Thursday, October 8, 2015

Talking with the hackers who infected routers to make them safer

It's with no doubt the most heroic history of the current cyber security world: a mysterious group of nice hackers called The White Team, infects hundreds of thousands routers to securize them. When they were discovered, they published part of the source code of their malware and ensured: “We are nobody”. We'll start today with this beautiful topic, which will be remembered for a long time, to immerse in the habitual miseries: an online payment provider assaulted, phising vía Linkedin and an adware picking on Android users.



The Symantec researcher Mario Ballano discovered this curious malware, called Wifatch, which gets in the routers, IP cams and other devices with unsecure passwords and securizes them. Yesterday, when everybody was surprised after this amazing and altruist achievement, The White Team published in Gitlab the code and an auto-interview explaining why they did so and what they think was the result: “We are saving bandwidth deleting malware from routers and illegal programs of bitcoins mining, avoiding interruptions in services or the robbery of credentials and money". Well, thank you so much!

Samsung Pay, compromised

We leave the heroes behind to get into the hard reality: yesterday was revealed that the online payment provider Samsung Pay, Loop Pay, would have been assaulted by a group of criminals, supposedly Chinese… on March! LoopPay didn’t discover it until a few months later. What they have done in all this time? LoopPay and Samsung guarantee that users' data are safe. We can believe it or not.

Phishing via Linkedin

Another alert, this time from the security company Cylance, carries us to Iran, against a criminal group called Cleaver, which would have created a web of profiles in Linkedin to make directed phising attacks or spear-phishing against companies of high level defense, telecommunications and other sectors. The web would be focused on 6 profiles with more than 500 connections each one of them. A real bobbin lace which reminds us the need of being always watching, especially if, because of our duty, we could be the target for someone.

Adware in Android

We finish as usual, with a text which deserves a calm read: a study by FireEye about Kemoge, a new adware from China which would have infected Android smartphones over more than 20 countries, especially in Asia and USA. The virus travels hidden in apps that seem to be popular apps like “Talking Tom 3”, announced in websites and downloaded in alternatives sites. The adware takes control of the smartphone, becoming part of a botnet.

We've talked so many times about the great security breach in mobile phones. That’s true, but if we contribute with dangerous behaviours too, like downloading apps out of Google Play Store, better turn off and say goodbye. 

0 comments:

Post a Comment