• Category Archives Computer News
  • News about computer and IT technology services

  • Keylogger Optimized with AutoIT Infected Thousands of Computers

    A new surge of malware has been discovered which goes on to infect hundreds of thousands of computers worldwide and allegedly steals users’ social and banking site credentials.

     

    Few days back, a list of 5 million combinations of Gmail addresses and passwords were leaked online. The search engine giant, Google said that Gmail credentials didn’t come from the security breaches of its system, rather the credentials had been stolen by phishing campaigns and unauthorized access to user accounts.

     

    Just now, we come across another similar incident where cyber criminals are using a malware which has already compromised thousands of Windows users worldwide in an effort to steal their Social Media account, Online account and Banking account Credentials.

     

    A Greek Security Researcher recently discovered a malware sample via a spam campaign (caught in a corporate honeypot), targeting large number of computers users rapidly. He investigated and posted a detailed technical analyses of the malware on his blog.

     

    After reverse engineer the malware sample file, he found that the cybercriminals are using a combination of software AutoIT (Automate day-to-day tasks on computers) and a “commercial” Keylogger named “Limitless Keylogger” to make it FUD i.e. Fully Undetectable from static analysis.

     

    Keylogger is a critical type of software program for cyber criminals, which records every input typed into the keyboard and easily detects passwords for users’ Email accounts, Social Media accounts and Online Bank accounts.

     

    This malicious application captures every keystrokes users press and send them to a specified email address linked to the cyber criminal. More interestingly, the malware uses AutoIT in order to evade detection by Antivirus programs.

     

    Limitless Keylogger Optimized with AutoIT Infected thousands of Computers

     

    The malware distributed in the spam campaign comes as a WinRAR SFX executable file with a custom icon which drops 4 malicious files onto the victim’s computers with hidden and system attributes.

     

    The Malware archive includes:

     

    • AutoIT script ‘update.exe’ of 331MB
    • Python script to “deobfuscate” AutoIT script
    • oziryzkvvcpm.AWX – Settings for AutoIT script
    • sgym.VQA – Another Encrypted malware/Payload Binary
    Initially the obfuscated AutoIT Script is of size 331MB, because it contains lots of garbage content, but after deobfuscate process it becomes only 55kbyte in size with clean malicious code.

     

    Researcher found lot of functions and various functionalities in the malware code those allow the malicious software to protect itself from detection.

     

    On Further reserve engineering, he found that the malware sends the collected keystroke data to the cybercriminal via SMTP email server. So he sniffed the whole conversation of malware SMTP traffic and discovered that the keylogger was sending all keystrokes of the user, screenshots, recovery data (saved passwords from several applications/browsers) to an email ID – “ontherun4sales@yandex.ru”.

     

    He also extracted the hardcoded SMTP email ID username and passwords of the respective Yandex mail address from the malware source code.
    Limitless Keylogger Optimized with AutoIT Infected thousands of Computers
    Researcher told SecNews, “The detection was accomplished in the past few days and found that the malware was being Greek is targeting users (minimum numerical cases).
    Possibly some Indonesian hackers might have used the malicious software available on the Russian hacking forum sites” they said. “and the targets are well known companies from retail industry,oil,airlines etc
    At last, the researcher also disclosed some online FTP servers using Google hacks, where the data has been uploaded by the different variants of the Limitless Logger by various hacking groups.

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

    Fort Lauderdale, Miami, Boca Raton, Boynton Beach and all South Florida


  • Cell phone Users can be Secretly tracked Across the globe thanks to SS7 Tracking System

