiltrated code and has successfully managed to bring it under control by taking in much advanced technologies and government aided campaigns in the space of cyber crime.

On a positive note Russia is justly held responsible by the U.S. officials for enabling them to develop such a highly intensive security measures to restrict any further hacking

Friday, 23 December 2016

Hackers Could Take Control of a Plane Using In-Flight Entertainment System


hacking
A major vulnerability has been found in the in-flight entertainment system which can be worked upon by the hackers to take control over the aircraft. The vulnerable in-flight entertainment systems were mainly found in some of the major airlines which include Virgin, Emirates and Qatar. The security hole has been effectively found in the Panasonics branded Avionics which is a in-flight system used in planes across 13 major airlines in the world. This would result in not just taking cover the flight but it will result in leaking passengers’ information. However Panasonic has simply denied any possibility of inflicting damage or causing safety alerts with its in-flight systems.

A reputed researcher sheds light on the vulnerability

A researcher named Ruben Santamarta stated that the vulnerability found in the in-flight entertainment system is a grave concern for the safety of craft and the passengers alike. He further elaborated that hijacking the in-flight system which lends the ability to the hackers to make changes in the critical information related to the altitude and location.

They can even control the cabin lightening and along with possibility of hacking into the announcement system. When all these factors are taken into the question then it will result in a paranoid and hugely unsettling experience for the passenger. In short whether the hackers indulge in driving the aircraft haywire or not but it will certainly end in a traumatic journey for the passengers.

A possible loss of financial details is also under play if a hacker gets into the flight system. They will be able to do away with the credit card details of the frequent fliers which are stored in the automatic payment system. Depending on the security level imposed on the aircraft system hackers might get access to the aircraft’s controls which are an area of huge concern.

How much damage can be inflicted on the plane? 

The real extent of damage which can be inflicted on the plane by making use of this vulnerability to dependent on the security designed for the craft. The more the internal systems are isolated from one another the lesser will be the damage. If passenger entertainment system isn’t connected with aircraft control or passenger device then the damage will be limited but it isn’t the case always.

Rube therefore offers a piece of advice as well as warning to the airlines to remain vigilant with the behavior of their in-flight systems and ensure that it remains aloof from the critical aircraft’s control. Panasonic was alerted in 2015 about the vulnerabilities in its in-flight aircraft system in Mach 2015 by IOActive.

This means Panasonics had enough time to fix all the problems associated with its in-flight but Panasonic failed to do so which allowed IOActive to public with the information about vulnerability. Panasonics has defended itself by releasing a statement where it maintained that the information offered by IOActive is inaccurate and misleading and based on ‘theoretical’ assumption.

Saturday, 3 December 2016

Why Light Bulbs May Be the Next Hacker Target

Smarthome

Smart Light Bulbs – Wireless Fault - Hackers Take Control


Supporters debate that the Internet of Things provides several benefits like energy efficiency, technology convenience that can anticipate what one needs and also reduce congestion on the roads. However, placing a cluster of wirelessly connected devices in one spot could be tempting to hackers and would enable them to spread malicious code via air, just like a flu virus on a plane. Researchers had reported in a recent paper release that they had discovered an error in a wireless technology which is generally included in smart home devices like lights, locks, switches, thermostats and several of the components of the smart home of the future.

According to researchers at the Weizmann Institute of Science near Tel Aviv and Dalhousie University in Halifax, Canada, they focused on the Philips Hue smart light bulb and discovered that the wireless fault can permit hackers in taking control of the light bulbs. It may not sound like a great deal. But considering thousands or even hundreds of thousands of internet-connected devices in close proximity and the malware that is created by hackers could spread among the devices on compromising with just one of them.

Popular Websites Experience Outages/Interruption


Moreover they would not need to have direct access to the devices to pollute them. The researchers were capable of spreading infection in a network within a building by driving a car 70 metres away. The hackers had briefly denied access to complete chunks of the internet recently, by developing a flood of traffic which had overwhelmed the servers of a US company known as Dynthat assists in handling key components of the internet.

