Cyberwar - The Hacking Thread

For discussion of religion and politics

Moderators: LawBeefaroni, $iljanus

Post Reply
User avatar
Defiant
Posts: 21045
Joined: Tue Oct 12, 2004 11:09 pm
Location: Tongue in cheek

Cyberwar - The Hacking Thread

Post by Defiant »

Russian-Speaking Hacker Selling Access to the US Election Assistance Commission

Figured I'd make a thread on hacking and cyber warfare
On December 1, 2016, Recorded Future threat intelligence technology identified chatter related to a suspected breach of the U.S. Election Assistance Commission (EAC).

Further research identified a Russian hacker (Recorded Future refers to this actor as Rasputin) soliciting a buyer for EAC database access credentials.


The EAC was established by the Help America Vote Act of 2002 (HAVA), and among many other responsibilities, the Commission is mandated to test and certify voting equipment, maintain the National Voter Registration form, and administer a national clearinghouse on elections. This includes developing shared practices, distributing information for voters, and providing other resources to improve elections. EAC also accredits testing laboratories and voting systems, as well as conducts a financial audit of HAVA programs.
It’s unclear how long the EAC vulnerability has been active; however, it could have been potentially discovered and accessed by several parties independently. Based on Rasputin’s historical criminal forum activity, Recorded Future believes it’s unlikely that Rasputin is sponsored by a foreign government. Recorded Future’s artificial intelligence technology is continuously scanning and analyzing the internet for updated threat indicators and tactics. Prior to this incident, no previous malicious activity related to EAC has been identified.
User avatar
Defiant
Posts: 21045
Joined: Tue Oct 12, 2004 11:09 pm
Location: Tongue in cheek

Re: Cyberwar - The Hacking Thread

Post by Defiant »

Russian hackers struck at the heart of the U.S. military in August 2015 by seizing the e-mail system used by the Joint Chiefs of Staff, CBS News has learned.
In that time, the hackers seized the computer credentials of Dempsey and hundreds of other senior officers -- the passwords and electronic signatures they used to sign on to the network. The only way to stop the attack was to take the network down.

The attack, which officials now blame on Russia, began with 30,000 e-mails sent to a West Coast university. Of those 30,000, four were forwarded to members of the Joint Staff and one was opened -- allowing the hackers in. Since it was an unclassified network, the attack had no real intelligence value.

It was not spying, but a full-on assault whose only apparent purpose was to cause damage and force the Pentagon to replace both hardware and software, which took about two weeks to accomplish.
link
User avatar
hepcat
Posts: 51302
Joined: Wed Oct 13, 2004 3:02 pm
Location: Chicago, IL Home of the triple homicide!

Re: Cyberwar - The Hacking Thread

Post by hepcat »

It's time to move on. All this evidence and all these facts prove nothing!

(thought I'd beat Rip to it)
Covfefe!
User avatar
Rip
Posts: 26891
Joined: Tue Oct 12, 2004 9:34 pm
Location: Cajun Country!
Contact:

Re: Cyberwar - The Hacking Thread

Post by Rip »

Laptop wasn't even connected to the grid.

Good thing we never hack into other nation's power grids and no one else hacks ours.

https://www.buzzfeed.com/jamesball/us-h ... .xkNlWebPV

http://www.timesofisrael.com/iranian-ha ... blackouts/

:coffee:
User avatar
Alefroth
Posts: 8487
Joined: Thu Oct 14, 2004 1:56 pm
Location: Bellingham WA

Re: Cyberwar - The Hacking Thread

Post by Alefroth »

Rip wrote:Laptop wasn't even connected to the grid.

Good thing we never hack into other nation's power grids and no one else hacks ours.

https://www.buzzfeed.com/jamesball/us-h ... .xkNlWebPV

http://www.timesofisrael.com/iranian-ha ... blackouts/

:coffee:
Is that going to be the excuse for everything the next 4 years?

