Skip to main content

Home/ Future of the Web/ Group items tagged malware

Rss Feed Group items tagged

1More

Google confirms that advanced backdoor came preinstalled on Android devices | Ars Technica - 0 views

  • Criminals in 2017 managed to get an advanced backdoor preinstalled on Android devices before they left the factories of manufacturers, Google researchers confirmed on Thursday. Triada first came to light in 2016 in articles published by Kaspersky here and here, the first of which said the malware was "one of the most advanced mobile Trojans" the security firm's analysts had ever encountered. Once installed, Triada's chief purpose was to install apps that could be used to send spam and display ads. It employed an impressive kit of tools, including rooting exploits that bypassed security protections built into Android and the means to modify the Android OS' all-powerful Zygote process. That meant the malware could directly tamper with every installed app. Triada also connected to no fewer than 17 command and control servers. In July 2017, security firm Dr. Web reported that its researchers had found Triada built into the firmware of several Android devices, including the Leagoo M5 Plus, Leagoo M8, Nomu S10, and Nomu S20. The attackers used the backdoor to surreptitiously download and install modules. Because the backdoor was embedded into one of the OS libraries and located in the system section, it couldn't be deleted using standard methods, the report said. On Thursday, Google confirmed the Dr. Web report, although it stopped short of naming the manufacturers. Thursday's report also said the supply chain attack was pulled off by one or more partners the manufacturers used in preparing the final firmware image used in the affected devices.
1More

Was Destructive 'Slingshot' Malware Deployed by the Pentagon? | The American Conservative - 0 views

  • Earlier this March, cyber-security firm Kaspersky Labs released information on a newly discovered, highly advanced piece of malware dubbed Slingshot. The malware targeted Latvian-made Internet routers popular in the Middle East, Africa, and Southeast Asia. Kaspersky’s reports reveal that the malware had been active since at least 2012, and speculates that it was government-made, owing to its sophistication and its use of novel techniques rarely seen elsewhere. Those investigating the matter further have drawn the conclusion that Slingshot was developed by the U.S. government, with some reports quoting former officials as connecting it to the Pentagon’s JSOC special forces. For those following the cyber security and malware sphere, this is a huge revelation, putting the U.S. government in the hot seat for deploying cyber attacks that harm a much greater range of innocent users beyond their intended targets. Kaspersky’s own findings note that the code was written in English, using a driver flaw to allow the implanting of various types of spyware. Among those mentioned by Moscow-based Kaspersky was an implant named “GOLLUM,” which notably was mentioned in one of the leaked Edward Snowden documents. Further findings suggest that Slingshot had common code with only two other known pieces of software, both malwares, which were attributed to the NSA and CIA, respectively, by analysts. Though various U.S. agencies are all denying comment, things are clearly pointing uncomfortably in their direction.
4More

#Vault7: CIA's secret cyberweapon can infiltrate world's most secure networks - RT Viral - 1 views

  • WikiLeaks’ latest release in its Vault7 series details how the CIA’s alleged ‘Brutal Kangaroo’ program is being used to penetrate the most secure networks in the world.
  • Brutal Kangaroo, a tool suite for Microsoft Windows, targets closed air gapped networks by using thumb drives, according to WikiLeaks.Air gapping is a security measure employed on one or more computers to ensure that a secure computer network is physically isolated from unsecured networks.
  • These networks are used by financial institutions, military and intelligence agencies, the nuclear power industry, as well as even some advanced news networks to protect sources, according to La Repubblica journalist Stefania Maurizi.READ MORE: ‘CIA’s Cherry Bomb’: WikiLeaks #Vault7 reveals wireless network targetsThese newly released documents show how closed networks not connected to the internet can be compromised by this malware. However, the tool only works on machines with a Windows operating system.Firstly, an internet-connected computer within the targeted organization is infected with the malware. When a user inserts a USB stick into this computer, the thumbdrive itself is infected with a separate malware.Once this is inserted into a single computer on the air gapped network the infection jumps – like a kangaroo – across the entire system, enabling sabotage and data theft.RELEASE: CIA air-gap jumping virus 'Emotional Simian' https://t.co/KkBnXhNtGCpic.twitter.com/w6MZFGushc— WikiLeaks (@wikileaks) June 22, 2017If multiple computers on the closed network are under CIA control, they “form a covert network to coordinate tasks and data exchange,” according to Wikileaks.Data can be returned to the CIA once again, although this does depend on someone connecting the USB used on the closed network computer to an online device.
  • ...1 more annotation...
  • While it may not appear to be the most efficient CIA project, it allows the intelligence agency to infiltrate otherwise unreachable networks.This method is comparable to the Stuxnet virus, a cyberweapon purportedly built by the US and Israel. Stuxnet is thought to have caused substantial damage to Iran's nuclear program in 2010.The CIA allegedly began developing the Brutal Kangaroo program in 2012 – two years after Stuxnet incident in Iran.The most recent of these files were to intended to remain secret until at least 2035. The documents released by WikiLeaks are dated February 2016, indicating that the scheme was likely being used until that point.
1More

