Espionage Group Using USB Devices to Hack Targets

USB devices are being used to hack targets in Southeast Asia, according to a new report by cybersecurity firm Mandiant.

The use of USB devices as an initial access vector is unusual as they require some form of physical access — even if it is provided by an unwitting employee — to the target device.

Earlier this year the FBI warned that cybercriminals were sending malicious USB devices to American companies via the U.S. Postal Service with the aim of getting victims to plug them in and unwittingly compromise their networks...

The hackers behind it are concentrating on targets in the Philippines. The researchers assess the group has a China nexus, although it did not formally attribute the cyber espionage operation to a specific state-sponsored group. more

Man Charged for Creating International Covert Spyware at Age 15

Australia - The man who is now 24, and his mother have both been charged, over the program used by domestic violence offenders and paedophiles. more / video

iPhone Malware Tactic Causes Fake Shutdowns: Enables Spying

The ‘NoReboot’ technique is the ultimate in persistence for iPhone malware, preventing reboots and enabling remote attackers to do anything on the device while remaining completely unseen.

In the world of mobile malware, simply shutting down a device can often wipe out any bad code, given that persistence after rebooting is a challenge for traditional malicious activity. But a new iPhone technique can hijack and prevent any shut-down process that a user initiates, simulating a real power-off while allowing malware to remain active in the background.

The stealthy technique, dubbed “NoReboot” by researchers, is “the ultimate persistence bug,” according to a ZecOps analysis this week... 

Is There a Patch for NoReboot?

ZecOps researchers noted that even though they call the issue a “persistence bug,” it can’t actually be patched because “it’s not exploiting any…bugs at all — only playing tricks with the human mind.” Via Twitter, the firm said that the technique works on every version of iPhone, and to prevent it, Apple would need to build in a hardware-based indicator for iPhone sleep/wake/off status.

To protect themselves, iPhone users should run standard checks for malware and trojanized apps, and take the usual vetting precautions when downloading and installing new apps. more

From Those Wonderful Folks Who Gave Us...

"Gloworm" Eavesdropping and Air-Gaped Computer Hacks

After a long day at work, the modern goldfish no longer has to take public transportation home—it can drive via a fish-operated vehicle (FOV), according to new research published in Behavioural Brain Research.

Documented in a report published in the February 2022 issue of the peer-reviewed journal, researchers at Ben-Gurion University of the Negev in Beersheba, Israel, set out to unpack how well goldfish can navigate terrestrial environments when tasked with the right tools. They created a small camera-equipped fish tank on wheels, which they call an FOV, and put six goldfish in it, one at a time. 

The fish managed to avoid dead ends and correct inaccuracies... Goldfish navigate land very well, it turns out. more 

(Next up, Exocoetidaes in airplanes.) 

Millions of Android Phones Vulnerable Over ‘Eavesdropping’ Scare

MILLIONS of people around the world have been exposed to snoopers by dodgy microchips loaded into Android smartphones.

According to security experts, vulnerabilities in processors produced by Taiwanese firm MediaTek could have allowed malicious apps to spy on their users.

MediaTek, one of the world's leading chip-makers, last month issued a fix for four bugs disclosed by researchers at cyber firm Check Point.

Its circuitry is found in one in three of the world’s smartphones, including high-end handsets from Xiaomi, Oppo, Realme, Vivo and more.

Check Point detailed the vulnerabilities exposed by its crack team of cyber buffs in a blog post last week. more

 

RedCurl Corporate Espionage Hackers Return

A corporate cyber-espionage hacker group has resurfaced after a seven-month hiatus with new intrusions targeting four companies this year, including one of the largest wholesale stores in Russia, while simultaneously making tactical improvements to its toolset in an attempt to thwart analysis.

"In every attack, the threat actor demonstrates extensive red teaming skills and the ability to bypass traditional antivirus detection using their own custom malware," Group-IB's Ivan Pisarev said. 

Active since at least November 2018, the Russian-speaking RedCurl hacking group has been linked to 30 attacks to date with the goal of corporate cyber espionage and document theft aimed at 14 organizations spanning construction, finance, consulting, retail, insurance, and legal sectors and located in the U.K., Germany, Canada, Norway, Russia, and Ukraine. more

LANTENNA: Exfiltrating Data from Air-Gapped Networks via Ethernet Cables

via Cyber Security Labs @ Ben Gurion University

Air-gapped networks are wired with Ethernet cables since wireless connections are strictly prohibited. 

 LANTENNA - a new type of electromagnetic attack allowing adversaries to leak sensitive data from isolated, air-gapped networks. 

Malicious code in air-gapped computers gathers sensitive data and then encodes it over radio waves emanating from the Ethernet cables, using them as antennas. A nearby receiving device can intercept the signals wirelessly, decode the data, and send it to the attacker. 