    Since we are living in an era of Mass surveillance conducted by Government as well as private sector industries, and with the boom in surveillance technology, we should be much worried about our privacy.
    According to the companies that create surveillance solutions for law enforcement and intelligence agencies, the surveillance tools are only for governments. But, reality is much more disappointing. These surveillance industries are so poorly regulated and exceedingly secretive that their tools can easily make their way into the hands of repressive organizations.
    Private surveillance vendors sell surveillance tools to governments around the world, that allows cellular networks to collect records about users in an effort to offer substantial cellular service to the agencies. Wherever the user is, it pinpoint the target’s location to keep every track of users who own a cellphone — here or abroad.
    We ourselves give them an open invitation as we all have sensors in our pockets that track our every move wherever we go.
    WHAT WENT WRONG
    The tracking technology takes advantage of the SS7, a global network, which is unfortunately vulnerable.
    SS7 or Signaling System Number 7 is a protocol suite used by most telecommunications operators throughout the world to communicate with one another when directing calls, texts and Internet data. It allows cell phone carriers to collect location information from cell phone towers and share it with each other. A United States carrier will find its customer, no matter if he or she travels to any other country.
    The Washington Post published an awesome article on surveillance technology that can track cell phone users anywhere in the world. Surveillance vendors also now have access to SS7, so that their customers can home in on somebody’ locations as precisely as within a couple of city blocks (or in rural areas, a couple of miles).
    These systems are so effective that it can even detect how fast a person on a city street is walking, or the speed a person’s car is traveling!

    The system was built decades ago, when only a few large carriers controlled the bulk of global phone traffic. Now thousands of companies use SS7 to provide services to billions of phones and other mobile devices, security experts say,” explains the post.

    All of these companies have access to the network and can send queries to other companies on the SS7 system, making the entire network more vulnerable to exploitation. Any one of these companies could share its access with others, including makers of surveillance systems.

    SS7 TRACKING SYSTEM PAIRED UP WITH ‘CATCHERS’
    It is believe that dozens of countries have bought or leased this surveillance technology in the last few years. Having a close look at such tools, it has been discovered that some of the companies that sell SS7 tracking system are advising their customers to pair them with “IMSI catchers” or StingRays.
    StingRays are common surveillance devices that allow law enforcement to mimic a cell phone tower, and track users position who connect to it, and sometimes even intercept calls and Internet traffic, send fake texts, install spyware on a phone, and determine precise locations.

    What’s interesting about this story is not that the cell phone system can track your location worldwide,” said Bruce Schneier, a senior security researcher. “That makes sense; the system has to know where you are. What’s interesting about this story is that anyone can do it.”

    Privacy advocates are not only worried by governments getting their hands on these systems, but also about hackers and criminal gangs using it.

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

    Fort Lauderdale, Miami, Boca Raton, Boynton Beach and all South Florida


  • Microsoft throws old versions of Internet Explorer under the bus

    Come 2016, if you’re not up to date you’re on your own – enjoy your security bugs

    Microsoft has confirmed that it’s ending support for old versions of Internet Explorer, and it’s giving you just shy of 18 months to get up to date.

    Roger Capriotti, director of the IE team, blogged on Thursday that beginning on January 12, 2016, only the most recent version of IE on any supported version of Windows will continue to receive technical support and security updates.

    As of today, that means IE9 on Windows Vista SP2 and Windows Server 2008 SP2, IE10 on Windows Server 2012, and IE11 on any later version of Windows (including Windows Server 2012 R2).

    In fact, the only reason IE9 is still being supported on Vista is because no later versions will run on that little-loved OS. IE9 never won high marks from web devs, and Google, for one, has already discontinued support for it in Gmail and Google Apps.

    “For customers not yet running the latest browser available for your operating system, we encourage you to upgrade and stay up-to-date for a faster, more secure browsing experience,” Capriotti wrote.

    Microsoft is a late convert to web-standards religion, having spent the better part of 20 years releasing browsers that rendered sites in ways that were incompatible with rivals like Firefox, Chrome, and Safari.

    These days, the software giant markets standards compliance as a key feature of IE11, and it has even gone as far as to claim it’s had to build workarounds into its browser to support websites that are coded using the competition’s nonstandard features.

    Redmond even seems to want to atone for its own past bad behavior. It’s now encouraging commercial customers who have built their bespoke web apps for older, patently terrible versions of IE to upgrade to IE11 and use its “Enterprise Mode” to maintain backward compatibility with those standards-shirking browsers.

