Thursday, September 10, 2015

If you are an Androir user, careful, the wolves have been set free

Do you remember a leak in Android revealed this summer, which allowed remote control over our phone by just receiving a harmful MMS? Remember that tens of ways were discovered after that, such as the browser, to do it? Well, it has been revealed the code that allows it. We will be comenting on it, and also on an APT, which uses satellites, extortionist who earn bitcoins and an Iowa police software that allocated devices with WiFi. 

Joshua Drake, from Zimperium Security, discovered one of the most dangerous holes in Android, baptized StageFright, to which Google reacted with an unusual unskillfulness: they took long in launching a patch, and that patch was wrong and later it was discovered that the patch didn’t cover some ways of attack. The last straw, are that updates for Android mobile phones are a chaos that do not confirm to all users that they have received the patch. Drake has revealed the exploit, possibly so that enterprises catch up on terms of protecting themselves, but leaving a door open to criminals addapting it to their needs. Android means today every man for himself.

Hackers from outer space

A giant with clay foot is Kaspersky. After discovering that it created positive fakes to attack their competence, is trying to recover the lost trust launching whitepaper after whitepaper, each one more sensationalist. It now seems that they have achieved it with a report about a group of mercenaries highly specialized, Turla, that would use satellites to communicate their Command and Control centers with their victims. The hacker community appeared to be left with their mouth open but the first spoilsport have already  appeared, such as Robert Graham, who affirms that this technique is not new.

DDoS or bitcoins

DDoS for Bitcoin (DD4BC), are other cibercriminals who keep bombing bank systems (58% of their victims) and corporations such as Lloyds Bank o BAE, until they are paid a rescue in between 1 and 100 bitcoins. An Akamai study has identified 114 attacks from this group from april until now, 41 in June only . An important thing considering that in January and February only 5 attacks were made, which means the business is working.

Police aiming the WiFi

We are concluding with news to think about their implication: Iowa police is using a software, called L8NT, to allocate stolen devices, such as iPods or laptops, which use WiFi and if the MAC address is known. Policemen upload the L8NT on a flash drive plugged in their cars, and lets search for WiFis around the city.

We have only mention these news but, as always, we have some more that you can check on our Twitter account. Let´s be happy, that the weekend is close.


Post a Comment