Tag: hacked

Galaxy S10 Ultrasonic Fingerprint Sensor Hacked Using 3D Printing

Samsung launched the Galaxy S10 lineup of smartphones at an event in February. The devices that were announced include the Galaxy S10+, Galaxy S10, Galaxy S10 5G and Galaxy S10e. While the latter used a physical, side mounted fingerprint sensor for unlocking the device, the former three have a new technology onboard. They use an ultrasonic fingerprint scanner made by chipmaker Qualcomm and are the first devices in the world to do so. While Samsung claimed the technology is secure than most fingerprint sensors in the market, fresh reports say otherwise. A user who goes by the name ‘darkshark’ on multimedia sharing website Imgur revealed the ultrasonic fingerprint scanners can be fooled using 3D printing.

How Does It Work?

I attempted to fool the new Samsung Galaxy S10’s ultrasonic fingerprint scanner by using 3d printing. I succeeded.

The video shared by the user shows a Galaxy S10+ being unlocked using the aforementioned method. A 3D printed fingerprint is kept in front of the smartphone with the user pressing down on it while wearing gloves unlocks the device with ease. In an explanation of how he achieved that, the post read that the user took a photograph of his fingerprint on the side of a glass using a smartphone. Then he increased certain aspects of the image like increasing the contrast and creating an alpha mask using Photoshop software. Using another software, 3Ds Max he then created a 3D model of the fingerprint and then printed it using a 3D printer.

Also read: Ten Legendary Games That Changed Gaming Forever

According to the user, 3D printing the fingerprint took them around 13 minutes. The video was shared as a warning for users of the Galaxy S10. The post also reads that it is possible to imitate a fingerprint from across a room using a DSLR camera with a long focal length. This process is claimed to take only 3 minutes, which can be hazardous for users, as most of their account details and personal information can be accessed as a result. It is also not the very first-time biometric security has been fooled on a smartphone. A similar case occurred with the iPhone X when a 3D face was used to unlock the device via the FaceID technology.

April 8, 2019
Flaws In 4G & 5G Allows Hackers To Track Locations & Intercept Calls

Technical Researchers from Purdue University and the University of Iowa have exposed vulnerabilities in the data infrastructure of 4G and 5G networks, which lets attackers track down the location of any mobile phone on a given network. Furthermore, they can also snoop in on users during a phone call. With the advent of 5G not very far away, an exposed liability of this sort can be serious.

About The Attacks

When 5G was announced, reports said that the new network would be more secure than the previous iteration. Instead, the researchers unveiled three different kinds of attacks which hackers can use to breach a network which is running on 4G or the upcoming 5G technology. They are known as Torpedo attacks, Piercers and IMSI-Cracking attacks.

Torpedo Attacks

The primary form of breaching is called a Torpedo attack. It exploits a vulnerability in the paging protocols that various carriers such as Verizon and Sprint use. The protocol actually notifies the person about an incoming call or text message. As per reports, if multiple phone calls are made and dropped to a single node, it might trigger a paging message without informing the target device. This way, the hacker may derive the user’s location, and he can further hijack the paging channel via the IP address.

Piercer And IMSI-Cracking Attacks

The Piercer attack, which is an extension of the Torpedo attack allows the attacker to find out the IMSI (International Mobile Subscriber Identity) on the 4G network. In the third and final form of attack, the hacker can straightaway brute-force an IMSI number in both the networks (4G and 5G), which is exactly where the IMSI numbers are encrypted.

Also Read: ZTE Launches The Axon 10 Pro 5G At MWC 2019

As per reports, all major US operators which are trying to bring 5G functionality to their devices are at risk from this exploit. More so, because the equipment to carry out such an attack is very cheap and readily available.

February 26, 2019
Despacito YouTube Video Deleted By Hackers

Update: The video has been recovered by YouTube and is now live on the video streaming platform.

