WiFi

now browsing by tag

 
 

How to Secure Your Wi-Fi Router and Protect Your Home Network

Source: National Cyber Security – Produced By Gregory Evans If you’re lucky, the process will be automatic; you might even get alerts on your phone every time a firmware update gets applied, which usually happens overnight. If you’re unlucky, you might have to download new firmware from the manufacturer’s site and point your router towards […] View full post on AmIHackerProof.com

32,000+ WiFi Routers Potentially Exposed to New …

Source: National Cyber Security – Produced By Gregory Evans

Researchers detect an updated Gafgyt variant that targets flaws in small office and home wireless routers from Zyxel, Huawei, and Realtek.

A newly discovered variant of the Gafgyt Internet of Things (IoT) botnet is attempting to infect connected devices, specifically small office and home wireless routers from brands that include Zyxel, Huawei, and Realtek.

Gafgyt was first detected in 2014. Since then, it has become known for large-scale distributed denial-of-service attacks, and its many variants have grown to target a range of businesses across industries. Starting in 2016, researchers with Unit 42 (formerly Zingbox security research) noticed wireless routers are among the most common IoT devices in all organizations and prime targets for IoT botnets.

When a botnet strikes, it can degrade the production network and reputation of a company’s IP addresses. Botnets gain access to connected devices by using exploits instead of attempting to log in via unsecured services. As a result, a botnet can more easily spread through IoT devices even if a business’s admins have disabled unsecured services and use strong login credentials.

The new Gafgyt variant, detected in September, is a competitor of the JenX botnet. JenX also leverages remote code execution exploits to access and recruit botnets to attack gaming servers, especially those running the Valve Source engine, and launch a denial-of-service (DoS) attack. This Gafgyt variant targets vulnerabilities in three wireless router models, two of which it has in common with JenX. The two share CVE-2017-17215 (in Huawei HG532) and CVE-2014-8361 (in Realtek’s RTL81XX chipset). CVE-2017-18368 (in Zyxel P660HN-T1A) is a new addition to Gafgyt.

“Gafgyt was developed off JenX botnet code, which just highlights how much interest there is when it comes to building botnets within that community,” says Jen Miller-Osborn, deputy director of threat intelligence at Unit 42. This evolution of Gafgyt indicates a dedicated group of people is working to update these botnets and make them more dangerous, she notes. Most of the time when a botnet is updated, it typically means a new CVE has been added to its lineup.

“The difference with this one is the developers added a new vulnerability to it that wasn’t present in the previous one,” Miller-Osborn says. “That added to its potential reach.” Shodan scans indicate at least 32,000 Wi-Fi routers are potentially vulnerable to these exploits.

Gafgyt uses three “scanners” in an attempt to exploit known remote code execution bugs in the aforementioned routers. These scanners replace the typical “dictionary” attacks employed by other IoT botnets, which typically aim to breach connected devices through unsecured services.

The exploits are designed to work as binary droppers, which pull a corresponding binary from a malicious server depending on the type of device it’s trying to infect. The new Gafgyt variant is capable of conducting different types of DoS attacks at the same time, depending on the commands it receives from the command-and-control server, Unit 42 researchers say in a blog post on the findings.

Gafgyt Sets Sights on Gamers
One of the DoS attacks this Gafgyt variant can perform is VSE, which contains a payload to attack game servers running the Valve Source Engine. This is the engine that runs games like Half-Life, Team Fortress 2, and others. Researchers emphasize this isn’t an attack on Valve, as anyone can run a server for the games on their own network. This attack targets the servers. 

With the rest of the DoS attack methods, operators are targeting other servers hosting popular games such as Fortnite, Unit 42 found. Miller-Osborn says the purpose in targeting gaming servers is mostly to be an annoyance. “They’re not going to make a lot of money doing it,” she adds.

While gaming servers have become popular victims, the diversity of IoT devices targeted in these attacks has grown, researchers say. These is nothing about these routers that makes them more likely to be owned by gamers; home users and small businesses are also at risk.

