Showing posts with label hacking. Show all posts
Showing posts with label hacking. Show all posts

Tuesday, 22 March 2016

Chinese Hackers Behind U.S. Ransomware Attacks Security Firms


A group of four security firm investigating the cyber attacks on the U.S. based companies has found that most of the hackers make use of the same tactics and tools which were once associated with the Chinese government supported cyber attacks. Ransomware has become a major tool for unleashing the cyber attacks on the unsuspecting common users. Ransomware as the name suggests simply take over the control of the system and very carefully encrypts all the data stored on the system which leaves it inaccessible to the users. In order to get back the access users are required to a ransom of few Bitcoins.

Hackers tricks users into installing Ransomware

Security firms have stated that hackers use various complex and highly intelligent ways to spread ransomware by actively exploiting the vulnerabilities found in the application servers. Once vulnerability has been compromised hackers tricks users into installing ransomware on their devices. In one of the recent attacks more than 30% of the machines at transportation and a technology firm were infected with the ransomware.

The rise of ransomware over the years

Ransomeware aren’t something new as it has been in wide usage by the cyber criminals over a decade. In the beginning unsuspecting users were lured into downloading infected programs or antivirus suits which when installed happens to overtake the device and requires a ransom of certain amount in order to get back the access.

However in the recent years cyber criminals has got hand at the better encryption techniques which ensures that users wouldn’t be able to get access to their files without paying the ransom. Formatting the devices is a great way to do away with the ransomware but it comes at the cost of losing all the data associated with device. Ransomware payments are mainly made in the virtual currency Bitcoin which offers secrecy from governmental agencies and others.

‘Mind’ game behind ransom

Ransomware happens to be one of the most successful tools of the cyber criminals as a greater percentage of infected users end up in paying the modest ransom amount for their inaccessible data. Cyber criminals usually set a modest price as a ransom in order to give back the access to the users. Most of the victims are willing to pay this amount in order to get back their data and it also results in getting positive response in the online sphere. Assume a victim pays about 1 or 2 Bitcoin which amounts to $600 and he gets back the access to its data and he give a feedback on the online forums that he was relieved to get access to data finally after paying then ransom operators. In short all the other victims searching for this malady online will be more willing to pay on basis of this feedback.

On other hand security firms have warned victims that paying ransom will only end up in making cyber criminals much more ambitious. Very soon they will shift from asking ransoms of few Bitcoins to performing some complicated scams and credit card theft as well.

Thursday, 8 October 2015

Global Nuclear facilities 'At Risk' of Cyber-Attack


Cyber-Attacks on Nuclear Power Plants on the Rise

According to a report, the danger of serious cyber-attack on nuclear power plants across the globe is on the rise. It has stated that civil nuclear infrastructure in several nations are not well equipped to defend against such outbreak.

 The report had mentioned that most of the control systems for the organization were insecure by design due to their age. Circulated by the influential Chatham House committee, the report considered cyber defences in power plants across the world over an 18 month period. It stated that cyber criminals, state sponsored hackers as well as terrorists were increasing their online activity which would mean that the risk of a significant net based attack would prevail.

 This kind of attack on nuclear plant though on small scale or unlikely, should be taken seriously due to the harm which would follow if radiation was released. Besides, it is said that even a small scale cyber security instance at a nuclear facility would lead to a disproportionate effect on public opinion as well as the future of the civil nuclear industry.

Research, unfortunately carried out for the study indicated that the UK’s nuclear plants and the related organization did not seem to be adequately protected or prepared due to the industry being converted to digital systems recently.

Increase in Digitisation/Growing Reliance on Commercial Software

Increase in digitisation and growing reliance on commercial software is giving rise to the risk that the nuclear industry tends to face. There seems to be a `pervading myth’ that computer systems in power plants were isolated from the internet due to which, they were immune to the type of cyber-attacks which has evaded other industries.This air gap between the public Internets and nuclear system seems easy to breach with `nothing more than a flash drive’.

It observed that the destructive Stuxnet computer virus infected Iran’s nuclear facilities through this route. The researcher also came across virtual networks together with other links to the public internet on nuclear structure networks.

Some of these seemed to be unknown or forgotten, by those in charge of these organisations. Search engines which had hunted out critical structures had indexed these links making it easy for attackers to locate ways in to networks as well as control systems

Security with Cyber Security – Priority for Power Station Operators

According to chief executive of the Nuclear Industry Association, Keith Parker, he states that `security inclusive of cyber security is an absolute priority for power station operators. All of Britain’s power stations are designed with safety in mind and are stress tested to withstand a huge range of potential incidents. Power station operators tend to work closely with national agencies like the Centre for the Protection of National Infrastructure and other intelligence agencies, to be aware of emerging threats always’.

He added that the industry’s regulator continuously monitors plant safety to protect it from any outside threats.The first international conference with regards to cyber threats facing plants and manufacturing facilities was held in June this year by the International Atomic Energy Agency.

 Yukiya Amano, director of the IAEA had informed during the conference, that both random as well as targeted attacks were directed at nuclear plants. In a keynote address to the conference he commented that `staff responsible for nuclear security needs to know how to repel cyber-attacks and to limit the damage should the system be penetrated.