    Enterprise Mode, which Microsoft shipped with the Windows 8.1 Update and as a standalone patch in April, makes IE11 behave like IE8, even going as far as to announce the old version to websites and ActiveX controls that have been hard-coded for specific browser releases.

    Concurrent with its announcement of the end of support for old IE versions, Microsoft said on Thursday that it will continue to support Enterprise Mode through the full lifecycle of whichever OS IE11 is running on – meaning it will be supported on Windows 7 through January 14, 2020, for example.

    As Microsoft points out, however, most consumers won’t have to worry about much of this – at least until their version of Windows reaches the end of its lifecycle – because they get the latest version of IE installed automatically as a function of Windows Automatic Updates.

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

    Fort Lauderdale, Miami, Boca Raton, Boynton Beach and all South Florida


  • Secret Government and Law enforcement spyware leaked

     

    Company That Sells 'FinFisher' Spying Software Got Hacked, 40GB Data Leaked
    FinFisher spyware, a spyware application used by government and law enforcement agencies for the purpose of surveillance, appears to have been hacked earlier this week and a string of files has been dumped on the Internet.
    The highly secret surveillance software called “FinFisher” sold by British company Gamma International can secretly monitors computers by turning ON webcams, recording everything the user types with a keylogger, and intercepting Skype calls, copying files, and much more.
    A hacker has claimed on Reddit and Twitter that they’d infiltrated the network of one of the world’s top surveillance & motoring technology company Gamma International, creator of FinFisher spyware, and has exposed 40GB of internal data detailing the operations and effectiveness of the FinFisher suite of surveillance platforms.
    The leaked information was published both on a parody Gamma Group Twitter account (@GammaGroupPR) and Reditt by the hacker that began publishing links to the documents and satirical tweets.
    The leaked files includes client lists, price lists, source code of Web Finfly, details about the effectiveness of Finfisher malware, user and support documentation, a list of classes/tutorials, and much more.
    The Reddit post Gamma International Leaked in self.Anarchism said, “a couple days ago [when] I hacked in and made off with 40GB of data from Gamma’s networks. I have hard proof they knew they were selling (and still are) to people using their software to attack Bahraini activists, along with a whole lots of other stuff in that 40GB.”

    The FinFisher files were first leaked on Dropbox as a torrent file and since have been shared across the internet, which means that it is now impossible to stop the information from being leaked.

    One spreadsheet in the dump titled FinFisher Products Extended Antivirus Test dated April this year, details the anti-virus detection rates of the FinFisher spyware which German based Gamma Group sold to governments and law enforcement agencies.

    It shows how FinFisher performed well against 35 top antivirus products. That means FinFisher would probably not be detected by a targeted users’ security systems.


    One more document also dated April this year has been identified that detailed release notes, for version 4.51 of FinSpy, show a series of patches made to the products including patch to ensure rootkit component could avoid Microsoft Security Essentials, that the malware could record dual screen Windows setups, and improved email spying with Mozilla Thunderbird and Apple Mail.


    The file dump also reveals that FinFisher is detected by OS X Skype (a recording prompt appears), so the users of OS X Skype would be alerted to the presence of FinFisher by a notification indicating that a recording module was installed.
    Company That Sells 'FinFisher' Spying Software Got Hacked, 40GB Data Leaked
    FinFisher cannot tap Windows 8 users, so rather the desktop client, the users should opt for the Metro version of Skype.
    The dump also contains a fake Adobe Flash Player updater, a Firefox plugin for RealPlayer and an extensive (though still undetermined) documentation for WhatsApp.

    A price list, which appeared to be a customers’ record, revealed the FinSpy program cost 1.4 million Euros and a variety of penetration testing training services priced at 27,000 Euros each,” the Reg. reported. “The document did not contain a date but it did show prices for malware targeting the recent iOS version 7 platform.”

    The leaked documents also included a FinSpy user manual and brochure. This previously kept so-called spying secret is not a secret now and we’ll be going to find a lot more in the upcoming weeks.