Why shouldn't Iran have nuclear weapons. It's not like we don't have them.
User avatar
Isgrimnur
Posts: 82089
Joined: Sun Oct 15, 2006 12:29 am
Location: Chookity pok
Contact:

Re: Cyberwar - The Hacking Thread

Post by Isgrimnur »

So much for American Exceptionalism.
It's almost as if people are the problem.
User avatar
Zarathud
Posts: 16434
Joined: Fri Oct 15, 2004 10:29 pm
Location: Chicago, Illinois

Re: Cyberwar - The Hacking Thread

Post by Zarathud »

Republicans reduced to defending the Russians interfering with the US infrastructure. Ike and Reagan are rolling in their graves with disgust.
"If the facts don't fit the theory, change the facts." - Albert Einstein
"I don't stand by anything." - Trump
“Bad men need nothing more to compass their ends, than that good men should look on and do nothing.” - John Stuart Mill, Inaugural Address Delivered to the University of St Andrews, 2/1/1867
“It is the impractical things in this tumultuous hell-scape of a world that matter most. A book, a name, chicken soup. They help us remember that, even in our darkest hour, life is still to be savored.” - Poe, Altered Carbon
User avatar
Rip
Posts: 26891
Joined: Tue Oct 12, 2004 9:34 pm
Location: Cajun Country!
Contact:

Re: Cyberwar - The Hacking Thread

Post by Rip »

Russians have been interfering with US infrastructure for a long time.

http://www.telegraph.co.uk/news/worldne ... -grid.html
Protecting the electrical grid and other infrastructure is a key part of the Obama administration's cybersecurity review, which is to be completed next week.

The Pentagon is sure many of the attacks came from China and Russia but could not determine if they were sponsored by the government in either country. Spokesmen for both embassies in Washington strongly denied any suggestion there was official involvement.

The US government is however convinced China is endeavouring to overtake the US as the dominant force in cyberspace. Researchers at the University of Toronto recently revealed the presence of GhostNet, a global cyber-spy network run from China that has infiltrated 103 countries and infected dozens of computers every month.

The ten-month investigation by the Munk Centre for International Studies in Toronto started as an investigation into interference with computers on computers belonging to the Dalai Lama, the exiled Tibetan leader, and his supporters. It found that the Chinese had in many cases successfully searched computers, tapped into emails and turned on web cameras and microphones to record conversations within range.
Why did it take till now to make a big deal about it? Nothing new.

The only thing it tells me is how ineffective the Obama administration has been at combatting it.
malchior
Posts: 24794
Joined: Wed Oct 13, 2004 12:58 pm

Re: Cyberwar - The Hacking Thread

Post by malchior »

Rip wrote:The only thing it tells me is how ineffective the Obama administration has been at combatting it.
Everything is the Obama administrations fault, amirite? The Government certainly could do more but the private sector has been a big part of the problem. They are completely clueless on cyber security and fought the Government's initial attempts at bringing order. After the big hacks (Target/Home Depot/United Healthcare) they have lately started demanding help. And also began ramping up their own programs but they have been slow to start. A big factor is how short we are on people and expertise; and if the Government was hurting this effort it is that they are eating up all the security consulting talent at the moment.

I've seen several large organization's current cyber security environments in the last 2 years or so and they generally are just as bad if not worse than the Government. They just don't report breaches unless they absolutely have to. In other words, we only see the tip of the ice berg. So again could the government step in more? The initial attempts were tried in 2013 and the effort was undercut by the Republican Congress who took another 2 years to pass enabling legislation that expanded it beyond the limited scope of the EO. Congress probably dragged their feet due to resistance from the business community. The Chamber didn't want to be burdened with all the overhead of sweeping cyber security regulations (until the shareholder lawsuits began naturally). Also they kept trying to attach unrelated things like IP protection into the bills which kept stopping them cold. Important problems but they need to be solved independently of pure defense.

The EO also tried unsuccessfully to get companies to start sharing threat information with each other but no one would trust their competitors especially since there could have been liability attached. That has gotten markedly better in the last 18 months especially with the passage of the CISA bill which limits liability. As an example, the Automotive ISAC has really started to stand up a capability to track threats and share information. To boil it down, this is a complicated problem and it wasn't failure in leadership - it is the usual dysfunction at play. You blame it on Obama. Many blame it on the GOP. They'll own the whole enchilada soon - we'll see if they can fix the problem. I sort of doubt it.
User avatar
Smoove_B
Posts: 54567
Joined: Wed Oct 13, 2004 12:58 am
Location: Kaer Morhen

Re: Cyberwar - The Hacking Thread

Post by Smoove_B »

This man is going to be be President in a few more weeks, quoted:
"I also know things that other people don't know, and so they cannot be sure of the situation," Trump responded when asked why he doubts intelligence reports of Russian hacking, according to a pool reporter.
I know things that other people don't know. Christ.
Maybe next year, maybe no go
User avatar
RunningMn9
Posts: 24461
Joined: Tue Oct 12, 2004 11:55 pm
Location: The Sword Coast
Contact:

Re: Cyberwar - The Hacking Thread

Post by RunningMn9 »

To be fair, he might be getting his briefings from Putin, so maybe he does know things.
And in banks across the world
Christians, Moslems, Hindus, Jews
And every other race, creed, colour, tint or hue
Get down on their knees and pray
The raccoon and the groundhog neatly
Make up bags of change
But the monkey in the corner
Well he's slowly drifting out of range
User avatar
hepcat
Posts: 51302
Joined: Wed Oct 13, 2004 3:02 pm
Location: Chicago, IL Home of the triple homicide!

Re: Cyberwar - The Hacking Thread

Post by hepcat »

Man, I hope no one on his staff accidentally uses his activation word before Putin gets him into place
Covfefe!
User avatar
Isgrimnur
Posts: 82089
Joined: Sun Oct 15, 2006 12:29 am
Location: Chookity pok
Contact:

Re: Cyberwar - The Hacking Thread

Post by Isgrimnur »

hepcat wrote:Man, I hope no one on his staff accidentally uses his activation word before Putin gets him into place
Image
It's almost as if people are the problem.
User avatar
Max Peck
Posts: 13682
Joined: Fri Aug 05, 2005 8:09 pm
Location: Down the Rabbit-Hole

Re: Cyberwar - The Hacking Thread

Post by Max Peck »

Smoove_B wrote:This man is going to be be President in a few more weeks, quoted:
"I also know things that other people don't know, and so they cannot be sure of the situation," Trump responded when asked why he doubts intelligence reports of Russian hacking, according to a pool reporter.
I know things that other people don't know. Christ.
It looks like what he knows is what Assange tells him. :lol:
President-elect Donald Trump has backed Wikileaks founder Julian Assange in casting doubt on intelligence alleging Russian meddling in the US election.

Mr Assange said Russia was not the source for the site's mass leak of emails from the Democratic Party.

Mr Trump has now backed that view in a tweet. He wrote: "Assange... said Russians did not give him the info!"

The president-elect has repeatedly refused to accept the conclusions of the US intelligence community.

Several US agencies including the FBI and the CIA believe Russia directed hacks against the Democratic Party and the campaign of its presidential candidate Hillary Clinton.

The information, released through Wikileaks and other outlets, was intended to help Mr Trump win the election, say the FBI and CIA.

On Tuesday evening, Mr Trump said an intelligence briefing he was due to receive on the issue had been delayed.

"Perhaps more time needed to build a case. Very strange!" he wrote.

But US intelligence officials insisted there had been no delay in the briefing schedule.
"What? What? What?" -- The 14th Doctor

It's not enough to be a good player... you also have to play well. -- Siegbert Tarrasch
User avatar
hepcat
Posts: 51302
Joined: Wed Oct 13, 2004 3:02 pm
Location: Chicago, IL Home of the triple homicide!

Re: Cyberwar - The Hacking Thread

Post by hepcat »

Baron will be briefing his dad on Putin's involvement in the hacking scandal at 2pm today after their naps.
Covfefe!
User avatar
Isgrimnur
Posts: 82089
Joined: Sun Oct 15, 2006 12:29 am
Location: Chookity pok
Contact:

Re: Cyberwar - The Hacking Thread

Post by Isgrimnur »

FTC vs. D-Link
The Federal Trade Commission filed a complaint against Taiwan-based computer networking equipment manufacturer D-Link Corporation and its U.S. subsidiary, alleging that inadequate security measures taken by the company left its wireless routers and Internet cameras vulnerable to hackers and put U.S. consumers’ privacy at risk.

In a complaint filed in the Northern District of California, the FTC charged that D-Link failed to take reasonable steps to secure its routers and Internet Protocol (IP) cameras, potentially compromising sensitive consumer information, including live video and audio feeds from D-Link IP cameras.

The complaint filed today is part of the FTC’s efforts to protect consumers’ privacy and security in the Internet of Things (IoT), which includes cases the agency has brought against ASUS, a computer hardware manufacturer, and TRENDnet, a marketer of video cameras.
...
According to the FTC’s complaint, D-Link promoted the security of its routers on the company’s website, which included materials headlined “EASY TO SECURE” and “ADVANCED NETWORK SECURITY.” But despite the claims made by D-Link, the FTC alleged, the company failed to take steps to address well-known and easily preventable security flaws, such as:
  • “hard-coded” login credentials integrated into D-Link camera software -- such as the username “guest” and the password “guest” -- that could allow unauthorized access to the cameras’ live feed;
  • a software flaw known as “command injection” that could enable remote attackers to take control of consumers’ routers by sending them unauthorized commands over the Internet;
  • the mishandling of a private key code used to sign into D-Link software, such that it was openly available on a public website for six months; and
  • leaving users’ login credentials for D-Link’s mobile app unsecured in clear, readable text on their mobile devices, even though there is free software available to secure the information.