 Pinterest, Twitter, Reddit together with PayPal were down for most part of a day since their domain name provider, Dyn had been compelled to be offline. It had also resulted in popular Australian websites like ANZ, Coles, The Daily telegraph; Ebay, NAB, 9News and many others, to experience outages and interruption. Security experts are of the belief that the hackers discovered the horsepower essential for their attack by gaining control of a range of internet-linked devices.

Password Partially Blamed for Attack


However the hackers did not utilise the system provided in the report that had been released recently. A Chinese wireless camera company had stated that weak passwords on some of its products could be partially blamed for the attack. Although it had not been the first attempt hackers had utilised the Internet of Things to control an attack, the measure of effort against Dyn had been an eye opener to users who had not realized that the impact of internet-linked things joined in daily life would foresee new risks.

A widely respected cryptographer, Adi Shamir who assists pioneer modern encryption methods and is also one of the authors of the report, had commented that `even the best internet defense technologies would not stop such an attack.The new risk is said to come from a little-known radio protocol named ZigBee which had been developed in 1990s.

 ZigBee is a wireless standard which is used extensively in home consumer devices. Though it has been presumed to be secure, it has not been held up for scrutiny of the other safety methods utilised across the internet. The researchers had discovered that the ZigBee standard could be utilised in creating a computer worm to spread the malevolent software in devices which were internet-linked.

Friday, 25 November 2016

iPhone Video Bug Crashes Any Apple Phone


iPhone Video Bug
Ever wondered that playing just a simple .mp4 video file may crash your iPhone? Well, reports say that a malicious video file is being circulated online via Safari in the form of a link. Once the file is opened, a video starts playing but after about 30 seconds, the phones become sluggish until it stops working altogether. First reported by EverythingApplePro, the video is of a person standing beside a bed and the word ‘Honey’ pops up on the screen. Initially the phone works fine but slows down till it crashes. The video file may be corrupted or infected with a virus and produces the same result even if the complete video is not played. Till now, it is unclear about what exactly is causing the iPhones to malfunction.

The Victims

All versions of iOS seem to have been affected. Even older iPhones running on i0S 5 are showing same results when the video is played. On the beta version of the iOS 10.2 it even pops up the spinning wheel which is indicates that the device is being turned off. Apple now has to deal with this issue and hope it gets fixed in the next update. On the other hand, Android and Windows phones are unaffected by this bug.

Protect Your Phone

Do not open any suspicious link until and unless you trust the sender. Clicking on such links may download malware and other unwanted applications on your device. Consider the following tips to secure your iPhone from hackers.


  • Use the fingerprint sensor or a PIN every time you access your device. 
  • Turn off ‘Simple Passcode’ in your phone settings which will allow you to set a strong password comprising of numbers, upper and lowercase letters and symbols. 
  • Self-destruct feature on the iPhone wipes all the data if someone tries to hack your phone and has entered a wrong PIN 10 times. 
  • Turn off unnecessary app permissions to enhance your privacy. 
  • A glance of all the notifications on the home screen comes in handy. However they may sometime contain sensitive information and it’s better to turn them off. 
  • Do not use AutoFill on Safari. It is tempting to save your personal information on your web browser so that you don’t have to enter it over and over again. But if your phone is in the wrong hands, you may end up in trouble.
Are you a victim? Here’s how you can fix your phone

You can fix your iPhone with a Hard Reset if it has stopped working. All data will be lost but it brings your device back to life. You can hard reset your iPhone using the following steps:

  • Press and hold the home button and the power button at the same time for about 10 seconds 
  • Wait for the Apple logo to appear 
  • Release the buttons
Use the decrease volume button and the power button in case of an iPhone 7 and your phone will boot up normally.