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

    Fort Lauderdale, Miami, Boca Raton, Boynton Beach and all South Florida


  • Airplanes can be hacked through the Inflight Entertainment system

     

    Airplanes Can be hacked through the onboard entertainment system

    Airplanes can be hacked via Inflight Entertainment system

    Almost a year ago, at the ‘Hack In The Box’ protection peak in Amsterdam, a protection specialist at N.Runs and a professional air travel lead, Hugo Teso presented a business presentation that it’s possible to take control of airplane journey techniques and emails using an Android operating system smart phone and some specific attack code.

    Quite similar to the previous one, a protection specialist statements to have developed a method that can give online scammers access to the satellite tv emails equipment on traveler airplanes through their WiFi and in-flight enjoyment techniques.

    Cyber protection expert Ruben Santamarta, a advisor with online protection firm IOActive, will reveal his analysis and all the technical details this week at a major Las Las vegas cyberpunk meeting, Black Hat meeting, showing How professional airliner satellite tv interaction techniques can also be affected by online hackers, along with the proof of satellite tv emails system weaknesses that questions the factors these techniques are using.

    Santamarta analysis paper named “SATCOM Terminals: Coughing by Air, Sea and Land” describes that delivers, airplane and plants are all at risk of being affected — perhaps with disastrous results.

    We live in a world where data is constantly flowing. It is clear that those who control communications traffic have a distinct advantage. The ability to disrupt, inspect, modify or re-route traffic provides an invaluable opportunity to carry out attacks,” Santamarta wrote in his paper.

    Until now, it’s just a declare, but if verified, could immediate a extensive rebuild of airplane protection and other SATCOM devices, and throw evaluation on the way its digital protection have been handled in previous times.

    According to the researcher’s subjective of the discuss published, he will describe how gadgets marketed by the world’s major SATCOM providers contain important protection faults. IOActive also stated to have identified that “100 % of the gadgets could be abused” by an range of strike vectors.

    “In certain cases no user interaction is required to exploit the vulnerability, just sending a simple SMS or specially crafted message from one ship to another ship can do it.” Santamarta wrote in the description to his talk. He told Reuters, “These devices are wide open. The goal of this talk is to help change that situation.”

    Many of SATCOM providers techniques have hardcoded log-in qualifications — same qualifications used in several techniques — providing online hackers potential to grab qualifications from one program and use them to access other techniques, as a result of it, online hackers can turn off the emails and can intervene with the plane’s routing.

    The specialist found the weaknesses by “reverse engineering” the extremely particular software known as firmware, used to function emails devices made by Cobham Plc, Harris Corp, EchoStar Corp’s Gaines System Systems, Iridium Communications Inc and Asia Stereo Co Ltd.

    Meanwhile, he found a concept that a cyberpunk could make use of a plane’s on board Wi-Fi indication or in-flight enjoyment program to crack into its avionics devices. This could allow them to affect or change the plane’s satellite tv emails, possibly disrupting the aircraft’s routing and protection techniques.

    However, it is really worth noting that just because a security specialist is capable of doing the crack, doesn’t mean online hackers are doing it or can easily execute it, too. Santamarta has also recognized that his hackers showing the concept have been performed in managed test, and he is not sure how realistic the crack would be in real life.

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

    Fort Lauderdale, Miami, Boca Raton, Boynton Beach and all South Florida


  • iSpy? Researcher exposes backdoor in iPhones and iPads

    How much of your personal data on your iPhone or iPad would you be willing to bet law enforcement or a hacker can grab from your device, even if you’ve encrypted it?

    How about all of it?

    A “backdoor” that Apple built into iOS for developers can be used to spy on iPhones and iPads by governments, law enforcement, or cyber criminals, according to forensics researcher Jonathan Zdziarski.

    For the backdoor to be exploited by a spy, your iDevice needs to be synced to another computer via a feature called iOS pairing.

    Once your iDevice is paired to your PC or Mac, they exchange encryption keys and certificates to establish an encrypted SSL tunnel, and the keys are never deleted unless the iPhone or iPad is wiped with a factory reset.