    According to the complaint, hackers could exploit these vulnerabilities using any of several simple methods. For example, using a compromised router, an attacker could obtain consumers’ tax returns or other files stored on the router’s attached storage device. They could redirect a consumer to a fraudulent website, or use the router to attack other devices on the local network, such as computers, smartphones, IP cameras, or connected appliances.
It's almost as if people are the problem.
malchior
Posts: 24794
Joined: Wed Oct 13, 2004 12:58 pm

Re: Cyberwar - The Hacking Thread

Post by malchior »

I like this lawsuit - it fires a shot over the bow of the home networking sector. Too many products are dumbed down in dangerous ways. For example, they shouldn't be defaulted to easily guessed passwords such as admin/password, etc. There are very reasonable ways to protect the device without making it too complicated but they are just dumping commodity products on the market and hoping for the best.

Some companies get it. Synology was having all sorts of remote attack issues so they tightened down the attack surface quite a bit and now have a medium-quality security tool built-in to the "firmware" that assesses the configuration and provides recommendations. A big improvement on the delivered state of the product IMO.
Jeff V
Posts: 36414
Joined: Fri Oct 15, 2004 7:17 pm
Location: Nowhere you want to be.

Re: Cyberwar - The Hacking Thread

Post by Jeff V »

There should be no default username/passwords at all. Connect to a new device, go into setup mode, starting with setting name and password. Forget the name and password you setup? Too bad, factory reset, start from scratch.
Black Lives Matter
User avatar
LordMortis
Posts: 70101
Joined: Tue Oct 12, 2004 11:26 pm

Re: Cyberwar - The Hacking Thread

Post by LordMortis »

User avatar
Unagi
Posts: 26376
Joined: Wed Sep 20, 2006 5:14 pm
Location: Chicago

Re: Cyberwar - The Hacking Thread

Post by Unagi »

malchior wrote:I like this lawsuit - it fires a shot over the bow of the home networking sector. Too many products are dumbed down in dangerous ways. For example, they shouldn't be defaulted to easily guessed passwords such as admin/password, etc. There are very reasonable ways to protect the device without making it too complicated but they are just dumping commodity products on the market and hoping for the best.

Some companies get it. Synology was having all sorts of remote attack issues so they tightened down the attack surface quite a bit and now have a medium-quality security tool built-in to the "firmware" that assesses the configuration and provides recommendations. A big improvement on the delivered state of the product IMO.
This is timely - my 9 year old son gave me a run down of all the internet linked home-products like security, thermostat, outdoor weather station, lights, garage, toys, etc - that all have backdoor connectivity to other things on your networks. He's a sensationalist know-it-all, so I more or less patted him on the head. :geek:
User avatar
Rip
Posts: 26891
Joined: Tue Oct 12, 2004 9:34 pm
Location: Cajun Country!
Contact:

Re: Cyberwar - The Hacking Thread

Post by Rip »

Unagi wrote:
malchior wrote:I like this lawsuit - it fires a shot over the bow of the home networking sector. Too many products are dumbed down in dangerous ways. For example, they shouldn't be defaulted to easily guessed passwords such as admin/password, etc. There are very reasonable ways to protect the device without making it too complicated but they are just dumping commodity products on the market and hoping for the best.

Some companies get it. Synology was having all sorts of remote attack issues so they tightened down the attack surface quite a bit and now have a medium-quality security tool built-in to the "firmware" that assesses the configuration and provides recommendations. A big improvement on the delivered state of the product IMO.
This is timely - my 9 year old son gave me a run down of all the internet linked home-products like security, thermostat, outdoor weather station, lights, garage, toys, etc - that all have backdoor connectivity to other things on your networks. He's a sensationalist know-it-all, so I more or less patted him on the head. :geek:

Remember that when you ground him and he turns the house against you.

:twisted:
User avatar
Isgrimnur
Posts: 82089
Joined: Sun Oct 15, 2006 12:29 am
Location: Chookity pok
Contact:

Re: Cyberwar - The Hacking Thread

Post by Isgrimnur »

NYT
But Mr. Trump’s postelection effort to minimize intelligence assessments about Russia’s actions came to an abrupt end Friday after a detailed classified briefing from the nation’s top intelligence officials at Trump Tower and the release of an unclassified report concluding that the Russian president, Vladimir V. Putin, had a “clear preference” for Mr. Trump.