We discuss the exfiltration techniques, examine the covert channel characteristics, and provide implementation details. Notably, the malicious code can run in an ordinary user-mode process and successfully operate from within a virtual machine. We evaluate the covert channel in different scenarios and present a set of countermeasures. 

Our experiments show that with the LANTENNA attack, data can be exfiltrated from air-gapped computers to a distance of several meters away. more & video

Spy Tip 592 - How to Eavesdrop More Effectively

Dr Anthony Youn explained that there is a way you can listen into a chat that wasn’t meant for you.

He explained: “Try listening with your right ear and not your left – your right ear is connected to the left side of your brain which processes speech and language.”

His posts on body hacks have gone viral and include a range of tricks and trips.

He also revealed how you can get rid of hiccups. more

I've been hacked! Now what?

Check these links for some instant advice and assistance...

https://www.justice.gov/criminal-ccips/reporting-computer-internet-related-or-intellectual-property-crime

https://www.consumer.ftc.gov/articles/how-recover-your-hacked-email-or-social-media-account

https://www.kaspersky.com/resource-center/threats/what-to-do-if-your-email-account-has-been-hacked

https://www.cnet.com/tech/services-and-software/when-you-get-hacked-figuring-out-who-to-call-for-help-can-be-a-puzzle/

https://www.popularmechanics.com/technology/security/a34284848/steps-to-take-if-you-have-been-hacked/

https://support.google.com/accounts/answer/6294825?hl=en

https://www.csoonline.com/article/3617849/15-signs-youve-been-hacked-and-how-to-fight-back.html

Security Director Alert: Wireless Key-Logger Hides in USB-C to Lightning Cable

A USB-C to Lightning cable with a hidden wireless key-logger can enable an attacker to capture everything you type from a distance of up to a mile.

Any tech-literate person knows you should never plug a USB key into any of your devices unless you trust the person giving it to you, but fewer know that the same applies to USB cables...

“We tested this out in downtown Oakland and were able to trigger payloads at over 1 mile,” he added...

...the new cables now have geofencing features, where a user can trigger or block the device’s payloads based on the physical location of the cable.  more

These spy cables come in various configurations, including standard USB charging cables. They look exactly like authentic cables. An electronic test can identify a malicious spy cable easily. In fact, you can do it yourself. Click here for instructions.

Spies for Hire: New Breed of Hackers Blends Espionage and Entrepreneurship

China’s buzzy high-tech companies don’t usually recruit Cambodian speakers, so the job ads for three well-paid positions with those language skills stood out. The ad, seeking writers of research reports, was placed by an internet security start-up in China’s tropical island-province of Hainan.

That start-up was more than it seemed, according to American law enforcement. Hainan Xiandun Technology was part of a web of front companies controlled by China’s secretive state security ministry, according to a federal indictment...

The accusations appear to reflect an increasingly aggressive campaign by Chinese government hackers and a pronounced shift in their tactics: China’s premier spy agency is increasingly reaching beyond its own ranks to recruit from a vast pool of private-sector talent.

This new group of hackers has made China’s state cyberspying machine stronger, more sophisticated and — for its growing array of government and private-sector targets — more dangerously unpredictable. more

Fax Security Alert: One Picture Worth 1000 Hacks

Security researchers have found a way to remotely execute code on a fax machine by sending a specially crafted document to it. So… who cares about fax? Well apparently a lot of persons are still using it in many institutions, governments and industries, including the healthcare industry, legal, banking and commercial. Bureaucracy and old procedures tend to die hard.

"Our research set out to ask what would happen if an attacker, with merely a phone line at his disposal and equipped with nothing more than his target`s fax number, was able to attack an all-in-one printer by sending a malicious fax to it.

In fact, we found several critical vulnerabilities in all-in-one printers which allowed us to ‘faxploit’ the all-in-one printer and take complete control over it by sending a maliciously crafted fax." more

 

Better Not Lose Your Laptop - A Cautionary Tale

via Dolos Group, LLC 
What can you do with a stolen laptop? 
Can you get access to our internal network?

That was the question a client wanted answered recently. Spoiler alert: Yes, yes you can. This post will walk you through how we took a “stolen” corporate laptop and chained several exploits together to get inside the client’s corporate network.

We received a Lenovo laptop preconfigured with the standard security stack for this organization. We didn’t get any information about this laptop, no test credentials, no configuration details, no nothing, it was a 100% blackbox test. Once the laptop came in, we opened the shipping box and got to work. After we did our reconnaissance of the laptop (BIOS settings, normal boot operation, hardware details, etc) we noted a lot of best practices were being followed, negating many common attacks. For example... more

Security Director Alert: Millions of Connected Cameras Open to Eavesdropping

A supply-chain component lays open camera feeds to remote attackers thanks to a critical security vulnerability.  