    That means a hacker could insert spyware on your computer to steal the pairing keys, which allows them to locate and connect to your device via Wi-Fi.

    Because iPhones and iPads automatically connect to Wi-Fi networks with names they recognize, an attacker could then set up a hotspot using a spoofed network name to get your device to connect, and grab all your data.

    Zdziarski used his talk at the HOPE X hacker conference on 18 July to state that Apple’s backdoors give access to personal data that’s beyond what developers or Apple itself need.

    In mentioning that the Snowden leaks revealed the National Security Agency (NSA) had used backdoors in iPhone, Android and BlackBerry, Zdziarski also implied that the NSA may have used Apple’s backdoors for easy access to iPhones and iPads.

    Apple issued a statement to reporters, acknowledging the access through pairing.

    But what Zdziarski described as a backdoor, Apple calls “diagnostic functions” – Apple said developers and IT departments need them for “troubleshooting.”

    Apple’s statement also flatly denies any cooperation with the NSA, or government agencies “from any country.”

    We have designed iOS so that its diagnostic functions do not compromise user privacy and security, but still provides needed information to enterprise IT departments, developers and Apple for troubleshooting technical issues.

    A user must have unlocked their device and agreed to trust another computer before that computer is able to access this limited diagnostic data. The user must agree to share this information, and data is never transferred without their consent.

    As we have said before, Apple has never worked with any government agency from any country to create a backdoor in any of our products or services.

    Zdziarski said:

    Apple’s seeming admission to having these back doors, however legitimate a use they serve Apple, unfortunately have opened up some serious privacy weaknesses as well.

    I think at the very least, this warrants an explanation and disclosure to the some 600 million customers out there running iOS devices.

    The lack of disclosure of these security loopholes is a bit puzzling, but Apple seems to have, at least, done the disclosing part now.

    Will Apple back down?

    Will the programmers in Cupertino be instructed to remove the libraries, or perhaps limit their use to developers debugging their apps?

    Chances are that’s not going to happen, not least because Apple obviously went to some trouble to get all this stuff working in the first place.

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

    Fort Lauderdale, Miami, Boca Raton, Boynton Beach and all South Florida


  • Computer & Laptop Repair & Services

    Find expert computer & laptop repair services, Laptop repair, virus removal, spyware and malware problems, laptop screen repair and more.

    Computer Repair, Virus Removal Laptop Authorized Service Centers

     

    Online Virus Removal, Laptop Screen Repair, and Motherboard Repair Specialist

    Acer Laptop – TravelMate, Extensa, Ferrari, Aspire One  Apple – MacBook, MacBook Air, MacBook Pro, Imac G4 G5 Ibook
    Dell Computer – Inspiron, Latitude, Precision, Studio, Vostro, XPS, Studio XPS, Alienware Mini Legacy System Adamo
    Asus Laptop – Asus Eee, Lamborghini Fujitsu – LifeBook, Stylistic  Lenovo – ThinkPad, IdeaPad, 3000, IBM
    Compaq Computer – Armada, Concerto, Contura, Presario, ProSignia, LTE, Mini, EVO, SLT and many More.
    HP Laptop – Hewlett-Packard, HP Pavilion, HP Omnibook Envy EliteBook ProBook   Sony Laptop – VAIO Series
    Gateway Computer – Solo & Pro Series   Toshiba Laptop – Dynabook, Portege, Tecra, Satellite, Qosmio, Libretto
    MSI laptops – Micro-Star International, Megabook, Wind   Samsung Computer – Sens, eMachines, Pro

    Do you have a Broken laptop screen? Cracked Screen? Dim Screen? Dark Screen? Color lines on screen? We sale all type of led screens of any size and resolution.

