Tag: hijack | Page 2

Hackers hijack government websites to mine crypto-cash

December 16, 2023/in Computer Security

The Information Commissioner’s Office (ICO) took down its website after a warning that hackers were taking control of visitors’ computers to mine cryptocurrency.
Security researcher Scott Helme said more than 4,000 websites, including many government ones, were affected.
He said the affected code had now been disabled and visitors were no longer at risk.
The ICO said: “We are aware of the issue and are working to resolve it.”
Mr Helme said he was alerted by a friend who had received a malware warning when he visited the ICO website.
He traced the problem to a website plug-in called Browsealoud, used to help blind and partially sighted people access the web.
Texthelp, the company which makes the plug-in, confirmed that the product was affected for four hours by malicious code designed to generate cryptocurrency.
The cryptocurrency involved was Monero – a rival to Bitcoin that is designed to make transactions in it “untraceable” back to the senders and recipients involved.
The plug-in had been tampered with to add a program, Coinhive, which “mines” for Monero by running processor-intensive calculations on visitors’ computers.
Once the plug-in was infected, it affected thousands of other websites in addition to the ICO’s, which used it.
By Rory Cellan-Jones, BBC technology correspondent
The surge in value of Bitcoin and other cryptocurrencies hasn’t escaped the attention of hackers looking to make a quick buck.
Mining, the process where new digital coins are created by solving complex mathematical problems, uses increasing amounts of computer processing power and that means big electricity bills.
All the better then if you can get other people’s computers to do the job. The hackers do this by inserting software into websites which then means that, unbeknown to them, visitors’ computers are put to work mining cryptocurrencies.
It seems that the Information Commissioner’s site along with others run by the government were infected by crypto-mining code injected into some accessibility software they all use.
This kind of attack is becoming increasingly common and while it appears not to cause data loss or damage to systems, it does…

Source…

How Hackers Can Hijack a Satellite

July 14, 2023/in Computer Security

A computer flying hundreds or even thousands of kilometers in the sky, at a speed of tens of thousands of kilometers an hour, is nonetheless still a computer. And every connected computer has an attack surface.

Researchers, nation-states, and even ordinary cybercriminals have long since demonstrated how to hijack the control and communications aspects of satellite technology. Just last year, on the day of its ground invasion, Russian hackers caused an outage for the Ukrainian satellite Internet service provider Viasat, and on Nov. 18, the pro-Russian hacktivist group Killnet performed a distributed denial-of-service (DDoS) attack against SpaceX’s Starlink system, which was providing connectivity to cut-off regions of Ukraine. More recently, the Wagner Group claimed responsibility for a temporary downage at Russian Internet provider Dozor-Teleport. The group did it, supposedly, by uploading malware to multiple satellite terminals.

It’s clear that we can disrupt satellite links, but what about the satellites themselves? The firmware and software hovering up there in the sky? Arguably, they’re just as exposed.

In a presentation next month at Black Hat USA in Las Vegas, Johannes Willbold, a doctoral student at the Ruhr University in Bochum, Germany, will demonstrate how satellites can be manhandled by hackers. (Hint: It’s not that hard.)

“There’s certainly a security by obscurity there,” he acknowledges, “but apart from that, a lot of satellites are not doing anything else to prevent misuse.”

Satellites Cling to Security by Obscurity

In a paper published earlier this year, Willbold and five colleagues surveyed 19 engineers and developers representing 17 different models of satellite. Of those 17, three of the respondents admitted they had not implemented any measures to prevent third-party intrusion. In five cases the respondents were unsure or declined to comment, while the remaining nine had, indeed, implemented some defenses. Yet even some of those better cases were iffy — only five of those nine, for example, had implemented any kind of access controls.

“So many of the satellites that we looked at just straight-up had no protection against somebody manipulating the satellite, except…

Source…

Bugs in Lego Resale Site Allowed Hackers to Hijack Accounts

December 18, 2022/in Computer Security

Security analysts have found bugs in Lego’s second-hand online marketplace that left its users at risk of account hijacking and data leakage.