“Once they’re compromised, they’re used to do malicious activity,” Miller-Osborn explains. “The routers themselves could be owned by anyone. The biggest thing, especially with all these IoT malware families, is for people to keep in mind this is probably just going to get worse.”

An attack on gaming servers is one thing, she says. It’s typically a DoS incident and people aren’t getting hurt. However, if an attacker can effectively compromise a router, they can also move into the network and conduct more nefarious activity — for example, data theft.

These attacks highlight the fact that there are a lot of devices, especially routers, active on the Internet and vulnerable to a number of CVEs. The new Gafgyt variant, for example, targets two router vulnerabilities from 2017 and one from 2014, Miller-Osborn points out. “When it comes to routers, you don’t necessarily see them getting patched,” she notes. Outside the security community, few people will know when they should update their routers or if they’ve been hit by a botnet — unless, of course, their Internet service provider tells them.

Instagram: New Botnet Market
Cybercriminals are also finding new ways to sell botnets, researchers report. Once an activity limited to the Dark Web, the buying and selling of malware has surfaced to social networks.

In one attack analyzed, the new Gafgyt variant looks for competing botnets on the same device and tries to kill them. It does this by looking for certain keywords and binary names present in other IoT botnet variants. Researchers noticed some strings related to other IoT botnets (Mirai, Hakai, Miori, Satori) and some corresponded to Instagram usernames. The team built some fake profiles and reached out, only to find they’re selling botnets in their Instagram profiles.

(Image: Unit 42)

Attackers offered the researchers source code for botnets. Unit 42 has contacted Instagram to report these profiles; it also reported malicious sites being used to handle botnet subscriptions. It’s “pretty common” for these sales to happen on social media, says Miller-Osborn, and a constant fight for social networks to take down malicious accounts.

“People want to market their devices and services, and one of the easiest ways to do that is on social media,” she explains. While it makes things simple for attackers, removing the accounts is “a constant game of whack-a-mole” for social media companies.

Related Content:

https://www.darkreading.com/

This free, all-day online conference offers a look at the latest tools, strategies, and best practices for protecting your organization’s most sensitive data. Click for more information and, to register, here.

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial … View Full Bio

More Insights

Click here for the Source link

The post 32,000+ WiFi Routers Potentially Exposed to New … appeared first on National Cyber Security.

View full post on National Cyber Security

iPhone #Wi-Fi #bug lets #hackers #hijack your #phone and #secretly install #malicious #apps

Source: National Cyber Security – Produced By Gregory Evans

iPhone #Wi-Fi #bug lets #hackers #hijack your #phone and #secretly install #malicious #apps

The cyber security community is still reeling after the revelation of the KRACK security vulnerability that breaks down Wi-Fi encryption. Now it seems another Wi-Fi-based bug has also been discovered.

Presented at the global Pwn2Own hacking contest in Tokyo, a team of researchers demonstrated how a separate Wi-Fi bug could be exploited to gain entry to iPhones and install malicious apps on them without the owners knowledge.

The details of the threat haven’t been made public yet as Apple hasn’t had time to patch the flaw. It’s discovery was enough to net the Tencent Keen Security Lab the top prize of $110,000.

The hacking contest is set up and run by the Zero Day Initiative, which seeks to find vulnerabilities in popular products and services and alert the manufacturers in time.

According to the official event page , the Tencent Keen Security Lab team used “code exectution through a WiFi bug” to escalate “privileges to persist through a reboot.” Effectively breaking through an iPhone’s lock screen through a Wi-Fi network.

The flaw will be relayed to Apple which could offer a software patch to close the gap.

“Once we verify the research presented is a true 0-day exploit, we immediately disclose the vulnerability to the vendor, who then has 90 days to release a fix,” explains the Zero Day Institute.

“Representatives from Apple, Google, and Huawei are all here and able to ask questions of the researchers if needed.

“At the end of the disclosure deadline, if a vendor is unresponsive or unable to provide a reasonable statement as to why the vulnerability is not fixed, the ZDI will publish a limited advisory including mitigation in an effort to enable the defensive community to protect users.”

