Archive for 2014-03-23
Windows XP Flaw: Hackers withdraw money from any ATM by just sending a Text Message
By : Unknown
ATM theft and fraud is nothing new and culprits are coming
up with new ways all the time to either get cash out of ATM in some way or
steal ATM user’s card number and pin code. One expects the banks to stay
vigilant and at top of the security game to cope with such notorious acts by
keeping their ATMs up to date with cutting edge technology. However, this is
not the case as over 95 percent of the ATMs run on an operating system which
was released initially about 13 years ago that is Windows XP. Microsoft will
stop supporting the historic operating system on April 8 this year after which
it will be officially declared dead. According to Symantec researchers, this
will affect the banks heavily. What can be the reason for banks to not upgrade
to a new OS in ATMs? Clearly, shortage of funds is not something that is
associated with banks.
The users and the banks have already been warned by
Microsoft and hackers are eagerly waiting for the day when support will be
withdrawn. Microsoft will neither issue any more patches nor will it
investigate the flaws any further after that.
It could be as easy as to send an SMS through a mobile
sharing the internet connection of the ATM machine to collect the cash from the
ATMs. The Trojan threat named as “Backdoor.Ploutus.B” is an English variant of
its earlier Mexican version called “Backdoor.Ploutus” which used an external
keyboard to send commands. How does it work? The hacker attaches a mobile phone
in the compromised ATM running on Windows XP using USB tethering which creates
a shared Internet connection for ATM and mobile phone to connect to the servers
of the bank. Then the hacker sends SMS commands to the connected phone which
converts the commands in proper network packets that are sent through the ATM
to the bank servers. The servers think that the request for cash is
legitimately coming from a properly working ATM thus releases the cash to be
collected by the hacker.
Two SMSs are required to carry out this hack successfully:
“SMS 1 must contain a valid activation ID in order to enable
Ploutus in the ATM.”
“SMS 2 must contain a valid dispense command to get the
money out.”
Symantec suggest a number of measures that can be taken to
make the ATMs more secure from Ploutus attacks. Symantec writes:
“Upgrading to a supported operating system such as Windows 7
or 8
Providing adequate physical protection and considering CCTV
monitoring for the ATM
Locking down the BIOS to prevent booting from unauthorized
media, such as CD ROMs or USB sticks
Using full disk encryption to help prevent disk tampering
Using a system lock down solution such as Symantec Data
Center Security: Server Advanced (previously known as Critical System
Protection)”
Hackers create drone that can steal What’s inside your phone
By : Unknown
At this point of time, most of smartphones are loaded with
an important function that requires Hackers of London have created a drone that
is proficient in taking data consists of locations and passwords directly from
your smartphone.
The drone uses a codename “Snoopy” that targets busy city
streets and specific phones switched on while using the WiFi settings and it is
also an advantage for the drone that it uses the common smartphone features and
thus, it continuously searches for the networks that are already approved and
accessed by a user.
The developer of Snoopy, Glenn Wilkinson said in a report of
CNN that whenever users will connect their smartphones to Snoopy, they will be
shouting and noisily. There shouting would be like this, are you there
Starbucks? Are you there McDonald’s?
Onboard software of snoopy then tries to be a part of the
networks that are approved and connects to more than one secured devices at a
time, acting as different networks. After connecting to the quadcopter, Snoopy
seizes each transmission sent or received by a phone.
After stopping the individual media access control address
of a phone, Snoopy is capable of seeing and recording data of sensitive nature
such as location, username, passwords or even information about credit card
that is more often accessed by accounts or websites.
“I can have a look at all of your traffic after your phone
connects to me, “said by Wilkinson.” I’ve gone through the situation where
somebody is searching for ‘Bank X’ cooperate Wi-Fi. In this way, we can be
informed that that the concerned person is working at the bank.
While giving an interview to CNN, Snoopy revealed multiple
users of smartphones about how they were attacked by the drone, and within the
space of an hour gathered the sensitive information and real time GPS location
of about 150 smartphones. It also collected their Yahoo, Amazon and PayPal
accounts created for testing purpose.
Daniel Cuthbert and Wilkinson, both belong to SensePost
Information security a London based company developed Snoopy, have a plan of
presenting their achievements at the cybersecurity conference named as Black
Hat Asia which to be held in Singapore at 25th March.
Like lots of other companies of information security,
SensePost completed a test to show the weak points of the technology that we
use on daily basis. It is an important research that is being considered as
very helpful in preventing the attack of drones.
permission for the side of the user before entering into a
network. It is needed that this function must certainly be switched on after
the research of SensePost.
Share and Enjoy
Hackers have hacked 300000+ wireless routers, Check yours NOW!
By : Unknown
Hackers have hacked 300000+ wireless routers, Check yours
NOW!
Hackers near by you could hack your router and redirect to
the custom Malicious websites, according to a report at least 300,000 routers
compromised by hackers.
Small Office/Home Office (SOHO) routers produced by TP-Link,
D-Link, Micronet and Tenda affected through the Weak authentication and
vulnerabilities in both the routers’ firmware and their web application
interfaces were all exploited in the attacks, reported by security team Cymru.
Hackers attacking Routers:
To hack a router, one of the vulnerability used was a
cross-site request forgery flaw- Whenever a user visited a malicious website,
router authentication was hendled to the hackers. Image below helps you to
describe the attack:
Some of the known flaw also exploited by hackers in ZyXEL
ZynOS firmware on the routers, which meant to download the credentials directly
from the device by using an unauthenticated web interface for the machines.
Hackers also caught up that they changing the domain name system (DNS)
configrautions on the devices, by which user easily rediercted to any of the
Malicious URL that attacker wants to. Most of the victims of the attack were
based in Vietnam, although other victims lived in Italy, India and Thailand.
The attacks date back to at least mid-December. It appears the UK came away
relatively unscathed, even though there were many victims across Europe
Main motive of hackers is still unclear, for what they are
attacking routers because the IP addresses the victims were forwarded on to did
not appear to contain anything obviously malicious. According to Team Cymru
hackers using these type f techniques to send victims to fake sites, where they
could get your financial information ‘n all. You should check yours NOW!
Share
and Enjoy