In a blog post(Opens in a new window), Salt Labs said that the issues, now resolved, affected Lego-owned BrickLink.com, the world’s largest official marketplace for Lego bricks.

The security researchers said that two API security issues could have enabled an attacker to take over BrickLink accounts, and access and steal personally identifiable information stored on the site. The vulnerabilities could have also allowed attackers to gain access to internal production data and compromise internal servers, Bleeping Computer reports(Opens in a new window).

The BrickLink bugs were spotted when Salt Lab analysts were experimenting with user input fields on the marketplace site.

The first flaw noted by the researchers included a cross-site scripting (XSS) deficiency in the “Find Username” dialog box of the coupon search section which allowed for the “injection and execution” of code that could target a target’s machine.

The flaw, if exploited correctly, means attackers could have access to personal details such as a targeted user’s email address, shipping address, order, and message history, Salt Lab said.

Researchers also exploited a flaw on the “Upload to Wanted List” page where a faulty endpoint parsing mechanism allowed them to launch an attack that could read internal production data.

Recommended by Our Editors

The analysts said that they were unable to confirm or deny whether any of the vulnerabilities were exploited.

PCMag contacted Lego for comment on the BrickLink bugs but did not immediately receive a response.

The security analysts encourage any concerned Lego fan to directly contact the brand if they are concerned about the reported vulnerabilities.

In October, Lego decided to discontinue its Mindstorms range of programmable robots, after 24 years of production. It means the end of Lego’s $359.99 Mindstorms Robot Inventor Kit, which lets Lego-fans build five different robot models out of 949 Lego bricks.

Like What You’re Reading?

Sign up for SecurityWatch newsletter for our top privacy and security stories…

Source…

There was a TikTok Android app exploit that let hackers hijack accounts with one click

September 6, 2022/in Internet Security

Don’t freak out, as it’s long resolved now, but Android users should really think twice before clicking any links in the TikTok app after security flaws were found and reported that made it ridiculously easy to steal others accounts with a simple link. While it’s been addressed for now, it’s always good internet security advice to not go clicking unknown links and with an exploit this simple it’s a good idea to be ever vigilant out there.

According to BleepingComputer, (opens in new tab) Microsoft reported the flaw to TikTok back in February but given the potential severity, it’s not too surprising we aren’t hearing about it until now. With a well crafted malicious link, reportedly more than 70 JavaScript methods could be used to get access to the app’s webview, only used by the Android app.

From there, those with malicious intent can wreak all sorts of havoc on the users’ account. They can modify and view basically all the data, including profile settings and private videos. Due to the ability to perform authenticated requests through the webview, it’s by no means a stretch to say they could completely take over the account.

“Attackers could have leveraged the vulnerability to hijack an account without users’ awareness if a targeted user simply clicked a specially crafted link,” Microsoft 365 Defender Research Team (opens in new tab)‘s Dimitrios Valsamaras said, adding “Attackers could have then accessed and modified users’ TikTok profiles and sensitive information, such as by publicizing private videos, sending messages, and uploading videos on behalf of users.”

Tips and advice

The Nvidia RTX 3070 and AMD RX 6700 XT side by side on a colourful background — (Image credit: Future)

How to buy a graphics card (opens in new tab): tips on buying a graphics card in the barren silicon landscape that is 2021

The surprising, yet good news is it seems the flaw doesn’t seem to have been exploited while active, which is exactly why it was likely kept under wraps for a while. And it does look like TikTok has fixed the issue, in between trying to get into games (opens in new tab).

Microsoft’s investigations didn’t find evidence of an attack using the link exploits, so hopefully it wasn’t discovered by bad actors at the time. Though given TikTok’s youthful audience, it could…

Source…

Tag Archive for: hijack

Satellites Cling to Security by Obscurity

Recommended by Our Editors

Like What You’re Reading?