Home / Tag Archives: hacking

Tag Archives: hacking

With possible summit approaching, North Korean espionage hacks continue

Enlarge As North Korea’s government prepares for a possible summit with US President Donald Trump later this month, hackers working on behalf of the isolated country have continued a volley of network intrusions that target media, aerospace, financial, and critical-infrastructure companies in the US, South Korea, and other nations, researchers in private industry and the federal government said this week. On Tuesday, the US Department of Homeland Security and the FBI identified two pieces of malware North Korea is actively using against multiple organizations throughout the world, including in the US. The malware, according to a joint technical alert the two agencies published, is being used by participants in Hidden Cobra, which is the name US intelligence officials have given to North Korea’s hacking operation. Tuesday’s alert said the malware has likely been in use since at least 2009. The first piece of malware is a fully functional remote-access trojan called Joanap. It typically infects computers as a payload that is delivered by another piece of Hidden Cobra malware, and targets unknowingly download it when they visit a compromised website. The two-stage RAT lets its remote operators steal data, install new programs, and act as a proxy for Internet traffic to disguise attacks on new targets. Read 5 remaining paragraphs | Comments

Read More »

Canadian Yahoo hacker gets a five-year prison sentence

After pleading guilty in November , the Canadian hacker at least partially to blame for the massive Yahoo hack that exposed up to 3 billion accounts will face five years in prison . According to the Justice Department, the hacker, 23-year-old Karim Baratov, worked under the guidance of two agents from the FSB, Russia’s spy agency, to compromise the accounts. Those officers, Dmitry Dokuchaev and Igor Sushchin, reside in Russia, as does Latvian hacker Alexsey Belan who also was implicated in the Yahoo hack. Given their location, those three are unlikely to face consequences for their involvement, but Baratov’s Canadian citizenship made him vulnerable to prosecution. “Baratov’s role in the charged conspiracy was to hack webmail accounts of individuals of interest to his coconspirator who was working for the FSB and send those accounts’ passwords to Dokuchaev in exchange for money,” the Justice Department described in its summary of Baratov’s sentencing . Acting U.S. Attorney for the Northern District of California Alex G. Tse issued a stern warning to other would-be hackers doing a foreign government’s dirty work: The sentence imposed reflects the seriousness of hacking for hire. Hackers such as Baratov ply their trade without regard for the criminal objectives of the people who hire and pay them. These hackers are not minor players; they are a critical tool used by criminals to obtain and exploit personal information illegally.

Read More »

Drive-by Rowhammer attack uses GPU to compromise an Android phone

Enlarge (credit: John Karakatsanis / Flickr ) Over the past few years, there has been a steady evolution in Rowhammer, the once largely theoretical attack that exploits physical defects in memory chips to tamper with the security of the devices they run on. On Thursday, researchers are unveiling the most practical demonstration yet of Rowhammer's power and reach: an exploit that remotely executes malicious code on Android phones by harnessing their graphical processors. Dubbed GLitch, the exploit is the first to show that GPUs can flip individual bits stored in dynamic random-access memory. The advance gives attackers greater flexibility over previous techniques that relied solely on CPUs. It's also the first Rowhammer attack that uses standard JavaScript to compromise a smartphone, meaning it can be executed when users do nothing more than visit a malicious website. Another key innovation: on average, GLitch takes less than two minutes to compromise a device, a significant improvement over previous Rowhammer exploits. GLitch gets its name and idiosyncratic capitalization because it uses the WebGL programming interface for rendering graphics to trigger a known glitch in DDR3 and DDR4 dual in-line memory modules, or DIMMs. The term Rowhammer was coined because the exploit class accesses—or "hammers"—specific memory blocks known as rows inside a DIMM thousands of times per second. Attackers use it to alter crucial pieces of data by changing zeros to ones and vice versa. The physical weakness is the result of ever smaller dimensions of the silicon.

