Saturday, August 16, 2014

When attacks used seemingly legitimate tools

"What he may want a flashlight app access gyroscope?”. Perhaps to control flash intensity when he inadvertently put the smartphone or the tablet upside down, or perhaps for other thing.

Researchers at the University of Stantford and Israeli defense department found a much more practical use: listening to conversations near the device. How is this possible for a gyroscope behaves as a microphone? Analyzing changes in air pressure produced by the voice, and taking advantage of that so far, at least in Android, the sensitivity of these sensors is not restricted to less than 100 Hz. To make matters worse, neither Android nor iOS (the two mobile operating systems studied) allow the user to deny gyroscope access to applications, so that we can consider that all terminals are now vulnerable to this kind of attacks.

Vulnerable as much of the VNC connections that internet users use every day. Dan Tentler shows in his Twitter @Viss VNC session screens without passwords that allow the "visitor" to see how someone is playing quietly in line, or an operator accesses the dashboard of a SCADA system ... Imagine the malicious actions that can be done from a remote control program as such.

Almost as many as from Google Developers, tool sharing code of Mountain View, which is news today as one of the services used by a group of cyber criminals to steal information from U.S and Asian Internet providers, financial institutions and goverment organizations. They used to do it Kaba, a RAT (remote access tool) obfuscated by Hurricane Electric domains, which is launched from a call to a script in Google Developers, who was in charge of redirecting traffic to an external IP.

An elaborate architecture, very different from other so common in our day to day as dangerous. The death of Robin Williams and his supposed farewell video seems the perfect hook to return to attack our Facebook account. Of course, before seeing the video course, we have to install an application, and we know what happens with this type of application …

Different techniques for the same goal: getting information from the victims in order to sell it to third parties or extort. And strategies that challenge our common sense. If you find this article interesting, do not hesitate to comment and follow us in Twitter, Facebook or Google+.


Post a Comment