Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode – Page 186

Asus’ software update system was hacked and used to distribute malware to about 1 million Windows computers, according to the cybersecurity firm Kaspersky Lab. The malware was disguised as a “critical” software update, distributed from Asus’ servers, and signed using a real Asus certificate that made it appear to be valid. Details of the hack were first revealed by Motherboard, and Kaspersky plans to release more details at an upcoming conference.

It’s not clear what the hackers were after. However, the hackers did seem to target specific Asus customers: the malware included special instructions for 600 systems, to be identified by specific MAC addresses. Once one of those systems was detected, the update would then install more malicious programs to further compromise the system.

Kaspersky named the attack “ShadowHammer.” This kind of targeting is often associated with espionage attacks by nation states, most notably Stuxnet, which spread widely but did little to no harm on most infected systems.

Read more

Democratic presidential candidate Beto O’Rourke has revealed he was a member of a notorious decades-old hacking group.

The former congressman was a member of the Texas-based hacker group, the Cult of the Dead Cow, known for inspiring early hacktivism in the internet age and building exploits and hacks for Microsoft Windows. The group used the internet as a platform in the 1990s to protest real-world events, often to promote human rights and denouncing censorship. Among its many releases, the Cult of the Dead Cow was best known for its Back Orifice program, a remote access and administration tool.

O’Rourke went by the handle “Psychedelic Warlord,” as revealed by Reuters, which broke the story.

Read more

What’s most worrisome, one source told MIT Tech, was that the malware crosses a new ethical line.

“Targeting safety systems just seemed to be off limits morally and really hard to do technically,” Joe Slowik, a former information warfare officer in the US Navy who now works at Dragos, an industrial cybersecurity firm that’s been tracking the spread of Triton, told the magazine.

Read more

Barely a week goes by without reports of some new mega-hack that’s exposed huge amounts of sensitive information, from people’s credit card details and health records to companies’ valuable intellectual property. The threat posed by cyberattacks is forcing governments, militaries, and businesses to explore more secure ways of transmitting information.

Read more

OTTAWA — A Chinese telecommunication company secretly diverted Canadian internet traffic to China, particularly from Rogers subscribers in the Ottawa area, says an Israeli cybersecurity specialist.

The 2016 incident involved the surreptitious rerouting of the internet data of Rogers customers in and around Canada’s capital by China Telecom, a state-owned internet service provider that has two legally operating “points of presence” on Canadian soil, said Yuval Shavitt, an electrical-engineering expert at Tel Aviv University.

Shavitt told The Canadian Press that the China Telecom example should serve as a caution to the Canadian government not to do business with another Chinese telecommunications giant: Huawei Technologies, which is vying to build Canada’s next-generation 5G wireless communications networks.

Read more