Thursday, October 15, 2015

They can hack your phone if you have Siri or Google Now activated

What would happen if your smartphone starts to browse by itself? If it texts or calls by its own? It seems impossible but a group of French researchers from the ANSSI agency has discovered how to do it. We'll also talk today about the police efforts to stop the Dridex bank trojan, the harmful security of the American Internal Revenue Service and an initiative to securize the routers, endorsed by outstanding eminences of the network.

The ANSSI researchers have discovered how to use radio waves to hack Siri in iPhone and Google Now in Android, provided that there are earphones connected to the smartphone. It’s a good moment to remind that Siri is activated by default in the iPhone. From here on, the attackers can do whatever they want with the smartphone: calls, send messages, browse, write on Twitter… The researchers have filmed a really creepy demonstration video.

But if we want to be scared we also have the bank trojan Dridex, which according to the British National Crime Agency (NCA) would have been the “weapon” used to steal 20 millions of pounds just in banks accounts from Great Britain. The NCA is working with the FBI to head off this plague and has sent a warning to the online bank users in order to check if they are infected. Dridex is transmitted vía macros in infected documents.

Lack of control in the IRS  

Who have to be ashamed are the responsibles of the Internal Revenue Service (IRS) from USA: a study has unveiled that half of their servers are still running with Windows Server 2003, despite of Microsoft stopped supporting it by the end of July. The agency asked for a delay to the creator of the software, in return of a generous amount of money. To make things worse, there're 1.300 computer still running with XP and cannot be actualized because… nobody knows where they are! due to errors in the inventory.

Objective: securize the routers

Having seen the whole picture, we choose to finish with a positive new: outstanding people of Internet, like Vinton Cerf, Paul Vixie, Jeff Osborn or Dave Farber, have sent a letter to the American Federal Communications Comission, with recommendations about something they consider vital: securize the wifi routers. Among their advices stands out the need of making public the drivers and firmware code and the compromise by the producer to offer security upgrades.

We hope the network fathers will be heard! 


Post a Comment