By the end of the day, it was clear that the strategy of intimidation and bluster that served Mr. Trump so well in the presidential campaign would not prove nearly as effective in Washington. Here was a reminder, should Mr. Trump heed it, that a president’s critics, especially the lords of Washington’s national security establishment, can’t always be cowed by a flash-grenade tweet or a withering quip about the possibility that a “400-lb. hacker” might have breached Democratic servers.

“I don’t think what worked in a campaign against Jeb Bush is really going to work when you are dealing, you know, with the combined power of the C.I.A., N.S.A. and the F.B.I.,” said John Weaver, a frequent critic of Mr. Trump who worked on Ohio Gov. John Kasich’s unsuccessful primary campaign against him.

Senator Chuck Schumer, the New York Democrat who has a good working relationship with Mr. Trump, warned him recently that it was “really dumb” to take on the intelligence services. He followed up with a warning on Wednesday that the president-elect needed “to calm down” his Twitter usage.

He’s not alone. In recent days, Mr. Trump’s aides have gently prodded him to drop the attacks on the intelligence community and mollify nervous Republicans by showing that he was moving ahead with forward-looking reforms of the sprawling intelligence-gathering bureaucracy, according to two people close to the discussions. “He can’t afford this fight,” one longtime adviser to Mr. Trump said. “He’s said it’s time to move on — well, move on.”

The decision to choose Dan Coats, a popular former senator from Indiana, as director of national intelligence had been in the works for some time, the officials said, but Mr. Trump’s advisers decided to announce the choice to ease concerns of a rift between the future Trump White House and the clandestine services.

It is less clear if Mr. Trump’s admission reflects a long-term shift in strategy to appease his advisers or a momentary decision to escape a negative news cycle.
It's almost as if people are the problem.
User avatar
Smoove_B
Posts: 54567
Joined: Wed Oct 13, 2004 12:58 am
Location: Kaer Morhen

Re: Cyberwar - The Hacking Thread

Post by Smoove_B »

Chinese hackers steal unclassified data from Navy contractor:
China has stolen sensitive data related to naval warfare from the computers of a Navy contractor, American officials said on Friday, in another step in the long-running cyberwar between two global adversaries.

The breach occurred this year, the officials said, when Chinese government hackers infiltrated the computers of a company working on a Navy submarine and underwater programs contract. The company, which was not identified, was doing work for the Naval Undersea Warfare Center, which is based in Newport, R.I.

Officials said that the data gleaned by China was unclassified.
Maybe next year, maybe no go
User avatar
Rip
Posts: 26891
Joined: Tue Oct 12, 2004 9:34 pm
Location: Cajun Country!
Contact:

Re: Cyberwar - The Hacking Thread

Post by Rip »

Smoove_B wrote: Sat Jun 09, 2018 9:29 am Chinese hackers steal unclassified data from Navy contractor:
China has stolen sensitive data related to naval warfare from the computers of a Navy contractor, American officials said on Friday, in another step in the long-running cyberwar between two global adversaries.

The breach occurred this year, the officials said, when Chinese government hackers infiltrated the computers of a company working on a Navy submarine and underwater programs contract. The company, which was not identified, was doing work for the Naval Undersea Warfare Center, which is based in Newport, R.I.

Officials said that the data gleaned by China was unclassified.
Horseshit. It included classified data and they are just trying to keep it under wraps. They have even went so far as to pressure reporters to not detail information they have about Sea Dragon which was included in some of the data taken.

https://www.washingtonpost.com/world/na ... story.html
Taken were 614 gigabytes of material relating to a closely held project known as Sea Dragon, as well as signals and sensor data, submarine radio room information relating to cryptographic systems, and the Navy submarine development unit’s electronic warfare library.

The Washington Post agreed to withhold certain details about the compromised missile project at the request of the Navy, which argued that their release could harm national security.
I would imagine this is what led to to state it was unclassified data.
The data stolen was of a highly sensitive nature despite being housed on the contractor’s unclassified network. The officials said the material, when aggregated, could be considered classified, a fact that raises concerns about the Navy’s ability to oversee contractors tasked with developing ­cutting-edge weapons.
The isn't much research concerning submarines that isn't classified at least as FOUO, it could probably be covered in a 5 page pamphlet.
User avatar
raydude
Posts: 3894
Joined: Mon Oct 18, 2004 9:22 am

Re: Cyberwar - The Hacking Thread

Post by raydude »

Rip wrote: Sat Jun 09, 2018 9:41 am
Smoove_B wrote: Sat Jun 09, 2018 9:29 am Chinese hackers steal unclassified data from Navy contractor:
China has stolen sensitive data related to naval warfare from the computers of a Navy contractor, American officials said on Friday, in another step in the long-running cyberwar between two global adversaries.

