The Hacker News

Mise à jour

Mise à jour de la base de données, veuillez patienter...

First Tor-Based Android Malware Spotted in the Wild

mardi 25 février 2014 à 09:13

We use our Smartphone devices to do almost everything, from Internet Banking to Sharing private files and at the same pace, the mobile malware sector is also growing.

The number of variants of malicious software aimed at mobile devices has reportedly risen about 185% in less than a year.

Security researchers have observed a growth in the numbers of computer malware families starting to use TOR-based communications, but recently the Security Researchers at anti-virus firm Kaspersky Lab have spotted the world's first Tor-Based Malware for Android Operating system.

The Android Malware dubbed as 'Backdoor.AndroidOS.Torec.a', using Tor hidden service protocol for stealth communication with Command-and-Control servers.

Researchers detected that the Trojan is running from .Onion Tor domain and working on the functionality of an open source Tor client for Android mobile devices, called 'Orbot', thus eliminating the threat of the botnet being detected and blocked by law enforcement authorities, although often it's not clear how many devices has been infected by this malware till now.

The Trojan is capable of intercepting and stealing incoming SMS, can make USSD requests, stealing device information including 'the phone number, country, IMEI, model, version of OS', can retrieve the list of installed applications on the mobile device, and also can send SMSs to a specified number.

Kaspersky didn't mention particularly that the malware is focused on stealing banking information or not, but the popularity of Android OS is kept motivating cyber criminals to develop far more advanced Android malware with more stealthy and anti-reverse methods.

Here are some things you can do to dramatically reduce the risk of malware infections on your Android phone:

Install apps from official Android Market instead of third-party app stores or websites.
Before installing any apps, check the publisher and app reviews.
Pay attention to app permissions during the installation.
Install Antivirus and Firewall apps.

World’s largest Bitcoin exchange Mt. Gox Shuts Down; CEO quits Bitcoin Foundation

mardi 25 février 2014 à 07:53

World’s largest Bitcoin exchange Mt. Gox has shut down its website, withdrawal system, deleted its Twitter feed and halted all trading systems after it detected "unusual activity."

The Bitcoin Foundation, a Bitcoin advocacy group, confirmed that Mark Karpeles, the chief executive of Tokyo-based Mt. Gox bitcoin exchange has resigned from the board of the Bitcoin Foundation. This comes just days after the exchange gave an update regarding the technical issues.

Last week, Mt. Gox said a technical glitch that had forced the exchange to suspend bitcoin withdrawals for a week. They discovered the transaction falsification glitch and same flaw alleged to have been used to steal all of the bitcoins worth about $2.7 million from Silk Road 2.0.

Later, some sources close to the matter have confirmed that more than 700,000 bitcoins are indeed missing from MtGox records, in a 'slow-leak' hack that went on for years. The repeated technical glitches over the past several months caused the Shut down of the biggest Bitcoin Industry.

Bitcoin companies 'Coinbase, Blockchain.info, Circle, Kraken, Bitstamp, and BTC China' have issued a joint statement regarding MtGox.

"This tragic violation of the trust of users of Mt.Gox was the result of one company’s abhorrent actions and does not reflect the resilience or value of bitcoin and the digital currency industry. There are hundreds of trustworthy and responsible companies involved in bitcoin. These companies will continue to build the future of money by making bitcoin more secure and easy to use for consumers and merchants." "We strongly believe in transparent, thoughtful, and comprehensive consumer protection measures. We pledge to lead the way."

MtGox has also deleted its entire Twitter feed, which is nearly unprecedented. Late last week, Bitcoin prices dropped to the lowest they have been since June, by $300 and currently, the value on MtGox is swinging between $300 and $500.

Silent Circle's Blackphone - Privacy and Security Focused Smartphone for $629

lundi 24 février 2014 à 18:11

Silent Circle's BLACKPHONE - A Privacy and Security Focused Smartphone now available for pre-order for about $629.

Earlier this year encrypted communications firm Silent Circle and Spanish Smartphone maker Geeksphone announced a privacy-focused encrypted Smartphone called 'Blackphone' and today the company has revealed it as 'Mobile World Congress' in Barcelona.

