The Hacker News

Mise à jour

Mise à jour de la base de données, veuillez patienter...

Outernet - Free Global Wi-Fi Service from Outer Space

vendredi 28 février 2014 à 09:30

If you are reading this THN Article, then you are the one of those lucky guys who has access to the Internet, but everyone is not as lucky as you. On this planet, about 40% of the population is still not having an access to the Internet services.

So, there is good news for all those who are still deprived of Internet services - Free Global WiFi Internet Access called 'Project Outernet'.

A Non-profit organization 'Media Development Investment Fund (MIDF)' based in New York has taken this initiative, regardless of the geographical location, the Outernet will broadcast free, bypassing filtering or other means of censorship and universal Internet all over the globe from high in orbit.

A few hundred of Low-cost mini satellites (cubesats) will be sent into the space to create a constellation in the low earth orbit. To widen the range of service area, these Cubesats will utilize universally accepted standard protocols like DVB, Digital Radio Mondiale and User Datagram Protocol (UDP) WiFi Multitasking.

Outernet is nothing but a modern version of shortwave radio, it will receive data from the Ground Stations and will transmit the received data in a continuous loop until it will receive new data.

“Broadcasting data allow citizens to reduce their reliance on costly internet data plans in places where monthly fees are too expensive for average citizens. And offering continuously updated web content from the space bypasses censorship of the Internet.” Outernet says on their website.

Outernet will broadcast Global news, applications, information, educational courseware, and emergency communication services. Technical assessment of the project has been started in last December and a prototype will be tested nearly in June this year.

"By leveraging datacasting technology over a low-cost satellite constellation, Outernet is able to bypass censorship, ensure privacy, and offer a universally-accessible information service at no cost to global citizens."

MDIF is planning to enhance the ability of the service by enabling the data transmission from anywhere, depending on the availability of funds required for this feature. MDIF's director of innovation said it would take only three years and $12 billion to get the project up and running.

Google has been working on a similar project called “Project Loon - Balloon-Powered Internet for Everyone” for quite some time.

This technology seems very innovative and useful for the enhancement of the civilization of Humanity in remote areas as well, but it has its own limitation.

After such services get fully functional, all of us might face Security and Privacy Threats by relying on the technology by U.S Based Companies where the NSA wants to control and intercept everything. Till now NSA could target only 60% population with Internet access, but this may potentially allow them to target 100% audience with regular and Free Internet access.

In this era of Edward Snowden, we need to think about its other side too. What do you think about Outernet? Add your Comments.

Boeing launches Ultra-Secure 'Black' Smartphone that has Self-Destruct Feature

jeudi 27 février 2014 à 19:12

Boeing launches Ultra-Secure 'Black Smartphone' that can Self-Destruct

Looking for a Secure Smartphone? World's biggest Aerospace company - Boeing is finally close to the launch of its high-security Android Smartphone, called "Boeing Black (H8V-BLK1)", primarily designed for secure communication between Governmental agencies and their contractors.

Encrypted email, Secure Instant Messaging and Other privacy services and tools are booming in the wake of the National Security Agency’s recently revealed surveillance programs.

Encryption isn’t meant to keep hackers out, but when it’s designed and implemented correctly, it alters the way messages look. Boeing is the company which is already providing secure communications for US Government officials, including the president.

Don't mess with it, It can Self-Destruct: Boeing Black Smartphone can Self-Destruct if it is tampered with, destroying all the data on it. The device is delivered in complete sealed form, any attempt to open the seal of the device will destruct the operating system and functionality of the device.

“Any attempt to break open the casing of the device would trigger functions that would delete the data and software contained within the device and make the device inoperable,” says the paperwork.

Well, another important fact to be noticed, Boeing Black (H8V-BLK1) won't be available to average consumers, it is designed for Governmental agencies, Defense and Homeland security only.

Ultra-Secure Mobile Operating System: Boeing's modified Android operating system has a specific software security policy configuration, so users can configure the device for maximum mission productivity and security.

"Boeing Black’s security is powered by the Boeing PureSecure architecture, which was designed from the outset for the mobile environment. Our architectural foundation is built upon layers of trust from embedded hardware, operating system policy controls, and compatibility with leading mobile device management systems. The device’s hardware roots of trust and trusted boot ensure the device starts in a trusted state, enabling the maximum security of data. Hardware media encryption and configurable inhibit controls are embedded to protect the device, its data, and the transmission of information, significantly reducing the risk of mission compromise due to data loss." according to the paperwork they filed with the Federal Communication Commission (FCC).