    Let us help keep your PC or Apple computer personal and business data safe from cyber thieves and organizations that could hold your data hostage online, making it unreachable to you until you pay a fee or purchase a bogus software package. You don’t have to visit questionable websites or participate in torrent file sharing to acquire computer viruses. New viruses and malware exploits are being put in place every day in the hopes that you will make the mistake of visiting an infected website by opening a questionable file or e-mail. We will provide you with professional and reliable laptop computer repair services, Call for a store near you.

    * Lower prices than best buy geek squad computer repair stores, tiger direct, compusa computer repair department, office depot computer repair stores, office max computer repair store, staples and any other major computer repair store chain in south florida. We crush our competitors with free in home service, lowest prices, in stock parts and super fast speedy same day service.

    We are rated 5 star and listed on the top 10 best computer repair companies in the south florida area. Please check our customer reviews and ratings on Google Places,Yelp, Bing, Yahoo and google maps. Satisfaction guaranteed.

    CALL 754-234-5598

    Computer  Repair for All South Florida, Fort Lauderdale, Miami, Boca Raton, Boynton Beach Delray Beach and More

     


  • Chinese Hackers Brake into The United States Database of Federal Employees

    Chinese hackers broke into the computer systems of United States government agency that keeps the personal information of all federal employees, according to the paper published in the New York Times.

    The attack occurred on the Office of Personnel Management and Senior American officials believe that the attackers successfully gained access to some of the agency’s databases in March before the federal authorities detected the threat and blocked them from the network.

    The hackers targeted the files of tens of thousands of federal employees who have applied for top-secret security clearances, the newspaper reported.

    The intrusion at the Office of Personnel Management was particularly disturbing because it oversees a system called e-QIP, in which federal employees applying for security clearances enter their most personal information, including financial data. Federal employees who have had security clearances for some time are often required to update their personal information through the website,” states the New York Times.

    Until now, it is not clear how far the hackers were able to infiltrate the networks of the US Office of Personnel Management.

    But the databases they managed to hack include information such as employment records, people seeking security clearance list their foreign contacts, previous jobs and personal data like past drug use etc, which all could be at risk.

    In response to this matter, a senior Department of Homeland Security official confirmed that the attack had occurred but said that “at this time,” neither the personnel agency nor Homeland Security had “identified any loss of personally identifiable information.” The official said an emergency response team was assigned and handled over the matter “to assess and mitigate any risks identified.”

    Again it started a cold war between China and the United States, because according to the senior US officials, the attack was traced to China. But yet it is unclear if the hackers belonged to the government.

    Where China said that it faces a major threat from hackers, accused the NSA and U.S. Cyber Command for targeting Chinese politicians and military. The United States recently charged five Chinese military officials for carrying out cyber espionage against several American companies and stealing sensitive data by breaking into corporate systems.

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

    Fort Lauderdale, Miami, Boca Raton, Boynton Beach and all South Florida


  • Tails Website has been hacked! Operating System Tails Hacked

    tails os website hacked the hacker news

    Just a few hours ago, the Official website of the Tails Operating System has been hacked and it appears that a self-proclaimed 17-year old hacker breached and defaced it.

    Tails is a Linux-based highly secure Operating System, specially designed and optimized to preserve users’ anonymity and privacy. Hacker, who named himself “Sum guy”, managed to access the website as administrator and edited the homepage content with the following message:

     

    Defaced Link: https://tails.boum.org/index.en.html. However, all other pages on the Tails website are working just fine, but at this moment it is not clear whether the hacker has also modified the OS Image or not. So readers are advised to do not download the Tails OS from the website, at least for a few days.

    Tails, also known as ‘Amnesiac Incognito Live System‘, is free software based on Debian GNU/Linux and you install it on a DVD or USB drive, boot up the computer from the drive. This allows you to work on a sensitive file on any computer and prevent the data being recovered after the computer is turned off.

    Tails was reportedly used by the NSA Whistle-blower Edward Snowden in discussions with journalists because it includes a range of tools for protecting your data by means of strong encryption.