Malware is Making ATMs 'Spit Cash'


atm
We all know our ATM passwords and have vowed to carry this little secret to our grave because that is sufficient to keep our money safe. What if multiple people withdraw money from your account from several ATM machines even after not knowing your password? No, I’m not talking about a video game. You may now curse the genius hackers, but all of these things are now possible in real life.

Recently, a cyber security firm from Russia has warned about a series of coordinated hacks on the ATM machines. The centralized system of the bank was hacked thereby leading to disgorge of money from several ATMs without the instant knowledge of the bank officials and the account holders.

THE HACKER HITS THE JACKPOT

The activity is conducted by using a program dubbed by Cobalt, an infamous hacker group, to gain access to the bank accounts and in turn, the ATMs. The process has been named “touchless jackpotting”. The machines are not physically tampered with. This is done by penetrating a testing tool into the bank computers and then infecting them with malicious emails for accessing ATM controller servers. All that some accomplice has to wait in the appropriate ATM booth at the right time to collect the money oozing out of the ATM machine.

THE SMART BANK ROBBERS

In earlier days, the hardware based method of robbing where the card information was stolen, was more common. The new method that includes hacking is however much more dangerous because it is actually a smart way to rob a bank, where groups of ATMs are infected simultaneously. So, this method brings twice the money than the old way could, into the sinner’s pockets, that too in a shorter time and with lesser chances of going behind the bars.

TRACE THE MONEY

The key to solving any financial hacking is following the money. However, this is very difficult in this method because the money is collected in person from different ATM booths. The information of the hack is known only after the money has been withdrawn from the ATMs. Even if the cybercrime police hold links to gain information about Cobalt, they can hardly ever get fortunate enough to turn up at the specific location on the specific time. Moreover, the money mules often do not know the hackers as the hackers may not have met them in person .So even if they get caught; it is very difficult to catch the masterminds behind the entire play.

CAN THE MONEY BE SAFE AGAIN? 

The Cobalt group might have joined hands with other big groups of hackers like Buhtrap to raid the ATMs of 14 countries so far, that includes Poland, Spain, Britain, Russia, Romania and Netherlands.

The banks can place their ATM machines under the full view of a security camera and with security personnel at the doorstep so that the money mules can be caught easily. The bank employees must be trained to look for any suspicious threats.

Till then, all you can do is protect your ATM password!

Tuesday, 1 November 2016

If the US Hacks Russia for Revenge, That Could Lead to Cyberwar


CIA
After Russia took claim of a recent upon the US government in the cyber field CIA wishes to send a message back by indulging in similar response. Russian hackers brought massive cyber attacks upon the US and try to bring huge interference during the US election through state sponsorship. CIA has a plan to bring the offensive back to the Russian by launching similar attacks which will only help worsening the relationship between the two countries.

Just last week a report was released by NBC News where it was specifically stated that CIA is actively working on the blueprints to launch one of the most covert cyber operation against Russia in near future. Few experts has suggested that CIA would be working towards leaking the letters and documents related to Vladimir in the similar fashion as Russians has released the documents related to the Clinton campaign and the Democratic National Committee.

Documents collected to be utilized during cyber attack

Retired security personnel has stated that over the years CIA has accumulated a wide number of documents and filed which can create trouble for the Russian and most importantly for Vladimir Putin. These documents basically deal with notorious dealing of the Putin and his associates in the last decade and beyond.

Ex-NSA Chief Michael Hayden has even went ahead to say that hacking foreign governments as well as political happens to be the past time of the CIA. Currently the relationship and atmosphere surrounding these two countries has become quite similar to the Cold War era but instead of a nuclear war threat of an impending cyber war looms in the air. Obama is going out of the office in November but even that has not stopped him from criticizing Putin in this regard.

It might even happen that all these theories about CIA possessing a truckload of information on Putin is simply a story to scare off Russians from causing anymore undue damage in the cyber field. If CIA plans are real then how useful will it be against Russia is yet to be asserted. A number of security experts has stated simply releasing damaging documents against Putin will not have any impact among the Russian government though his image might take a hit globally but nothing worthwhile can come out of it in the long run.

