Warning: Creating default object from empty value in /home/ict-forward/www-apps/wp-svn/wp-includes/ms-load.php on line 138
January « 2010 « The FORWARD project blog

Archive for January, 2010

Security System “Legic Prime” hacked

Wednesday, January 27th, 2010

The security researchers Karsten Nohl and Henryk Plötz cloned RFID-cards from the “Prime” product line of the Swiss manufacturer Legic. These RFID-cards are widely used in access control to nuclear power plants or airports in spite of the age of the system. According to Plötz the system is not encrypted and therefore unsecure. The developer of the system had attempted to create the impression of a secure system by various methods of “Code Obfuscation”.

The researchers are able to emulate the card reader, change commands and to emulate cards. They recommend all firms using the RFID-cards based on the “Prime” product line to replace as fast as possible to the newer product line “Advant”.

Attack through new IE exploit

Tuesday, January 26th, 2010

Internet Explorer is again exploited by hackers. The attack, named “Aurora”, against Google and some other American companies was based on this new exploit of the Internet Explorer, announced McAfee. The exploit has already been reproduced by the Metasploit-Team, which has added the exploit to its framework.

Therefore the danger of this exploit has grown because also Script-Kiddies are able to use this exploit. The BSI recommended using another browser to not get victim of this exploit. Microsoft recommends to set the security options to “high” or to disable JavaScript on which the exploit is based.

A video explaining the attack “Aurora” can be found here.

Are smartphones secure?

Monday, January 25th, 2010

Today’s smartphones are no more normal mobile phones, they are small personal computers. Therefore threats for smartphones are the same as for personal computers. The only difference form this point of view is that personal computers generally use Microsoft Windows as operating system, whereas there are a wide variety of mobile platforms. Due to this fact mobile platforms are harder to attack.

But the biggest danger for a mobile phone is one that is not one for personal computers: You can lose your mobile phone. This is not only a danger for smartphones but also for all mobile devices containing personal information. Another danger for smartphones is leaving them unattended or loaning it to people because they can install spyware on your smartphone. Additionally to spyware there are mobile viruses, worms and Trojans threatening your smartphone. They can spread using e-mail or via SMS.

Generally speaking, web-based and e-mail attacks are as possible with smarthones as they are with personal computers. Wi-Fi and Bluetooth are two technologies which can be dangerous too. Wi-Fi can be attacked by a man-in-the-middle attack and Bluetooth is also a target for attacks. A good discussion of Bluetooth security you can find here: part1, part2. Here you can find a FAQ on how to use your smartphone securely. Another interesting article about smartphone security can be found here.

GSM-encryption hacked

Monday, January 18th, 2010

The communication over the gsm network is no longer secure. At the 26th Chaos Communication Congress in Berlin the security researcher Karsten Nohl from Germany presented how to eavesdrop cell phones without high financial and technical costs.

The encryption algorithm(A5/1) of the gsm network is over 20 years old and can be hacked by non-professionals with relatively easy means in a short time. Nohl said that he and his helpers had successfully hacked the gsm-encryption algorithm in a distributed attack within three month and with 40 computers. The needed codebook with the rainbow tables is already distributed via file sharing networks. With this practical tutorial for hacking the gsm network the attacks will be considerably faster in the future.

Therefore the Chaos Computer Club asks for a stronger encryption of the gsm network from the industrial association GSMA. The GSMA denies this because they say that although hacking the gsm network is theoretically possible, it is practically improbable and the application of the presented method of hacking the gsm network is in many countries illegal.

This news is based on a german article which can be found here.

Twitter redirected

Monday, January 18th, 2010

On Thursday, 2009-12-17, Twitter’s domain name was hijacked. Visitors were redirected to a page that claimed Twitter had been hacked by the “Iranian Cyber Army”. But there is evidence to suggest that the attack was realised carried out by an individual from the U.S.

It seems the attackers had been able to change the DNS entries at Twitter’s provider. On the provider’s site no evidence was found that unauthenticated users had logged into the system. Therefore it is assumed that the attackers had the proper credentials to log into Twitter’s account at the provider.

In the last year, social networking services have often been attacked in various ways because of their popularity.

The whole article can be found here.