Luis Fonsi’s song, Despacito became the most-watched video ever on YouTube. Now, after falling victim to a cybercrime, the official video of Despacito has been deleted from YouTube while several accounts of other artists have also been compromised.

At first, the thumbnail for the video was altered. The original image was replaced with a group of masked men holding guns and the description was changed by a group of hackers calling themselves Prosox and Kuro’ish. The hackers also wrote “Free Palestine” in the description of many videos. The image of the masked gang members is from the Netflix show, Casa de Papel.

Apart from Luis Fonsi (creator of Despacito), several other artists’ Vevo accounts including DJ Snake, Shakira, Katy Perry, Taylor Swift and more have been hacked.

Almost all the videos of these artists are available on YouTube as of now. However, the titles, descriptions and thumbnails of many famous videos have been compromised. It is worth noting that all these videos were uploaded to the Vevo accounts of these artists. There is no clarity about the degree of access these hackers have gained. Whether these hackers have gained access to individual accounts or if there was a wider attack on Vevo accounts.

April 10, 2018
Indian Government Lists 42 Chinese Apps That Are Dangerous To National Security

The Indian government has continued its effort in curbing the danger that some apps on the internet might possess. The Indian intelligence agencies have listed about 42 mobile applications that have the potential to carry out a cyber-attack against the country. The agencies have reportedly issued a warning to the Indian Army and paramilitary against their usage.

As per reliable inputs, a number of Android/IOS apps developed by Chinese developers or having Chinese links are reportedly either spyware or other malicious ware. Use of these apps by our force personnel can be detrimental to data security having implications on the force and national security.

Army personnel have been asked to immediately uninstall the 42 mobile apps as well as format their smartphones. This is not the first time that the government has issued warnings against Chinese apps. Recently, UC Browser came under the scanner as well.

Xiaomi in a statement has said:

At Xiaomi, we take security and privacy very seriously. Our global e-commerce platforms and user data for all international users is located on Amazon AWS data centers in California and Singapore.

We are currently investigating the advisory and would like to assure Mi Fans that we are fully committed to storing and transferring our users’ data securely at all times

Following is the list of all the apps that have been deemed unsafe by the advisory:

Weibo, WeChat, SHAREit, Truecaller, UC News, UC Browser, BeautyPlus, NewsDog, VivaVideo- QU Video Inc, Parallel Space, APUS Browser, Perfect Corp, Virus Cleaner (Hi Security Lab), CM Browser, Mi Community, DU recorder, Vault-Hide, YouCam Makeup, Mi Store, CacheClear DU apps studio, DU Battery Saver, DU Cleaner, DU Privacy, 360 Security, DU Browser, Clean Master – Cheetah Mobile, Baidu Translate, Baidu Map, Wonder Camera, ES File Explorer, Photo Wonder, QQ International, QQ Music, QQ Mail, QQ Player, QQ NewsFeed, WeSync, QQ Security Centre, SelfieCity, Mail Master, Mi Video call-Xiaomi, and QQ Launcher.

Truecaller has responded to the allegations:

In response to certain reports, we would like to clarify that we are a Sweden based company. We are not sure why the app is on this list, but we’re investigating. Truecaller is not a malware, and all our features are permission based and are disabled by default.

This is not the first time that Chinese apps have come under the scanner. The fact that even Xiaomi’s apps, one of the most successful brands in India, have come under the scanner is shocking as well as alarming. Xiaomi was previously accused of sharing personal data of Indian users with the Chinese.

December 4, 2017
Apple Has Fixed The MacOS Security Flaw Already

Only yesterday (29th November), the news broke out of a major security flaw that allowed anyone to gain root access to a Mac device running MacOS High Sierra.

Apple issued a statement:

Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS.

When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole. This morning, as of 8:00 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra.

We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again.

Apple’s latest MacOS High Sierra operating system had a very serious flaw that allowed anyone with access to a Mac gain root access by simply typing “root” as the username. The flaw didn’t even require someone to enter a password, which means that anyone with zero hacking knowledge and evil intentions could get into your Mac.

November 30, 2017
Another OnePlus App Can Allow Hackers To Steal Your Photos, GPS And More

OnePlus cannot seem to catch a break. A few days after it was revealed that OnePlus left an application that allowed backdoor entry to OnePlus devices, a new application has been found recording sensitive data and storing it unencrypted inside the phone. This app is reportedly called OnePlusLogKit and, like its name suggests, logs an extensive amount of user data.

The same researcher who exposed the EngineerMode app a few days ago has made the new revelation as well. The researcher wrote in a post that all of the user data stored by this app is unencrypted, and also added that this data could also likely be sent to China. The researcher, who goes by the moniker of Elliot Anderson also said that he believes that the app may have been intentionally left on users’ devices by the Chinese smartphone maker.

He said that all one had to do to trigger the app into logging the data and accessing it was to dial *#800# on the smartphone’s dial pad. This action automatically opens up the app’s interface with which one can either switch the logging feature on or off.

<Thread> Hi @Oneplus ?! Remember me? Let's talk about another debug app you left in your device.
OnePlusLogKit is a system application which allow you to do a multitude of things: get wifi logs, nfc logs, gps logs pic.twitter.com/HvnErm8rXg

— Baptiste Robert (@fs0c131y) November 15, 2017

These findings do not come at an ideal time for OnePlus. The Chinese smartphone maker is gearing up to launch the OnePlus 5T on the 16th of November. The device will be OnePlus’ sixth device in its short lifespan and take a design detour from previous OnePlus phones with thin bezels and tall display.

OnePlus was just recently accused of collecting sensitive data of users and the company has barely come out of the aftermath following such serious allegations. It won’t be surprising if OnePlus left the application inside the phones on purpose since it admitted to collecting data from its phones to improve the user experience.

November 16, 2017
Research : Almost All Fingerprint Sensors on Android Mobiles Can Be Hacked

New reports suggest that our fingerprints are not as unique and safe for security, as we might have otherwise believed. This makes almost all Android smartphones in the future susceptible to getting hacked. Studies by FireEye researchers Tao Wei and Yulong Zhang have outlined new ways to attack an Android device to extract the user’s fingerprint.

As of now, this threat is said to be confined to Android devices like Samsung, Huawei and HTC devices. The research shows four outlines for these hacks, and one them called the “fingerprint sensor spying attack”, is said to be able to “remotely harvest fingerprints on a large scale,” says Zhang.

Reports suggest that the two devices that have been hacked are – the HTC One Max and Samsung’s Galaxy S5. This happens because the device doesn’t fully lock down the sensor, allowing the hacker to acquire a fingerprint image.

“In this attack, victims’ fingerprint data directly fall into attacker’s hand. For the rest of the victim’s life, the attacker can keep using the fingerprint data to do other malicious things,” Zhang said.

As we know before fingerprint technology was used for mobile payments and unlocking devices, it had been previously used for identity, immigration, and for criminal records. However, researchers have not mentioned which device is more secure than the other, although they have mentioned that the iPhone is “quite secure” as it is encrypted by a fingerprint data from the scanner. So, “even if the attacker can directly read the sensor, without obtaining the crypto key, [the attacker] still cannot get the fingerprint image,” he said.

Research also says that this hack is susceptible to high-end laptop users with fingerprint sensors and advice users to use devices that are regularly updated and install apps only from reliable sources.

Source:[tw-button size=”medium” background=”#07ABE2″ color=”” target=”_blank” link=”http://www.zdnet.com/article/hackers-can-remotely-steal-fingerprints-from-android-phones/”] Zdnet[/tw-button]

August 7, 2015
Hackers Take Drown The TRAI Website for Releasing Email IDs

Hackers from the Anonymous India group took down the Telecom Regulatory Authority of India (Trai) website in an attempt to stand against the violation of Net Neutrality in the country. The website may be back online for the time being, but the group remains active on their twitter voicing out their reasons. The DDOS attack was done to the website to stand against the releasing of Email IDs by the organization, claims Anonymous India group.

Although TRAI took to the media outlets and said that the website was down due to technical glitches. However the hacktivist group has asserted claim over the DDOS attack.

https://twitter.com/opindia_revenge/status/592755220469424128

TRAI had released a list of email-ID’s from which it had received responses towards and agains Net Neutrality. This makes clear the severe lack of privacy of information from a govt. organization. A lot of Indians voiced their opinions on the lack of discipline in the TRAI functioning.

Anonymous India claimed to have stopped the attack, because a lot of tweets asked them to, Although, they claim that if no action is taken by TRAI, a similar incident will take place in the future.

https://twitter.com/opindia_revenge/status/592667666546044928

https://twitter.com/opindia_revenge/status/592677071056445442

April 28, 2015
Adobe Hacked, Millions of Consumer Data Compromised
Adobe announced on Thursday that it has been the target of a major security breach in which sensitive and personal data about millions of its customers have been put at risk.

Brad Arkin, senior director of security for Adobe products and services, explained in a post that the attack concerns both customer information and illegal access to source codes for “numerous Adobe products.” As the hackers have obtained access to a large swath of Adobe customer IDs and encrypted passwords.

Brad specified that removed sensitive information about approximately 2.9 million Adobe customers. He added that investigators don’t “believe the attackers removed decrypted credit or debit card numbers” from Adobe’s systems.

While Adobe claims in a blog that they are taking the following steps:
- As a precaution, we are resetting relevant customer passwords to help prevent unauthorized access to Adobe ID accounts. If your user ID and password were involved, you will receive an email notification from us with information on how to change your password. We also recommend that you change your passwords on any website where you may have used the same user ID and password.
- We are in the process of notifying customers whose credit or debit card information we believe to be involved in the incident. If your information was involved, you will receive a notification letter from us with additional information on steps you can take to help protect yourself against potential misuse of personal information about you. Adobe is also offering customers, whose credit or debit card information was involved, the option of enrolling in a one-year complimentary credit monitoring membership where available.
- We have notified the banks processing customer payments for Adobe, so that they can work with the payment card companies and card-issuing banks to help protect customers’ accounts.
- We have contacted federal law enforcement and are assisting in their investigation.
[via,via]
October 5, 2013
Hackers Bid To Enslave London’s Santander Bank Foiled

Police have foiled a plot to steal millions of pounds after a gang allegedly took control of a bank’s computer remotely.

Scotland Yard described the cyber-attack on a Santander branch in Surrey Quays shopping centre, south-east London, as the most sophisticated case of its kind that police had encountered.

The hackers were hoping to use highly sensitive information displayed on the computer to access accounts and drain money from them, but the Hollywood-style cyber heist was foiled.

The men allegedly fitted a computer within the branch in Surrey Quays shopping centre, southeast London, with a “keyboard video mouse” (KVM).

The device, which can be purchased online for as little as £10, allowed them to transmit the contents of the computer’s desktop and take control of the machine remotely.

A spokesman for the Metropolitan Police said it was not clear whether any money was taken, but Santander said “no money was ever at risk”.

Police added that detectives and bank officials had thwarted a “very significant and audacious cyber-enabled offence” that would have cost Santander millions of pounds.

Although it is not the first time police have seen the device used, a Met spokesman said it was the first time it had been used by “an organised criminal network”.

Det Insp Mark Raymond said: “This was a sophisticated plot that could have led to the loss of a very large amount of money from the bank, and is the most significant case of this kind that we have come across.

[Via]

September 13, 2013
When Facebook denied: Hacker Khalil Gets over $12k From Online Donors

Khalil the hacker who broke into Mark Zuckerberg’s Facebook Timeline to expose a security lapse will be awarded nearly $12,058(increasing amount) from a campaign started on GoFundMe. The campaign was started by Beyond Trust Chief Technology Officer Marc Maiffret, who is doing his best to make sure Shreateh doesn’t walk away from this experience empty-handed.

The campaign has raised $12,058 for Khalil Shreateh, of Palestine, who claims he was forced to hack into Zuckerberg’s page to bring attention to the security vulnerability because Facebook had ignored his earlier warnings.

The bug that Khalil found allowed him to post on the Timelines of people who weren’t his Facebook friends.

Khalil Shreateh found a vulnerability in Facebook.com and, due to miscommunication, was not awarded a bounty for his work,’ Maiffret wrote on the GoFundMe campaign page. ‘Let us all send a message to security researchers across the world and say that we appreciate the efforts they make for the good of everyone.’

According to the ‘Bug Bounty’ program that pays out at least $500 to hackers who bring software bugs to the company’s attention. But the company said Khalil would not qualify for a reward because he tested the bug against another user.

Joe Sullivan, Facebook’s Chief Security Officer, explained the company’s decision in a post online.

We will not change our practice of refusing to pay rewards to researchers who have tested vulnerabilities against real users,’ he wrote. ‘It is never acceptable to compromise the security or privacy of other people. In this case, the researcher could have sent a more detailed report (like the video he later published), and he could have used one of our test accounts to confirm the bug.’

But instead of thanking him and fixing the issue, Facebook said it wasn’t a bug.

‘My name is Khalil Shreateh. I finished school with B.A degree in Information Systems . I would like to report a bug in your main site (www.facebook.com) which i discovered it…The bug allow Facebook users to share links to other facebook users , I tested it on Sarah.Goodin wall and I got success post.’

“I hope this has raised awareness of the importance of independent researchers,” Maiffret said on the Indiegogo page. “I equally hope it has reminded other researchers that while working with technology companies can sometimes be frustrating, we can never forget the greater goal; to help the Internet community at large, just as that community has helped donate over ten thousand dollars to Khalil within a day.”

Here is a video made by the man himslef:

[youtube id=”F9J8U9ZpEnw” width=”100%” height=”300px”]

August 23, 2013
All Apple Developer Services Back Online With Free One Month Extension

Apple today restored the Developer Center – the place where it stores all of its resources and information for third-party app creators. A message on the website read :

We are pleased to let you know that all our developer program services are now online. Your patience during this time was sincerely appreciated.

We understand that the downtime was significant and apologize for any issues it may have caused in your app development. To help offset this disruption, we are extending the membership of all developer teams by one month. If you need any further assistance, please contact us.

The short update to developers, which apologizes for the service outage that lasted just over three weeks, comes five days after Apple announced plans to have the portal at full capacity by the end of this week.

As promised, Apple has extended developer memberships to make up for all of the down time. Devs will be pleased to see that 1 month has been added to their remaining membership time, meaning if you were set to expire next May, it’s now next June.

A Turkish security researcher by the name of Ibrahim Balic came forward shortly after the outage and claimed responsibility as the intruder that breached the Dev Center’s database. No personal data was stolen from users, but Apple decided the breach warranted a complete rebuild of the backend.

August 10, 2013
iOS 7 Beta 4 Fixes Charger Hack

Apple is said to have fixed a powerful charger-based hack, which previously allowed iDevices to be compromised by hackers using a modified power charger in under a minute.

As Reuters reports, Apple said the issue had been fixed in the latest beta of iOS 7, which has already been released to software developers.

“We would like to thank the researchers for their valuable input,” Apple spokesman Tom Neumayr said. The researchers were Billy Lau, a research scientist at the Georgia Institute of Technology, and graduate students Yeongjin Jang and Chengyu Song.

Andy Greenberg, Forbes technology and information security reporter explains that the researchers took advantage of a security flaw in Apple’s developer model, which allows anyone with a developer license to install third-party apps on a registered device.

iOS 7 prompts a new warning message to the user when they plug their iOS device to any device that attempts to establish a data connection informing them that “Trusting this computer will allow it full access to your device and all its data.”

Of course, this leaves iPhones and iPads that won’t get the iOS 7 update vulnerable. According to the researchers, all other versions of iOS can be hacked in this manner.

However, end users will have to wait for iOS 7 before the fix arrives.

August 2, 2013
Facebook : Security Bug Revealed 6 Million Users’ Info

On Friday, Facebook admitted that a bug made the private contact information — either email addresses or phone numbers — of 6 million users accidentally accessible to Facebookers who downloaded their account histories onto their own computers.Compared to Facebook’s over 1 billion total members, 6 million isn’t much. But any security flaw has the potential to frighten people away from a website.

The breach was caused by an unfortunate combination of Facebook’s “People You May Know” and “Download Your Information” features. “People You May Know” offers friend suggestions based in part on other users’ uploaded contact lists or address books; “Download Your Information” offers a downloadable version of your Facebook Timeline archive.

When some users downloaded their Facebook archives with “Download Your Information,” the archive included contact information for second-tier connections with whom Facebook thought those users might want to connect but who hadn’t yet received or approved a friend request from that user.

Facebook said the security bug did not reveal other personal or financial data and that only people on Facebook – not developers or advertisers – accessed the DYI tool. Therefore, the bug was not exploited maliciously.

“For almost all of the email addresses or telephone numbers impacted, each individual email address or telephone number was only included in a download once or twice,” Facebook clarified. “This means, in almost all cases, an email address or telephone number was only exposed to one person.”

Facebook said it reviewed and confirmed the security bug, and therefore immediately disabled the DYI tool to fix the problem. The tool is now back online, however, because the problem has been resolved.

The bug was found not by Facebook’s team, but by someone going through Facebook’s “white hat” hacker program, which offers a bounty for anyone who can find bugs on the site, paying a minimum reward of $500 per bug.

June 22, 2013
North Korea’s Twitter, Flickr Pages Hacked By Anonymous

It appears that official North Korean Twitter and Flickr accounts have been hijacked and defaced by groups that are linked to online hacking activism collective Anonymous.

The hack attacks, reported by TheNextWeb, follow last week’s hacking of North Korean news site Uriminzokkiri.com, which was said to have resulted in the theft of 15,000 passwords.

Members of Anonymous inside North Korea are said to have assisted with the latest hack attack, which is retaliation for aggressive moves by the country’s regime and its development of nuclear weapons in defiance of international threats.

More hack activity is promised later in the month if the hackers can tackle the country’s “cyber army,” which locks down computer activity in the North and deals with the nation’s limited and walled-off Net infrastructure.

The North’s Uriminzokkiri Twitter and Flickr accounts stopped sending out content typical of that posted by the regime in Pyongyang, such as photos of North’s leader Kim Jong Un meeting with military officials.

Instead, a picture posted Thursday on the North’s Flickr site shows Kim’s face with a pig-like snout and a drawing of Mickey Mouse on his chest. Underneath, the text reads: “Threatening world peace with ICBMs and Nuclear weapons/Wasting money while his people starve to death.”

The image uploaded on Flickr

Another posting says “We are Anonymous” in white letters against a black background. Anonymous is a name of a hacker activist group. A statement purporting to come from the attackers and widely circulated online said that they had compromised 15,000 user records hosted on Uriminzokkiri.com and other websites. The authenticity of the statement couldn’t be confirmed, but the North’s official website did not open Thursday.

Tweets on the North’s Twitter account said “Hacked” followed by a link to North Korea-related websites. One tweet said “Tango Down” followed by a link to the North’s Flickr page.

North Korea opened its Twitter account in 2010. It has more than 13,000 followers. The North uses the social media to praise its system and leaders and also to repeat commentaries sent out by North’s official Korean Central News Agency.

Tensions have been high in recent days between North and South Korea, and the North’s military warned Thursday that it had been authorized to attack the U.S. North Korea is angry about sanctions against its nuclear program and joint military drills between the U.S. and South Korea.

[FOX]

April 4, 2013