A warning for impending cyber war

US politicians are highly susceptible to the public pressure which can even spoil their future and political career if any documents are found against them. On other Putin isn’t much susceptible to such thing but Russian can utilize its highly robust internet surveillance plan to launch attack upon the US in the cyber field if it ever feel threatened then it will go on full-fledged cyber war against US.

The international paradigms changes just a few years ago the greatest threat to US cyber security was China. China has been accused of hacking into and tens of millions of US citizen’s security review files right from the US government online databases which tend to go decades back.

Wednesday, 26 October 2016

Hackers Used New Weapons to Disrupt Major Websites Across U.S.


map
Crucial sites were difficult to reach to individuals crosswise over wide swaths of the United States on Friday after an organization that oversees vital parts of the web's framework said it was under assault. Programmers unleashed a mind-boggling operation on the internet through some devices like webcams and computerized recorders and slice access to a portion of the world's best-known sites, a staggering rupture of worldwide web dependability. Clients reported sporadic issues achieving a few sites, including The New York Times, Spotify, Twitter, Reddit, Airbnb,Etsy, SoundCloud, and Netflix. The organization, Dyn, whose servers screen and reroute web activity, said it started encountering what security specialists called a dispersed dissent of-administration assault in the early morning.

Reports that numerous locales were blocked off began on the East Coast, however, spread westbound in three waves as the day wore on and into the night. Also, in an upsetting improvement, the assault seems to have depended on a huge number of web associated gadgets without their proprietors' knowledge — with programming that permits programmers to summon them to surge an objective with overpowering activity.

The assaults were not just more regular, they were greater and more advanced. The run of the mill assault dramatically increased in size. Besides, the aggressors were all the while utilizing diverse techniques to assault the organization's servers, making them harder to stop. The most successive targets were organizations that give web foundation administrations like Dyn.

The main cause and working of the gadgets-

Jason Read, the creator of the web execution checking firm CloudHarmony, possessed by Gartner Inc., said his organization followed a half-hour-long interruption early Friday influencing access to numerous destinations from the East Coast. Dyn is a New Hampshire-based supplier of administration for overseeing DNS, which goes about as switchboard associating web activity. Krebs, whose site was focused by a comparative assault in September, said the XiongMai gadgets are basically unfixable and will remain a threat to others unless they are completely expelled from the web.

These gadgets are thusly used to make a botnet, or robot system, to send a large number of messages that thumps the out casualties' PC frameworks. The source code for Mirai was discharged on the purported dull web, locales that work as a kind of online underground for programmers, toward the start of the month.

The assault comes during an era of increased open affectability and worry that the country's establishments and framework could confront huge scale hacking assaults. The latest illustration has been the arrival of messages stolen from the servers of the Democratic National Committee, which the USA knowledge sources say was the work of Russian Federation.

The theme has come up often amid the fall's hard-battled presidential crusade. The US Department of Homeland Security and Federal Bureau of Investigation both were mutually exploring the late blackout. Dyn authorities wouldn't affirm the figure amid a phone call later Friday with correspondents.

It is too soon to figure out who was behind the assaults, however, it is this kind of assault that has US authorities concerned. They are concerned that an assault could keep nationals from submitting votes.

Thursday, 6 October 2016

Have hackers turned my printer into an offensive weapon?



list
It was just last month that is in September one of the largest net attacks took place with pinpointed a renowned OVH a French hosting firm and a blogger. This single attack is believed to have comprised of over one trillion bits of data. Both of the hacking events marked a change in the methods used by hackers who survive by breaking into websites which hold widespread data add this form of attacks is known as Distributed Denial of Service attacks (DDoS). The data was sent to the targets through and other such "smart" devices which were hijacked by the hackers.

Can I tell if my webcam/DVR/printer is attacking someone? 