Read More »

New Fake Flash Player Installer For Mac Discovered – Ubergizmo

Ubergizmo New Fake Flash Player Installer For Mac Discovered Ubergizmo One of the favorite ways that we're seeing hackers try to infect Mac computers is through fake Flash installers. Basically it will create a popup that tells the user that they will need to install the latest version of Adobe's Flash Player and given ... and more »

Read More »

Unstoppable exploit in Nintendo Switch opens door to homebrew and piracy

The Nintendo Switch may soon be a haven for hackers, but not the kind that want your data — the kind that want to run SNES emulators and Linux on their handheld gaming consoles. A flaw in an Nvidia chip used by the Switch, detailed today, lets power users inject code into the system and modify it however they choose. The exploit, known as Fusée Gelée, was first hinted at by developer Kate Temkin a few months ago. She and others at ReSwitched worked to prove and document the exploit, sending it to Nvidia and Nintendo, among others. Although responsible disclosure is to be applauded, it won’t make much difference here: this flaw isn’t the kind that can be fixed with a patch. Millions of Switches are vulnerable, permanently, to what amounts to a total jailbreak; only new ones with code tweaked at the factory will be immune. That’s because the flaw is baked into the read-only memory of the Nvidia Tegra X1 used in the Switch and a few other devices. It’s in the “Boot and Power Management Processor” to be specific, where a misformed packet sent during a routine USB device status check allows the connected device to send up to 64 kibibytes (65,535 bytes) of extra data that will be executed without question. You need to get into recovery mode first, but that’s easy. As you can imagine, getting arbitrary code to run on a device that deep in its processes is a huge, huge vulnerability. Fortunately it’s only available to someone with direct, physical access to the Switch. But that in itself makes it an extremely powerful tool for anyone who wants to modify their own console. Modding consoles is done for many reasons, and indeed piracy is among them. But people also want to do things Nintendo won’t let them, like back up their saved games, run custom software like emulators or extend the capabilities of the OS beyond the meager features the company has provided. Temkin and her colleagues had planned to release the vulnerability publicly on June 15 or when someone releases the vulnerability independent of them — whichever came first.

Read More »

A look at Facebook’s month-long rollout of its fact-checking tool and its partners in Mexico, Indonesia, the Philippines, India, and Colombia (Daniel…

Daniel Funke / Poynter : A look at Facebook's month-long rollout of its fact-checking tool and its partners in Mexico, Indonesia, the Philippines, India, and Colombia   —  What started as a pilot project 16 months ago is now one of Facebook's primary weapons against fake news.  —  During his testimony to Congress last week …

Read More »

A look at surveillance companies like Area SpA, IPS, and Terrogence, which covertly infiltrate and manipulate social media (Thomas…

Thomas Fox-Brewster / Forbes : A look at surveillance companies like Area SpA, IPS, and Terrogence, which covertly infiltrate and manipulate social media   —  Forbes Staff I cover crime, privacy and security in digital and physical forms.  —  If it hasn't already been made clear by Facebook's moves to cut off AggregateIQ …

Read More »

Sources: DOJ has sent subpoenas to the top 4 US mobile carriers and GSMA association over alleged collusion to impede eSIM features for easier carrier…

Wall Street Journal : Sources: DOJ has sent subpoenas to the top 4 US mobile carriers and GSMA association over alleged collusion to impede eSIM features for easier carrier switching   —  AT&T, Verizon at center of probe into whether major carriers are making it harder for subscribers to switch providers

Read More »

RealSelf, a Yelp-like review site for cosmetic procedures, raises $40M Series B for international expansion; RealSelf raised ~$2M in 2007-2008 (Taylor…

Taylor Soper / GeekWire : RealSelf, a Yelp-like review site for cosmetic procedures, raises $40M Series B for international expansion; RealSelf raised ~$2M in 2007-2008   —  RealSelf has raised its first substantial round of outside capital to bring the cosmetic treatment review hub to users around the globe.

Read More »

UK judge sentences Kane Gamble, a teen who hacked online accounts of the director of CIA and other prominent US government employees, to two years in…

Lorenzo Franceschi-Bicchierai / Motherboard : UK judge sentences Kane Gamble, a teen who hacked online accounts of the director of CIA and other prominent US government employees, to two years in prison   —  A judge in London sentenced a British teenager who was part of the hacking group Crackas With Attitude, which targeted prominent US government employees.

Read More »

Sources: DOJ probes AT&T, Verizon, and GSMA for possible collusion in thwarting eSIM tech enabling easier carrier-switching, after complaint by Apple…

Cecilia Kang / New York Times : Sources: DOJ probes AT&T, Verizon, and GSMA for possible collusion in thwarting eSIM tech enabling easier carrier-switching, after complaint by Apple and others   —  WASHINGTON — The Justice Department has opened an antitrust investigation into potential coordination by AT&T …

Read More »