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

    Fort Lauderdale, Miami, Boca Raton, Boynton Beach and all South Florida


  • Android security loophole lets apps take and upload pics without you knowing

    Google is always keen to downplay the problem of malware on Android, for obvious reasons, but that doesn’t make the underlying threats any less troubling. New threats are being discovered all the time, and as the platform grows – with over 1.5 million Android devices being activated every day – the potential to infect ever more devices grows too.

    It must be said that Google does a pretty decent job when it comes to eliminating malware from its own Play Store – less than 0.1% of apps there contain malicious code, according to F-Secure (pdf) – and efforts such ason-device monitoring have also helped to limit the impact of rogue software. But third-party Android stores fare considerably worse than this; according to Forbes, in one third-party store, a staggering 33% of apps were found to be infected.

    One such threat was documented by security researcher Szymon Sidor this week, who found that by creating an app that exploited a simple loophole in the OS, he was able to get a device to capture photos using its camera, and then upload them to a remote server, without the user having so much as a hint that anything untoward had happened.

    [​IMG]
    Your phone could be taking photos of you looking like this, without you knowing!

    Sidor said that he had observed numerous apps on Google Play that were capable of taking photos covertly, but each of them required a visible indication of the app’s activity on screen and, critically, for the screen to be switched on. As he wrote on his Snacks For Your Mind blog, he set about trying to see if there was a way to perform the same task, but without that visible indication.

    He succeeded, and he was able to do so by exploiting a simple loophole in Android’s security features. Android requires that, when a photo is being taken, a preview of the image viewfinder must be shown on the screen; it’s a measure to ensure that users know that the camera is engaged and not taking photos or videos of them without their knowledge.

    But Sidor adjusted the code in his testbed app to continue displaying that preview, but only on a single pixel. That makes it completely impossible for a user to be able to see the preview, and therefore none the wiser if an app were to covertly be capturing snaps of them and uploading them elsewhere. The app was also able to capture other details from the device, such as battery level (crucial in helping to avoid detection of the app via its battery drain), and even the current location of the device. Check out the video below:

    Perhaps the most disturbing finding is revealed in this little snippet (emphasis is ours):

    The result was amazing and scary at the same time – the pixel is virtually impossible to spot on Nexus 5 screen (even when you know where to look)! Also it turned out that even if you turn the screen completely off, you can still take photos, as long as the pixel is still there.

    Sidor’s post on his findings is well worth a read – and he also includes a few handy tips on how to protect yourself from the threat of malicious apps on your Android device. He acknowledges that he was not, in fact, the first to discover this flaw, but also adds that he has contacted Google with the details of his own research, in the hope that they will close the loophole with a future security patch.

     

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

    Fort Lauderdale, Miami, Boca Raton, Boynton Beach and all South Florida

     


  • Reports claim Windows XP can be updated via registry hack

    [​IMG]

    Officially, Microsoft stopped releasing automatic public updates for Windows XP over a month ago after over 12 years. Now a registry hack has been found that, when placed in the OS, allows it to continue receiving updates.

    The hack was first reported by BetaNews and later confirmed by ZDNet. By making a few changes in the registry of XP, the hack basically tricks the automatic update servers at Microsoft into thinking the OS is Windows Embedded POSReady 2009. The OS is based on Windows XP Service Pack 3 and it will continue to get security updates from Microsoft until April 2019.

    The specific registry hack works with 32-bit systems but the owners of the few 64-bit Windows XP PCs can find a workaround on this forum. However, it’s more than possible that this method will be short lived as Microsoft could make changes to block any securty updates that use this hack.

    It should also be noted, as Microsoft has done many times, that Windows XP is well over 12 years old and PC owners should really upgrade to a more recent version of the OS that will not only keep getting security updates but will be more secure overall.


  • eBay Hacked – Change your account password now

    eBay customers are now potentially vulnerable to phishing attacks i.e. spoofed e-mails. Hackers or spammers could craft very convincing phishing emails which may appear legitimate at first glance, but could trick you into revealing further personal information.

    To change your eBay password, log into your account, select Account Settings, then click “Personal Information”, then “edit” next to your password. If you are using same login details for other websites, you should also update them as soon as possible.

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere