Items tagged with Hack
Malware is a huge problem for computer users today as the threat posed by malicious software continues to increase. A new botnet was recently detected in a live environment for an unnamed client of Deep Instinct, a security firm. The security firm says that the botnet, dubbed Mylobot, uses three different layers of evasion techniques. The evasion techniques that the botnet uses contact command and control servers that download the final payload, Deep Instinct says that the combination and complexity of the evasion techniques that the botnet deploys have never been seen in the wild before....
Read more...
Things aren't exactly rosy in the cryptocurrency world; particularly when it comes to Bitcoin. Over the weekend, South Korean cryptocurrency exchange Coinrail confirmed that it had been hacked. The site says that it was the victim of a "cyber intrusion" and that roughly 30 percent of the coins trades on the exchange were stolen. Coinrail said the remaining 70 percent of coins were safeguarded and have been moved to a "cold wallet". At this moment, it is believed that hackers got away with 40 billion won in Bitcoin, which amounts to $37.2 million. Not surprisingly, this latest hack sent the...
Read more...
For the privileged Americans that can get fiber internet to their home with blazing fast upload/download speeds, there might be more to worry about than blowing through their data allotment in a couple days. Reports are surfacing that various GPON home routers have flaws that could allow nefarious hackers to bypass all authentication on the devices. The method of bypassing authentication is as simple as attaching an image suffix to the URL of a GPON HTTP server. VpnMentor says that after the initial authentication is bypassed, a command injection vulnerability (CVE-2018-10562) to run commands on...
Read more...
Under Armor is a big name in the athletic clothing world. In addition to clothing, the company also has an app that is meant to allow people to track their food intake and nutrition to help get fit (and stay) fit. The app is very popular with users on iOS and Android, but it has suffered a major data breach. Under Armour has notified users that the MyFitnessPal app team became aware that an unauthorized third party had acquired data associated with user accounts for the app and website. That unauthorized access happened in late February 2018 and Under Armor states "The company quickly took...
Read more...
PC gamers are very angry at Rockstar right now after what they claim are unfair bannings that the publisher is handing out left and right. The wide-spanning bans began on March 23 and complaints from a myriad of PC gamers were posted on Reddit, Twitter, Rockstar support forums, and other GTA communities. The gamers are saying that their accounts had been falsely banned for 30 days with no opportunity for an appeal. Rockstar has been very quiet on the subject so far with speculation suggesting that the bans are an issue with the latest tunables update or some sort of issue when participating in...
Read more...
Microsoft's Windows Defender was working hard this week, and according to Microsoft, just before noon on March 6 the AV suite put the brakes on 80,000 instances of several sophisticated trojans. These trojans were especially dastardly because they had advanced cross-process injection techniques, persistence mechanisms, and evasion methods. All the trojans are new versions of Dofoil (also known as Smoke Loader) and they carry a coin miner payload. Microsoft wrote, "Within the next 12 hours, more than 400,000 instances were recorded, 73% of which were in Russia. Turkey accounted for 18% and Ukraine...
Read more...
Spotify is handing out some harsh warnings to Android users that are using hacked apps, bypassing its paywall to access premium content without paying. Spotify's premium tier allows listeners to skip the commercials and download tunes directly to their devices. Spotify has sent out warning emails to an unknown number of users warning them against using the hacked apps. The emails warn that the use of these hacked apps violates the terms of using Spotify and could result in account termination. One of these hacks is called "Dogfood" and Spotify recently had it removed from GitHub after having an...
Read more...
Last November a hacker going by the name "DevOps199" found and exploited a flaw in the code for a subset of Ethereum wallets. That user was able to exploit teh vulnerability and take ownership of an Ethereum code library known as a smart contact. Once the hacker owned that smart contract, it was destroyed leaving about $150 million of Ethereum sitting in users' wallets inaccessible. Researchers have now found a new approach that will find vulnerabilities in smart contracts such as the one exploited last year and patch it before a nefarious user could take advantage of the situation. The researchers...
Read more...
Just over a week ago we talked about an exploit that took advantage of an unpatchable flaw in existing Switch consoles to run Linux on Nintendo's latest. At the time, there were a lot of folks out there wondering what the point of that hack was. However, the value comes in this second hack that fail0verflow has been able to pull off. Getting Linux on the Switch was the just first step in turning the Switch console into a Linux tablet that is able to surf the web. Fail0verflow has been able to run Linux and implement a full web browser with touchscreen support. You can see in the video that...
Read more...
Microsoft has confirmed a nasty flaw in Skype that could allow nefarious individuals to gain complete access the OS with system-level privileges on affected machines. To make the issue even worse, Microsoft knows the flaw is there and exploitable, but has no plans for an immediate fix because it would require too much work. The hack was discovered by security researcher Stefan Kanthak and according to him, the Skype update installer can be exploited with a DLL hijacking technique allowing the application to be fooled into drawing malicious code rather than the correct library the app wants....
Read more...
Last year, a hacker group was able to penetrate credit reporting agency Equifax and make off with information, including the social security numbers, of 143 million Americans. Only a few days after the hack, a ransom demand for the return of the information was made to the tune of $2.6 million in bitcoin via the dark web. Now it is believed that the hackers are also believed to have made off with other personal data about Americans including tax ID numbers and driver's license details. Other data leaked in the hack that we already knew about included names, birthdates, social security numbers,...
Read more...
The Nintendo Switch has been incredibly popular and is the fastest selling game console in U.S. history. Late last year, word surfaced of a band of hackers working on a homebrew hack that could allow users to put their own content on the Switch, but that hasn’t come to fruition just yet. Another group of hackers has now been able to install and run Debian Linux on the Switch by taking advantage of what the hackers call an unpatchable exploit. The hackers say that the backdoor that allowed them to install Linux on the Switch can’t be shut with a future firmware update, however, the hackers...
Read more...
Consumer Reports has found that millions of smart TVs are vulnerable to hacking, and according to the publication, the exploits are often easy to find and execute. TVs vulnerable to these hacks include Samsung and TCL smart TVs along with other brands that use the Roku platform. Streaming devices are also vulnerable with the example cited being the Roku Ultra. Consumer Reports (CR) wrote, "We found that a relatively unsophisticated hacker could change channels, play offensive content, or crank up the volume, which might be deeply unsettling to someone who didn’t understand what was happening....
Read more...
A cryptocurrency exchange in Asia called Coincheck has announced that it was the victim of a massive hack that saw hundreds of millions of dollars worth of cryptocurrency stolen in what is the largest heist of its kind in history. Coincheck doesn't call the heist a hack, it says that the coins were sent illicitly outside of the service. The cryptocurrency stolen is called NEM, which is the tenth largest cryptocurrency in market value. In total there were 500 million NEM tokens taken in the heist worth about $400 million, according to Bloomberg. However, Cointelegrpah reports a much higher number,...
Read more...
