World’s First Google Glass Spyware app unveiled

In the mob of Smart Devices, after Smartphones... Google glass would definitely be the next must-have device. It’s non-other than a small computer you wear like eyeglasses allows you to surf the Web, email, text, take photos, live videos and more, -- all hands free.

Google Glasses are yet in very limited release, but researchers have developed the world’s first spyware that could hijack your Google’s Glass computer eyepieces.

Two Polytechnic graduate researchers, 22-year-old Mike Lady and 24-year-old Kim Paterson, from California designed an app that has the capability to convert the Google Glass into a Spy Camera, click a photo every ten seconds without giving any visible sign to the wearer, Forbes reported yesterday.

The malware app developed by the researchers, masquerades itself as a fair piece of note-taking software, ironically dubbed as ‘Malnotes’, that trick users accept the permissions which allow them to capture images of whatever the glass wearer is looking at, in every 10 seconds when Glass’s display is turned off and uploads them to the remote server.

Although, it’s Google’s developer policy which specifically ban apps that capture images while the device display is off, but the two California researchers proved that there were no real security prohibitions to enforce this policy.

Forbes reported that in a short video interview with the researchers, the Google Glass handset running Malnotes belonging to Mike Lady apparently uploaded more than 150 snapshots of his vision, with no indication for either him or any other person.

“The scary thing for us is that while it’s a policy that you can’t turn off the display when you use the camera, there’s nothing that actually prevents you from doing it,” says Paterson. “As someone who owns Glass and wants to install more apps, I’d feel a lot better if it were simply impossible to do that. Policies don’t really protect us.”

The researchers were successful in uploading the malicious app into the Google app store which was subsequently removed from the Google when the news broke. But, when their professor tweeted about their work and received a response from a Google staffer, they didn’t bother to try uploading the app to Google MyGlass app store.

Such malicious apps could be served via 3rd party app stores or could be installed using a USB cable via computer, when in debug mode. Just yesterday, we have reported about a Windows Spy tool that can even install a spyware app to Android devices connected to the infected computer.

The Google spokesperson stated in response, "Right now Glass is still in an experimental phase and has not been widely released to consumers. One goal of the Explorer program is to get Glass in the hands of developers so they can hack together features and discover security exploits."

Windows Spy tool equipped with Android malware to hack Smartphones

I am quite sure that you must be syncing your Smartphone with your Computers for transferring files and taking backup of your device.

If you are using windows operating system and Android devices, then it’s a bad news for you, because FireEye Security Researchers have identified a new piece of windows malware that can also infects your Android Devices.

During an investigation of a targeted attack on a US based financial institution, researchers spotted a new version of Windows Remote Access Trojan (RAT) called 'Win-Spy Software Pro v16', a spying and monitoring tool. WinSpy was embedded in macro documents to kick off a spam campaign via a spear phishing email.

“The recent surge in Android-based RATs such as Dendroid and AndroRAT shows a spike in the interest of malicious actors to control mobile devices. GimmeRAT is another startling example of malicious actors venturing into the Android ecosystem,” security firm said.

The Researchers dubbed the Android spying component pre-loaded with WinSpy as GimmeRat, that allow hackers to control the victims’ device by using their own phone remotely over SMSs, or alternatively through a Windows-based controller.

"We also discovered various Android components that can be employed to engage in surveillance of a target."  security firm said in a blog post.

To install the Android malware, WinSpy communicates with mobile devices connected to the infected computer using a command line tool called Android Debug Bridge (ADB), that allows the Windows malware to execute commands on the Android device. ADB is a legitimate tool and part of the official Android software development kit (SDK). If USB debugging Mode is enabled on the device, it initiates the installation process.

The new Android components also smooth the ways for surveillance of the target and there are three different applications that are part of the Android surveillance package.

“We have found three different applications that are a part of the surveillance package. One of the applications requires commandeering via a window controller and requires physical access to the device while the other two applications can be deployed in a client-server model and allow remote access through a second Android device,” wrote the researchers.

The technique is now new, Similar payload was used by other windows malware called ‘Trojan.Droidpak’ to infect Android Device, that was discovered by Antivirus firm Symantec in January.

Using Android malware, the attackers could trace victims’ GPS location, can take screenshots of victims’ devices and could send these data to the remote Command-and-Control servers. Trojan is also perfect in monitoring the device' text messages.