Thursday, 24 September 2015

How it takes just 15 minutes of web tuition for anyone to hack into your email


Email Account Hacking – Easier & Faster

According to latest study, email account hacking is easier and faster than expected and takes less than 15 minutes. A group of volunteers comprising of TV producer, a retiree, a self-employed baker managed to learn the technique of hacking into someone’s account within a span of about 15 minutes.

 The group with limited knowledge of technology followed online tutorial utilising a man in the middle concept to hack into a computer network to gain each other’s login information. The controlled classroom trial led by Life assistance company CPP Group Plc involved helpers with a 14 minute lesson made available freely online.

Through this they were capable of downloading hacking software which enabled them to gain access in login details as well as passwords for email accounts, online shopping accounts and social networking sites within a few minutes.

There seems to be more than 20,000 videos online, coaching users on how to hack social media profiles, email, PayPal accounts and smartphones and the internet’s potentials in hosting hacking tutorials seems to be unchallenged. It has been observed that over seven million people have been the victims of their online password protected information accessed without their permission

Government to Take a Stronger Stand on Online Hacking Tutorials

Many users have had their personal emails hacked with around 19% stating that their eBay accounts have also been hacked.Accounts of social media users were also not spared from being hacked too, with 16% informing that their social networking profiles had been tampered into and around 10% have had their money or a loan taken on their behalf. With the increase in several public Wi-Fi networks as well as smartphone with inbuilt Wi-Fi connections in the last few years have given rise to opportunities for hackers with this type of crime the capabilities which would tend to increase in due course of time.

Most of the people are aware that the online hacking tutorials prevail with several others agreeing that this type of coaching need not be made available to online users, which would be creating a lot of inconvenience to the victim and beneficial to the culprit.

More than half of the people desire that the governments should take timely action in eliminating these hacking tutorials from the internet. The CPP has been advising people to take necessary action in protecting themselves from these online hackers wherever possible and are also influencing the government to take a stronger stand on, online hacking tutorials.

Bring Awareness on Risks Involved

Michael Lynch, the firm’s identity fraud expert had commented that `the recent Sony security break which had seen a hacker gaining access to the personal data of over 100 million online gamers, that included the people in Britain, has portrayed the increase and widespread danger, hackers tend to pose to consumers as well as businesses.

It is essential to bring about awareness on the risks involved so that adequate steps in the protection of their identities and safeguard their personal data from the hands of these hackers. The technique shown in the live session indicate that these hacking skills could be applied within a few minutes and hence it is critical for consumers to take timely action and protect their data from these hackers.

They use the man in the middle hacking technique which works by the hacker interrupting communication between two users or what an individual is viewing on the internet and as the user logs into their online account, their username as well as password appears also on the hackers’ desktop enabling him to store the information and access the account immediately on some time later.

Monday, 24 August 2015

Thousands of Cars Vulnerable to Keyless Theft, According to Researchers


Cars at Risk of Electronic Hacking

According to computer scientists, thousands of cars inclusive of high end-marques like the Porsches as well as the Maseratis are at risk of electronic hacking, since the research has been stifled for two years by court injunction for fear that it would help thieves to steal vehicles to order. It emphases a weakness in the Megamos Crypto system which is a kind of technology utilised by big manufacturers like Audi, Fiat, Honda, Volvo and Volkswagen.

It is invented to avert a car engine being started without the presence of a keyfob which contains the accurate radio frequency identification chip. Nevertheless, researchers at the Birmingham University and Radbound University in Nijmegen, the Netherlands are capable of intercepting signals that are sent between the chip and the car.

Listening twice enables them to utilise a process of reverse engineering, by using a commercially available computer programmer in order to identify the secret codes that are used in starting the car. According to Director of Cyber Security at the University of Warwick, Tim Watson who told Bloomberg that `it is not a theoretical weakness, it is an actual one it does not cost theoretical dollars to fix, it costs actual dollars’.

Publication Ban Denied Public Crucial Information

In 2012, the flaw had been identified by the researchers though Volkswagen won High Court injunctions in the prevention of its publication one year later. The motoring giant had commented that the work of Flavio Garcia, at Birmingham University and his two Dutch colleagues would allow someone especially a sophisticated criminal gang with the right tools, to break the security and steal a car’.

In reply, the researchers had debated that a publication ban denied the public crucial information with regards to security of their vehicles. Eventually they could reveal their results at the Usenix Security Symposium in Washington at the weekend with a sentence redacted.

`Dismantling Megamos Crypto: Wirelessly Lockpicking a Vehicle Immobiliser’, their paper, gives a description on how they began their research while police state that they were perplexed by the rising numbers of `keyless car theft’.

Chip System to Be Changed

The research had been published on the ground that the ban should block all essential information from the knowledge of the public. According to the Metropolitan Police, around 6000 vehicles seemed to be stolen without keys last year, half of which were all thefts.

The paper concluded that `the implications of the attacks portrayed in the paper were particularly serious for those vehicles having keyless ignition. At some point the mechanical key had been removed from the vehicle though the cryptographic mechanisms had not been strengthened to compensate it.

 It is recommended that the chip system be changed to one which could include a random number generator and thus make it difficult to use intercepted transmission in order to break the codes.

Monday, 10 August 2015

Watch Out for These Serious Mac Attacks

Apple’s esteemed line of Mac devices are about to go through troubled times with the emergence of new age advanced bugs and glaring loopholes in Apple’s operating system. Security researchers had unearthed a new kind of vulnerability in the Mac devices, which allows the hackers install devious ad-wares like VSearch without even requiring the password. VSearch is a notorious malware, which infects the Mac devices with numerous pop-up ads and redirects the users to different search engine whenever they try to use Google.

VSearch bug reported earlier by vigilant security researcher

A German security researcher named Stefan Esser had made this bug public earlier this week. It should be noted that the generally accepted protocol is to inform Apple about the new bug discoveries not to disclose it to the public and cause a furor. Some of the hackers had already taken advantage of this bug found by the German researcher. They had actively used this newfound vulnerability to attack Macs devices as said by a security company named MalwareBytes in their blogpost.

How this bug works and how it can be neutralized?

This bug is designed to effectively take advantage of the Mac OS X 10.10 (Yosemite) features that determines which programs are allowed to make changes on the computer without the need of password. Yosemite makes a list of those programs and keeps it hidden in a file named Sudoers. However, this bug allows the malware to get listed in the Sudoers file which simply means that the malware gets the capability to install any in any part of the OS without users approval via password.

Esser had provided a fix to solve this malware issue. It should also be noted that next patch for the Yosemite will include the bug fix because even Apple about this vulnerability for a while.

Another deadly bug, which take over the control of Mac device

Another group of security researchers had found a more threatening bug, which has the ability to take permanent control of the Mac device. Users can effectively get rid of most vicious malwares by reinstalling the operating system but this new vulnerability in Mac devices turn the game away from the users. Using this particular vulnerability hacker can easily install the malware directly in the computer’s firmware, which is responsible for booting up the computer.

A team of researchers had developed this worm and named it Thunderstrike 2 which can easily take the advantage of this security flaw in Mac deices.

This worm can be installed on the computer just like any other malware where people happen to click on wrong links or fails to the ploy of phishing scam. Once installed this malware takes a nastier turn and keeps looking for the devices connected to Mac in order to load them with worm. Other users when uses the same infected Ethernet adapter happens to get their Mac devices infected too. This bug has not been fixed till now by the Apple.

Saturday, 8 August 2015

U.S. Researchers Show Computers can be hijacked to send Data as Sound Waves

With the dawn of technology, crimes have shifted accordingly to target the wide array of electronic gadgets, most of which are sitting ducks to any sophisticated attack. Such has ben the case of “Funtenna” by Ang Cui, a recent PhD graduate from Columbia University. This demonstration of sorts shows the situation that we might have to face on a larger scale in future. What is this “funtenna” ? Well, for starters, imagine your printer, which is supposed to print your documents, secretly transmitting data wirelessly over air without using WiFi or traditional radio channels. Sounds absurd? Well that is exactly what has happened. But before going in to the details, let us understand the basics behind all the cruft in there.

A basic primer

All digital electronic device use electrical signals to work. These signals are manipulated and in case of digital ones, between two voltage levels, they oscillate. These eletrical signals are carried through by conductors which generate small EM signals as well as a side-effect. Now, communication today uses such varying EM signals (modulated signals) for the process. Thus with sufficient effort, one can, in theory, use these stray EM signals to transmit data which can then be picked up by an attacker. Imagine a confidential document sent to print and the printer silently transmitting all the contents to an attacker. Scary!

Diving into the details... 

Cui, with about 4 lines of code, injected to the embedded firmware of the printer, can program it so that it can transmit data using these stray EM signals. But there range is so short that it is almost useless. This is where the cleverness comes in – in order to generate waves which can transmit information, they need to be sufficiently powerful and this is done by switching the states of the digital electronic circuitry at variable frequencies to generate the carrier waves which can then carry the modulated signal which has the actual information. Though Cui’s current demonstration can only beam the information to a few metres, he predicts that the range can be increased to more than 30m and the signals can even penetrate reinforced concrete walls.

The possible ramifications

With the age of Internet-of-Things dawning upon us, such an easy hack could prove to be a tremendous security hole which can be hard to plug. Since the medium of transport is not something monitored (its not WiFi or over wires), The trick performed was on a cheap laser printer and thus implies that anything with an embedded computer can be used in this attack renndering all the connected devices to emit information to attacker at will. This calls for stricter rules and better electronic components. Such leakage can be stopped but will come at a price hike. EM sheilding can be done with metal cages but may not be feasible always and might need better methods.
The funtenna experiment by Cui demonstrates basically that with persistence and ingineuity, almost all digital electronic device can be used to transmit information in secret without being detected. With the IoT age upon us, we need to significantly step up our security game or it maybe too late...

Friday, 7 August 2015

Privacy Analysis Shows Battery status API as Tracking Tool

Most of the Smartphone nowadays contain a feature which is essential to their usage i.e. battery status. A HTML 5 coded Battery analysis API is found to have major flaws in it which is leaving the privacy vulnerable. The flaws in the battery status API are extremely threatening and need to be resolved at the earliest.

