Tag Archive for: driveby

FBI ‘Drive-By’ Hacking Warning Suddenly Gets Real—Change This Critical Setting Today

/in


When the FBI warned that hackers can use the smart gadgets you have at home “to do a virtual drive-by of your digital life,” it was smart connected gadgets they had in mind. This week’s report into a vulnerability with cheap smart plugs available on Amazon can be added to recent warnings about kitchen gadgets and security cameras.

But there was also a more worrying story this week—one that is much more of a concern. Reports suggested that a home internet router had been remotely attacked, exploiting its factory-set password to hijack an IP address to mask “illicit” activity. In my view, the specific attack alleged in these reports is implausible, but I agree that a router in such a default state is a very serious risk.

I don’t think people even understand what a router does,” warns ESET cyber guru Jake Moore. “Most people don’t want to change the password, let alone go into the settings on the router. Many people don’t even realize there are two passwords.”

And so, the highlighting of this issue this week is critical. Treat your router like your internet “mothership,” Moore says. “Lots of people haven’t changed their ISP for years, and so they’ll have an old router, possible six, even ten years old.” And that means that the security on the device itself is likely lacking, and you probably haven’t been into the settings, updated the firmware or changed the password for years—if ever.

Routers are computers, air traffic control systems for all the connections in your house. And while your WiFi SSID and password enable someone to join you network, that person needs to be nearby. Clearly, the router itself can be compromised remotely.

I have commented before on broader IoT security—give some thought to the number of devices you connect to your home internet, remember, each device is a bridge between your home and the outside world. Think that through.

For those you do connect—including computers, phones tablets, smart toys, kitchen gadgets, appliances, TVs and the rest, change all default passwords, and make each one unique—use a password manager or write them down. Update the firmware and enable auto-updates if…

Source…

FBI ‘Drive-By’ Hacking Warning Suddenly Gets Real—Here’s Why You Should Be Concerned

/in


When the FBI warned that hackers can use the smart gadgets you have at home “to do a virtual drive-by of your digital life,” it was smart connected gadgets they had in mind. This week’s report into a vulnerability with cheap smart plugs available on Amazon can be added to recent warnings about kitchen gadgets and security cameras.

But there was also a more worrying story this week—one that is much more of a concern. Reports suggested that a home internet router had been remotely attacked, exploiting its factory-set password to hijack an IP address to mask “illicit” activity. In my view, the specific attack alleged in these reports is implausible, but I agree that a router in such a default state is a very serious risk.

I don’t think people even understand what a router does,” warns ESET cyber guru Jake Moore. “Most people don’t want to change the password, let alone go into the settings on the router. Many people don’t even realize there are two passwords.”

And so, the highlighting of this issue this week is critical. Treat your router like your internet “mothership,” Moore says. “Lots of people haven’t changed their ISP for years, and so they’ll have an old router, possible six, even ten years old.” And that means that the security on the device itself is likely lacking, and you probably haven’t been into the settings, updated the firmware or changed the password for years—if ever.

Routers are computers, air traffic control systems for all the connections in your house. And while your WiFi SSID and password enable someone to join you network, that person needs to be nearby. Clearly, the router itself can be compromised remotely.

I have commented before on broader IoT security—give some thought to the number of devices you connect to your home internet, remember, each device is a bridge between your home and the outside world. Think that through.

For those you do connect—including computers, phones tablets, smart toys, kitchen gadgets, appliances, TVs and the rest, change all default passwords, and make each one unique—use a password manager or write them down. Update the firmware and enable auto-updates if…

Source…

Rig Exploit Kit Pushing Eris Ransomware in Drive-by Downloads – BleepingComputer

/in

Rig Exploit Kit Pushing Eris Ransomware in Drive-by Downloads  BleepingComputer

The RIG exploit kit has been spotted distributing the new ERIS Ransomware as its payload. Using the RIG exploit kit, vulnerable victims will find that the …

“exploit kit” – read more

New ransomware infections are the worst drive-by attacks in recent memory

/in
Screenshot of ransomware.

Enlarge (credit: Malwarebytes)

An ongoing operation that’s installing ransomware and other malware on the computers of unsuspecting website visitors is one of the most potent drive-by attack campaigns researchers have seen in recent memory.

The attacks install three pieces of malware using an exploit kit called GreenFlash Sundown, which researchers identified in 2015 and have continued to follow since. Attacks in recent weeks have spiked again as ShadowGate—one of the names given to the hacker group behind the campaign—has unleashed a highly revamped version of the exploit kit on hacked ad servers run by Web publishers. The most notable compromise is of an ad server belonging to onlinevideoconverter[.]com, a site with more than 200 million visitors per month that converts YouTube videos into video files that can be stored on a computer hard drive.

“They are ongoing and with a scale we haven’t seen in a couple of years when it comes to exploit kit-related attacks,” Jérôme Segura, a Malwarebytes researcher tracking the campaign, said of the attacks on onlinevideoconverter[.]com visitors. “We literally noticed a huge spike in our telemetry starting a few days ago, which is very unusual. Given what we see in our telemetry, this is the most successful drive-by campaign we have seen in quite a while, so we can infer many people were affected by it.”

Read 12 remaining paragraphs | Comments

Biz & IT – Ars Technica