Tag Archive for: criminals

Criminals can now hack into car key fobs

/in


Hackers and criminals are getting more sophisticated. Many are using people’s car key fobs to break into cars.

Do you ever worry about security when getting into your vehicle without a physical key?

One person said they weren’t worried even though hackers are hacking into key fobs.

A team of researchers demonstrated how easy it is and did just that.

The door was locked. They had a computer nearby, and in just a matter of seconds, the car lights went on, and the door opened.

“And I thought, you know what, maybe let’s just try this and let’s try it on my car,” said Rajesh, a junior at the University of Dartmouth. “Next thing you know, with it, it worked.”

Rajesh and his co-researcher, Blake Berry, are IT Security Researchers who’d rather remain incognito.

They weren’t only able to open the car, but they started it as well.

When the pair was asked how easy it was, “Oh, 200%,” Rajesh said. “I mean, an 8-year-old could do it.”

The computer could have been in a car parked nearby at a site capturing the signal being sent out by your fobs, a built-in transmitter, and the car owner could have been in the store not realizing someone broke into their car, according to AAA warnings.

“They’ve come up with a device that would actually amplify your fob signal, so it doesn’t have to be right next to the car, but they can still get into it using your fob signal,” said Shuppe.

“And what they’re trying to do is pick up your codes,” said Michael Chan.

Chan programs backup and replacement fobs at the business he started 20 years ago, Duplicating Keys.

He said later car models with rolling codes on their fobs are safer.

“The pins keep rolling,” he said. “So, it’s hard to duplicate the existing number.”

But it’s not available in older systems like the pre-2021 models Rajesh was testing which many car companies don’t upgrade.

“But they don’t implement this technology anyway, which is kind of alarming,” Rajesh said. “If they did, then what we’re doing essentially wouldn’t work at all.”

So, what can you do when you leave your vehicle parked at a store lot or even at home?

Download the FOX13 Memphis app to receive alerts from breaking news…

Source…

Three Clever Ways Cyber Criminals Hack Your Personal Data

/in


Cybercriminals constantly search for new ways to hack into your computer, steal your money and data.

It’s bad enough there are phishing schemes sent via email. Posers pretend to be family or friends who supposedly need money urgently but can’t talk by phone. “Please reply to this email,” they say. We have to be on guard for criminals who data mine our social media to determine passwords and answers to security questions.

Here are three recent data stealing techniques to guard against:

A Malicious QR Code

Criminals use fake QR codes to send people to malicious sites according to the FBI. QR stands for “quick response” and you may have used one in a restaurant during the pandemic. Customers line up the QR Code in the focus of their phone camera and a corresponding menu/website pops up.

Criminals plant fraudulent QR codes with bad intent. The fake QR code may take you to a malicious website and/or download a file in order to steal your data. The QR code could even change a payment, so they receive it instead of your vendor.

QR Code safety tips:

  1. Prevent QR Code fraud.
  2. Don’t use QR codes from sources that are not trusted and are unknown to you.
  3. Review the QR code closely for evidence of tampering. Is there a sticker on top of a sticker? Does something look off to you? Inspect any QR codes prior to use to make sure they haven’t been altered.
  4. Pay your bills through your secure connection with your bank instead of via a QR Code.
  5. Do not download an app from a QR Code.
  6. When you use a QR Code, check the URL address of the site where you are directed. Double check that it is legitimate. Better yet, go directly to that site in a new window and close the QR Code generated window.

The Infected USB Device

Cybercriminals attempt to gain control of consumers’ computers via a USB device scam. A USB device, often called a thumb drive, is a small external storage tool where files including documents, and pictures can be stored. In our home, we have a few USB devices storing favorite family photos.

An infected device can compromise your computer. Scammers send them in the mail disguised as a present from a commonly used vendor…

Source…

Vizag cops take MSCD to detect suspected criminals

/in


Visakhapatnam: Keeping in view the rush at public places during the summer vacations and the free movement of the public after end of the Covid19 restrictions, the Vizag City Police (VSP) has intensified its vigil via the Mobile Security Check Device (MSCD) to detect people with a criminal history.

In 2021, nearly 10,000 suspects were detected and their fingerprints verified through MSCD devices by the personnel attached with all the 23 police stations in the VSP jurisdiction, covering the nearly 25 lakh population.

 

This year, 3000 odd numbers of suspects were examined from January till date. However, the number of offenders of various police cases identified through the verification process was negligible, official sources informed Deccan Chronicle.

A senior police officer said, “In fact, we paused for a while with the MSCD system for verification of suspects in the city during the third wave of Covid19 from January to February. We resumed doing it in recent days. The criminal background of the suspects offender is immediately known. Their nationality does not matter here. We can get the crime history of the person from any part of the country.”

 

According to the crime wing of the VSP, the system detects the images of the suspects by just touching the fingerprints with the help of MSCD. The device is attached to an Android-based mobile or tablet to detect the images of the suspects just by touch of fingers and shared with the AFIS server for automatic matching against the database for real time identification in the field.

“We did not find many numbers of offenders with the help of the MSCD this year, but the number of searches are increasing daily and the verification of numbers of suspects is also increasing due to the summer. During this time, there is the rush of tourists, passengers and visitors in bus stations, parks, beaches,” a police officer told DC.

 

Source…

Lapsus$ gang sends a worrying message to would-be criminals • The Register

/in


Analysis The Lapsus$ cyber-crime gang, believed to be based in Brazil, until recently was best known for attacks on that country’s Ministry of Health and Portuguese media outlets SIC Noticias and Expresso.

However, the gang is climbing up the ladder, swinging at larger targets in the tech industry. Over the past few weeks, those have included Nvidia, Samsung, and Argentine online marketplace operator Mercado Libre. Now, Lapsus$ is suspected of attacking game developer Ubisoft.

Lapsus$ in February compromised Nvidia, stealing a terabyte of data that included proprietary information and employee credentials, and dumping some of the data online. The crew also demanded the GPU giant remove limits on crypto-coin mining from its graphics cards, and open-source its drivers.

Days later, the group broke into Samsung, hoping to unlock the secrets of its TrustZone secure environment, and eventually leaked almost 200GB of data, including algorithms related to its biometric technologies, source code for bootloaders, activation servers, and authentication for Samsung accounts, and source code given to chip-designing partner Qualcomm.

Ubisoft, whose games include Assassin’s Creed, Prince of Persia and Watch Dogs, last week said in a brief statement it had “experienced a cyber security incident that caused temporary disruption to some of our games, systems, and services. Our IT teams are working with leading external experts to investigate the issue.”

The development house added that all of its games and services were operating as normal despite the attack. The online criminals have reportedly claimed the disruption was their work.

Growing pains

The attacks on Nvidia, Samsung, and seemingly Ubisoft represent a sharp upward turn in terms of the size of Lapsus$’s targets.

Cybersecurity experts describe a still-maturing cybercriminal group that is testing its capabilities with a range of different attack methods – from data…

Source…