The Blackphone titled as, “world’s first Smartphone which places privacy and control directly in the hands of its users,” has a fully customized version customized version of Android called PrivatOS and pre-installed with lots of privacy-enabled applications, is now available for pre-order for about $629.

Silent Circle was co-founded by a respected Cryptographer Phil Zimmermann, best known as the creator of Pretty Good Privacy (PGP), which is a widely used email encryption software.

The Blackphone handsets main focus is keeping all of your data secure, and to stop government agencies snooping on your communications. Blackphone will come with a set of application developed by Silent Circle, including Silent Phone, Silent Text, and Silent Contacts as well as other features for firewall and remote wipe when required.

Silent Circle's Blackphone - Privacy and Security Focused Smartphone available at $629

Blackphone also has a 'Kismet Smart Wi-Fi Manager' to improve the security device on public networks, and also provides the private web browsing and secure file-sharing options. The Android-based Blackphone is powered by a quad-core 2 GHz processor, 2GB of RAM, 16GB of onboard storage and support for LTE networks.

The Blackphone also comes with SpiderOak, which provides 5GB of encrypted data backup, and Virtual Private Network from Disconnect.me.

But if you think 'Blackphone' is a shield against the NSA or other intelligence agencies Blackphone, then you should know this - Blackphone cannot mask metadata entirely from NSA. No piece of man-made technology is entirely hack-proof.

Mike Janke, co-founder and CEO of Silent Circle told Mashable, "If you are on the terrorist wanted list or a criminal, intelligence services will get into your device... There's no such thing as 100% secure phone."

The Blackphone’s main security feature is voice and text encryption, not about hiding metadata which is related to a communication data such as date, time, location and identity of the users.

Hacking Team sold Spyware to 21 Countries; Targeting Journalists and Human Right Activists

lundi 24 février 2014 à 13:46

Spying on the world by injecting sophisticated backdoors in software, systems, and mobile phones, leads to violation of the Privacy and Security of every individual. Yes, we are talking about Surveillance, but this time not about NSA.

Instead, Countries including some with poor human-rights records and a much less technically advanced nation are the likely culprits, as they apparently used commercial spyware in making surveillance capabilities that once were the exclusive expertise of the known spy agencies, such as National Security Agency (NSA) and GCHQ.

Citizen lab, a nonprofit research lab has found traces of a remote hacking tool in 21 countries, developed by Hacking Team, including Ethiopia, Sudan, Azerbaijan and Saudi Arabia, which the team had already denied back in 2013.

Hacking Team, also known as HT S.r.l, is an Italian company, which is known for its powerful surveillance software, Remote Code System (RCS) that it sells to Governments and law enforcement agencies.

Senior Counsel of Hacking Team, Eric Rabe stated that the company does not provide its products to 'repressive regimes.'

"On the issue of repressive regimes, Hacking Team goes to great lengths to assure that our software is not sold to governments that are blacklisted by the EU, the US, NATO, and similar international organizations or any “repressive regime."

Remote Control System (RCS) is a malware, can be defined as 'instrument of crime', infects computers and Smartphones in order to enable covert surveillance. The company claims that its Trojan once installed in the victims’ computer, can intercept encrypted communication, including emails and Skype voice calls. Furthermore, RCS can turn on a device’s webcam and microphone to spy on the user without their knowledge.

The Team prominently advertises that their RCS spyware is "untraceable" to a specific government operator and can be installed remotely. They say that it can scale up to monitor "hundreds of thousands of targets" and is capable of being deployed to Apple, Android, Symbian, and Blackberry mobile devices.

"Hacking Team has made a number of statements that seem intended to reassure the public, as well as potential regulators, that they conduct effective due diligence and self-regulation regarding their clients, and the human rights impact of their products," the Citizen Lab researchers report on Monday. "They also market their RCS product as untraceable. Our research suggests that both of these claims ring hollow."

The researchers at Citizen Lab have found traces of Remote Control System (RCS) by mapping the spyware's network of proxy servers, which the Hacking Team claims that RCS is "untraceable."

"Our research reveals that the RCS collection infrastructure uses a proxy-chaining technique, roughly analogous to that used by general-purpose anonymity solutions like Tor, in that multiple hops are used to anonymize the destination of information," reads the report. "Despite this technique, we are still able to map out many of these chains and their endpoints using a specialized analysis." Citizen Lab researchers explained.