The flaw mainly resides in the battery status API of most of the Smartphone. The set of protocols set in HTML5, which is the current language of the internet. This API unknowingly provides a web browser like Google Chrome and Firefox regarding the sensitive information of the Smartphone. Later on, this API also helps in activating a power saving mode which helps the Smartphone users in making more out of their devices.

How severe is the flaw?

Battery Status API has the capability to extract and pull several pieces of information related to the device’s battery, which includes the battery level, charging times along with discharging time. When this data is combined together it helps in creating a digital fingerprint of the device and it can be used by the potential attackers for tracking the activities of the users on the internet.

Recent studies on battery status

A recent study was conducted by the four researchers from France and Belgium on the battery status API. The research paper has been titled “The leaking battery: A privacy analysis of the HTML5 Battery Status API”. The researchers have concluded that the Battery Status API can serve as a potential tracking identifier when it is used in the hands of the notorious trackers.

The study had showed that HTML5 Battery Status API secretly enables the websites to access the battery state on any device ranging from the mobile device to laptops. Most of this information related to battery is extracted from the devices without the knowledge of the users. This API is extremely dangerous to the protection of the privacy, as no permission is required by the API to send out the details.

This study had even showed that when this API is implemented by Firefox Browser it happens to enable the fingerprinting and tracking of devices in short time intervals. Same results were found by the researchers on other popular web browsers like Chrome and Opera. The only web browser which possesses strong measures of defense against fingerprinting by the Battery Status API is Tor Browser. This particular web browser simply initiates a procedure, which completely disables the API and stops it any fingerprinting attempts.

Private browsing can’t stop Battery Status API

Most of the people nowadays use private browsing in order to maintain their privacy online but Battery Status API can still allow the attackers to track the online activities through battery data. A script used by the Battery Status API can help in tracking the people who had already deleted their browsing data. This script even reinstates the identifier such as cookies without the knowledge of the users. This study is conducted with the hope of identifying the glaring loopholes and flaws in the Battery API and to draw people attention towards its effects.

Wednesday, 29 July 2015

Car Hack Uses Digital-Radio Broadcasts to Seize Control


Car Infotainment System Vulnerable to Hack Attack

According to a leading security company, most of the car infotainment systems tend to become vulnerable to a hack attack which could probably put many lives at risk. NCC Group had stated that the activity could be utilised in taking control of a vehicle’s brakes as well as the other critical systems.

BBC had been informed by the Manchester based company that it had generated a way of carrying out the attacks by sending data through digital audio broadcasting – DAB, radio signals. This coincides with news of a related flaw by two US researchers. Chris Valasek and Charlie Miller had shown Wired magazine how control is overtaken of a Jeep Cherokee car by sending data to its internet connected entertainment as well as navigation system through a mobile phone network.

Chrysler has also released a patch to address the problem but NCC’s work that has been limited to its lab indicated a broader issue. UK’s Society of Motor Manufacturers and Traders have replied stating that the car companies, `invest billions of pounds to keep vehicles secure as possible’.

Infotainment Systems Process DAB Data for Text & Pictures - Dashboard

Part of its technique had been demonstrated by NCC to BBC Radio 4’s PM programme at its office in Cheltenham. Andy Davis, the company’s research director had used relatively cheap off-the-shelf gears that were connected to a laptop and created a DAB station. Since infotainment systems process DAB data in displaying text and pictures on car dashboard screens, an attacker could send code which could enable them take over the system and once the infotainment has compromised, an attacker could possibly utilise it as a means of controlling more critical system which could include the steering as well as the braking.

Based on the power of the transmitter, Davis states that a DAB broadcast could enable attacker in affecting several cars at once. He further added that `as this is a broadcast medium and if there is vulnerability in a particular infotainment system in a specific manufacturer’s vehicle, on sending one stream of data, one could attack several cars at the same time. An assailant could perhaps even choose a common radio station in broadcasting over the top of, to ensure that they have reached the maximum number of target vehicles’

Modern Cars – Computer Networks on Wheel

Mr Davis had refrained from publicly identifying which of the specific infotainment system he had hacked at that point. Modern cars, in several ways are computer networks on wheel. Mike Parris of SBD, which is another company that concentrates in vehicle security, stated that modern cars usually comprises of 50 interlinked computers that run more than 50 million lines of code and that by contrast, Davis had commented that a modern airliner has around 14 million lines of code.

Such a kind of technology enables the latest cars to carry out automatic tactics, for instance, a driver could make the vehicleparkparallel at the touch of a button.He also said that he had faked his DAB based attack only on an equipment in his company’s buildings since it would have been illegal as well as unsafe in doing so in the outside world.

However he added that he had earlier compromised a real vehicle’s automatic braking system which had been designed in order to prevent it from crashing into the car before it, by modifying an infotainment system which he believed could have been duplicated through a DAB broadcast.

Friday, 10 July 2015

Hackers Unearth Major Security Flaw That Affects Adobe Flash Player

A major gaping hole is found in the popular Adobe Flash Player software used for watching videos online on a global scale. This flaw allows the attackers to take control of user’s system once they visit any malicious website.