Boeing Black supports dual MicroSIM with GSM, WCDMA, and LTE on a wide range of bands to facilitate global use and operates on the modified version of Android Operating, that keeps all details as secure as possible.

Security and Confidentiality of the information of any person related to the National Security must be on the high priority, but problem arises when the NSA like agencies starts capturing the Data flowing on the backbone of the communication channel and Bribes Software companies to weaken the encryption, and that compels a user to think twice before opting the new inventions and products.

At the Mobile World Congress in Barcelona, Washington-based software firm Silent Circle and Madrid-based Geeksphone teamed up to launch the Blackphone, highly secure device that doesn't run on any traditional telecom carriers or operating systems.

We have reported earlier, there is another interesting Self-destructing Chips project, that has been handed over to IBM by the Defense Advance Research Projects Agency (DARPA).

360 Million Stolen Credential FOR SALE on Underground Black Market

jeudi 27 février 2014 à 17:20

360 Million Stolen Credential ON SALE on Underground Black Market

Your Financial Credentials are on SALE on the Underground Black Market without your Knowledge… sounds like a nightmare, but it’s TRUE.

Cyber security firm, Hold Security, said it has traced over 360 million stolen account credentials that are available for Sale on Hacker's black market websites over past three weeks. The credentials include usernames, email addresses, and passwords that are in unencrypted in most cases, according to the report released on Tuesday.

It is not known till now from where these credentials exactly were stolen, but the security researchers estimated that these credentials are a result of multiple breaches. Since the banking credentials are one of the most ‘valuable bounties’ for the cyber criminals, and the ways to steal these credentials can be directly from the companies and from the services in which users entrust data as well.

According to Hold Security, in addition to the sale of 360 million credentials, the cyber criminals are selling about 1.25 billion email addresses, which would be of an interest to the spammers.

Alex Holden, chief information security officer at Hold Security, told Reuters, “E-mail addresses in the credentials are from all major services, including Gmail and Yahoo, and almost all Fortune 500 companies and nonprofit organizations,” and that his company is working to discover where the credentials came from and what they can access.

The sale of this tremendous number of users’ credentials in the underground market can risk consumers and companies, because these wide ranges of compromised users’ credentials could access anything from online bank accounts to corporate networks.

"The sheer volume is overwhelming," Holden told Reuters, adding, “He believes the 360 million records were obtained in separate attacks, including one that yielded some 105 million records, which would make it the largest single credential breaches known to date.”

Hold security is the one, which uncovered the ever big Adobe breach in October 2013, in which 153 million users' credentials, including user names and passwords were stolen from Adobe system, and a month later identified another large breach of 42 million plain-text password credentials from a niche dating service Cupid Media.

There is no way out to secure yourself from these types of attacks because cyber criminals are trying to heist your money every second of time and by using the same password for multiple accounts, you yourself give them an open invitation.

You can reduce the risk of these attacks by choosing different passwords for different accounts, as the risks are more for the users who choose the same password for multiple services they adopt, because once an attacker has your single account’s email address and password, he can use those credentials to compromise your every other sites account that uses the same username and password.

Only the best practical way to do that is with a password manager. If you aren't using a password manager, you need to start now, like LastPass, KeePass, RoboForm Desktop 7, PasswordBox, and Dashlane 2.0.

Stay Safe! Stay Secure! Stay Tuned!

Tilon/SpyEye2 Banking Trojan Usage Declining after SpyEye Author Arrest

jeudi 27 février 2014 à 08:13

Tilon/SpyEye2 infections declined after SpyeEye author's Arrest

Today, when we come across various malware, exploit kits and botnets that are in the wild, we think about an effective Antivirus solution or a Security Patch, but the most effective solution is always "The arrest of malware authors and culprits who are involved in the development of Malware."

Tilon has been an active malware family that was spotted first time in 2012, was specially designed to filch money from online bank accounts, that earlier various researchers found to be the new version of Silon, is none other than the SpyEye2 banking Trojan, according to researchers at security firm Delft Fox-IT.