WikiLeaks Reveals Details Of CIA "Archimedes" Tool Used To Hack Local Area Networks - 0 views

  • In its seventh CIA leak since March 23rd, WikiLeaks has just revealed the user manual of a CIA hacking tool known as ‘Archimedes’ which is purportedly used to attack computers inside a Local Area Network (LAN).  The CIA tool works by redirecting a target’s The CIA tool works by redirecting a target’s web page search to a CIA server which serves up a web page that looks exactly like the original page they were expecting to be served, but which contains malware. It’s only possible to detect the attack by examining the page source.
5More

What to Do About Lawless Government Hacking and the Weakening of Digital Security | Ele... - 0 views

  • In our society, the rule of law sets limits on what government can and cannot do, no matter how important its goals. To give a simple example, even when chasing a fleeing murder suspect, the police have a duty not to endanger bystanders. The government should pay the same care to our safety in pursuing threats online, but right now we don’t have clear, enforceable rules for government activities like hacking and "digital sabotage." And this is no abstract question—these actions increasingly endanger everyone’s security
  • The problem became especially clear this year during the San Bernardino case, involving the FBI’s demand that Apple rewrite its iOS operating system to defeat security features on a locked iPhone. Ultimately the FBI exploited an existing vulnerability in iOS and accessed the contents of the phone with the help of an "outside party." Then, with no public process or discussion of the tradeoffs involved, the government refused to tell Apple about the flaw. Despite the obvious fact that the security of the computers and networks we all use is both collective and interwoven—other iPhones used by millions of innocent people presumably have the same vulnerability—the government chose to withhold information Apple could have used to improve the security of its phones. Other examples include intelligence activities like Stuxnet and Bullrun, and law enforcement investigations like the FBI’s mass use of malware against Tor users engaged in criminal behavior. These activities are often disproportionate to stopping legitimate threats, resulting in unpatched software for millions of innocent users, overbroad surveillance, and other collateral effects.  That’s why we’re working on a positive agenda to confront governmental threats to digital security. Put more directly, we’re calling on lawyers, advocates, technologists, and the public to demand a public discussion of whether, when, and how governments can be empowered to break into our computers, phones, and other devices; sabotage and subvert basic security protocols; and stockpile and exploit software flaws and vulnerabilities.  
  • Smart people in academia and elsewhere have been thinking and writing about these issues for years. But it’s time to take the next step and make clear, public rules that carry the force of law to ensure that the government weighs the tradeoffs and reaches the right decisions. This long post outlines some of the things that can be done. It frames the issue, then describes some of the key areas where EFF is already pursuing this agenda—in particular formalizing the rules for disclosing vulnerabilities and setting out narrow limits for the use of government malware. Finally it lays out where we think the debate should go from here.   
  •  
    "In our society, the rule of law sets limits on what government can and cannot do, no matter how important its goals. "
  •  
    It's not often that I disagree with EFF's positions, but on this one I do. The government should be prohibited from exploiting computer vulnerabilities and should be required to immediately report all vulnerabilities discovered to the relevant developers of hardware or software. It's been one long slippery slope since the Supreme Court first approved wiretapping in Olmstead v. United States, 277 US 438 (1928), https://goo.gl/NJevsr (.) Left undecided to this day is whether we have a right to whisper privately, a right that is undeniable. All communications intercept cases since Olmstead fly directly in the face of that right.
1More

AV-Test Lab tests 16 Linux antivirus products against Windows and Linux malware | Netwo... - 1 views

  •  
    "st, an independent IT-security institute, is well-known for testing Windows antivirus solutions, and the lab's findings are well respected, but this time AV-Test tested 16 Linux antivirus solutions to discover how well they did against Windows and Linux malware. "
2More

GNU.org Website Says Microsoft's Software Is Malware - 0 views

  •  
    "GNU.org has a category on its website named "Philosophy of the GNU Project," where the Microsoft software is described as malware, along with Apple and Amazon."
  •  
    "GNU.org has a category on its website named "Philosophy of the GNU Project," where the Microsoft software is described as malware, along with Apple and Amazon."
1More

Dynamic Malware Analysis Tools - Hacking Tutorials - 0 views

  •  
    "In this tutorial we will be covering dynamic malware analysis tools which are being used to determine the behaviour of malware after it has been executed. This tutorial is part 2 of 6 in our Malware Analysis tutorials on www.hackingtutorials.org. If you haven't read part 1 of this series please read it first before continuing on this malware analysis tutorial."
1More