Well to be honest, not easily. If you are a medium of bombarding someone else, your internet speed may slow down however it may not be noticed at times of normal browsing while it may be evident when it comes to video or music streaming or games which will lag. For those who are tech savvy, they can make use of software’s which keep a tab on the flow of data packs on their home network, however this is not easy if you are unaware of what you are doing exactly.

Could I get in trouble for letting my webcam attack someone? 

In terms of legality, you can’t get into trouble with the police however it is believed through researches that a hacker can get into your internal network through a webcam hack and keep a tab on everything else. So in such a case you have an intruder which is best if gotten rid of by taking the necessary action.

Why are malicious hackers using these devices? 

That’s because it is way easier to hack in comparison to PCs or servers and these devices tend to make use of default passwords and fail to have any kind of security software in place. And to the benefit of the hackers, there are endless numbers that stay on all day long and it is a task to both update as well as secure. In modern days it is extremely easy for hackers, they are able to target vulnerable devices and put together an army of their own to create a botnet without having to rent hijacked machines like in the past.

What kind of devices are they scanning for? 

Web-associated cameras are especially prominent however outputs are likewise being completed for advanced TV recorders, home routers and printers. All these have a fundamental processor inside that can be subverted to pump out attack packets. Brian Krebs, the blogger who experienced an assault an IoT botnet, has ordered a rundown of gadgets known to have misused his webpage with information. Large portions of the login names and passwords for these gadgets are anything but difficult to-crack. On 1 October, source code for one IoT assault was freely shared, driving some to propose that numerous more malignant programmers will now begin checking for vulnerable gadgets. This guide made by security firm Symantec demonstrates where Europe's botnets are facilitated. Turkey is home to the vast majority of the commandeered devices and PCs.

How new are these types of attacks? 

The main DDoS assaults were seen on the web in 2000. The primary influx of information bombardments was gone for betting locales which were undermined with being thumped disconnected unless they paid an expense. The greater part of those coercion endeavors utilized commandeered PCs to send information. Presently the ascent of the Internet of Things that is populated with brilliant gadgets has commenced recharged enthusiasm for these sorts of assaults. Security scientists have cautioned about the perils of unreliable IoT gadgets for quite a while yet they are beginning to be utilized for critical assaults sooner than numerous individuals anticipated.

Tuesday, 13 September 2016

Cybersecurity Student Researches How to Keep Cars Safe from Hacking

ualr

Smart Cars Susceptible to Cyber-Attacks


In 2015, a Jeep Cherokee driven by a reporter had documented how two researchers had hacked it and controlled everything from the radio and the media console of the car to its brakes and steering. For an associate professor of computer science at the University of Arkansas at Little Rock, Dr Shucheng Yu, the application demonstrated how susceptible smart cars, featuring GPS, Bluetooth and internet connections, are to cyber-attacks.

Yu remarked that these cars have become the trend of the future and there could be some very severe consequences if someone tends to hack into the car. A car can be completely controlled by the hacker if it is not secure.

Hence Yu together with his student Zachary King, a junior majoring in computer science at UALR, did some researching during summer on keeping cars safe from cyber-attacks. They operated on the project all through a rigorous eight weeks summer research program at UALR. King had been one out of the 10 college students from across the country who had been recruited through a National Science Foundation grant-funded project. `REU Site – CyberSAFE@UALR – Cyber Security and Forensics Research at the University of Arkansas at Little Rock’

Investigating & Securing Communication – Controller Area Network – CAN


According to Dr Mengjun Xie, an associate professor of computer science and director of the CyberSAFE@UALR program, the purpose of the program is to reduce cyber-attacks on individuals utilising mobile technology and social networking sites.

He states that the simple idea is to integrate cyber-security and cyber forensics research with the latest technology in mobile cloud computer together with social media in order to offer research opportunities to students. Over 130 students had applied for 10 spots wherein participants comprising of undergraduate college students with a grade point average of 3.0 or more who had been majoring in computer science, computer engineering, electrical engineering math or physics.