"The hostname, port, username, and password are used to connect to the attackers’ FTP server to send screenshots, which is explained, in a later section. Once this intent is received the GlobalService is restarted with the interval parameter.." FireEye said.

When Windows system infected with WinSpy, an attacker can take screenshots, log keystrokes and even can also use it to open a backdoor for remote commands, upload and download of more files and the execution of remote commands.

With the widespread use of Smartphones, the adoption of the mobile platforms such as Android has been increased, and so the new market of cyber criminals demands for RATs to support these platforms. Such interesting tactics can be used to serve fake Mobile Banking apps.. Fairly evil Ideas!

Banks to Pay Microsoft Millions of Dollars for extended Windows XP Support

Despite so many warnings from Microsoft and Cyber Security Experts, Windows XP is still being used by a number of Government organizations, Financial institutions as well as big Corporations all around the world.

If we look at the statistics then almost 30% of computers you will find that still run Windows XP, including banks, airline companies, and other huge enterprises, the count in real is likely to be even higher than the estimated.

But If you stick with Windows XP after April 8 2014, you might be at a great risk as XP will take its last breath officially on that day and will die! This fact poses danger to its users as they will be exposed to all kinds of treats. Almost thirteen years after it was 'first released' i.e. April 8 when the Redmond, Washington-headquartered Corporation will stop support for its longest running and most successful OS, Windows XP.

Continue using Windows XP after April 8, it will serve you as a Dead Zombie, because Microsoft will no longer support its own Operating System. So, the bugs and Security vulnerabilities will go forever unpatched. 

It’s difficult to believe that around 95% of the 420,000 bank’s ATMs in the USA, the country which is known for the world’s largest National Cyber Security Division, also run on Windows XP, but after the deadline if a serious security flaw or vulnerability is found in Windows XP, the banks on their own will defend against the increasingly high-tech cyber criminals.

Since there is almost 29% of the desktop market share worldwide running the older version of Windows; So, a malware of epic scale could be fabricated if a suitable zero-day vulnerability was found and it’s beyond your reach that what damage and destruction, cyber criminals might cause with such exploits.

As currently 95 percent of banks’ ATMs run XP which is around 2.2 million machines worldwide. So, it’s difficult to upgrade it all to Windows 7 by the April deadline, therefore the banks have arranged or are in the process of arranging extended support for Windows XP from Microsoft.

It is estimated that for British banks alone, the cost of extending support for Windows XP would be around £50 to £60 million.

"There are certainly large enterprise customers who haven't finished their migrations yet and are purchasing custom support," a spokesman for Microsoft told a Reuters.

But, you are strongly advised to upgrade your system or if your friends or family members are still running the older version, help them upgrade to Windows 7/8 as soon as possible

Linux Worm targets Internet-enabled Home appliances to Mine Cryptocurrencies

Could a perfectly innocent looking device like router, TV set-top box or security cameras can mine Bitcoins? YES! Hackers will not going to spare the Smart Internet-enabled devices.

A Linux worm named Linux.Darlloz, earlier used to target Internet of Things (IoT) devices, i.e. Home Routers, Set-top boxes, Security Cameras, printers and Industrial control systems; now have been upgraded to mine Crypto Currencies like Bitcoin.

Security Researcher at Antivirus firm Symantec spotted the Darlloz Linux worm back in November and they have spotted the latest variant of the worm in mid-January this year.

Linux.Darlloz worm exploits a PHP vulnerability (CVE-2012-1823) to propagate and is capable to infect devices those run Linux on Intel’s x86 chip architecture and other embedded device architectures such as PPC, MIPS and MIPSEL.

The latest variant of Linux.Darlloz equipped with an open source crypto currency mining tool called 'cpuminer', could be used to mine Mincoins, Dogecoins or Bitcoins.

Symantec Researchers scanned the entire address space of the Internet and found 31,716 devices infected with Darlloz. "By the end of February 2014, the attacker mined 42,438 Dogecoins (approximately US$46 at the time of writing) and 282 Mincoins (approximately US$150 at the time of writing). These amounts are relatively low for the average cybercrime activity so, we expect the attacker to continue to evolve their threat for increased monetization." Kaoru Hayashi, senior development manager and threat analyst with Symantec in Japan.

Major infected countries are China, the U.S., South Korea, Taiwan and India.

Crypto Currency typically requires more memory and a powerful CPUs, so the malware could be updated to target other IoT devices in the future, such as home automation devices and wearable technology.

A Few weeks back, Cisco has announced a global and industry-wide initiative to bring the Security community and Researchers together to contribute in securing the Internet of Things (IoT) and launched a contest called the "Internet of Things Grand Security Challenge", offering prizes of up to $300,000 for winners.

Users are advised to update firmware and apply security patches for all software installed on computers or Internet-enabled devices. Make sure, you are not using default username or password for all devices and block port 23 or 80 from outside if not required.

EA Games website hacked; Phishing page hosted to steal Apple IDs

Recently we aware you about the tricky phishing scam targeting Google Docs and Google Drive, a similar phishing scam has been detected by the researchers targeting Apple users to steal users’ credentials.

According to the researchers at Netcraft, a UK based security services company, the hackers have compromised the web server owned by the gaming company, Electronic Arts (EA) to host a phishing site which targets Apple ID Account holders, asking for users’ Apple ID and password, along with their full name and date of birth and credit card details as well.

“The phishing site attempts to trick a victim into submitting his Apple ID and password. It then presents a second form which asks the victim to verify his full name, card number, expiration date, verification code, date of birth, phone number, mother's maiden name, plus other details that would be useful to a fraudsters,” wrote the researchers in a blog post.

The Hackers compromised the EA Games server by exploiting one of the vulnerabilities in an outdated WebCalendar application and used it as a weapon to create the fake "My Apple ID" page designed to look like the legitimate Apple login page, as shown. Once the users submit the details, they are redirected to the legitimate Apple ID website.

"In this case, the hacker has managed to install and execute arbitrary PHP scripts on the EA server, so it is likely that he can at least also view the contents of the calendar and some of the source code and other data present on the server. The mere presence of old software can often provide sufficient incentive for a hacker to target one system over another, and to spend more time looking for additional vulnerabilities or trying to probe deeper into the internal network." researchers at Netcraft said.

In addition to host a phishing site, the EA Games attack was also used for another phishing attack that steals users' login credentials of Origin digital distribution platform, that means if a site has been online for more than a week, it has attempted to steal email addresses, passwords and security question answers as well, according to the researchers.

Using hijacked Apple ID details, hackers can gain access users' personal data stored on iCloud, including email, contacts, calendars, and photos, that could even be used to clone an iPhone or iPad by restoring an iCloud backup to a device in their possession.

Netcraft informed EA yesterday that their server has been compromised. However, the vulnerable server and the phishing content were still online at the time of publication.

We always recommend our users not to click on any link blindly and the best way to protect yourself from such attacks is by using two-step verification, which means that a code is also required with the ID and Password to access your account.

Back off, NSA! Gmail now Encrypts every single Email

2014 - The Year for Encryption! Good News for Security & Privacy seekers, Gmail is now more secure than ever before.

Google has announced that it has enhanced encryption for its Gmail email service to protect users from government cyber-spying; by removing the option to turn off HTTPS.

So from today, Gmail will always use an encrypted HTTPS connection by default when you check or send email. Furthermore, Google also assured that every single email message will now be encrypted as it moves internally between the company's data centers.

"Today's change means that no one can listen in on your messages as they go back and forth between you and Gmail’s servers—no matter if you're using public WiFi or logging in from your computer, phone or tablet." Nicolas Lidzborski, Gmail Security Engineering Lead said in a blog post.

It was previously disclosed by Edward Snowden that the National Security Agency (NSA) is intercepting email messages as they move between data centers and servers using controversial PRISM data mining program. 

Google has finally realized that it makes no sense to allow unencrypted HTTP connections. "Our commitment to the security and reliability of your email is absolute, and we’re constantly working on ways to improve." he said.

Does this mean your Gmail messages are now fully secure from government snooping? NSA is still out there!

Dendroid, a new Android malware tool

Number of malware for Android platform is increasing day by day.  Cybercriminals trying to sell android-malware toolkit to others.  The first Android Remote admin tool is AndroRAT which is believed to first ever malware APK binder.

Sponsored Links

Symantec researchers have come to know another android malware toolkit called "Dendroid" is being sold in the underground forums.

A cybercriminal going by online handle "soccer" in the underground forum is selling this HTTP based RAT which is said to be having many malicious features.

The toolkit is able to create malicious apk file capable of 'deleting call logs', 'call to any number', 'open webpages', 'record calls', 'intercept sms', 'take and upload photos&videos', 'dos attack'.

Researchers say the cybercriminal also offer 24/7 support for this RAT.  Others can buy this toolkit by paying $300 through crypto currencies such as Bitcoins, Litecoins.

Experts have mentioned that this RAT has some link with the previous AndroRAT saying "the author of the Dendroid APK binder included with this package had assistance writing this APK binder from the author of the original AndroRAT APK binder.   "

Microsoft charges FBI for your Information; Syrian Electronic Army leaks Invoices

Till now we all were aware about the truth that tech companies gave legal access to user data on the government's request, but we were unaware that well known tech companies also charge the government for providing data.

Syrian Electronic Army (SEA), the pro-hacker group, who had compromised Microsoft's Twitter account and blog, earlier this year and Microsoft did announce a breach on its blog earlier this year. "It appears that documents associated with law enforcement inquiries were stolen,".

It seems that they have achieved something bigger than we expected by once more targeting Microsoft.

This time the SEA hacking group has managed to successfully get into the FBI's super-secret Digital Intercept Technology Unit (DITU), where they found the actual invoices from Microsoft; detailing how much each request for data cost, which means that the company charges for every document they provide to the FBI agents, Daily Dot reported.

The invoices above shows that Microsoft charged the DITU $145,100 in December 2012, at a rate of $100 per data request. In August 2013, the per-request rate increased to $200 and the latest Invoice dated November 2013, showed a charge of $281,000.

These documents show how frequently the government calls on tech companies for information and could be possible that Microsoft isn't the only company that charges the government for compliance with data requests.

The group aligned with president Bashar al-Assad, is popular for targeting western countries and media and had victimized various high-profile brands and VIPs’ twitter accounts and websites, like Forbes, Obama, Facebook, CNN, eBay and PayPal in the past using phishing techniques, and recently claimed to compromise central repository of US central command (CENTCOM)

Take A Look At The Largest Aircraft in The World...

There are a lot of aircraft in the world – commercial planes, military planes, helicopters, and the list goes on and on. Depending on the type of plane you’re looking at, most aircraft look and act very similar. There’s small aircraft, middle-sized aircraft, large aircraft, and then my personal favorite category: the what-in-the-world-is-that-thing aircraft.
If you’ve ever found yourself wondering what the biggest “plane” in the sky was, I have the answer for you. And if you study the makeup of it, it sounds as if its designers (Hybrid Air Vehicles, Ltd.) wanted to find out what would happen when they put a plane, helicopter, and blimp all together in the same prototype. What they got from the mashup happens to be the largest aircraft currently known to man. Have a look for yourself at the behemoth.

Try Storing That Thing At The Airport…
What you see in part in the image above is an unprecedented event in the history of aviation. This monster of an airship measures approximately 300 feet long and can reach a top speed around 100 MPH. Not impressed yet? She can also stay in the air for 3 weeks at a time. This aircraft is being heralded as part of the future of greener/hybrid air vehicles, and its designers hope one day there will be just as many of these in the sky as helicopters today. As these ships use mostly helium to travel, their impact on the environment would be less severe than other aircraft.
These ships will primarily be used to transport people and goods all over the world, though there is also the possibility of using them for surveillance use. Each one could carry up to 50 tons of cargo, and would cost just over $50 million to manufacture.
Could you imagine taking a trip in one of these things? I hope they’ll have a lot of movies on demand and seats with plenty of leg room. What do you think?

Uroburos Malware: Russian Intelligence Suspected

Russian government hackers have been suspected of establishing a highly sophisticated piece of malware that is designed to obtain files from digital infrastructure.  The Uroburos malware is named after an ancient symbol, which depicts a dragon eating its own tail.
G-Data said of the Uroburos malware that it was “one of the most advanced rootkits we have ever analysed in this environment”.  The malware is able to work on both 32-bit and 64-bit Microsoft Windows operating systems.  This gives rise to the theory that it is a well-funded effort on behalf of the criminals involved. It is estimated that Uroburos went undetected for at approximately three years.


G-Data said, “The development of a framework like Uroburos is a huge investment. The development team behind this malware obviously comprises highly skilled computer experts, as you can infer from the structure and the advanced design of the rootkit…The design is highly professional; the fact the attackers use a driver and a virtual file system in two separate files which can only work in combination, makes the analysis really complicated. One needs to have the two components to correctly analyze the framework. The driver contains all of the necessary functionality and the file system alone simply cannot be decrypted…The network design is extraordinarily efficient, too; for an incident response team, it is always complicated to deal with peer-to-peer infrastructure. It is also hard to handle passive nodes, because one cannot quickly identify the link between the different infected machines.”
The connection to Russia was established after researchers from G-Data had discovered stacks of Russian-language strings in the code. Also, they found the malware whilst searching for the presence of Agent.BTZ. A piece of malware used in attacks on the United States back in 2008, which were alleged to have been orchestrated by Russian spies.
“We believe that the team behind Uroburos has continued working on even more advanced variants, which are still to be discovered…We are sure of the fact that attacks carried out with Uroburos are not targeting John Doe but high profile enterprises, nation states, intelligence agencies and similar targets.” G-Data added.
Do you think that this originated with Government agents? If you have any sensible comments regarding this story, please leave your comments in the section below.

TSMC will build chips for upcoming iPhone

According to a new AP report, Taiwan Semiconductor Manufacturing Co (TSMC) will build the chips for Apple's next iPhone, leaving rival Samsung hanging.

The semiconductor company has already begun producing the A8 chip, a more powerful version of last year's 64-bit processor.

Multiple supply chain sources are cited in the report, and the report also claims the new iPhone 6 will have a 4.7-inch screen.

Samsung used to make nearly all of Apple's chips, but as the two companies have stepped up their global battle, both in smartphones and in patent litigation, Apple has been trying to move away from its reliance on the components maker. This has been tough, as there are very few companies that can match even half of Samsung's production.

Oppo Find 7 to feature hugely unnecessary 50MP camera?

Oppo keeps on teasing impressive specs for its upcoming Find 7 flagship.

First, it was leaked that the smartphone will run on the new Snapdragon 801 SoC, which features upgraded Krait 400 cores, a top clock speed of 2.5GHz, integrated 4G LTE Category 4 and 802.11ac Wi-Fi. Additionally, the imaging processing has been improved so much that much higher resolution sensors can be used in the future.

Second, the company teased that the device will be available as a 5-inch 1080p device or as a 5.5-inch, 2560x1440 handset.

This week, an image uploaded to Weibo of a car has a 8160x6120 resolution and the EXIF data names the Oppo Find 7 as the shooter.

The image itself looks great and detailed, but 50MP is complete overkill. Regardless, the high-end device will launch on March 19th.

Image (Shrunk):

Apple CarPlay brings the iOS experience to your car dashboard

This morning, Apple announced the launch of CarPlay, bringing the iOS experience to automobiles starting in 2014.

iPhone 5, 5C and 5S users can use CarPlay to control phone calls, use Maps, play their music, and have messages dictated to them. When released, cars will have a native CarPlay interface or you can choose to activate Siri from a new voice control button on the steering wheel.

"CarPlay has been designed from the ground up to provide drivers with an incredible experience using their iPhone in the car," said Greg Joswiak, Apple's vice president of iPhone and iOS Product Marketing. "iPhone users always want their content at their fingertips and CarPlay lets drivers use their iPhone in the car with minimized distraction. We have an amazing lineup of auto partners rolling out CarPlay, and we're thrilled it will make its debut this week in Geneva."

The software/hardware will debut this week in cars from Ferrari, Mercedes-Benz and Volvo. Later in the year, it will be available in Honda, Jaguar and Hyundai models. Next year, that selection increases significantly to include BMW, Ford, General Motors, Kia, Mitsubishi, Nissan, PSA Peugeot Citroën, Subaru, Suzuki and Toyota.

Besides the phone call and message management, one interesting feature is the integration with Apple Maps. Apple says "CarPlay makes driving directions more intuitive by working with Maps to anticipate destinations based on recent trips via contacts, emails or texts, and provides routing instructions, traffic conditions and ETA." Siri will also provide turn-by-turn instructions.

Finally, CarPlay will work with third-party apps like Spotify, Beats and iHeartRadio besides the normal iTunes Radio and iTunes Music. You can control what you are listening to with touch or using Siri to search for what you want to hear.