Archive for the ‘backdoors’ Category

Powerful backdoor/rootkit found preinstalled on 3 million Android phones

November 18th, 2016

Enlarge

Almost three million Android phones, many of them used by people in the US, are vulnerable to code-execution attacks that remotely seize full control of the devices, researchers said Thursday.

Until recently, the flaw could have been exploited by anyone who took the time to obtain two Internet domains that remained unregistered despite being hardwired into the firmware that introduced the vulnerability. After discovering the vulnerability, researchers from security ratings firm BitSight Technologies registered the addresses and control them to this day. Even now, the failure of the buggy firmware to encrypt communications sent to a server located in China makes code-execution attacks possible when phones don't use virtual private networking software when connecting to public hotspots and other unsecured networks.

Since BitSight and its subsidiary company Anubis Networks took possession of the two preconfigured domains, more than 2.8 million devices have attempted to connect in search of software that can be executed with unfettered "root" privileges, the researchers said. Had malicious parties obtained the addresses before BitSight did, the actors could have installed keyloggers, bugging software, and other malware that completely bypassed security protections built into the Android operating system. The almost three million devices remain vulnerable to so-called man-in-the-middle attacks because the firmware—which was developed by a Chinese company called Ragentek Group—doesn't encrypt the communications sent and received to phones and doesn't rely on code-signing to authenticate legitimate apps. Based on the IP addresses of the connecting devices, vulnerable phones hail from locations all over the world, with the US being the No. 1 affected country.

Read 9 remaining paragraphs | Comments

Posted in android, backdoors, firmware, Gear & Gadgets, privacy, Risk Assessment, security, Technology Lab | Comments (0)

Threatpost News Wrap, November 18, 2016

November 18th, 2016
Mike Mimoso and Chris Brook discuss the news of the week, including this week's House hearing on the Internet of Things, Samy Kamkar's PoisonTap tool, and Windows 10's ransomware protections.

Posted in backdoors, Bruce Schneier, cookies, Government, Hacking, hacks, Internet of things, IoT, malware, Microsoft, Podcasts, PoisonTap, ransomware, Samy Kamkar, Windows 10 | Comments (0)

PoisonTap Steals Cookies, Drops Backdoors on Password-Protected Computers

November 16th, 2016
Samy Kamkar's latest hacking device, PoisonTap, can steal HTTP cookies from millions of websites and install persistent web-based backdoors.

Posted in backdoors, Cookie theft, hacks, Node.js, PoisonTap, Raspberry Pi, Samy Kamkar | Comments (0)

Shanghai surprise as cheap Android devices ‘phone home’ to China

November 16th, 2016
Sending texts, call logs and other PII to a server in Shanghai without consent 'a mistake', says firmware provider

Posted in Adups, Advertising, android, backdoors, china, data loss, firmware, Mobile, privacy, targeted advertising | Comments (0)

Meet PoisonTap, the $5 tool that ransacks password-protected computers

November 16th, 2016

Enlarge (credit: Samy Kamkar)

The perils of leaving computers unattended just got worse, thanks to a newly released exploit tool that takes only 30 seconds to install a privacy-invading backdoor, even when the machine is locked with a strong password.

PoisonTap, as the tool has been dubbed, runs freely available software on a $5/£4 Raspberry Pi Zero device. Once the payment card-sized computer is plugged into a computer's USB slot, it intercepts all unencrypted Web traffic, including any authentication cookies used to log in to private accounts. PoisonTap then sends that data to a server under the attacker's control. The hack also installs a backdoor that makes the owner's Web browser and local network remotely controllable by the attacker.

(credit: Samy Kamkar)

PoisonTap is the latest creation of Samy Kamkar, the engineer behind a long line of low-cost hacks, including a password-pilfering keylogger disguised as a USB charger, a key-sized dongle that jimmies open electronically locked cars and garages, and a DIY stalker app that mined Google Streetview. While inspiring for their creativity and elegance, Kamkar's inventions also underscore the security and privacy tradeoffs that arise from an increasingly computerized world. PoisonTap continues this cautionary theme by challenging the practice of password-protecting an unattended computer rather than shutting it off or, a safer bet still, toting it to the restroom or lunch room.

