Tag Archive for: Million

Samsung Galaxy S23 Hacked By Million Dollar Zero-Day Attackers

/in


It was the best of times; it was the worst of times for Samsung. Across four days ending October 27, the Samsung Galaxy S23 was successfully hacked by elite security researchers using zero-day exploits. Four times. The iPhone 14 and Pixel 7 were left unscathed. However, it’s not all bad news, as the zero-day exploits have been handed over to Samsung to fix. Samsung now has 120 days to do so before the exploit methodologies are disclosed publicly.

Who Just Hacked The Samsung Galaxy S23?

The takedown of the Samsung S23 smartphone happened during the annual Pwn2Own hacking event organized by Trend Micro’s Zero Day Initiative. This consumer-oriented event, held in Toronto, Canada, took place between October 24 and 27. Although four smartphones were in scope for the hackers taking part, only the Samsung Galaxy S23 and Xiaomi 13 Pro were successfully exploited. The Apple iPhone 14 and Google Pixel 7 remained undefeated.

MORE FROM FORBESiLeakage Hackers Can Read Gmail On All 2020 Or Later iPhones And MacsBy Davey Winder

With regard to the Samsung Galaxy S23, hackers from Pentest Limited, STAR Labs SG, Interrupt Labs, and ToChim were all able to execute successful zero-day exploits against the device across the four days of competition.

There was, in fact, a fifth successful hack against the Samsung Galaxy S23 by Team Orca from Sea Security, but it used a previously known exploit.

Meanwhile, researchers from NCC Group and Team Viettel were also able to execute successful zero-day exploits against the Xiaomi 13 Pro smartphone.

What Zero-Day Exploits Were Used To Hack The Samsung Galaxy S23?

As already mentioned, the full technical details of the successful zero-day exploits will not be made public until such a time that Samsung has had an opportunity to distribute a patch to fix the vulnerabilities. ZDI gives vendors a 120-day window within which to produce and distribute such a patch. In the meantime, ZDI has released a very brief outline of the exploit types on X, formerly known as Twitter.

Pentest Limited executed an Improper Input…

Source…

Over $1 Million Awarded To Hackers In Pwn2Own Toronto

/in


Pwn2Own, the annual computer hacking contest that concluded in Toronto, Canada, on October 27, 2023, saw security researchers earning $1,038,500 for 58 unique zero-day exploits (and multiple bug collisions).

The four-day hacking event was held between October 24, 2023, and October 27, 2023, with prize money to be won over $1,000,000 USD and other forms of prizes available for contestants.

The hacking event had multiple categories for the security researchers to target in the competition, which included printers, surveillance systems, network-attached storage (NAS) devices, mobile phones, home automation hubs, smart speakers, and Google’s Pixel Watch and Chromecast devices.

The hacking contest saw the Samsung Galaxy S23 being successfully hacked four times by the teams of Pentest Ltd, STAR Labs SG, Interrupt Labs, and ToChim. While Pentest Ltd and Interrupt Labs were able to execute an Improper Input Validation against the Samsung Galaxy S23, STAR Labs SG and ToChim were able to exploit a permissive list of allowed inputs against the smartphone.

Further, the exploitation of Samsung Galaxy S23 earned the Pentest Ltd and Interrupt Labs teams a reward of $50,000 and $25,000, respectively, and 5 Master of Pwn points, while the STAR Labs SG and ToChim teams got $25,000 and 5 Master of Pwn points each for their exploits.

Other Highlights:

  • Chris Anastasio was able to exploit a bug in the TP-Link Omada Gigabit Router and another in the Lexmark CX331adwe for $100,000
  • Team Orca of Sea Security executed a 2-bug chain using an OOB Read and UAF against the Sonos Era 100 for $60,000
  • A DEVCORE Intern executed a stack overflow attack against the TP-Link Omada Gigabit Router and exploited two bugs in the QNAP TS-464 for $50,000
  • Team Viettel was able to execute a heap-based buffer overflow and a stack-based buffer overflow against the TP-Link Omada Gigabit Router and the Canon imageCLASS MF753Cdw for the SOHO Smashup for $50,000
  • Xiaomi, Western Digital, Synology, Canon, Lexmark, Sonos, TP-Link, QNAP, Wyze, Lexmark, and HP were all exploited during the competition

The overall Master of Pwn winner was Team Viettel, with 30 Master of Pwn points, winning $180,000. They were followed on the…

Source…

Every day, half a million malware apps are created for scamming. Who’s behind them?

/in


HANOI: One hour. That is all the time it takes to build malicious software that can access the camera, messages, calls, storage, microphone, location, contacts — nearly everything — on a victim’s phone.

And cyber threat hunter Ngo Minh Hieu finds more than half a million of such malware apps created every day, in his work for Vietnam’s National Cyber Security Centre.

Vietnam saw a 64 per cent rise in online fraud in the first half of this year compared with the same period last year, according to the country’s Authority of Information Security.

A growing number of incidents in the last five years are related to malware, said Nguyen Quang Dong, the director of the Institute for Policy Studies and Media Development.

The flurry of fraudulent activity has landed Vietnam among the world’s top 10 cybercrime hotspots according to the Global Tech Council, the programme Talking Point found as it investigated who might be behind the malware scams that have emerged in Singapore this year.

FORMER SCAMMER BECOMES CYBER THREAT HUNTER

Between January and August, more than 1,400 victims in Singapore lost at least S$20.6 million in total, police said.

The perpetrators linked to malware scams have mostly played the role of money mules, said Ang Hua Huang, assistant superintendent at the newly operationalised anti-scam command centre run by the Singapore Police Force.

There have been teenagers arrested for suspected involvement.

WATCH: Who are the people behind malware scams? (21:58)

Source…

Lockbit ransomware gang demanded an 80 million ransom to CDW

/in


Lockbit ransomware gang demanded an 80 million ransom to CDW

Pierluigi Paganini
October 14, 2023

The Lockbit ransomware gang claims to have hacked the technology services giant CDW and threatens to leak the stolen data.

The technology services giant CDW announced it has launched an investigation into claims made by the Lockbit ransomware gang that added the company to the list of victims on its leak site.

CDW Corporation is a provider of technology solutions and services for business, government and education. A secondary division of the company, known as CDW-G, focuses on United States governmental entities, including as K-12 schools, universities, non-profit healthcare organizations, State & Local and the Federal government.

The LockBit ransomware gang demanded an $80 million ransom, but the group claims that the company only offered $1 million.

“All the Nasdaq-listed corporation was able to offer was $1,100,000 dollars of the requested $80,000,000 dollars” reads the message published on the dark web leak site of the group.

CDW Lockbit

“We published them because in the negotiation process a $20 billion company refuses to pay adequate money,” a representative of the gang told The Register. “As soon as the timer runs out you will be able to see all the information, the negotiations are over and are no longer in progress. We have refused the ridiculous amount offered.”

CDW revealed that it had detected suspicious activity related to the Sirius Federal servers and quickly launched an investigation with the help of external cybersecurity experts.

“we are addressing an isolated IT security matter associated with data on a few servers dedicated solely to the internal support of Sirius Federal, a small U.S. subsidiary of CDW-G.” The servers are “non-customer-facing” and are “isolated from our CDW network and other…

Source…