The breach occurred this year, the officials said, when Chinese government hackers infiltrated the computers of a company working on a Navy submarine and underwater programs contract. The company, which was not identified, was doing work for the Naval Undersea Warfare Center, which is based in Newport, R.I.

Officials said that the data gleaned by China was unclassified.
Horseshit. It included classified data and they are just trying to keep it under wraps. They have even went so far as to pressure reporters to not detail information they have about Sea Dragon which was included in some of the data taken.

https://www.washingtonpost.com/world/na ... story.html
Taken were 614 gigabytes of material relating to a closely held project known as Sea Dragon, as well as signals and sensor data, submarine radio room information relating to cryptographic systems, and the Navy submarine development unit’s electronic warfare library.

The Washington Post agreed to withhold certain details about the compromised missile project at the request of the Navy, which argued that their release could harm national security.
I would imagine this is what led to to state it was unclassified data.
The data stolen was of a highly sensitive nature despite being housed on the contractor’s unclassified network. The officials said the material, when aggregated, could be considered classified, a fact that raises concerns about the Navy’s ability to oversee contractors tasked with developing ­cutting-edge weapons.
The isn't much research concerning submarines that isn't classified at least as FOUO, it could probably be covered in a 5 page pamphlet.
It's all good as long as it was ZTE doing it. AmiRight?
User avatar
Isgrimnur
Posts: 82089
Joined: Sun Oct 15, 2006 12:29 am
Location: Chookity pok
Contact:

Re: Cyberwar - The Hacking Thread

Post by Isgrimnur »

WaPo
The Trump administration is preparing a series of actions this week to call out Beijing for what it says are China’s continued efforts to steal America’s trade secrets and advanced technologies and compromise sensitive government and corporate computers, according to U.S. officials.

Multiple government agencies are expected to condemn China, citing a documented campaign of economic espionage and the alleged violation of a landmark 2015 pact to refrain from hacking for commercial gain.

In perhaps the most significant move, the Justice Department is expected to announce the indictments of multiple hackers suspected of working for a Chinese intelligence service and participating in a long-running espionage campaign that targeted U.S. networks.

Along with that, the administration is planning to declassify intelligence relating to the breaches, which date to 2014, and to sanction some of those believed responsible, according to people familiar with the plans.

Other actions are expected, but officials declined to discuss them.
It's almost as if people are the problem.
User avatar
GreenGoo
Posts: 42239
Joined: Thu Oct 14, 2004 10:46 pm
Location: Ottawa, ON

Re: Cyberwar - The Hacking Thread

Post by GreenGoo »

I look forward to seeing how China pins this on Canada somehow.
User avatar
Max Peck
Posts: 13682
Joined: Fri Aug 05, 2005 8:09 pm
Location: Down the Rabbit-Hole

Re: Cyberwar - The Hacking Thread

Post by Max Peck »

UAE used cyber super-weapon to spy on iPhones of foes
A team of former U.S. government intelligence operatives working for the United Arab Emirates hacked into the iPhones of activists, diplomats and rival foreign leaders with the help of a sophisticated spying tool called Karma, in a campaign that shows how potent cyber-weapons are proliferating beyond the world’s superpowers and into the hands of smaller nations.

The cyber tool allowed the small Gulf country to monitor hundreds of targets beginning in 2016, from the Emir of Qatar and a senior Turkish official to a Nobel Peace laureate human-rights activist in Yemen, according to five former operatives and program documents reviewed by Reuters. The sources interviewed by Reuters were not Emirati citizens.

Karma was used by an offensive cyber operations unit in Abu Dhabi comprised of Emirati security officials and former American intelligence operatives working as contractors for the UAE’s intelligence services. The existence of Karma and of the hacking unit, code named Project Raven, haven’t been previously reported. Raven’s activities are detailed in a separate story published by Reuters today.

The ex-Raven operatives described Karma as a tool that could remotely grant access to iPhones simply by uploading phone numbers or email accounts into an automated targeting system. The tool has limits — it doesn’t work on Android devices and doesn’t intercept phone calls. But it was unusually potent because, unlike many exploits, Karma did not require a target to click on a link sent to an iPhone, they said.

