Tag Archive for: hacking

Police Linked to Hacking Campaign to Frame Indian Activists

/in


police forces around the world have increasingly used hacking tools to identify and track protesters, expose political dissidents’ secrets, and turn activists’ computers and phones into inescapable eavesdropping bugs. Now, new clues in a case in India connect law enforcement to a hacking campaign that used those tools to go an appalling step further: planting false incriminating files on targets’ computers that the same police then used as grounds to arrest and jail them. 

More than a year ago, forensic analysts revealed that unidentified hackers fabricated evidence on the computers of at least two activists arrested in Pune, India, in 2018, both of whom have languished in jail and, along with 13 others, face terrorism charges. Researchers at security firm SentinelOne and nonprofits Citizen Lab and Amnesty International have since linked that evidence fabrication to a broader hacking operation that targeted hundreds of individuals over nearly a decade, using phishing emails to infect targeted computers with spyware, as well as smartphone hacking tools sold by the Israeli hacking contractor NSO Group. But only now have SentinelOne’s researchers revealed ties between the hackers and a government entity: none other than the very same Indian police agency in the city of Pune that arrested multiple activists based on the fabricated evidence.

“There’s a provable connection between the individuals who arrested these folks and the individuals who planted the evidence,” says Juan Andres Guerrero-Saade, a security researcher at SentinelOne who, along with fellow researcher Tom Hegel, will present findings at the Black Hat security conference in August. “This is beyond ethically compromised. It is beyond callous. So we’re trying to put as much data forward as we can in the hopes of helping these victims.”

SentinelOne’s new findings that link the Pune City Police to the long-running hacking campaign, which the company has called Modified…

Source…

I do read your comments. Interview with Russian hacker and techie // Russia Ukraine Cyberwar

/in



Mucheru defends govt over IEBC hacking claims » Capital News

/in


NAIVASHA, Kenya, Jun 11 – Information Communication and Technology (ICT) Cabinet Secretary Joe Mucheru has rubbished claims that the Government was planning to hack the Independent Electoral Boundaries Commission (IEBC) Information technology system in order to rig the forthcoming General Elections in favour of one presidential candidate.

Mucheru said IEBC was an independent body that is procuring its own Information Technology (IT) systems for the upcoming elections and the ministry was not involved in any way in this process.

“We do not have any plans or intension to hack the IEBC servers neither do we have the know-how to do it because the servers are procured and secured by the IEBC itself,” Mucheru said.

He said the allegations coming from one section of the political divide were pure political rhetoric saying it is not possible to hack the system secured by IEBC itself without prior knowledge or information about its security.

The CS was speaking in Naivasha on Friday when he officially closed the Cyber Security Strategy 2022 – 2026 workshop which he said will give guidelines that will help the government strengthen the cyber security laws.

On network coverage in the country during the coming elections, the CS assured the country that the entire country will be covered for the ease of transmission of the election results as IEBC had procured 1,500 satellite modems to be used in the areas not covered by the 3G network.

The country goes to polls on August 9 with over 20million registered voters expected to elect their leaders at six levels- presidential, gubernatorial, senatorial, county women representatives, member of parliament and member of county assemblies.

Mucheru said Kenya has the highest international bandwidth per internet user with 566.41kilobites per second and a compounded annual growth rate of 52 percent making it one of the most digitalized countries in the world.

Advertisement. Scroll to continue reading.

He said every sector and industry and the government at large had adopted and relied heavily on ICTs and the internet as economic and governance resources and hence the need to secure our digital space.

The CS said to this…

Source…

EC Hacking: Your Laptop Has A Microcontroller

/in


Recently, I stumbled upon a cool write-up by [DHowett], about reprogramming a Framework laptop’s Embedded Controller (EC). He shows us how to reuse the Caps Lock LED, instead making it indicate the F1-F12 key layer state – also known as “Fn lock”, AKA, “Does your F1 key currently work as F1, or does it regulate volume”. He walks us through adding custom code to your laptop’s EC firmware and integrate it properly into the various routines the EC runs.

The EC that the Framework uses is a MEC1521 chip from Microchip, and earlier this year, they open-sourced the firmware for it. Now, there’s a repository of microcontroller code that you can compile yourself, and flash your Framework laptop’s motherboard with. In a comment section of HackerNews, a Framework representative has speculated that you could add GPIOs to a Framework motherboard through EC firmware hacking.

Wait… Microcontroller code? GPIOs? This brings us to the question – what is the EC, really? To start with, it’s just a microcontroller. You can find an EC in every x86 computer, including laptops, managing your computer’s lower-level functions like power management, keyboard, touchpad, battery and a slew of other things. In Apple land, you might know them as SMC, but their function is the same.

Why have we not been reprogramming our ECs all this time? That’s a warranted question, too, and I will tell you all about it.

What’s The EC’s Job?

The EC controls a whole bunch of devices in your laptop. Not devices connected to USB, LVDS/eDP or PCIe, because those would fall within the purview of the chipset. Instead, these are devices like power switches, the charger chip, and various current monitors, since these have to work correctly even when the chipset and CPU are powered off. But of course, it’s not just power management – there’s a whole lot of things in a laptop you need GPIOs for.

section from the EEE PC 701 schematic, showing the EC connections, and even some unused functions like extra button connections
The EC of a EEE PC 701. This one even has some extra signals for media buttons that were left out in hardware!

Generally, anything that you’d control with a digitalWrite or monitor using a digitalRead, measure through an ADC, or talk to using I2C – these are things handled by the EC. Thus, the…

Source…