shrinath7d, Author at ExploitByte

Chinese Hackers Have Pillaged Taiwan’s Semiconductor Industry

August 9, 2020August 9, 2020 shrinath7d

Taiwan has faced existential conflict with China for its entire existence and has been targeted by China’s state-sponsored hackers for years. But an investigation by one Taiwanese security firm has revealed just how deeply a single group of Chinese hackers was able to penetrate an industry at the core of the Taiwanese economy, pillaging practically its entire semiconductor industry. At the Black Hat security conference today, researchers from the Taiwanese cybersecurity firm CyCraft plan to present new details of a hacking campaign that compromised at least seven Taiwanese chip firms…

FBI Warns Against Netwalker Ransomware

August 8, 2020 shrinath7d

NetWalker operators are again on an attack spree, now specifically targeting U.S.-based organizations. To ensure proper security, the FBI had issued a security alert dedicated to this ever-growing threat. What happened? Recently, the Netwalker ransomware group claimed to pilfer data from Forsee Power, a provider of advanced lithium-ion battery systems. Operators have also shared a few snapshots showing folders related to accounts receivable, finance, collection letters, expenses, and much more in support of their claim. The warning At the end of July, the FBI already warned against the increasing attacks…

Dutch Hackers Found a Simple Way to Mess With Traffic Lights

August 7, 2020 shrinath7d

In movies like Die Hard 4 and The Italian Job, hijacking traffic lights over the internet looks easy. But real-world traffic-light hacking, demonstrated by security researchers in years past, has proven tougher, requiring someone to be within radio range of every target light. Now a pair of Dutch researchers has shown how hackers really can spoof traffic data to mess with traffic lights easily from any internet connection—though luckily not in a Hollywood style that would cause mass collisions. At the Defcon hacker conference Thursday, Dutch security researchers Rik van…

The Cerberus Banking Trojan Is Up For Sale

August 6, 2020August 6, 2020 shrinath7d

The Cerberus banking trojan emerged as malware-as-a-service in the threat landscape in August 2019. Recently, the group behind the notorious Android trojan has been auctioning its project. A hefty deal For around a year, the Cerberus maintainers advertised their business and rented the malicious bot for up to $12,000 per year or on a license for shorter periods ($4,000/3 months, $7,000/6 months). The Cerberus operators have been spotted offering their full project, including the trojan’s malicious APK source code, module code, the code for admin panels, and the servers, for…

Apple Touch ID Flaw Could Have Let Attackers Hijack iCloud Accounts

August 5, 2020August 5, 2020 shrinath7d

Apple earlier this year fixed a security vulnerability in iOS and macOS that could have potentially allowed an attacker to gain unauthorized access to a user’s iCloud account. Uncovered in February by Thijs Alkemade, a security specialist at IT security firm Computest, the flaw resided in Apple’s implementation of TouchID (or FaceID) biometric feature that authenticated users to log in to websites on Safari, specifically those that use Apple ID logins. After the issue was reported to Apple through their responsible disclosure program, the iPhone maker addressed the vulnerability in…

US Government Warns of a New Strain of Chinese ‘Taidoor’ Virus

August 4, 2020 shrinath7d

Intelligence agencies in the US have released information about a new variant of 12-year-old computer virus used by China’s state-sponsored hackers targeting governments, corporations, and think tanks. Named “Taidoor,” the malware has done an ‘excellent’ job of compromising systems as early as 2008, with the actors deploying it on victim networks for stealthy remote access. “[The] FBI has high confidence that Chinese government actors are using malware variants in conjunction with proxy servers to maintain a presence on victim networks and to further network exploitation,” the US Cybersecurity and Infrastructure…

Three men charged in connection with celebrity Twitter hack

August 1, 2020 shrinath7d

Two teenagers and a 22-year-old were charged with hacking the Twitter Inc accounts of famous people including former President Barack Obama, billionaire Bill Gates and Tesla Chief Executive Elon Musk, the Department of Justice said on Friday. Mason Sheppard, a 19-year-old British man who went by the alias Chaewon, was charged with carrying out the hack, as well as related wire fraud and money laundering crimes, according to a Justice Department statement. Orlando, Florida-based Nima Fazeli, 22, nicknamed Rolex, was charged with aiding and abetting those crimes. The Justice Department…

Russia-aligned hackers running anti-Nato fake news campaign – report

July 31, 2020 shrinath7d

Hackers “aligned with Russian security interests” have been engaged in a sustained campaign to compromise news websites in Poland and Lithuania to plant false stories aimed at discrediting Nato, according to a new report. Part of the campaign – labelled “Ghostwriter” – involved gaining access to news sites publishing systems, deleting stories and replacing them with false news that sought to delegitimise the transatlantic alliance. In one example, a Lithuanian news site was compromised last September and a false article was inserted into its archive wrongly claiming that German soldiers…

OkCupid Dating App Flaws Could’ve Let Hackers Read Your Private Messages

July 30, 2020July 30, 2020 shrinath7d

Cybersecurity researchers today disclosed several security issues in popular online dating platform OkCupid that could potentially let attackers remotely spy on users’ private information or perform malicious actions on behalf of the targeted accounts. According to a report shared with The Hacker News, researchers from Check Point found that the flaws in OkCupid’s Android and web applications could allow the theft of users’ authentication tokens, users IDs, and other sensitive information such as email addresses, preferences, sexual orientation, and other private data. After Check Point researchers responsibly shared their findings…

Man Arrested For Hacking Emails, Duping People With Messages: Delhi Cop

July 29, 2020July 29, 2020 shrinath7d

A 40-year-old man, who was part of a gang that duped people by hacking their email Ids and sending distress messages to their contacts asking for money, was arrested today police said. Mohammad Akram Ali, a resident of Shaheen Bhagh, was arrested on the basis of a complaint filed by a retired senior diplomat at the Defence Colony Police Station, they said. In his complaint, the retired diplomat had said that he had received an email following which his id was hacked and emergency messages were sent to his contacts,…