Hackers Team which is known to create surveillance software for governmental agencies had stumbled upon this flaw when 400 GB of data was stolen from it over the weekend. Adobe had cleared all the speculations surrounding the emergence of this serious flaw and it had promised to make a fix available to all the users by Wednesday.

All You Need To Know About The Flaw In Flash Player

This serious flaw is present in the Adobe Flash Player and its earlier versions, which were released for all the major OS like Windows, Mac and Linux. Adobe stresses on the fact that this flaw can be used to cause a sudden crash and act as a backdoor for the attackers to take control of affected system.

Hacking Team had described this bug as a fascinating bug, which had come to light in as many as four years of successful running of Flash player. The severity of this flaw is extremely high and some of the hackers are already utilizing it for a long time to create undue nuisance for the users with affected systems. The internal documents also stress on the point that it can be used as a weapon on mass scale to cause considerable loss of information and high-jacking of systems on a larger scale. Until a fix or security update is provided by the Adobe it will be wise to disable the Flash Player completely in the browsers to avoid further damages.

Hacking Teams Cautions Windows Users

The data released by the Hacking Team also reveals about vulnerability in the Adobe font drivers in Windows. The flaw in Flash Player has high severity rate in both 32 and 64 bits versions of Windows OS ranging from the order XP to latest 8.1. Windows computer is at greater risk of losing control to the hackers with the presence of this flaw. For successful taking control a hacker will have to rely on other vulnerability of font driver. Microsoft is quick to give heed on this situation and they are actively working on bringing a security fix for its users.

Hackers Are Already Exploiting This Flaw

Hackers Team got a wind of this flaw after a mysterious hacker going by the name PhineasFisher started exploiting this flaw. He had already created immense troubles for many companies being serviced by Hackers Team which includes even some governmental institutions.

The detailed report furnished by Hackers Team states that its RCS surveillance software possess capabilities for monitoring activities on Skype, Gmail, Facebook and along with cryptocurrencies transactions. This can be helpful for companies and its clients in keeping a keen eye upon its employees. However European parliament is seriously debating upon the legitimacy of any such software being used by a governmental organization to snoop upon its citizens.

Tuesday, 26 May 2015

NSA Planned To Hack Google Play

There is recently a news about the US National Security Agency trying to hack the Samsung App store named Google Play and this is possible being done so that spywares can be installed in the smart phones. Released on Thursday, this media record has brought out a tremendous upraise in the US. According to the many online news sites it is being revealed that the US security has been allied with the Britain, Canada, New Zealand and Australia which is namely known as the ‘five eyes’ alliance. This is being done as per a plan in which the surveillance on Smartphones is to be kept so that the percentage of crime due to the misuse of Smartphones can be controlled to a great extent.

Further details: 

Actually this program of ‘five eyes’ is the upgraded form of the plan made by the intelligence bureau in the year 2011 and 2012 popularly known as the ‘irritant horn’. These plans have been collaborated and modified to this stage so that the NSA can actually hijack the data connections of each and every Smartphone and stealthily install the spyware in their phones so that the data exchange occurring in and out of the Smartphones can be operated properly.

The main advantage of this program is that this will help reducing the crime to a great extent. In the crime world, the main exchange f information is through the gadgets and these are mostly the Smartphones. Now while the spyware is running and any sort of misuse is detected then the two parties can be misinformed by the manipulation of the data so that the country can get saved from any sort of adversities that were being planned. These agencies actually were interested just in the Africa region namely Senegal, Sudan and Congo but later on also paid heed to the application servers of the France, Cuba, Morocco, Switzerland, Bahamas, Netherlands and Russia.

It was seen that during the planning of the program, the NSA was looking for a loophole through which they could actually hack. The chance came from a browser named UC browser that is actually a part of the Alibaba group, and from there on the intelligence bureau used the spyware on the 50 million people who used this browser to surf the net. Not only have that, through this hacking many terrorist locations can be detected with the help of SIM carded tracing.

Then again with the help of this program, it has been seen that the suspected terrorists have been caught up and invested and in this way the country will be saved from many terrorist attacks. Not only that these investigators are being totally fast paced to install spyware for the fact that more number of Smartphones can be brought under the surveillance.

Due to this hacking program, enough safety has been ensured and the commoners can do their data operations unhindered as because all the files and the data exchanges that are recorded are secured in an extremely confidential manner.

Tuesday, 21 April 2015

Hackers Who Breached White House Network Allegedly Accessed Sensitive Data

Hackers Breached White House Network

According to recent story published by CNN, Russian government hackers have breached the White House’s computer systems late last year and have gained access to sensitive details though the US officials disagree with it. The officials had stated earlier, that in October, the White House breach had only affected an unclassified network, though sources informed CNN that the hackers had gained access to real time non-public details of the president’s schedule.

 The sources also informed CNN that the hackers were the same ones who were behind a damaging cyber-attack on the US Department of State at the same time last year, which forced the department to close down its email system for an extended period of time. The connected cyber-attack on the State Department recently has been characterized as the worst hack on a federal agency. The White House is not unfamiliar to attacks from foreign spies.

 The Chinese have been associated in many high profile attacks of White House unclassified systems together with employee emails. Reports of the breach came in as government official have become more concerned with regards to cyber threats from Russia. James Clapper, FBI director informed Senate committee in February that `the Russian cyber threat is more severe than they had earlier assessed’.

