Security Weekly 38

Security Weekly 38 Main Logo

Security Weekly 38: Miner Eliminates Competitors, Blend For Traffic Lights And Extremely Hacking Cameras

Mining has become, perhaps, the most frequent reason for news and the most fashionable entertainment of cybercriminals. However, where there is popularity, competition is also there: at this rate, a malware of different developers will soon work on each computer, not to mention scripts embedded in web pages. And CPU resources are not rubber.

  • The unknown craftsman thought about this prospect and decided to hedge: on the open spaces of the network appeared a Trojan-miner, who finds and stops competitors.

The program is masked for the driver for HP printers and is called very convincingly: hpdriver.exe for a 32-bit system or hpw64.exe for 64-bit. Having got on the computer, it, first of all, scans active processes and compares them with the personal list of enemies: processes-competitors are listed in the code by name. Under the distribution are the well-known Trojan-miners, as well as some legitimate Windows processes, whose work for the system is not fundamental – all of them are immediately shut down. Well, and then everything is as usual: the computer groans, the program minutes.

However, the malicious code is guided by a wired list of processes, so its capabilities are very limited. The next step, apparently, will be Trojans with a module of behavioral analysis – such will be able to catch not only known but also new competitors.

The not very clever intersection

The Most Powerful Supercomputer Photo 1 (1)

While in big cities around the world, scientists and inventors are thinking how to optimize traffic and overcome traffic jams with the help of new technologies, their colleagues have already found a way to keep the usual traffic jams, even in the city of the future. And you can do this, for example, through a defect in the standard configuration of one of the most common V2I-systems, I-SIG, which allows smart cars to exchange information with the intersection infrastructure, which in turn adjusts the traffic light mode to traffic intensity. This technology is already used in several American cities, including New York.

  • Cork can be called up, using the fact that the result of the system depends on the last arriving at the intersection of the car. If a vehicle sends her multiple signals, she honestly takes each of them for a new car. This simple-mindedness can be used by hooligans: a malicious smart car prepared by intruders parked not far from the traffic light is able to force a crossroads to miss the non-existent car for a long time.

However, intruders will have to try to take advantage of this vulnerability. To seriously stop traffic on automated streets will require thousands of smart cars. So in order to crash a major sabotage, intruders would have to come up with a way to infect them on an industrial scale. It seems that the modern implementation of V2V technology does not allow you to transfer malicious from the car to the car.

Where do surveillance cameras look?

The Most Powerful Supercomputer Photo 2 (1)

CCTV cameras are now used almost everywhere, except perhaps public toilets. But if they can scare ordinary scammers, cybercriminals will be more interested.

Thus, Hanwha SmartCam SNH-V6410PN cameras manufactured by Hanwha Techwin, which are most often used in private apartments and houses or small offices, were recently a tasty morsel for burglars. Just think: the passwords and serials of the devices are not protected from brute force, the data is sent through normal HTTP, and the cameras communicate with other devices through the cloud, which can be accessed by any owner of the Jabber account by simple manipulation.

  • And what is the scope for criminal activity: you can just watch secretly behind a surveillance object, you can register camera owners not yet registered in the cloud, and you can download malicious firmware to devices and use them to attack through a local network to other devices, The configuration file is not encrypted in any way, and changing it is not a difficult task.

One thing pleases: most of these bugs have already been successfully fixed, but what remains – hastily lathes. So this, in general, is not scary. It becomes frightening when you realize that the company produces not only harmless home cameras but also many other devices, among which are: self-propelled artillery systems and self-contained machine gun turrets. That is, in fact, robots that have firearms and – right! – camcorder.