In 2016 and 2017, Karma was used to obtain photos, emails, text messages and location information from targets’ iPhones. The technique also helped the hackers harvest saved passwords, which could be used for other intrusions.
Inside the UAE’s secret hacking team of American mercenaries
Two weeks after leaving her position as an intelligence analyst for the U.S. National Security Agency in 2014, Lori Stroud was in the Middle East working as a hacker for an Arab monarchy.

She had joined Project Raven, a clandestine team that included more than a dozen former U.S. intelligence operatives recruited to help the United Arab Emirates engage in surveillance of other governments, militants and human rights activists critical of the monarchy.

Stroud and her team, working from a converted mansion in Abu Dhabi known internally as “the Villa,” would use methods learned from a decade in the U.S intelligence community to help the UAE hack into the phones and computers of its enemies.

Stroud had been recruited by a Maryland cybersecurity contractor to help the Emiratis launch hacking operations, and for three years, she thrived in the job. But in 2016, the Emiratis moved Project Raven to a UAE cybersecurity firm named DarkMatter. Before long, Stroud and other Americans involved in the effort say they saw the mission cross a red line: targeting fellow Americans for surveillance.

“I am working for a foreign intelligence agency who is targeting U.S. persons,” she told Reuters. “I am officially the bad kind of spy.”
"What? What? What?" -- The 14th Doctor

It's not enough to be a good player... you also have to play well. -- Siegbert Tarrasch
User avatar
Isgrimnur
Posts: 82089
Joined: Sun Oct 15, 2006 12:29 am
Location: Chookity pok
Contact:

Re: Cyberwar - The Hacking Thread

Post by Isgrimnur »

Citrix
Citrix today warned its customers that foreign hackers romped through its internal company network and stole corporate secrets.

The enterprise software giant – which services businesses, the American military, and various US government agencies – said it was told by the FBI on Wednesday that miscreants had accessed Citrix's IT systems and exfiltrated files.

According to infosec firm Resecurity, which claimed it had earlier alerted the Feds and Citrix to the cyber-intrusion, at least six terabytes of sensitive internal files were swiped from the US corporation by the Iranian-backed IRIDIUM hacker gang. The spies hit in December, and Monday this week, we're told, lifting emails, blueprints, and other documents. The hackers have ways to bypass multi-factor login systems to slip into private networks, it is claimed.
...
Earlier today, Citrix chief information security officer Stan Black gave his company's side of the story. He said that, as of right now, Citrix does not know exactly which documents the hackers obtained nor how they got in – the FBI thinks it was by brute-force password spraying – nor for how long they may have been camping on the corporate network.
It's almost as if people are the problem.
User avatar
Isgrimnur
Posts: 82089
Joined: Sun Oct 15, 2006 12:29 am
Location: Chookity pok
Contact:

Re: Cyberwar - The Hacking Thread

Post by Isgrimnur »

WhatsApp
WhatsApp was hacked, and attackers installed sophisticated spyware on an unknown number of people's smartphones.

The Facebook subsidiary, which has 1.5 billion users, said it discovered in early May that "an advanced cyber actor" infected an unknown number of devices with the malware.

The Financial Times, which first reported on the issue on Monday, said bad actors exploited a vulnerability to install the surveillance technology by calling the target through WhatsApp, giving them access to information including location data and private messages. Even if the target didn't pick up, the malware was able to infect the phone.

The FT reported that the spyware was developed by Israel's NSO Group, whose Pegasus software is known to have targeted human-rights activists. In a statement to the FT, the firm denied any involvement in the WhatsApp hack.
...
A notice on Facebook said the issue affected Android phones, iPhones, and Windows phones. An update to resolve the issue was released on Monday, and users are being urged to update regardless of whether they have had any suspicious call activity.
It's almost as if people are the problem.
User avatar
coopasonic
Posts: 20969
Joined: Fri Mar 04, 2005 11:43 pm
Location: Dallas-ish

Re: Cyberwar - The Hacking Thread

Post by coopasonic »

Isgrimnur wrote: Tue May 14, 2019 5:46 pm WhatsApp
A notice on Facebook said the issue affected Android phones, iPhones, and Windows phones. An update to resolve the issue was released on Monday, and users are being urged to update regardless of whether they have had any suspicious call activity.
Good news! Your blackberries are safe!
-Coop
Black Lives Matter
User avatar
Isgrimnur
Posts: 82089
Joined: Sun Oct 15, 2006 12:29 am
Location: Chookity pok
Contact:

Re: Cyberwar - The Hacking Thread

Post by Isgrimnur »

Depends on what Blackberry...