Immediate Measures to Evaluate/Mitigate Activity

Ben Rhodes, White House deputy national security adviser stated that the breached White House system had no sensitive data. He informed CNN that they had an unclassified system and a classified system, a top secret system. And that they do not believe that their classified systems were compromised.

A White House spokesperson who tried to restrain the report informed that it was based on a security breach which was already revealed to the public. Spokesperson, Mark Stroh, informed the media, that this report was not referred to a new incident and any such activity was something which was taken seriously and in this case, they had made it clear at that time and had taken immediate measures to evaluate and mitigate the activity.

He also informed that as officials did last year, the US would not comment on who could have been behind the attacks. Investigating the security breaches are the Secret Service, FBI and US Intelligent agencies which according to CNN sources say were the outcome of one of the most sophisticated cyber-attacks that was ever directed at US government agencies.

Theft of Private Data – Government/Corporation/Individuals 

The recent report comes amid hacker thefts of private data related to governments, corporations as well as individuals, from sensitive emails to medical reports to financial information and possession of these data could tend to be of great importance to either enable criminal acts or assistance in government spying.

As per a senior department official, none of the department’s classified email system in the State Department breach was affected at that time though hackers used that breach to break into the White House’s network as reported by CNN.

The security researchers were under suspicion after the White House security breach was revealed in October, that hackers working for the Russian government were the cause of both the attacks according to the story of Washington Post and inspite of efforts beingmade by the State Department to safeguard its security, hackers were capable of accessing the system with the result that the network was owned for months by Russian hackers.

Tuesday, 24 March 2015

Gamers Targeted By Ransomware Virus

A computer virus has been targeting the gamers around the world. The virus has the ability to stop the gamers from playing out their favourite games unless they are ready to pay a ransom for the same. Once a machine gets infected by the virus, this cruel program has the ability to seek out the saved games and other important files on the user’s computer and go ahead with encrypting the data. Reports suggest that in order for a user or the gamer’s to unlock any of their encrypted files, they will have to be ready to pay nearly $500 (£340) in Bitcoins. This malware has the ability to target nearly 40 separate games which include World of Warcraft, Call of Duty, World of Tanks, and Minecraft.

Dark world of the web and cash: 

This malicious program is very much similar to that off the widely distributed Cryptolocker Ransomware. It is the same Cryptolocker Ransomware which has been able to target thousands of people around the world in the last few years. However post the analysis of this malicious program called as Teslacrypt, it was revealed that it bears no resemblance or code share with Cryptolocker. Reports suggest that this program seems to have been created by a totally different cybercrime group.

According to the Vadim Kotov, a researcher from the security firm Bromium, the malicious file was targeting people by means of a website which has been already compromised by the creators. This site consists of a Wordpress blog that is unintentionally hosting a file that is making use of drawbacks in the Flash for infecting the potential visitors.

What happens when a machine gets infected? 

According to Kotov, post the infection of the machine, this malware has the ability to check out nearly 185 different file extensions in the user’s system. This malware, particularly looks out for files which are linked with popular video games and online services. These games need not belong to the top listing games on the web. He further added that the Teslacrypt malware, has the ability to store the files of the gamers which includes their maps, profiles, and saved games. He also added that gamers will only end up being disappointed if they try to uninstall any game downloaded through any online service. He further added that it is not possible for the user to restore any of their required data post re-installing the game file as well.

So what happens next? 

Once the user’s files have been targeted and encrypted by this malware, they will get a pop up message indicating that they have been targeted and they have only a few days to make the payment in order to retrieve their data. Reports suggest that the victim might end up paying between $500 to $1,000 Bitcoms in PaypalMy Cash payment cards. The Teslacrypt virus directs the potential victims to send their payment details to a designated address on the Tor anonymous browsing network. Although there are works in progress to crack the encryption system of the virus, user can resort to backups of the files in the meantime.

Saturday, 7 March 2015

5 Simple Tips to Avoid Getting Scammed In 2015


Criminals and computer hackers in all over the world are active; they are working round the clock to steal your personal information as well as money. There is nothing which you can do, but with few simple precautions you can reduce the risk because life in digital age doesn’t come with undo button and your small mistake can crook your Social Security number.
  • Use credit cards for online shopping: 

  • A credit card provides you better fraud protection than debit card and net banking as credit cards follow the different federal rules. If you are using credit cards, so you can dispute an unauthorized charge and later credit card company have to take charge off your bill after doing the investigation, which is not possible if you are using debit card. You can also dispute the charges of a credit card if the merchandise doesn’t arrive or if you have got the defective material. Whereas; some people afraid to use a credit card for online shopping, but this is for what credit card are meant to be. If there is any kind of problem, so it’s a job of credit card companies to deal with it.

  • Protect your personal information:

  • Hacker have variety of tools and techniques to get your account numbers and passwords such as; bogus emails designed to look like authentic e-mails from banks, key-loggers, phishing and more. There are always reasons why they need your personal information, but you shouldn’t forget that your Social Security number is the key to your tension free life because a hacker can use it to steal money or your personal identity. Social Security numbers are essential for financial and medical records, so it is recommended to guard it.