The selected student had to spend eight weeks conducting full time research with a faculty mentor at the University of Arkansas at Little Rock where the participants had received a $4,000 stipend, for on-campus housing, travel expenses and a meal plan. King, in his project, `Investigating and Securing Communications in the Controller Area Network – CAN, developed a security protocol in order to secure smart cars from being hacked.

Layer of Security – Safeguards CAN


Moreover he also built an experimental environment which tends to mimic the communication system in a smart car that tends to permit the security procedure to be verified through imitations.The research centres on the development of a security procedure to defend the Controller Area Network – CAN, which is an internal communication structure in vehicles.

King informs that there are several ways which hacker could control CAN. Once they gain access to it, they can control your car the way they want to. King tends to propose a layer of security wherein if an unauthorized person attempts to access it, they would not be able to control the vehicle. The security procedure safeguards the CAN in a couple of ways.

 It validates messages sent through the network by developing a validation code which enables nodes on the network to distinguish between a valid message and an assailant’s message. The second security feature shields against replay attacks whenever a hacker tries to breach the network by sending old messages repeatedly. The modus operandi utilises a timestamp in calculating when the network received the message last and verifies the freshness of the message.

Wednesday, 4 May 2016

Hackers Steal Millions of Minecraft Passwords

Minecraft

Minecraft Passwords Stolen by Hackers


Login data of more than seven million members of the Minecraft site Lifeboat has been stolen by hackers. Lifeboat is a service for determined servers and customized multiplayer games for Minecraft Pocket Edition and this data breach tends to affect customers who seem to use the service. If one has used Minecraft Pocket Edition without signing up for Lifeboat, it is ok but if one used Lifeboat, they would possibly get a message compelling them to change the password for the site in early 2015 which was because the company was aware about the hack, though it had not made the information public till recently. Lifeboat permits members to run servers for customised, multiplayer maps for smartphone edition of Minecraft.

There is confirmation that the information that is stolen comprising of email addresses and passwords is provided on site that trade in hacked data. Investigation recommends that passwords were weakly protected and hence attackers could work them out with ease. Evidence regarding the breach had been passed to Tony Hunt, independent security expert, who stated that he had received the list from someone who tends to trade in stolen identifications. Most of the people had informed him that the data had been circulating on dark net sites.

Passwords for Lifeboat Hashed – Little Security


Mr Hunt had mentioned that the data had been stolen in early 2016 though the breach had only been known, now. He said that passwords for Lifeboat accounts were hashed though the procedure utilised provided little security. Hashing is said to be a technique utilised to scramble passwords in order that they are not easily read if the data tends to get stolen or lost. According to Mr Hunt, usually a Google search for hashed password would practically provide it in an accurate plain text and people familiar in cracking tools could possibly computerize and accelerate this procedure.

He further stated that a Google search for a hashed password could quickly return the correct plain text value and well known cracking tools could automate as well as speed up this procedure. He had mentioned in a blogpost regarding the breach that a large percentage of those passwords would be reverted to plain text in a short time. He also informed that this often tends to lead to other security problems since several people re-use passwords and find out one which could lead attackers to compromise accounts on other sites. Lifeboat, in a statement provided to Motherboard, had stated that it had taken action in limiting the damage.

How to Minimise Damage to Users


It informed the news site that when this occurred in early January, they figured the best thing for their players was to quietly force password resets without letting the hackers know they had limited time to act, adding that it now used stronger hashing procedures. It also mentioned that they had not received any reports of anyone being damaged by this. Mr Hunthad been critical of the company for `quietly’ compelling the password re-set stating this policy had left him speechless.

As an alternative, he said that Lifeboat should have done more in alerting users so that they could change passwords rapidly if they used the same one on other sites. He said that the first thing which should be a priority with any company after an incident like this is `How to minimise the damage to the users’.