Popular Smartphone Infected with Malware

Want to buy a new android Smartphone? Or Already bought new android Smartphone? Do not expect it to be a clean sheet. Popular Smartphone Infected with Malware.  Pre-installed android malware found in 36 Smartphone’s.

Popular manufacturing companies like Samsung, LG, Xiaomi , Asus, Nexus, Oppo and Lenovo distributed by two unidentified companies have been found pre-loaded with malware programs.

These malware infected devices were identified after a Check Point malware scan was performed on Android devices. Two malware families were detected on the infected devices: Loki and SLocker.

According to a blog “The malware were already present on the devices even before the users received them. The malicious apps were not part of the official ROM supplied by the vendor, and were added somewhere along the supply chain. Six of the malware instances were added by a malicious actor to the device’s ROM using system privileges, meaning they couldn’t be removed by the user and the device had to be re-flashed”.

In February 2016, Loki Trojan injects devices inside core Android operating system to gain powerful root privileges. The Trojan includes spyware-like features, like grabbing the list of current applications, browser history, contact list, call history, and location data.

SLocker is a mobile ransomware that locks victim’s devices for ransom and communicates through Tor in order to hide the identity of its operators.

List of Popular Smartphone Infected with Malware

• Galaxy Note 2
• LG G4
• Galaxy S7
• Galaxy S4
• Galaxy Note 4
• Galaxy Note 5
• Xiaomi Mi 4i
• Galaxy A5
• ZTE x500
• Galaxy Note 3
• Galaxy Note Edge
• Galaxy Tab S2
• Galaxy Tab 2
• Oppo N3
• Vivo X6 plus
• Nexus 5
• Nexus 5X
• Asus Zenfone 2
• LenovoS90
• OppoR7 plus
• Xiaomi Redmi
• Lenovo A850

 

Remove the malware from Smartphone

Though it’s hard to remove, still to remove the malware from the infected devices, either you can root your device and uninstall the malware apps easily, or you would need to completely reinstall the phone firmware/ROM via a process called “Flashing.”

Flashing is a complex process, in which users power off their device and approach a technician/mobile service provider.

Most Popular Training Courses at Indian Cyber Security Solutions

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

CEH V9  training

Diploma in Network Security Training

Secured Coding in Java

Certified Network Penetration Tester 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

Fortune 1000 Companies Vulnerability

Fortune 1000 Companies Vulnerability. A recent report reveals about the Fortune 1000 Companies Face Data Breaches. This Fortune 1000 company suffer twice the amount of data breaches their peers.

BitSight’s latest report revealed “How Secure Are America’s Largest Business Partners? and Rating Cybersecurity Performance of Fortune 1000,” companies which are part of this list are very likely to suffer a data breach. The report shows that the companies, who have a Security rating 900 are at the top and safest ,while companies with Security rating 500 or lower have five times more chances to experience public disclosed breach compared to other companies who have Security rating 700 or higher.

“Understanding security maturity of the Fortune 1000 companies provided greater context for any organisation looking to benchmark their own performance,” said Stephen Boyer, the co-founder and CTO of BitSight. “Moreover, the data can be used to improve inform companies of the risks posed when they are sharing data or network access with the Fortune 1000 organisations.”

One out of every 20 Fortune 1000 companies has experienced publicly disclosed breach. Those companies that had a deal over the Internet experiences a data breach.

There is also the greater problem that a majority of Fortune 1000 companies are found to have at least one remote administration service running on an open port, which may allow unauthorized access to machines. This vulnerability should be solved.

 

Most Popular Training Courses at Indian Cyber Security Solutions

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

CEH V9  training

Diploma in Network Security Training

Secured Coding in Java

Certified Network Penetration Tester 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

DNA Digital Data Storage

DNA Digital Data Storage. Usually , You all have heard about computer storage devices like floppy disks, USB flash drives, memory cards, memory sticks, tape cassettes, zip cassettes, computer hard drives, CD’s and DVDs etc

Have you ever heard about DNA storage? Yes, Researchers are discovering and investing lots of efforts into new storage techniques like DNA storage. Even they are able to read the data without any error. Including 6 files, a movie and even a virus is stored on DNA strand.

Quite Interesting right? Let us know something more.

Researchers are working on DNA storage apart from working on tons of data on tiny USB drives .  DNA storage have some advantages like it has high data storage capacity and long lasting ability. Companies like Microsoft are spending a lot of money on this technology.

Recently, the scientists from the Data Science Institute at Columbia University and the New York Genome Center published a new paper that showed how the DNA-based data storage technique can be used to store digital information like operating system, malware, or movie.

How DNA storage work?

From an Article we get to know “Yaniv Erlich, from California University and Dina Zielinski, from the New York Genome Center, looked for algorithms that were being used to encode and decode data. The files were converted into the binary strings of 1s and 0s. Then, they were compressed into one master file and the data was divided into short strings of binary code.

 To randomly pick these short strings and reassemble them in proper order later, they developed an algorithm called DNA fountain. This was followed by the creation of DNA strands.

To decode the strands, the sequences were fed into a computer that translated it into binary and reassembled the original files. The files which were created after this process contained zero errors.”

Future APPLICATION

This is very costly and unsuitable for large scale of application. The researchers had to spend $7000 to create the strands with 2 MB data and another $2000 to read it. Erlich said that “We are still in early days, but it also took magnetic media years of research and development before it became useful”.

 

Most Popular Training Courses at Indian Cyber Security Solutions

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

CEH V9  training

Diploma in Network Security Training

Secured Coding in Java

Certified Network Penetration Tester 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

Bypass Google’s ReCaptcha v2 anywhere

We can easily Bypass Google’s ReCaptcha v2 anywhere on the web . Yes, you heard it right. ReBreakCaptcha is a new bypassing technique for Google ReCaptcha v2.

The three steps of ReBreakCaptcha :-

• Audio Challenge
• Recognition – Converting the audio and sending it to Google’s Speech Recognition API.
• Verification – verify the speech and bypass the ReCaptcha.

Audio Challenge

There are three types of ReCaptcha v2 challenges:-

• Image Challenge: It contains some description with images of 6 Sub images. The images are said to match with the description defining the images.
• Audio Images: It contains an audio. The User is requested to put the digits after listening the audio.
• Text Image : Contains a category and 5 candidate phrases .The user is said to select those phrases which matches the category.

There is also “I am not a robot” checkbox that verifies user and do rest of their jobs.

Sometime we get to see that instead of audio challenge we get some text challenge which we can bypass simple by clicking the “Reload Challenge” button until we get the correct type.

Recognition

• A play button
• A text button
• A download button

What we will do now?

Download the audio , send it to Google Speech Recognition API. Before that we will convert the audio to ‘wav’ format and send it to Google Speech Recognition by using their API. We will use their Python library Implementation of Google Speech Recognition API. Google will send it as a string.

Verification

You just need to copy paste that string into the text box and then verify on the ReCaptch Widget.

We are using half of the Google services to bypass another services.

 

Most Popular Training Courses at Indian Cyber Security Solutions

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

CEH V9  training

Diploma in Network Security Training

Secured Coding in Java

Certified Network Penetration Tester 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

Hacking your voice to perform social engineering attack

Hacking you voice is real and possible as Hackers can use photoshopping voiceover . An engineer’s dream is “project voco” where the software allows the controller to edit and insert words into an audio recording without bringing back the original vocalist back to the studio. Hacking your voice and fooling the other person to perform the social engineering attack can be done by just recording the 20-min speech of the person. Now the attacker can change, edit text and do whatever he wants.

 

Watch out the video of the demo presentation of ADOBE “project voco”

 

Clearly, lots of people are excited about the prospect of being able to alter audio recordings. But not everyone is jumping on the bandwagon. Dr. Eddy Borges Rey, a lecturer in media and technology at the University of Stirling, is concerned by the development. He revealed as much to BBC News.

An attacker can record the CEOs voice and can use this software the fool the accounts head and can perform fraud at its will.

It’s unclear when Photoshopping Voiceovers will become publicly available. When it does, it’ll take even more time to determine how easy it is for people to identify an audio recording that someone’s modified using the technology. With that in mind, organizations’ best hope of preventing attacks such as those described above is to train their employees to be on the lookout for vishing and spear-phishing attacks. If an attacker can’t build a pretext, they won’t be able to leverage VoCo to make fraudulent wire transfers or steal sensitive information.

 

Mongo DB Databases wiped out

Mongo DB databases had been kidnapped by the hackers. The hackers have deleted mongo DB databases from the company servers and are demanding ransom for safely return of the information. The victims are hospitals, small businesses and educational institutes. Nearing 27,000 database could be hacked.

There are security measures built into Mongo DB databases, it’s just that some users don’t bother to use them. For instance, some MongoDB administrators have been leaving their systems accessible to the open internet, without having so much as an admin password in place.

Even though there is security people are very reluctant to use and implement this. It is very frustrating for the companies who had been the victim. It is very obvious for the admin to have the minimum knowledge.

What is the company behind MongoDB doing about it?

I imagine it is feeling pretty frustrated that some of their users are being so careless with the software.

 

MongoDB Inc clearly needs to reach out to the community and underline the importance of not having unsecured instances of MongoDB running openly on the net. It has posted some advice for users on its website.

 

Of course, the damage is somewhat lessened if you had taken the precaution of backing up your database. If that’s the case then you only have the embarrassing problem of explaining to your customers that their data has been stolen and personal information exposed, rather than be utterly incapable of doing any business.

 

However, if you’re the kind of outfit that doesn’t have an admin password for your database and leaves it open to the internet then I don’t hold out much hope that you’ve been making backups.

 

 

Most Demanded Courses at Indian Cyber Security Solutions

 

Ethical Hacking Training – Get a Certified Ethical Hacking Professional Certificate from us which is valid in all over India and all MNCs recognises it.

 

C | EH – Certified Ethical Hacker certification from EC-Council. This certificate is highly demanded by all organizations across the globe. This certificate is globally recognized and more than 160 countries recognises it.

 

Android Penetration Testing – Best way to secure your own application. This is the future, where you need to teste the real world android applications and find out vulnerabilities for the organization

WiFi phishing attack – You can be the next target?

Wifi phishing attack is the next level attack even though the wifi in modern days are secured with wifi Protected Access II (WPA2) a security protocol which has a strong cryptographic hash function to protect the pre-shared key (PSK).

During a penetration testing it is quite a tough task to break into WPA-2 network. A modern GPU that is able to calculate an average of 80,000 hashes per second will require maximum 30 days to crack an 8 character PSK. This kind of situation WiFI phishing attack comes in handy.

 

WiFi Phishing can be conducted in two simple steps

• The first step involves the process of associating with Wi-Fi clients unknowingly
• The second step involves presenting to the victim user a familiar authentication interface.

 

Making the authentication interface look legitimate will greatly increase the success rate of the attack.

In this respect, the interface should be generated on the basis of something that is appropriate for a certain user (e.g. an interface that is similar to the one used by the legitimate Access Point (AP)). This, of course, involves gathering information from the target environment and victim user.

 

Even with no knowledge of the technologies or services used by the user, it is possible to collect the required information from:

 

Beacon frame (physical layer): One of the management frames in IEEE 802.11 that is transmitted periodically by the AP. It contains all the information about the network, such as i) the ESSID, ii) the encryption type, and iii) the BSSID (MAC address) of the AP.

User-Agent header (application layer): An HTTP header that contains a characteristic string with details regarding the network peer. By redirecting the victim’s HTTP requests to a website controlled by us, we are able to retrieve useful information from this header, such as i) the web browser and ii) the operating system of the victim.

The interesting thing about the BSSID (found in the beacon frame) is that it can be used to determine the router manufacturer. For example, if the first digits of the MAC address are “00:12:17”, we can be pretty confident that the beacon frame was broadcasted by a Linksys router.

 

By knowing the router manufacturer, we can craft fake router configuration pages accordingly as illustrated in the image below.

In this image, both the BSSID of the victim’s AP and the encryption type of the target network are used to craft a victim-customized phishing page asking for the PSK. This trick became quite popular in the past few years, surpassing the traditional brute-forcing of the 4-way handshake.

 

However, this attack raises suspicion and advanced users will hardly fall for this.

 

But look at the following image.

In this phishing attack, we first make the victim believe he is not having any connectivity to the Internet by showing the “No Internet Connection” page in his browser. We display Google Chrome’s “Unable to Connect to the Internet” page because the HTTP User-Agent header assured us that the victim is using that specific browser.

 

The same header told us that the victim is running Windows, giving us the chance to display a web-based imitation of Windows network manager. We make this much more realistic by showing the valid networks that are in the victim’s neigh borhood.

 

In this case, the victim can hardly tell if the network manager is part of the Operating System UI or the web page he is visiting. In the following image, we compare the Mac OS network manager with an HTML-lookalike of ours. At the top is the fake network manager while the one displayed at the bottom is the real one.

Phishing attacks like the above can be performed using the latest version of Wifi phisher (v1.2) that was released a month ago. Wifi phisher is an open-source project, and all this functionality wouldn’t be possible without the contributions of the community.

 

Popular training in courses at Indian Cyber Security Solutions

• Ethical Hacking Training (CEHP)
• CEH v9 from EC Council (Global Certification)
• Python Training
• Advance Python Training
• Network Penetration Testing
• Web Application Penetration Testing
• CCNA Training (Networking)

Virtual Reality and its security

Virtual Reality making it big in the market and every individual is keen to use it.  What we need to worry is its security? It is not a big target for hackers still now. Bulky prototype virtual reality devices were being tested in labs as early as 1960, but there were few, if any, computer hackers or even an internet to speak of back then. A bit later in the pre-internet 90s, Nintendo and Sega tried to bring virtual reality to the gaming masses by developing Virtual Reality platforms and games. However, Sega’s system never made it to market, and when Nintendo’s Virtual Boy launched, it flopped due to lack of consumer interest.

Although the adoption of the VR technology in the work place is on a slower side but some sectors like construction, retail and engineering are more active in adopting virtual reality to make their work more effective and efficient. “Future of IT” a report by Spicework shows that only 5% of the engineering and construction industry is using the virtual reality today in their workplace it is expected to grow to 27% within five years.

It is quite evident from the growth of Virtual Reality that it is the future where more organizations will adopt this to increase their productivity. What we might have to worry about in terms of security and privacy once more organizations starts adopting this.

 

Security & Privacy Concern

Virtual Reality platforms can be an easy target for hackers. If you remember about the mirai malware that made millions of connected cameras part of a botnet. It can be the repeat attack on Virtual Reality devices it they are connected over IP. More over communication between Virtual Reality devices and servers might be sent without any encryption

We all know smartphones can surreptitiously collect information on where we’ve been and when, who we’re talking to, and what we’re interested in. In the future, if VR headsets become ubiquitous, everyday devices (perhaps like a slimmer Google Glass), then someone might be able to track what you’re watching at any time. For example, one day it could be possible for auto insurance companies to deny you coverage if the sensors in a VR device suggest you suffer from slow reaction times.What happens if someone hacks VR headsets and launches a visual attack that could cause adverse real-world reactions? There could be various ways hackers put individuals into harm’s way if desired.

 

Security Advice to VR platform adopters

Precautionary steps organizations can take to improve security of VR devices. For example, before adopting Virtual Reality or any new IoT technology, companies should examine the track record of the manufacturer and ask questions about whether the device’s firmware and software have been hardened to protect against prying eyes or malicious actors. Additionally, companies might want to wait a bit if there’s no immediate need to adopt VR technology, so the early bugs can get worked out to reduce security risks.

 

 

Most Popular training’s by Indian Cyber Security Solutions:

• Ethical Hacking Training
• CEH v9 Training (EC Council Certification)
• Python Programming
• CCNA Networking Training