Archive for the ‘backdoors’ Category

Backdoors ‘punish the wrong people’, EU security body warns

December 16th, 2016
EU security body comes out strongly against governments compromising encryption, warning of decreased trust and innovation

Posted in backdoors, data encryption, data privacy, Law & order, privacy | Comments (0)

Threatpost News Wrap, December 8, 2016

December 9th, 2016
Mike Mimoso and Chris Brook discuss the news of the week, including the latest Linux bug, Sony closing backdoors in cameras, and Google's new open source fuzzer.

Posted in backdoors, cryptography, DDoS, fuzzer, fuzzing, google, IoT, mirai, Open Source, OSS-Fuzz, Podcasts, Sony, Sony cameras, TURKEY, Turkish Hackers, vulnerabilities, Web Security | Comments (0)

If you’ve got a Sony IP camera, update its firmware now

December 8th, 2016
Sony closes backdoors in IPELA security cameras - but why were they open in the first place?

Posted in backdoors, Botnet, IoT, Organisations, Security threats, Sony, Vulnerability | Comments (0)

Powerful backdoor/rootkit found preinstalled on 3 million Android phones

November 18th, 2016


Almost three million Android phones, many of them used by people in the US, are vulnerable to code-execution attacks that remotely seize full control of the devices, researchers said Thursday.

Until recently, the flaw could have been exploited by anyone who took the time to obtain two Internet domains that remained unregistered despite being hardwired into the firmware that introduced the vulnerability. After discovering the vulnerability, researchers from security ratings firm BitSight Technologies registered the addresses and control them to this day. Even now, the failure of the buggy firmware to encrypt communications sent to a server located in China makes code-execution attacks possible when phones don't use virtual private networking software when connecting to public hotspots and other unsecured networks.

Since BitSight and its subsidiary company Anubis Networks took possession of the two preconfigured domains, more than 2.8 million devices have attempted to connect in search of software that can be executed with unfettered "root" privileges, the researchers said. Had malicious parties obtained the addresses before BitSight did, the actors could have installed keyloggers, bugging software, and other malware that completely bypassed security protections built into the Android operating system. The almost three million devices remain vulnerable to so-called man-in-the-middle attacks because the firmware—which was developed by a Chinese company called Ragentek Group—doesn't encrypt the communications sent and received to phones and doesn't rely on code-signing to authenticate legitimate apps. Based on the IP addresses of the connecting devices, vulnerable phones hail from locations all over the world, with the US being the No. 1 affected country.

Read 9 remaining paragraphs | Comments

Posted in android, backdoors, firmware, Gear & Gadgets, privacy, Risk Assessment, security, Technology Lab | Comments (0)

Threatpost News Wrap, November 18, 2016

November 18th, 2016
Mike Mimoso and Chris Brook discuss the news of the week, including this week's House hearing on the Internet of Things, Samy Kamkar's PoisonTap tool, and Windows 10's ransomware protections.

Posted in backdoors, Bruce Schneier, cookies, Government, Hacking, hacks, Internet of things, IoT, malware, Microsoft, Podcasts, PoisonTap, ransomware, Samy Kamkar, Windows 10 | Comments (0)

PoisonTap Steals Cookies, Drops Backdoors on Password-Protected Computers

November 16th, 2016
Samy Kamkar's latest hacking device, PoisonTap, can steal HTTP cookies from millions of websites and install persistent web-based backdoors.

Posted in backdoors, Cookie theft, hacks, Node.js, PoisonTap, Raspberry Pi, Samy Kamkar | Comments (0)

Shanghai surprise as cheap Android devices ‘phone home’ to China

November 16th, 2016
Sending texts, call logs and other PII to a server in Shanghai without consent 'a mistake', says firmware provider

Posted in Adups, Advertising, android, backdoors, china, data loss, firmware, Mobile, privacy, targeted advertising | Comments (0)

Meet PoisonTap, the $5 tool that ransacks password-protected computers

November 16th, 2016

Enlarge (credit: Samy Kamkar)

The perils of leaving computers unattended just got worse, thanks to a newly released exploit tool that takes only 30 seconds to install a privacy-invading backdoor, even when the machine is locked with a strong password.

PoisonTap, as the tool has been dubbed, runs freely available software on a $5/£4 Raspberry Pi Zero device. Once the payment card-sized computer is plugged into a computer's USB slot, it intercepts all unencrypted Web traffic, including any authentication cookies used to log in to private accounts. PoisonTap then sends that data to a server under the attacker's control. The hack also installs a backdoor that makes the owner's Web browser and local network remotely controllable by the attacker.

(credit: Samy Kamkar)

PoisonTap is the latest creation of Samy Kamkar, the engineer behind a long line of low-cost hacks, including a password-pilfering keylogger disguised as a USB charger, a key-sized dongle that jimmies open electronically locked cars and garages, and a DIY stalker app that mined Google Streetview. While inspiring for their creativity and elegance, Kamkar's inventions also underscore the security and privacy tradeoffs that arise from an increasingly computerized world. PoisonTap continues this cautionary theme by challenging the practice of password-protecting an unattended computer rather than shutting it off or, a safer bet still, toting it to the restroom or lunch room.

Read 11 remaining paragraphs | Comments

Posted in backdoors, hacks, Man in the middle, Risk Assessment, Technology Lab | Comments (0)

Pre-installed Backdoor On 700 Million Android Phones Sending Users’ Data To China

November 16th, 2016
Do you own an Android smartphone? You could be one of those 700 Million users whose phone is secretly sending text messages to China every 72 hours. You heard that right. Over 700 Million Android smartphones contain a secret 'backdoor' that surreptitiously sends all your text messages, call log, contact list, location history, and app data to China every 72 hours. Security researchers from

Posted in Android hacking, backdoor malware, backdoors, Chinese malware, Chinese phone, Chinese smartphone, hacking android phone, hacking news, mobile backdoor, Software backdoor | Comments (0)

NSA could put undetectable “trapdoors” in millions of crypto keys

October 11th, 2016

Enlarge (credit: Jorge Láscar)

Researchers have devised a way to place undetectable backdoors in the cryptographic keys that protect websites, virtual private networks, and Internet servers. The feat allows hackers to passively decrypt hundreds of millions of encrypted communications as well as cryptographically impersonate key owners.

The technique is notable because it puts a backdoor—or in the parlance of cryptographers, a "trapdoor"—in 1,024-bit keys used in the Diffie-Hellman key exchange. Diffie-Hellman significantly raises the burden on eavesdroppers because it regularly changes the encryption key protecting an ongoing communication. Attackers who are aware of the trapdoor have everything they need to decrypt Diffie-Hellman-protected communications over extended periods of time, often measured in years. Knowledgeable attackers can also forge cryptographic signatures that are based on the widely used digital signature algorithm.

As with all public key encryption, the security of the Diffie-Hellman protocol is based on number-theoretic computations involving prime numbers so large that the problems are prohibitively hard for attackers to solve. The parties are able to conceal secrets within the results of these computations. A special prime devised by the researchers, however, contains certain invisible properties that make the secret parameters unusually susceptible to discovery. The researchers were able to able to break one of these weakened 1,024-bit primes in slightly more than two months using an academic computing cluster of 2,000 to 3,000 CPUs.

Read 19 remaining paragraphs | Comments

Posted in backdoors, diffie-hellman, encryption, Law & Disorder, primes, public key cryptography, Risk Assessment, Technology Lab, trapdoors | Comments (0)