It's been ten years since Sony Music infected the world with its rootkit


Oct 31 2005: Security researcher Mark Russinovich blows the whistle on Sony-BMG, whose latest "audio CDs" were actually multi-session data-discs, deliberately designed to covertly infect Windows computers when inserted into their optical drives. Read the rest

Smurfs vs phones: GCHQ's smartphone malware can take pics, listen in even when phone is off


In a new episode of the BBC's Panorama, Edward Snowden describes the secret mobile phone malware developed by GCHQ and the NSA, which has the power to listen in through your phone's mic and follow you around, even when your phone is switched off. Read the rest

Newly disclosed Android bugs affect all devices


The newly released bugs are part of the Stagefright family of vulnerabilities, disclosed by Zimperium Zlabs. Read the rest

Poker malware infects your computers and peeks at your cards


Odlanor is Windows malware that targets users of Pokerstars and Full Tilt Poker, and exfiltrates information about their cards to their competitors. Read the rest

Porn app secretly takes photos of you and charges you a ransom


A porn app developed by Russian hackers takes your photo, locks your phone, and displays a scary looking message from the "FBI" that says you have to pay a $500 fine for accessing "forbidden pornogaphic sites."

This piece of ransomware is called Porn Droid and affects Android devices. Unlike a similar porn malware app called Adult Player, which also take users photos and demands a ransom, Porn Droid users stay locked out of their phone even after they pay the ransom.

From IB Times:

According to security company ESET, which uncovered the campaign, the only way to recover access to your phone is through a factory reset, which means that all your photos, videos and contacts will be deleted and, unless they have been backed up, will be lost forever.

Read the rest

Proof-of-concept firmware worm targets Apple computers

It's like Bad USB, with extra Thunderbolt badness: Web-based attacks can insert undetectable malicious software into a Mac's UEFI/BIOS, which spreads to other machines by infecting Thunderbolt and USB devices. Read the rest

Boeing and disgraced malware firm Hacking Team planned flying spyware-delivery drones

An engineer at Boeing's Insitu subsidiary proposed that the disgraced malware company Hacking Team should add spyware-delivery tools to Insitu's drone platform. Read the rest

UK schools' "anti-radicalisation" software lets hackers spy on kids

The spyware that Impero supplies to UK schools -- which searches kids' Internet use for "jihadi" terms -- uses "password" as its default password, and the company has threatened brutal legal reprisals against the researcher who repeatedly demonstrated their total security negligence. Read the rest

A computer researcher haggled with a Russian ransomware criminal


If you accidentally install Troldash (via spam email) on your computer, it will encrypt your hard drive and lock up your files. Troldash will display an email address to contact the criminal, who will offer to sell you the key to decrypt your hard drive. Natalia Kolesova, a researcher at the security firm Checkpoint, intentionally installed Troldash on a test machine and engaged in an email exchange with the scammer to see if he or she would negotiate the 250 euro ransom.

Posing as a victim named Olga, the researcher contacted the scam artist, and received a reply with instructions to pay 250 euros to get the files back.

Suspecting the reply was automated, Ms Kolesova pressed for a more human response, asking more details about how to transfer the money, and pleading with the hacker to not make them pay.

Responding in Russian, the scammer offered to accept 12,000 roubles, a discount of around 15%. After Ms Kolesova pleaded further, the email response read: "The best I can do is bargain."

Eventually the unknown man or woman was talked into accepting 7,000 roubles - 50% less than the first demand.

"Perhaps if I had continued bargaining, I could have gotten an even bigger discount," Ms Kolesova concluded.

Image: Shutterstock Read the rest

Self-sustaining botnet made out of hacked home routers

Telcos send routers with default passwords to their customers, who never change them, and once they're compromised, they automatically scan neighboring IP space for more vulnerable routers from the same ISP. Read the rest

Ransomware decryptor

If you or someone you love has been hijacked by Coinvault ransomware -- malware that encrypts your data and won't decrypt it unless you transfer Bitcoin to criminals -- Kaspersky may be able to help you (via Hacker News) Read the rest

Arkansas cops send malware to whistleblowers' lawyers

An Arkansas lawyer representing ex-cops who blew the whistle on corruption in the Fort Smith Police Department says that when he gave the police brass a blank hard-drive for discovery documents, they returned it laden with sneaky malware, including a password-sniffing keylogger and a backdoor that would let the police department spy on their legal opponents. Read the rest

Three steps to save ourselves from firmware attacks

Following on the news that the (likely NSA-affiliated) Equation Group has developed a suite of firmware attacks that target the software embedded in your hard-drive and other subcomponents, it's time to expand the practice of information security to the realm of embedded software. Read the rest

Spies can't make cyberspace secure AND vulnerable to their own attacks

In his Sunday Observer column, John Naughton makes an important point that's hammered home by the escape of the NSA/GCHQ Regin cyberweapon into the wild: spies who make war on the Internet can't be trusted with its security. Read the rest

E-cigs and malware: real threat or Yellow Peril 2.0?

After a redditor claimed to have gotten a computer virus from factory-installed malware on an e-cig charger, the Guardian reported out the story and concluded that it's possible. Read the rest

FBI secretly seeking legal power to hack any computer, anywhere

The Bureau is seeking a rule-change from the Administrative Office of the US Courts that would give it the power to distribute malware, hack, and trick any computer, anywhere in the world, in the course of investigations; it's the biggest expansion of FBI spying power in its history and they're hoping to grab it without an act of Congress or any public scrutiny or debate. Read the rest

Malware authors use Gmail drafts as dead-drops to talk to bots

Once you've successfully infected your victim's computer with malware, you want to be able to send it orders -- so you spawn an invisible Internet Explorer window, login to an anonymous Gmail account, and check in the Drafts folder for secret orders. Read the rest

More posts