  • Never download unknown attachment or click on suspicious links:

  • It’s easy to click on a certain link which is in text mail or on social media post, but it is recommended to never open such links which are calming as shipping invoice or some other document calming certain lucky draw. Fraudsters are ready to count on your curiosity and your instant response can end-up with an installation of malicious software onto computers and smartphones.

  • Take your time:

  • Never make your purchase in rush as it can lead you towards fraud. Never fall in love with “buy-now-or-else because sometimes hackers use this trick to compromise your financial details. So before taking any final check-out makes sure you are doing shopping or purchase from authentic platform.

  •  Don’t be fooled by e-mails of free prize or free merchandise or money back guarantees: 

  • Never pay for playing in contest, which claims billion of dollars in prize. If the contest is authentic, so you don’t have to buy anything or pay any amount of money to get your prize. Free is good, but nothing comes in free especially when you are living in this meaning full world. The initial product may be free, but the other attached products can end your purchase with heavy bills and this is the technique through which most of the e-commerce companies are making a real profit. 

Saturday, 24 January 2015

US Military Social-Media Accounts Hacked

According to the reports, a hacker group who is claiming to be with the terrorist group ISIS and call themselves as the “Recently, Cyber Caliphate, took the complete control over the operation of Centcom YouTube channel and Twitter account that represents the United States central military command. There was a Pastebin tweeted by the hackers titles as “Pentagon account hacked with a message that, American soldiers, we are coming, now its time when you should watch your back. #CyberCaliphate”. This message included links to what is suppose to be with some confidential US Army files.

However, according to sources, it has come to light that these files might have been made available to public previously, in other words, these files cannot be deemed highly confidential. These files might not be confidential but at the end of the day, it was the files of Centcom’s social accounts that were compromised. This clearly indicates the pathetic state of the cyber security in the United States government. And if the hackers are able to get their hands on some of the most confidential files then it clearly indicates that ISIS is a more dreadful cyber-opponent than anyone can expect.

According to the tweets of Politico reporter Hadas Gold at 9:46AM PST, Twitter is aware of the cyber attack on Centcom and taking necessary steps to work on the issue. According to the update at 10:05AM PST, Twitter was able to remove the cover image and the profile image from Centcom. This was followed by the suspension of the Centcom account at 10:10AM PST. At 10:15AM PST, there was an update posted indicating one of the defense officials has confirmed these attacks to Fusion reported Brett LoGiurato. Brett LoGiurato tweeted that, defense official have confirmed that the United States Central Command Twitter account has been compromised. At 10:35AM PST another update followed indicating that even YouTube has suspended the hacked account of Centcom from YouTube. Around 11:55AM PST, The Next Web’s Matt Navarra tweeted that there has been a request received from Pentagon pertaining to an account security issue and they are working on the issue to resolve it.

Before the accounts could be shut, the following tweets were released from the account: 

1. Pentagon network hacked: Korean scenarios.
2. American soldiers, we are coming to you, now it’s time when you should watch your back.
3. We will not stop; we know everything about you, your wife, and your children.
4. ISIS is already here, we are in your computers, in each of your military base

While the US and its satellites kill our brothers and soldiers in Afghanistan, Syria and Iraq, then we broke into your networks and personal devices and know every information about you. The Cyber-Caliphate has also claimed to have taken control over the US media affiliates of CBS News and Fox in Tennessee. According to one of the Anonymous post left out in Pastebin, “In the name of Allah, the Most Gracious, the Most Merciful, the Cyber-Caliphate under the auspices of ISIS will continues with its Cyber-Jihad.

Friday, 2 January 2015

Hacker Clones a Politician’s Fingerprint Using Normal, Long-Distance Public Photos

Something of this magnitude can’t expected to have happened in past couple of years but now, according to a member of the Chaos Computer Club, which is a European hacker association (on the similar lines of Cult of the Dead Cow in the united states of America) it is possible.

They have successfully shown that it is quite possible to clone or reproduce anyone’s fingerprints. This clone can be used to break into anyone’s system, which is protected by the biometric fingerprint scanners. They just need the photo of someone’s fingers. According to the club, they do not need any close up photos; any photos with the celebrity waving the hands even from a far distance will do the trick.

Considering this case, the CCC was able to get their hands on the fingerprint of Germany’s defense minister Ursula von der Leyen through a photo, which was taken during a press conference. This could easily be considered as a security breach if the German government uses biometric access control systems.

The findings: 

The findings were presented by Jan “Starbug” Krissler, the hacker at the Chaos communication congress. He was able to recreate the thumbprint of the minister by using a photo of the minister, which was taken at the press conference, and some other photos, which have take the picture of her thumb from multiple angles. He used one of the commercially available software called Verifinger Software.

Jan created a real world dummy by using this thumbprint. He started by printing it on a mask and then exposing the same to create a negative print on a substrate. Then he filled the negative with wood clue and created a new positive fingerprint. In case of testing, this technique can pose serious threat to Apple’s TouchID sensor and just in case the minister has Apple iphone then the company can seriously get her into trouble. By this, the company is hoping that the German government is not relying on fingerprints to control their military systems.

What is the drawback? 