Millions of connected security and home cameras contain a critical software vulnerability that can allow remote attackers to tap into video feeds, according to a warning from the Cybersecurity and Infrastructure Security Agency (CISA).

The bug (CVE-2021-32934, with a CVSS v3 base score of 9.1) has been introduced via a supply-chain component from ThroughTek that’s used by several original equipment manufacturers (OEMs) of security cameras – along with makers of IoT devices like baby- and pet-monitoring cameras, and robotic and battery devices. 

The potential issues stemming from unauthorized viewing of feeds from these devices are myriad.

For critical infrastructure operators and enterprises:

• video-feed interceptions could reveal sensitive business data,
• production/competitive secrets,
• information on floorplans for use in physical attacks,
• and employee information.

And for home users, the privacy implications are obvious. more

Breaking: Billions of Online Trading Broker Records Have Been Leaked

Researchers at WizCase have discovered a massive data leak that belongs to FBS, a Cyprus-based online trading broker used by millions of traders in over 190 countries. 

The leak includes sensitive personally identifiable information (PII), financial information, government documents, numbers, and even passwords in plaintext form...

The consequences for the exposed individuals are grave, ranging from identity theft and banking fraud to scams, phishing, blackmailing, and even business espionage. The details that have been exposed are just too revealing, and mitigating the risks now is very complicated – if at all possible.

If you were using FBS, you should reset all your passwords, enable 2FA and monitor your bank account activity closely. more

A Hacker Got All My Texts for $16

A gaping flaw in SMS lets hackers take over phone numbers in minutes by simply paying a company to reroute text messages.

I didn't expect it to be that quick. While I was on a Google Hangouts call with a colleague, the hacker sent me screenshots of my Bumble and Postmates accounts, which he had broken into. Then he showed he had received texts that were meant for me that he had intercepted. Later he took over my WhatsApp account, too, and texted a friend pretending to be me. more

Security startup Verkada hack exposes 150,000 security cameras...

 ... in Tesla factories, jails, and more.

Verkada, a Silicon Valley security startup that provides cloud-based security camera services, has suffered a major security breach. Hackers gained access to over 150,000 of the company’s cameras, including cameras in Tesla factories and warehouses, Cloudflare offices, Equinox gyms, hospitals, jails, schools, police stations, and Verkada’s own offices, Bloomberg reports.

According to Tillie Kottmann, one of the members of the international hacker collective that breached the system, the hack was meant to show how commonplace the company’s security cameras are and how easily they’re able to be hacked. In addition to the live feeds, the group also claimed to have had access to the full video archive of all of Verkada’s customers... more

New iOS 14.5 Security Feature Will Stop Hackers in Their Tracks

...it looks like Apple is making some pretty big sweeping steps in iOS 14.5 to lock the whole system down even further.

In fact, Apple has already been taking steps to harden iOS 14 against one of the most common exploits — iMessage vulnerabilities — thanks to a very cool new technology dubbed ‘Blastdoor’. However, it looks like Blastdoor was only the beginning, with iOS 14.5 adding some new defences against “zero-click” attacks in general...

As the name implies, a “zero-click attack” is a method by which hackers can take advantage of security vulnerabilities to get into your iPhone or iPad without requiring any interaction on your part. more

 

Russian Hack Changes Court Rules on Handling Sensitive Information

Trial lawyer Robert Fisher is handling one of America’s most prominent counterintelligence cases... Under new court rules, he’ll have to print out any highly sensitive documents and hand-deliver them to the courthouse.

Until recently, even the most secretive material — about wiretaps, witnesses and national security concerns – could be filed electronically. But that changed after the massive Russian hacking campaign that breached the U.S. court system’s electronic case files and those of scores of other federal agencies and private companies.

The new rules for filing sensitive documents are one of the clearest ways the hack has affected the court system. But the full impact remains unknown. Hackers probably gained access to the vast trove of confidential information hidden in sealed documents, including trade secrets, espionage targets, whistleblower reports and arrest warrants. It could take years to learn what information was obtained and what hackers are doing with it. more

Yet Another Air-Gapped Computer Hack

Academics from an Israeli university have published new research today detailing a technique to convert a RAM card into an impromptu wireless emitter and transmit sensitive data from inside a non-networked air-gapped computer that has no Wi-Fi card.

Named AIR-FI, the technique is the work of Mordechai Guri, the head of R&D at the Ben-Gurion University of the Negev, in Israel.

Over the last half-decade, Guri has led tens of research projects that investigated stealing data through unconventional methods from air-gapped systems. 

These types of techniques are what security researchers call "covert data exfiltration channels." They are not techniques to break into computers, but techniques that can be used to steal data in ways defenders aren't expecting. more