Tilon a.k.a SpyEye2 is the sophisticated version of SpyEye Trojan. Majority functional part of the malware is same as of the SpyEye banking Trojan that was developed by a 24-year-old Russian hacker 'Aleksandr Andreevich Panin' or also known as Gribodemon, who was arrested in July 2013.

‘SpyEye’, infected more than 1.4 million Computers worldwide since 2009, designed to steal people’s identities and financial information, including online banking credentials, credit card information, user names, passwords and PINs. It secretly infects the victim’s computer and gives the remote control to the cybercriminals who remotely access the infected computer through command and control servers and steal victims’ personal and financial information through a variety of techniques, including web injects, keystroke loggers, and credit card grabbers without authorization.

Researchers have confirmed that, the team who had developed the SpyEye is the same who created Tilon, and that is why it was labeled as SpyEye2.

“The team behind its creation was similar, however, reinforced with at least one better skilled programmer,” said the researchers, adding, “The management of SpyEye2 is done through a single, unified interface, which has been completely redesigned but still contains a few of the unique features of the original SpyEye.”

An interesting part of SpyEye2, which the researchers found ‘slightly funny’, is that the malware check for the removal of the older version of SpyEye installed in the infected system and replace it with the new version, i.e. SpyEye2 with better stability features.

“No other malware families are checked for removal. Early versions of the original SpyEye were likewise equipped with a feature to remove older versions of ZeuS installed on the infected system,” researchers say.

According to the researchers, “only the Loader portion of Tilon is sourced from Silon, but this is where the similarity ends. As shown above and further illustrated in the Appendices, the body (i.e., functional portion) of Tilon was actually based on SpyEye.”

Also, another reason to consider Tilon as SpyEye's variant is its success, which was in the wild from 2012 to 2014, and suddenly seems to be over as the SpyEye author arrested last year.

Fox-IT researchers say, “the arrests, like Gribodemon and other key figures in the underground economy, such as Paunch, the author of the popular Blackhole Exploit Kit, is the key to decreasing the worldwide activity around online crime.”

It doesn’t mean that the malware won’t circulate its fraudulent activity in the future, but will finally come to an end after nearly a year of declining usage.

Chameleon Virus that Spreads Across WiFi Access Points like Common Cold

mercredi 26 février 2014 à 12:23

Do you know, A Computer viruses could go Airborne over WiFi networks? Security researchers at the University of Liverpool in Britain have demonstrated a WiFi virus that can spread between computer networks just like the 'common cold' spreads between Humans.

They have created a proof-of-concept which can infect the entire wireless network instead of a single computer at a time, that replaces the firmware of the vulnerable Access Point (AP) with a virus-loaded version, and then propagates itself to the next victim on the WiFi network.

The WiFi based virus named as 'Chameleon', that can self-propagate over WiFi networks from access point to access point, but doesn't affect the working of the Wireless Access Point.

This Virus is able to identify WiFi access points that are not protected by encryption and passwords, according to the research paper. It can badly hit less-protected open access WiFi networks available in coffee shops or airports.

It propagates in the following sequence:

It Establish a list of susceptible APs within the range
Bypass any encryption Security on the targeted AP
Bypass the administrative interface on the targeted AP
Identify and Store AP System Settings
Replace the AP firmware on with the virus-loaded firmware.
Import the victim original AP System Settings on newly loaded firmware
Let's Propagate! Back to Step one to next Target.

The experimental simulated demonstration was performed in two cities i.e. Belfast, NI and London, England.

Laboratory setup

A random access point was made infected with the virus which act as a seed, the results were published in the paper.

The Chameleon attack is a serious threat for WiFi network security. The research shows that this kind of attack is undetectable to any Antivirus and Wireless Intrusion Detection System (IDS).

"Hence, this attack is considered advanced and difficult to detect, as IDS rogue AP detection methods typically rely on a change in credentials, location or traffic levels."

The Density of Access points in a certain geographical area increases the security issues for wireless networks, because it spreads very quickly at high speed in an area having denser Access Point availability.

“WiFi connections are increasingly a target for computer hackers because of well-documented security vulnerabilities, which make it difficult to detect and defend against a virus,” says Marshall, Co-author of the research paper.

However, the virus itself doesn’t exist in the wild and created for the demo purpose in the research lab only, though it is very likely that a malicious version could be created and released into the wild by cyber criminals and malware writers.