Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
NewsByte Mumbai October 2017
1. Null – An Open Security Community
NEWS BYTE
BY ANAND CHAUHAN
n|u
2. SOMETHING ABOUT ME:-
• A Cyber Security Enthusiast.
• A Cyber Security Learner
• Interested In Web App And Forensics.
Twitter Handle @chauhananand17
3. OVERVIEW
• CCleaner Hacked
• Deloitte hit by cyber-attack
• Equifax Data Breach
• Hack The Tor Browser
• nRansomware
• India Planning Its Own Bitcoin-Like Cryptocurrency: Lakshmi Coin
• Expensivewall
• BlueBorne – New Attack Vector
• Yahoo says all three billion accounts hacked in 2013
4. CCLEANER HACKED
• Piriform’s VP of Products Paul Yung revealed that the company spotted a security
breach in CCleaner 5.33.6162 and CCleaner Cloud.
• A two-stage backdoor was inserted in the CCleaner.exe binary which was capable of
remote code execution after receiving commands from a remote IP.
• 2.27 million users have been affected by the attack.
5. HIT BY CYBER-ATTACK
• One of the world’s “big four” accountancy firms has been targeted by a
sophisticated hack that compromised the confidential emails and plans of some of
its blue-chip clients.
• Deloitte discovered the hack in March this year, but it is believed the attackers may
have had access to its systems since October or November 2016.
• The hacker compromised the firm’s global email server through an “administrator’s
account” that, in theory, gave them privileged, unrestricted “access to all areas”.
• The account required only a single password and
did not have “two-step“ verification, sources said.
• An employee at Deloitte, one of the Big Four
accounting firms, fell victim to a fake Facebook
account in late 2016.
6. EQUIFAX DATA BREACH
• The credit-reporting agency Equifax disclosed, information including the Social Security
numbers of 143 million consumers was potentially compromised.
• Equifax said its breach includes “names, Social Security numbers, birth dates,
addresses and, in some instances, driver’s license numbers.”
• “It’s one of the worst hacks imaginable," says Dan Guido, CEO of the cybersecurity
firm.
DATA BREACH
7. HACK THE TOR BROWSER
• Zerodium is a hacking company that sells exploits to governments around the world.
• Zerodium says the Tor bounty is designed to help its government customers track
criminals who use the anonymous browser.
9. • Malware Hunter Team researchers found a malware called nRansomware.
What’s different about this ransomware is that it wants your nude snaps.
• “Your computer has been locked. You can only unlock it with the special
unlock code,” the message reads in the screenshot.
• According to the message, the attackers will sell those pictures on the deep
web (it should be dark web).
• The malware spreads in the form of an executable called nRansom.exe.
10. INDIA PLANNING OWN BITCOIN-LIKE
CRYPTOCURRENCY: LAKSHMI COIN
• According to the Economic Times, RBI is planning to get in the cryptocurrency business
with Lakshmi Coin which can be assumed as their version of Bitcoin.
• If made possible, Lakshmi Coin could become a digital currency alternative in India
and also contribute to a new Blockchain.
11. EXPENSIVEWALL : AN ANDROID MALWARE
• Founded in an app named “lovely wallpaper”.
• Over 50+ apps had been removed which are affected by it.
• Uses a obfuscation technique called “Packed”.
What is the risk?
• This malware family has been downloaded between 5 million to 21 million
times
• A similar malware could be easily modified to use the same infrastructure in
order to capture pictures, record audio, and even steal sensitive data and
send the data to a command and control (C&C) server.
12. BLUEBORNE – NEW ATTACK VECTOR
• An attack vector by which hacker can leverage Bluetooth and can take complete
control over targeted devices.
• Eight more zero day vulnerabilities are disclosed by armis labs.
WHAT IS THE RISK?
• Currently 8.2 billion active Bluetooth devices in world.
• Its malware behavior
• May result in a botnet bigger then mirai botnet.
13. VULNERABILITIES
1. Linux kernel RCE vulnerability - CVE-017-1000251
2. Linux Bluetooth stack (BlueZ) information Leak vulnerability - CVE-2017-
1000250
3. Android information Leak vulnerability - CVE-2017-0785
4. Android RCE vulnerability #1 – CVE-2017-0781
5. Android RCE vulnerability #2 - CVE-2017-0782
6. The Bluetooth Pineapple in Android – Logical Flaw CVE-2017-0783
7. The Bluetooth Pineapple in Windows – Logical Flaw CVE-2017-8628
8. Apple Low Energy Audio Protocol RCE vulnerability - CVE-2017-14315
14. YAHOO SAYS ALL THREE BILLION
ACCOUNTS HACKED IN 2013
• Yahoo said last December that data from more than 1 billion
accounts was compromised in 2013.
• Verizon said in a statement “That every single customer account
affected by the August 2013 theft."
• Names, email addresses and passwords, but not financial
information, were breached, Yahoo said last year.