As ever, from a security standpoint it is always advisable to make sure your phone is running the latest OS version and you closely vet the permissions you give to certain apps.

The post iPhone #Wi-Fi #bug lets #hackers #hijack your #phone and #secretly install #malicious #apps appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Why hackers love your Wi-Fi (and how to protect it)

Source: National Cyber Security – Produced By Gregory Evans

Wi-Fi hacking is all fun and games until somebody hacks the Wi-Fi on a roller coaster. That’s a lesson one professional security researcher found out the hard way. Several years ago at Disneyland, the roller coaster car he was riding was click-click-clacking its way along its track until it abruptly…

The post Why hackers love your Wi-Fi (and how to protect it) appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Free Wi-Fi has driven 88% of Canadians to put their personal info at risk

more information on sonyhack from leading cyber security expertsSource: National Cyber Security – Produced By Gregory Evans A strong Wi-Fi signal is one major factor that helps Canadians decide where they want to stay when they go away for long weekends, said a risk report released by Norton last month. And while a hefty majority of Canadians believe their information is safe while […] View full post on AmIHackerProof.com | Can You Be Hacked?

Stay safe online this summer, watch out for fake WiFi networks

Source: National Cyber Security – Produced By Gregory Evans

Better Business Bureau warns if you are traveling this summer and taking advantage of free WiFi, double check before connecting your device. Scammers use fake WiFi hotspots to steal personal information or gain access to your device. “Say you’re at a coffee shop, airport, hotel lobby, or other public place,…

The post Stay safe online this summer, watch out for fake WiFi networks appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Safety tips for using public Wi-Fi

Source: National Cyber Security – Produced By Gregory Evans

Q: What can I do to be safe when using public Wi-Fi? The convenience of accessing public Wi-Fi networks has become somewhat of an expectation when we’re away from our primary home and work connections, but it’s important to understand the risks. Anytime you share a connection with strangers, whether…

The post Safety tips for using public Wi-Fi appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Google Researcher Reveals Flaw In Android And iOS That Can Be Hacked Via Wi-Fi

Source: National Cyber Security – Produced By Gregory Evans

No software is 100 percent watertight. A serious bug can pop up anytime that will leave your devices vulnerable. Just like what a Google Project Zero researcher has discovered. Gal Beniamini found a serious security flaw in Wi-Fi chipsets of …

The post Google Researcher Reveals Flaw In Android And iOS That Can Be Hacked Via Wi-Fi appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Ex-Emory Professor Will Do Time for Using Campus Wi-Fi to Download Child Pornography

A former professor of epidemiology at Emory University was sentenced to six years and six months in federal prison and must pay a $15,000 fine for downloading at least 8,000 images of child pornography using the campus Wi-Fi, AJC.com reported. The professor, Kevin M. Sullivan, pleaded guilty to downloading the images in December, according to a news release from U.S. Attorney John Horn. “Sullivan downloaded thousands of files depicting the sexual abuse of children,” Horn said. “He attempted to cover his tracks by using his personal computer on the internet system at Emory to download the images.”
Officials were tipped off to Sullivan’s activities in 2014, when Swiss law enforcement officers seized a server hosting the illegal content.

Read More

The post Ex-Emory Professor Will Do Time for Using Campus Wi-Fi to Download Child Pornography appeared first on Parent Security Online.

View full post on Parent Security Online

A top British cop wants to fit teenage hackers with wearable Wi-Fi jammers

Source: National Cyber Security – Produced By Gregory Evans

A top British cop wants to fit teenage hackers with wearable Wi-Fi jammers

One of Britain’s top cops has come up with an unconventional solution for dealing with pesky teenage hackers: Make them wear portable Wi-Fi jammers.
Chief Superintendent Gavin Thomas, president of the Police Superintentent’s Association, made the suggestion to The Telegraph

The post A top British cop wants to fit teenage hackers with wearable Wi-Fi jammers appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures