Breaking News »

Latest Hacking News

Phones on Drones all set to Hack Wireless Printers

If you think, your office is secured because it’s on the top floor of a skyscraper building, then you may need to rethink as in this day and age, pretty much nothing is unhackable—not even office printers locked at the top floor.

Yes! A group of security researchers from Singapore has built a drone that along with a smartphone and custom applications can be used to automatically steal documents from printers with open Wi-Fi connections. The technology was developed by researchers from iTrust, a cyber security research center at the Singapore University of Technology and Design.

The researchers used a standard drone from a Chinese firm, DJI and used it to transport a Samsung Smartphone to an area where a wireless network with wireless printer was located. 

The researchers used two applications that they developed:

▬The first app establishes a bogus access point once the open wireless printer is detected.  The access point mimics the printer and tricks computers in the internal wireless network to send sensitive documents to it.

▬The second app is Cyber security Patrol, which is designed to scan the air searching for open Wi-Fi printers and automatically notify the organization’s IT department. This app has been designed to improve the security of the target organization. It looks for unsecured printers in the target organization accessible via the drone, but rather launching the attack, it took photos of the compromised printers and reports it to the internal staff.

Once a document is intercepted, the app can send it to an attacker’s Dropbox account using the phone’s 3G or 4G connection, and also send it on to the real printer so a victim wouldn’t notice the hack.

The attack zone is limited to 26 meters in radius. But with dedicated hardware, an attacker could generate a stronger signal which can extend that range further. Any computer inside the attack zone will opt to connect to the fake printer over the real one, even if the real printer is closer in proximity to the rogue one.

A drone hovering outside an office building would be obviously spotted, but the goal of the project intended to help companies so that they could be taught how easily accessible Wi-fi printers can be which can be stolen by hackers to steal data or get into their networks.

The project was part of a government-sponsored cyber security defense project.

Student researchers Jinghui Toh and Hatib Muhammad developed the method under the guidance of Professor Yuval Elovici of Department of Information Systems Engineering at Ben-Gurion University of the Negev.

The system targets wireless printers because wireless printers are supplied with the Wi-Fi connection open by default, and many companies forget to close this hole when they add the device to their Wi-Fi networks. This open connection potentially provides an access point for outsiders to connect to a network and steal a company’s sensitive data.

The researchers also demonstrated that the attack could also be carried out by hiding a cellphone inside an autonomous vaccum cleaner, after which the device will continuously scan for organisation’s networks for printers with unsecured connections.

The project conducted by the researchers demonstrated once again the close link between physical and logical security. 

Any person can simply install the Cybersecurity Patrol app on a smartphone and attach it to a drone to and send it upwards. Though the same method can be used by organizations to check for unsecured printers and other wireless devices.

It’s true that every invention and development comes with both pros and cons but if the cons have greater risk, then it’s time to approach physical security in a different way.

Danske bank fixes several vulnerabilities that could allow hackers to get into bank accounts

Most of us prefer to keep money at our bank accounts than to keep at home as we believe that banks are safer in comparison to our homes. But, you must get panicked, once you read a blog post by Sijmen Ruwhof, Freelance IT Security Consultant and an Ethical Hacker.

He has published a bank review entitled “How I could hack internet bank accounts of Danish largest bank in a few minutes”  in which he revealed that any hacker could easily get into the website of Danske Bank, one of the largest banks of Denmark, and get access to the users accounts.

His in-depth technical post explains the extent to which Danske Bank is vulnerable to hacking.

He discovered the vulnerability in August when he got intrigued with the idea of testing Bank’s security while interacting with a group of Danish hackers at the Chaos Communication Camp (CCC), near Berlin.

During the interacting program, security experts and Whitehat hackers were disappointed with the terrible security implementations adopted by many Danish Banks.

“I opened up the Danske Bank’s website and was curious to see how the HTML code looked like, so opened the code of the customer login screen of the banking environment. I strolled thru the code to get a grasp of the technology used,” the security researcher wrote in the blog.

Then he saw JavaScript comments that seemed to contain internal server information. Not just a few variables, but quite a lot of confidential data.

“It was in URL encoded format, so I decoded it right away. Really wondering what kind of secrets it contained,” he added. I was shocked. Is this happening for real? In less than a minute on their web site, this is just the HTML code of the login screen, one of the most visited pages of Danske Bank’s web site.”

The researcher said that he could see IP address of a probable customer via variable HTTP_CLIENTIP while visiting Danske Bank’s website. Similarly, HTTP_USER_AGENT contains an operating system and web browser details.

He warned that variable HTTP_COOKIE was visible and full of information; credentials of a customer could be hijacked in a very few time.

According to the researcher, Danske Bank doesn’t use a secure HTTPS connection to transport customer banking traffic; as variable HTTPS was OFF and SERVER_PORT carried value 80. The bank is still using COBOL code on their backend; for (Customer Information Control System) CICS and Database handling.

However, the good news is bank has patched all the vulnerabilities only after the researcher had uploaded his findings on his blog.

New Malware forces you to change your Wifi's default password

Ifwatch, a custom-built vigilant malware software changed the Wi-Fi passwords of  nearly 10000 routers to make it more secure.

According to researchers at the cyber security firm Symantec, the software is actually used to defend the machine from the hackers and provides solution for the other malware infections.

“We have not seen any malicious activity whatsoever,” said Symantec threat intelligence officer Val Saengphaibul. “However, in the legal sense, this is illegal activity. It’s accessing computers on a network without the owner’s permission.”

Ifwatch software infect the routers with a mysterious piece of “malware” through Telnet ports, which are often protected by default security credentials that could be easily for accessed for malicious attack, and then prompts the users to change their Telnet passwords.

The software is spreading quickly around the world but found mostly in China and Brazil. It was first discovered by an independent researcher in 2014.

“We have no idea who is behind this — or what their full intention is,” Saengphaibul said.

In a response to OPM data breach, CIA pulled officers from U.S. Embassy in Beijing

At a time when the personal information from fingerprints to criminal records to identities of family of 22 million Americans’, current and former federal employees, is in the hands of the Chinese hackers, CIA pulled a number of officers from the U.S. Embassy in Beijing as a response to that huge data breach.

It is said that the CIA took the step, in order to protect its officers whose personal information was compromised during the Office of Personnel Management (OPM) data breach.

Now, the U.S. officials, who had claimed that the data breach was conducted by a hostile party to identify spies and other American officials who could be blackmailed to provide information, said that China could have compared those records with the list of embassy personnel. It could help China to replace anyone with who wouldn't be just as vulnerable and not on a CIA official.

According to a news report, senior intelligence officials clarified that America’s cyber-theft deterrence measures to lawmakers.

James Clapper Jr, director of National Intelligence, explained that the difference between the OPM hacks and the theft of U.S. companies’ secrets to benefit another nation.

He regarded the OPM hacks as egregious as it was. He said that was not a cyber-attack rather a form of theft or espionage.

“We, too, practice cyber espionage and . . . we’re not bad at it. The United States would not be wise to seek to punish another country for something its own intelligence services do. I think it’s a good idea to at least think about the old saw about people who live in glass houses shouldn’t throw rocks,” he said.

News reports confirmed that last month, U.S. President Barack Obama had warned Beijing that it could face sanctions for the alleged cybertheft. And the further state-sponsored espionage could be considered an “act of aggression” that Washington would not tolerate.

"We have repeatedly said to the Chinese government that we understand how traditional intelligence gathering functions and that all states engage in it including us," he said earlier this month. "What is fundamentally different is your government or its proxies engaging in industrial espionage and stealing trade secrets from a company. We consider that an act of aggression and it must stop.”

Vulnerability »

Malware Report »

Defacements »

Spam Report »