With the digital fingerprint readers becoming very common now and it is being on laptops to high-end expensive smartphones. The biggest problem with fingerprints is that they can give false positive, negative and even multiple readings of the same print and give out different results. Even though fingerprints are the best means of identification, still security and forensic communities are looking forwards towards more techniques that are reliable.

DNA sequencing is being considered a one of the best means of forensic identification, and vein matching and gait analysis are best options for control access. This technique is called living biometrics and as the name suggest it is only valid until the person is alive. This technique is already in use in Poland and Japan at some of their ATM’s.

If you are among the people who are using fingerprints for access control, it might be a good time to switch over to something more reliable.


Wednesday, 3 September 2014

Tools Manipulating RAM to Mislead Cyber crime Investigators

ADD, attention deficit disorder, a tool changes the structure of the Windows physical memory and thereby, disturbs the memory functioning of the system and changing the pattern of the memory consolidation within the system. What it does is, make fake files, fake network connections, bad server dumps and ultimately, making a false background of the memory track. With this increasing amount of false server lists along with a great number of fake network connections are allowing cyber manipulators to work without much threat and do their job at a swift pace.

What cyber crime analysts and investigators do? 

There is always a memory dump in any computer system that has been running. Whatever occurs in the process, while the computer is running, every memory goes into the memory dump and that can be identified and objected at any point of time. This memory dump allows you to understand the pattern of surfing along with the network and server connections that have been subjected by the user. Every list of used objects gets located in the memory dump and the analysts using their analytics tools capture this dump and go through it to find any range of crime or misconduct and thereby, work in a way to prevent cyber crimes in a particular location or network. Cybercrime analysts have had a huge amount of job in the present time with an increasing amount of cyber frauds. An analyst looks for:-

  • Proof of private sessions
  • Passwords history
  • Browsing networks
  • Malwares and encrypted codes that form a part of the memory but not the disk.
The new tool creating hazard for the cyber crime investigators:- 

With the advent of internet, there is an increase in the amount of frauds and large network scams in the area of cyber use for thefts, frauds, cheating and other miscellaneous activities. ADD has come up with a facility that allows the user to dislocate itself from the normal network browsing history and relocated at a different location and finally disrupting the RAM. With a change in the memory location, it becomes utterly difficult for the cyber analysts to find the exact IP address and browsing history.

 A bigger problem exists with the fact that the attacker may insert such attacking and fake files into the network that allows another cyber crime group to attack at another networking sites and creating a greater number of malwares that will affect the RAM and disrupt the whole memory dumping process.

The cyber crime network is getting stronger with every passing minute and is using such artifacts that are very tough to validate and analyse. Even if the hacked system gets into the hands of the analyst, the ADD tool that has created the hazard will send the analyst on a journey that is far from the actual event and therefore, will add more to the confusion and hacking the malwares would not be possible.

The anti- cyber crime and cyber theft intercom are also trying to increase their resources and technologies that will allow them to build a stronger cyber rule and disallow the cyber attacker to attack the RAM and disturb the memory use.

Thursday, 28 August 2014

Harmful Apps Can Hack Gmail Apps As Proved By US Researchers

According to some US researchers’ study, it is possible to hack into the accounts of Gmail, which can be almost 92% successful. It is mainly done by utilizing a weak point in the memory Smartphones. The researchers themselves were able to have access to a range of apps, which are in Gmail, by masking harmful software as a different downloaded app.Gmail was one of the simplest to access from the trendy apps as it was tested.

What is Phishing? 

Phishing actually is not the single technique used by the researchers to get the user’s information. The Chase Bank app lets the users to pay through checks by getting the image of the check by means of the phone camera. The hackers can do another attack, with the help of the advantage of this characteristic. A particular phone can put down a check by trapping a picture of it. The infected app captured the picture. This can help hackers to have entry to bank account info including the signature of the user.

Impact of the hacking through apps

The hacking was experimented on an Android mobile, but as per the researchers, it might work on any other operating system like Windows as well as the iOS system. The researchers utilized a harmful application to check the activity on an Android Smartphone. The impact starts while the user downloads such a malicious app. This app does not work until the user begins using one of the intended apps of Gmail or even the Chase Bank. By using data in the common memory, the harmful application traces out what the mobile user is doing on another app. The malware after that launches a false login window to get back the data provided by the user into the intended application. This is chiefly called a phishing attack, which the hackers mostly use to get sensitive economic data.

It has been generally assumed by the users and also the developers that these apps can never interfere with one other simply. Researchers proved that this statement is not right, and one app, in fact, considerably is able to affect another and this causes some harmful effects for the user. The hackers can get access by making a user to fix a seemingly risk-free app for example phone wallpaper. They expose a lately revealed public side channel, which does not need privileges. This trait allows methods to share all the data capably and is rather common, because all of the downloaded apps of the mobile interact with single operating system.

Thus, all the users must be always careful about these hackings. They should download apps from only the reliable sources. Generally, in most cases, popular apps are the source of hacking. In order to avoid these, it is better to check your Smartphone or the tablet on the regular basis. You have to be certain that apps that are the genuine one are the just ones that you installed. If any unnecessary app or the seemingly harmful apps are downloaded, uninstall it immediately.