Archive for the ‘backdoors’ Category

NSA could put undetectable “trapdoors” in millions of crypto keys

October 11th, 2016

Enlarge (credit: Jorge Láscar)

Researchers have devised a way to place undetectable backdoors in the cryptographic keys that protect websites, virtual private networks, and Internet servers. The feat allows hackers to passively decrypt hundreds of millions of encrypted communications as well as cryptographically impersonate key owners.

The technique is notable because it puts a backdoor—or in the parlance of cryptographers, a "trapdoor"—in 1,024-bit keys used in the Diffie-Hellman key exchange. Diffie-Hellman significantly raises the burden on eavesdroppers because it regularly changes the encryption key protecting an ongoing communication. Attackers who are aware of the trapdoor have everything they need to decrypt Diffie-Hellman-protected communications over extended periods of time, often measured in years. Knowledgeable attackers can also forge cryptographic signatures that are based on the widely used digital signature algorithm.

As with all public key encryption, the security of the Diffie-Hellman protocol is based on number-theoretic computations involving prime numbers so large that the problems are prohibitively hard for attackers to solve. The parties are able to conceal secrets within the results of these computations. A special prime devised by the researchers, however, contains certain invisible properties that make the secret parameters unusually susceptible to discovery. The researchers were able to able to break one of these weakened 1,024-bit primes in slightly more than two months using an academic computing cluster of 2,000 to 3,000 CPUs.

Read 19 remaining paragraphs | Comments

Posted in backdoors, diffie-hellman, encryption, Law & Disorder, primes, public key cryptography, Risk Assessment, Technology Lab, trapdoors | Comments (0)

Crypto flaw made it easy for attackers to snoop on Juniper customers

July 14th, 2016

(credit: John Palmer)

As if people didn't already have cause to distrust the security of Juniper products, the networking gear maker just disclosed a vulnerability that allowed attackers to eavesdrop on sensitive communications traveling through customers' virtual private networks.

In an advisory posted Wednesday, Juniper officials said they just fixed a bug in the company's Junos operating system that allowed adversaries to masquerade as trusted parties. The impersonation could be carried out by presenting a forged cryptographic certificate that was signed by the attacker rather than by a trusted certificate authority that normally vets the identity of the credential holder.

"When a peer device presents a self-signed certificate as its end entity certificate with its issuer name matching one of the valid CA certificates enrolled in Junos, the peer certificate validation is skipped and the peer certificate is treated as valid," Wednesday's advisory stated. "This may allow an attacker to generate a specially crafted self-signed certificate and bypass certificate validation."

Read 6 remaining paragraphs | Comments

Posted in backdoors, cryptography, encryption, Risk Assessment, Technology Lab, virtual private netowrks, vpns, vulnerabilities | Comments (0)

Malicious Pokémon Go App Installs Backdoor on Android Devices

July 11th, 2016
Researchers are warning would-be Pokémon Trainers that a malicious, backdoored version of the massively popular game Pokémon Go could be making the rounds soon.

Posted in backdoors, DroidJack, Mobile Security, pokemon go, Proofpoint, RAT, remote access tool, vulnerabilities | Comments (0)

After hiatus, in-the-wild Mac backdoors are suddenly back

July 6th, 2016

After a taking hiatus, Mac malware is suddenly back, with three newly discovered strains that have access to Web cameras, password keychains, and pretty much every other resource on an infected machine.

The first one, dubbed Eleanor by researchers at antivirus provider Bitdefender, is hidden inside EasyDoc Converter, a malicious app that is, or at least was, available on a software download site called MacUpdate. When double clicked, EasyDoc silently installs a backdoor that provides remote access to a Mac's file system and webcam, making it possible for attackers to download files, install new apps, and watch users who are in front of an infected machine. Eleanor communicates with control servers over the Tor anonymity service to prevent them from being taken down or being used to identify the attackers.

"This type of malware is particularly dangerous as it's hard to detect and offers the attacker full control of the compromised system," Tiberius Axinte, technical leader of the Bitdefender Antimalware Lab, said in a blog post published Wednesday. "For instance, someone can lock you out of your laptop, threaten to blackmail you to restore your private files or transform your laptop into a botnet to attack other devices."

Read 9 remaining paragraphs | Comments

Posted in adware, backdoors, Infinite Loop, Law & Disorder, Macs, malware, OS X, Risk Assessment, Technology Lab | Comments (0)

Mark Zuckerberg is paranoid about webcam spies – for good reason

June 22nd, 2016
Zuckerberg's a taper! FBI Director James Comey's a taper! We want to make you a taper, too!

Posted in backdoors, Blackshades, facebook, FBI, Instagram, james comey, Law & order, malware, Mark Zuckerberg, privacy, RATs, remote access Trojan, spyware, Surveillance | Comments (0)

Judge dismisses police attempt to get Lauri Love’s encryption keys

May 11th, 2016
The Police have failed in their second attempt to get hacktivist Lauri Love to hand over encryption keys for six devices seized in 2013.

Posted in backdoors, cryptography, encryption, lauri love, Law & order, nca | Comments (0)

Apple says Feds haven’t proved they need its help unlocking iPhones

April 19th, 2016
The government's "utterly failed" to prove it needs such unusual technical support, Apple said in a Brooklyn court filing.

Posted in all writs act, apple, backdoors, brooklyn, cryptography, FBI, ios, iphone, Law & order, Mobile, privacy, san bernardino | Comments (0)

3.2 Million Servers Vulnerable to JBoss Attack

April 18th, 2016
Cisco Talos said that 3.2 million servers are vulnerable to the JBoss flaw used as the initial point of compromise in the recent SamSam ransomware attacks.

Posted in backdoors, cryptography, education, Follett, hacks, JBoss, malware, ransomware, SamSam, vulnerabilities, Web Security | Comments (0)

Why Silicon Valley is worried about the new Senate encryption bill

April 15th, 2016
The bill could put tech companies in a bind, essentially asking them to protect consumers' data with encryption but break that encryption on demand.

Posted in apple, backdoors, cryptography, Diane Feinstein, encryption, FBI, iOS 9, Law & order, privacy, Richard Burr, Ron Wyden, senate intelligence committee, US Senate | Comments (0)

Why the FBI director puts tape over his webcam – and you should too

April 12th, 2016
The FBI director admitted last week that he covers his laptop's webcam with tape because "I saw somebody smarter than I am had a piece of tape over their camera"

Posted in backdoors, Blackshades, FBI, james comey, Law & order, malware, Michel Foucault, privacy, RATs, remote access Trojan, spyware, Surveillance | Comments (0)