On the basis of tracing endpoints of Hacking Team proxy chains, the researchers suspected that the agencies of 21 Governments are current or former Clients of RCS, and the country names are Azerbaijan, Colombia, Egypt, Ethiopia, Hungary, Kazakhstan, Korea, Malaysia, Mexico, Morocco, Nigeria, Oman, Panama, Poland, Saudi Arabia, Sudan, Thailand, Turkey, UAE, Uzbekistan, including Italy which is the homeland of the Hacking Team.

The Governments are targeting for political advantage, including the US-based news Organization, rather than using it for legitimate law enforcement operations.

According to researchers at Citizen Lab, The No.1 suspect is Ethiopian Government, that used the hacking tool created by Hacking Team to carry out the spying operation against the Ethiopian journalists in the United States and Europe.

Hacking Team to Citizen Lab:

“We have established an outside panel of technical experts and legal advisors, unique in our industry that reviews potential sales. This panel reports directly to the board of directors regarding proposed sales.”

However The FBI, which investigates Computer crimes, declined to comment on the Citizen Lab report, but an activist at the Electronic Frontier Foundation (EFF) and an expert in surveillance technology, Eva Galperin said that:

"If the Ethiopian government is not a Hacking Team customer, then I would sure like to know how their tools wound up being used to spy on Ethiopian journalists."

5 Best WhatsApp alternatives with end-to-end Encryption

lundi 24 février 2014 à 12:55

WhatsApp acquisition may have had a negative impact on the reputation of the company, it seems many users are planning to switch the service and a few of them have already done it.

In our previous article, we have mentioned that why you should switch from WhatsApp to an encrypted Chat messaging service.

Mobile messaging apps often used to deliver sensitive data or used for personal and corporate communications, so the data stored by the service provider should be encrypted end-to-end, which is not yet in the case of WhatsApp.

There are many mobile messaging applications like Japan-based Line, China’s WeChat, Korea-based KakaoTalk, and Canada’s Kik, India-based Hike and many more, but they are not end-to-end encrypted messengers.

Time is loudly announcing the need to shift to some alternates which provides end-to-end encryption for communication between two devices and respect your Privacy. There are a number of solutions available includes - Telegram, Surespot, Threema, TextSecure, RedPhone etc.

1.) Telegram offers end-to-end encryption and have a 'Secret Chat' feature, that self-destruct messages after the conversation. The company is offering $200,000 Prize in Bitcoin to the first person to crack its Encryption.

"We support two layers of secure encryption (server-client and client-client). Our encryption is based on 256-bit symmetric AES encryption, RSA 2048 encryption and Diffie–Hellman secure key exchange." Company states on their website.

Regular and Secret chats are encrypted, but during Secret chat no data stored on the company server.

5 Best WhatsApp alternatives with end-to-end Encryption

There are a couple of more advantages Telegram brings which really are interesting. Telegram is free and an open source project, which means that the source code of the project is freely available, and according to their official website, 'Telegram has an open API and protocol free for everyone'.

Download Telegram for Android and iOS.

2.) Surespot allows you to send and receive text messages, pictures and audio clip with end-to-end encryption. It uses 256 bit AES-GCM encryption using keys created with 521 bit ECDH which can only be decrypted by sender and receiver.

Unlike WhatsApp, if you delete a message, it's deleted from the recipient's phone, too. Surespot supports multiple identities on a single device. Download Surespot for Android and iOS.

3.) Threema is not free, but a perfect alternate for WhatsApp, use end-to-end encryption and gives you all features of WhatsApp like text messaging, image sharing, and voice chat as well.

You can also sync your contact list automatically and manually. German users have started a shift to Threema after Facebook's acquisition and the app have become top paid app on the app store in Germany. Download Threema for iOS and Android.

4.) TextSecure and 5.) RedPhone also provides end-to-end encryption for messaging and voice calls respectively. RedPhone allows you to upgrade a normal call to secure call whenever it senses the possibility to fulfil the requirements.

TextSecure encrypts the messages stored locally, making your information hard to leak even if you lost your device. Download TextSecure for Android and Download RedPhone for Android.

So, if you are also now planning to switch, get any of above best suitable mobile messaging application for you.