Read 11 remaining paragraphs | Comments

Posted in backdoors, hacks, Man in the middle, Risk Assessment, Technology Lab | Comments (0)

Pre-installed Backdoor On 700 Million Android Phones Sending Users’ Data To China

November 16th, 2016
Do you own an Android smartphone? You could be one of those 700 Million users whose phone is secretly sending text messages to China every 72 hours. You heard that right. Over 700 Million Android smartphones contain a secret 'backdoor' that surreptitiously sends all your text messages, call log, contact list, location history, and app data to China every 72 hours. Security researchers from

Posted in Android hacking, backdoor malware, backdoors, Chinese malware, Chinese phone, Chinese smartphone, hacking android phone, hacking news, mobile backdoor, Software backdoor | Comments (0)

NSA could put undetectable “trapdoors” in millions of crypto keys

October 11th, 2016

Enlarge (credit: Jorge Láscar)

Researchers have devised a way to place undetectable backdoors in the cryptographic keys that protect websites, virtual private networks, and Internet servers. The feat allows hackers to passively decrypt hundreds of millions of encrypted communications as well as cryptographically impersonate key owners.

The technique is notable because it puts a backdoor—or in the parlance of cryptographers, a "trapdoor"—in 1,024-bit keys used in the Diffie-Hellman key exchange. Diffie-Hellman significantly raises the burden on eavesdroppers because it regularly changes the encryption key protecting an ongoing communication. Attackers who are aware of the trapdoor have everything they need to decrypt Diffie-Hellman-protected communications over extended periods of time, often measured in years. Knowledgeable attackers can also forge cryptographic signatures that are based on the widely used digital signature algorithm.

As with all public key encryption, the security of the Diffie-Hellman protocol is based on number-theoretic computations involving prime numbers so large that the problems are prohibitively hard for attackers to solve. The parties are able to conceal secrets within the results of these computations. A special prime devised by the researchers, however, contains certain invisible properties that make the secret parameters unusually susceptible to discovery. The researchers were able to able to break one of these weakened 1,024-bit primes in slightly more than two months using an academic computing cluster of 2,000 to 3,000 CPUs.

Read 19 remaining paragraphs | Comments

Posted in backdoors, diffie-hellman, encryption, Law & Disorder, primes, public key cryptography, Risk Assessment, Technology Lab, trapdoors | Comments (0)

Crypto flaw made it easy for attackers to snoop on Juniper customers

July 14th, 2016

(credit: John Palmer)

As if people didn't already have cause to distrust the security of Juniper products, the networking gear maker just disclosed a vulnerability that allowed attackers to eavesdrop on sensitive communications traveling through customers' virtual private networks.

In an advisory posted Wednesday, Juniper officials said they just fixed a bug in the company's Junos operating system that allowed adversaries to masquerade as trusted parties. The impersonation could be carried out by presenting a forged cryptographic certificate that was signed by the attacker rather than by a trusted certificate authority that normally vets the identity of the credential holder.

"When a peer device presents a self-signed certificate as its end entity certificate with its issuer name matching one of the valid CA certificates enrolled in Junos, the peer certificate validation is skipped and the peer certificate is treated as valid," Wednesday's advisory stated. "This may allow an attacker to generate a specially crafted self-signed certificate and bypass certificate validation."

Read 6 remaining paragraphs | Comments

Posted in backdoors, cryptography, encryption, Risk Assessment, Technology Lab, virtual private netowrks, vpns, vulnerabilities | Comments (0)

Malicious Pokémon Go App Installs Backdoor on Android Devices

July 11th, 2016
Researchers are warning would-be Pokémon Trainers that a malicious, backdoored version of the massively popular game Pokémon Go could be making the rounds soon.

Posted in backdoors, DroidJack, Mobile Security, pokemon go, Proofpoint, RAT, remote access tool, vulnerabilities | Comments (0)

After hiatus, in-the-wild Mac backdoors are suddenly back

July 6th, 2016

After a taking hiatus, Mac malware is suddenly back, with three newly discovered strains that have access to Web cameras, password keychains, and pretty much every other resource on an infected machine.

The first one, dubbed Eleanor by researchers at antivirus provider Bitdefender, is hidden inside EasyDoc Converter, a malicious app that is, or at least was, available on a software download site called MacUpdate. When double clicked, EasyDoc silently installs a backdoor that provides remote access to a Mac's file system and webcam, making it possible for attackers to download files, install new apps, and watch users who are in front of an infected machine. Eleanor communicates with control servers over the Tor anonymity service to prevent them from being taken down or being used to identify the attackers.

"This type of malware is particularly dangerous as it's hard to detect and offers the attacker full control of the compromised system," Tiberius Axinte, technical leader of the Bitdefender Antimalware Lab, said in a blog post published Wednesday. "For instance, someone can lock you out of your laptop, threaten to blackmail you to restore your private files or transform your laptop into a botnet to attack other devices."

Read 9 remaining paragraphs | Comments

Posted in adware, backdoors, Infinite Loop, Law & Disorder, Macs, malware, OS X, Risk Assessment, Technology Lab | Comments (0)