Linux Security - How Can Your Linux Be Hacked Using Malware, Trojans, Worms, Web Script... - 0 views

  •  
    " Is it possible that Linux can be infected with viruses? Probably, you heard of this in some debates. But here are some facts that you need to know to better understand how Linux is secured and what things can damage a Linux system. See how "
1More

Zero Day Malware Detection/Prevention Using Open Source Software - 0 views

  •  
    "Zero Day Malware Detection/Prevention Using Open Source Software - Proof of Concept Fathi "
1More

A newly discovered router virus actually fights off malware | The Verge - 1 views

  •  
    "Routers are among the most hackable devices out there - rarely updated, easily compromised, and almost never scanned for viruses. But a new router virus might actually be making the devices safer, according to a report from the security firm Symantec."
1More

The Web's ten most dangerous neighborhoods | CSO Online - 1 views

  •  
    "Ten top-level domains are to blame for at least 95 percent of the websites that pose a potential threat to visitors Maria Korolov By Maria Korolov Follow CSO | Sep 1, 2015 1:00 AM PT"
1More

Who can stop malware? It starts with advertisers | InfoWorld - 0 views

  •  
    "Malware masquerading as advertising is a growing problem, and the ad industry must figure out how to weed out scammers from legitimate companies Fahmida Y. Rashid By Fahmida Y. Rashid Follow InfoWorld | Aug 28, 2015 "
3More

The only cure for new Apple malware is to trash your Mac | TechRadar - 1 views

    • Gonzalo San Gil, PhD.
       
      # ! :o # ! :D yup! # ! ;)
  •  
    [ By Chuong Nguyen A dangerous plague with no cure in sight]
  •  
    [ By Chuong Nguyen A dangerous plague with no cure in sight]
1More

Bitdefender Blocks Anti-Piracy Website as Malware - TorrentFreak - 1 views

  •  
    " rnesto on August 1, 2015 C: 8 Breaking Rightscorp, the piracy monetization company that works with Warner Bros and other prominent copyright holders, has had to deal with its fair share of setbacks recently. The company is publicly condemned for its "extortionist" practices and now anti-virus vendor Bitdefender has started to brand the company's website as malware. "
1More

How to check if you've been attacked by Hacking Team intrusion malware | ITworld - 1 views

  •  
    "Hacking Team malware has been attacking computers and smartphones --- and you may be infected without knowing it. Here's how to find out if you're infected."
2More

Proprietary Back Doors - GNU Project - Free Software Foundation - 0 views

  •  
    "Other examples of proprietary malware Here are examples of demonstrated back doors in proprietary software."
  •  
    "Other examples of proprietary malware Here are examples of demonstrated back doors in proprietary software."
2More

MPA Report Advises Outreach Campaign Against 'Pirate' Ads | TorrentFreak [*] - 0 views

  •  
    [* #Stirring: Copyright Warriors looking after evil pirates...] " Andy on May 7, 2015 C: 0 Breaking A new survey commissioned by the Motion Picture Association into the revenue sources of 'pirate' sites has found that a third of adverts displayed are 'scam' ads designed to trick users or inject malware. According to the report, "awareness and outreach campaigns" could be helpful in warning people away from sites displaying these ads."
  •  
    [* #Stirring: Copyright Warriors looking after evil pirates...] " Andy on May 7, 2015 C: 0 Breaking A new survey commissioned by the Motion Picture Association into the revenue sources of 'pirate' sites has found that a third of adverts displayed are 'scam' ads designed to trick users or inject malware. According to the report, "awareness and outreach campaigns" could be helpful in warning people away from sites displaying these ads."
1More

The Linux Ghost Flaw: Everything You Need To Know [# Via Marshall Jones] - 1 views

  •  
    [The GHOST vulnerability is a flaw in a vital part of every major Linux distro. It could, in theory, allow hackers to take control of computers without the need for a username or password.+
2More

Secret Malware in European Union Attack Linked to U.S. and British Intelligence - The I... - 0 views

  • Complex malware known as Regin is the suspected technology behind sophisticated cyberattacks conducted by U.S. and British intelligence agencies on the European Union and a Belgian telecommunications company, according to security industry sources and technical analysis conducted by The Intercept. Regin was found on infected internal computer systems and email servers at Belgacom, a partly state-owned Belgian phone and internet provider, following reports last year that the company was targeted in a top-secret surveillance operation carried out by British spy agency Government Communications Headquarters, industry sources told The Intercept. The malware, which steals data from infected systems and disguises itself as legitimate Microsoft software, has also been identified on the same European Union computer systems that were targeted for surveillance by the National Security Agency.
  • The hacking operations against Belgacom and the European Union were first revealed last year through documents leaked by NSA whistleblower Edward Snowden. The specific malware used in the attacks has never been disclosed, however.
1 - 20 of 23 Next ›
Showing 20 items per page