Tag Archive for: covert

Jaw-Dropping New Hack Turns Your Phone Screen Into Covert Spy Camera

/in


In a new study published in Science Advances, researchers from the Massachusetts Institute of Technology Computer Science and Artificial Intelligence Laboratory have revealed how hackers can turn your smartphone into a spying device akin to the TV screens featured in Orwell’s 1984.

The paper, Imaging privacy threats from an ambient light sensor, reveals how seemingly harmless ambient light sensors, used in most smartphones to auto-adjust screen brightness, are capable of covertly capturing user interactions thanks to a newly developed computational imaging algorithm.

How Smartphone Screens, Not Cameras, Can Spy On Users

I have written plenty of articles covering how seemingly innocuous items can be used to spy on users and create a security threat that one might not ordinarily imagine. Forget the more obvious targets for such stories as smart speakers, and think more about light bulbs and vacuum cleaners, both of which have been subject to research regarding covert surveillance techniques.

MORE FROM FORBESNew Galaxy S24: Samsung Confirms Massive Security BombshellBy Davey Winder

More than a hint of 1984 shines through the research by Yang Liu, Gregory W. Wornell, William T. Freeman and Fredo Durand. Instead of Big Brother keeping tabs on citizens through enormous TV screens everywhere, the researchers talk of how hackers could covertly capture user gestures through the small screens we carry everywhere: smartphones.

More precisely, the researchers focus on the ambient light sensors that enable our smartphones to adjust screen brightness to match our environment. Apps can use ambient light sensors without the need to ask permission from the user. The lack of permission control is not exactly surprising, given that such sensors have not been considered a privacy or security risk. Until now.

MORE FROM FORBESGmail 2024 Hack Attack Advice: Turn It Off And On Again, Google SaysBy Davey Winder

Novel Smartphone Security Risk Revealed By MIT Researchers

“The ambient light sensor needs to be always on for functionality and is…

Source…

Iranian APT Group OilRig Using New Menorah Malware for Covert Operations

/in


Sep 30, 2023THNCyber Espionage / Malware

Menorah Malware

Sophisticated cyber actors backed by Iran known as OilRig have been linked to a spear-phishing campaign that infects victims with a new strain of malware called Menorah.

“The malware was designed for cyberespionage, capable of identifying the machine, reading and uploading files from the machine, and downloading another file or malware,” Trend Micro researchers Mohamed Fahmy and Mahmoud Zohdy said in a Friday report.

The victimology of the attacks is not immediately known, although the use of decoys indicates at least one of the targets is an organization located in Saudi Arabia.

Cybersecurity

Also tracked under the names APT34, Cobalt Gypsy, Hazel Sandstorm, and Helix Kitten, OilRig is an Iranian advanced persistent threat (APT) group that specializes in covert intelligence gathering operations to infiltrate and maintain access within targeted networks.

The revelation builds on recent findings from NSFOCUS, which uncovered an OilRig phishing attack resulting in the deployment of a new variant of SideTwist malware, indicating that it’s under continuous development.

In the latest infection chain documented by Trend Micro, the lure document is used to create a scheduled task for persistence and drop an executable (“Menorah.exe”) that, for its part, establishes contact with a remote server to await further instructions. The command-and-control server is currently inactive.

UPCOMING WEBINAR

Fight AI with AI — Battling Cyber Threats with Next-Gen AI Tools

Ready to tackle new AI-driven cybersecurity challenges? Join our insightful webinar with Zscaler to address the growing threat of generative AI in cybersecurity.

Supercharge Your Skills

The .NET malware, an improved version of the original C-based SideTwist implant discovered by Check Point in 2021, is armed with various features to fingerprint the targeted host, list directories and files, upload selected files from the compromised system, execute shell commands, and download files to the system.

“The group consistently develops and enhances tools, aiming to reduce security solutions and researchers’ detection,” the researchers said.

“Typical of APT groups, APT34 demonstrates their vast resources and…

Source…

Why The Future Of Cyber Operations Will Be Covert – Analysis – Eurasia Review

/in


By Richard L. Manley*

Current cyber conflict looks very similar to traditional conflict models. The difference from traditional power dynamics offered by the cyber domain, however, is the asymmetrical advantage of technology for would-be actors. This new element of national power allows weaker actors to “punch above their weight” in competition or conflict with Great Powers in a unipolar or multipolar world. John Arquilla describes this new environment as an “information revolution” that “implies the rise of cyber war, in which neither mass nor mobility will decide outcomes.”1 Continuing in the spirit of Ivan Arreguín-Toft’s strategic interaction theory, cyber operations allow significant latitude for strong actors to compete indirectly, short of physical conflict in the traditional sense.2 Cyber also allows weak actors to impose costs against strong actors without incurring significant risk. Strong actors continue to integrate the effects achieved in the cyber domain into their doctrinal foreign policy, whether militarily or otherwise, to maximize layered effects. The outcomes of the new competitive space of cyber have been theorized for decades now, but what makes prediction difficult is the pace of innovation and the change in available technology.

This article discusses the effects of cyber operations on the strategic interaction of actors in the cyber domain, gives examples of the use of cyber in Great Power competition, and explains how cyber operations offer an asymmetric advantage to weaker actors. It focuses on works by Keir Giles, Austin Carson and Keren Yarhi-Milo, and Ryan Maness and Margarita Jaitner toward the use of cyber operations by revisionist state actors such as the Russian Federation and the People’s Republic of China. It demonstrates how cyber allows these actors to “play a weak hand well” in support of their respective theories of hybrid warfare and unrestricted warfare. Moving on from revisionist states, this article gives examples of strategic interaction in the cyber domain by rogue states such as North Korea by describing the asymmetric advantage that nation enjoys as the weaker actor in a struggle with South Korea and the…

Source…

Ex-CIA Employee Convicted in Theft of Covert Hacking Info

/in


Joshua Schulte Is Guilty on Nine Counts Ranging From Espionage to Obstruction

Mihir Bagwe (MihirBagwe) •
July 14, 2022    

Ex-CIA Employee Convicted in Theft of Covert Hacking Info

A former CIA programmer charged with spilling the agency’s top-secret hacking toolbox online is guilty after a federal jury returned a verdict on all counts.

See Also: OnDemand | Fireside Chat | Zero Tolerance: Controlling The Landscape Where You’ll Meet Your Adversaries

Joshua Schulte, 33, faces a minimum of 80 years in prison after hearing the verdict Wednesday afternoon in a Manhattan federal court room. The government indicted him on nine counts, including espionage, unauthorized access to a computer and obstruction of justice.

Schulte, who developed penetration tools for the espionage service, sent Wikileaks a trove of techniques used for snooping on iPhones, Cisco networking devices, Skype and even smart TVs (see: 7 Facts: ‘Vault 7’ CIA Hacking Tool Dump by WikiLeaks). WikiLeaks posted more than 8,700 documents online in March 2017, calling the leak “Vault 7” and revealing covert programs with names including CrunchyLimeSkies and McNugget.

U.S. Attorney Damian Williams called the leak “one of the most brazen and damaging acts” of espionage in American history. Schulte harbored resentment toward the CIA and was “aware that the collateral damage of his retribution could pose an extraordinary threat to this nation,” Williams said after the jury verdict.

For all Schulte’s apparent technical sophistication, a recent New Yorker profile of the now-convicted leaker found he was reckless with his personal security. Schulte also faces charges for possession of child pornography.

A first attempt to prosecute Schulte ended in a mistrial, with the jury convicting him on contempt of court charges as well as of lying to the FBI’s investigators, but not on the espionage charges. Schulte opted to represent himself in the second trial.

Source…