Image
It's almost as if people are the problem.
Novelry
Posts: 1
Joined: Sun Sep 29, 2019 9:25 am

Re: Cyberwar - The Hacking Thread

Post by Novelry »

edited due to spammin' !
User avatar
LawBeefaroni
Forum Moderator
Posts: 55316
Joined: Fri Oct 15, 2004 3:08 pm
Location: Urbs in Horto, outrageous taxes on everything

Re: Cyberwar - The Hacking Thread

Post by LawBeefaroni »

Pixel and Samsung:

Google Confirms Android Camera Security Threat: ‘Hundreds Of Millions’ Of Users Affected

...

When the Checkmarx security research team began researching the Google Camera app, on the Pixel 2XL and Pixel 3 smartphones that were to hand, they found several vulnerabilities. All of these were initiated by issues allowing an attacker to bypass user permissions. “Our team found a way of manipulating specific actions and intents,” Erez Yalon, director of security research at Checkmarx said, “making it possible for any application, without specific permissions, to control the Google Camera app. This same technique also applied to Samsung’s Camera app.” The implications of these vulnerabilities, given the footprint of Google and Samsung smartphones alone, presented a significant threat to hundreds of millions of users.

The vulnerabilities themselves (CVE-2019-2234) allowed a rogue application to grab input from the camera, microphone as well as GPS location data, all remotely. The implications of being able to do this are serious enough that the Android Open Source Project (AOSP) specifically has a set of permissions that any application must request from the user and be approved before enabling such actions. What the Checkmarx researchers did was to create an attack scenario that abused the Google Camera app itself to bypass these permissions. They did so by creating a malicious app that exploited one of the most commonly requested permissions: storage access. “A malicious app running on an Android smartphone that can read the SD card,” Yalon said, “not only has access to past photos and videos, but with this new attack methodology, can be directed to take new photos and videos at will.”
" Hey OP, listen to my advice alright." -Tha General
"No scientific discovery is named after its original discoverer." -Stigler's Law of Eponymy, discovered by Robert K. Merton

MYT
User avatar
Daehawk
Posts: 63526
Joined: Sat Jan 01, 2005 1:11 am

Re: Cyberwar - The Hacking Thread

Post by Daehawk »

Not a real thing but on last nights ep of FBI the Russians in Moscow hacked into a car driving in the USA through its nav system by satellite and punched the gas and steered it into a tree to kill one of our guys. I laughed and laughed at the absurdity. Anyone knows satellite internet has huge latency so by the time they would see a tree to steer into the tree would be well behind him lol.
--------------------------------------------
I am Dyslexic of Borg, prepare to have your ass laminated.
I guess Ray Butts has ate his last pancake.
http://steamcommunity.com/id/daehawk
"Has high IQ. Refuses to apply it"
malchior
Posts: 24794
Joined: Wed Oct 13, 2004 12:58 pm

Re: Cyberwar - The Hacking Thread

Post by malchior »

Actually that is a plausible scenario and has been discussed by the Auto ISAC as a real risk vis a vis the remote control via satellite/nav internet access. For accuracy,the round trip latency of a satellite connect is well under a sec. For perspective, aside from the satellite portion this has literally been tested live.

The funny part is that there are way easier ways to kill someone and make it look like an accident. This is pure gee whizz type plot over engineering. :)
User avatar
Isgrimnur
Posts: 82089
Joined: Sun Oct 15, 2006 12:29 am
Location: Chookity pok
Contact:

Re: Cyberwar - The Hacking Thread

Post by Isgrimnur »

CNBC
The Department of Justice accused two Chinese nationals, who were working on behalf of the Chinese government, of stealing trade secrets and hacking into computer systems of firms working on the Covid-19 vaccine.

According to the 11-count indictment, Li Xiaoyu, 34, and Dong Jiazhi, 33, conducted a global hacking campaign for more than a decade. The indictment alleges that the defendants were able to successfully steal terabytes of data from the United States as well as Australia, Belgium, Germany, Japan, Lithuania, the Netherlands, Spain, South Korea, Sweden, and the United Kingdom.

The Department of Justice said in a statement that high tech manufacturing processes, gaming software, solar energy engineering, pharmaceuticals and defense industries were among those targeted in the hack.
...
“In at least one instance, the hackers sought to extort cryptocurrency from a victim entity, by threatening to release the victim’s stolen source code on the Internet. More recently, the defendants probed for vulnerabilities in computer networks of companies developing Covid-19 vaccines, testing technology, and treatments,” according to a Department of Justice statement.
It's almost as if people are the problem.
Post Reply