Boing Boing 

Proof-of-concept firmware worm targets Apple computers

It's like Bad USB, with extra Thunderbolt badness: Web-based attacks can insert undetectable malicious software into a Mac's UEFI/BIOS, which spreads to other machines by infecting Thunderbolt and USB devices.

Read the rest

Boeing and disgraced malware firm Hacking Team planned flying spyware-delivery drones


An engineer at Boeing's Insitu subsidiary proposed that the disgraced malware company Hacking Team should add spyware-delivery tools to Insitu's drone platform.

Read the rest

UK schools' "anti-radicalisation" software lets hackers spy on kids


The spyware that Impero supplies to UK schools -- which searches kids' Internet use for "jihadi" terms -- uses "password" as its default password, and the company has threatened brutal legal reprisals against the researcher who repeatedly demonstrated their total security negligence.

Read the rest

A computer researcher haggled with a Russian ransomware criminal

hackers

If you accidentally install Troldash (via spam email) on your computer, it will encrypt your hard drive and lock up your files. Troldash will display an email address to contact the criminal, who will offer to sell you the key to decrypt your hard drive. Natalia Kolesova, a researcher at the security firm Checkpoint, intentionally installed Troldash on a test machine and engaged in an email exchange with the scammer to see if he or she would negotiate the 250 euro ransom.

Posing as a victim named Olga, the researcher contacted the scam artist, and received a reply with instructions to pay 250 euros to get the files back.

Suspecting the reply was automated, Ms Kolesova pressed for a more human response, asking more details about how to transfer the money, and pleading with the hacker to not make them pay.

Responding in Russian, the scammer offered to accept 12,000 roubles, a discount of around 15%. After Ms Kolesova pleaded further, the email response read: "The best I can do is bargain."

Eventually the unknown man or woman was talked into accepting 7,000 roubles - 50% less than the first demand.

"Perhaps if I had continued bargaining, I could have gotten an even bigger discount," Ms Kolesova concluded.

Image: Shutterstock

Self-sustaining botnet made out of hacked home routers


Telcos send routers with default passwords to their customers, who never change them, and once they're compromised, they automatically scan neighboring IP space for more vulnerable routers from the same ISP.

Read the rest

Ransomware decryptor


If you or someone you love has been hijacked by Coinvault ransomware -- malware that encrypts your data and won't decrypt it unless you transfer Bitcoin to criminals -- Kaspersky may be able to help you (via Hacker News)

Arkansas cops send malware to whistleblowers' lawyers

An Arkansas lawyer representing ex-cops who blew the whistle on corruption in the Fort Smith Police Department says that when he gave the police brass a blank hard-drive for discovery documents, they returned it laden with sneaky malware, including a password-sniffing keylogger and a backdoor that would let the police department spy on their legal opponents.

Read the rest

Three steps to save ourselves from firmware attacks


Following on the news that the (likely NSA-affiliated) Equation Group has developed a suite of firmware attacks that target the software embedded in your hard-drive and other subcomponents, it's time to expand the practice of information security to the realm of embedded software.

Read the rest

Spies can't make cyberspace secure AND vulnerable to their own attacks


In his Sunday Observer column, John Naughton makes an important point that's hammered home by the escape of the NSA/GCHQ Regin cyberweapon into the wild: spies who make war on the Internet can't be trusted with its security.

Read the rest

E-cigs and malware: real threat or Yellow Peril 2.0?


After a redditor claimed to have gotten a computer virus from factory-installed malware on an e-cig charger, the Guardian reported out the story and concluded that it's possible.

Read the rest

FBI secretly seeking legal power to hack any computer, anywhere


The Bureau is seeking a rule-change from the Administrative Office of the US Courts that would give it the power to distribute malware, hack, and trick any computer, anywhere in the world, in the course of investigations; it's the biggest expansion of FBI spying power in its history and they're hoping to grab it without an act of Congress or any public scrutiny or debate.

Read the rest

Malware authors use Gmail drafts as dead-drops to talk to bots

Once you've successfully infected your victim's computer with malware, you want to be able to send it orders -- so you spawn an invisible Internet Explorer window, login to an anonymous Gmail account, and check in the Drafts folder for secret orders.

Read the rest

Malware needs to know if it's in the Matrix


Once a security researcher discovers a new strain of malicious software -- running a virtual machine on a test-bench -- and adds its signature to anti-virus and network monitor blacklists, it's game over. So today's malware devotes enormous energy to figuring out if it's running on a real computer, or inside one of its enemies' virtual worlds.

Read the rest

Animation explains the dangers of Computercop, the malware that US police agencies distribute to the public

Dave from EFF writes, "Here's a funny, easy-to-understand animation explaining why ComputerCOP parental monitoring software is actually dangerous to kids. More than 245 local law enforcement agencies have purchased this software in bulk and handed it out to families for free."

Using an imaginary kid named Timmy, who gets "pantsed" by ComputerCOP, the animation by Fusion also ties ComputerCOP to the unnecessary equipment locals cops have obtained, like mine-resistant trucks. Fusion's cartoon is based on an EFF investigation published on Wednesday.

Who needs the NSA? Anyone could spy on your kids thanks to ComputerCop

(Thanks, Dave!)

Mobile malware infections race through Hong Kong's Umbrella Revolution


The protesters are dependent on mobile apps to coordinate their huge, seemingly unstoppable uprising, and someone -- maybe the Politburo, maybe a contractor -- has released virulent Ios and Android malware into their cohort, and the pathogens are blazing through their electronic ecosystem.

Read the rest

Hundreds of US police forces have distributed malware as "Internet safety software"

Law enforcement agencies have been buying and distributing Computercop, advising citizens that the software is the "first step" for protecting their kids; one sheriff bought copies for every family in the county.

Read the rest

Researchers publish secret details of cops' phone-surveillance malware


Kaspersky Labs (Russia) and Citizen Lab (University of Toronto) have independently published details of phone-hacking tools sold to police departments worldwide by the Italian firm Hacking Team (here's Kaspersky's report and Citizen Lab's). The tools can be used to attack Android, Ios, Windows Mobile and Blackberry devices, with the most sophisticated attacks reserved for Android and Ios.

The spyware can covertly record sound, images and keystrokes, capture screenshots, and access the phones' storage and GPS. The tools are designed to detect attempts to search for them and to delete themselves without a trace if they sense that they are under attack.

Hacking Team insists that its tools are only sold to "democratic" police forces, but Citizen Lab's report suggests that the tool was used by the Saudi government to target dissidents.

The means of infection is device-specific. If police have physical access, it's simple. Android devices can be attacked by infecting a PC with a virus that installs the police malware when the device is connected to it. This attack also works on jailbroken Iphones.

Read the rest