ATM Malware Found In Mexico

A malicious software program identified in ATMs in Mexico has been improved and translated into English, which suggests it may be used elsewhere, according to security vendor Symantec.

Two versions of the malware, called Ploutus, have been discovered, both of which are engineered to empty a certain type of ATM, which Symantec has not identified.

In contrast to most malware, Ploutus is installed the old-fashioned way — by inserting a CD boot disk into the innards of an ATM machine running Microsoft Windows. The installation method suggests that cybercriminals are targeting standalone ATMs where access is easier.

The first version of Ploutus displays a graphical user interface after the thief enters a numerical sequence on an ATM’s keypad, although the malware can be controlled by a keyboard, wrote Daniel Regalado, a Symantec malware analyst, on Oct. 11.

Ploutus is programmed for a specific ATM model since it assumes there is a maximum of four cassettes per dispenser in the ATM. It then calculates the amount of money that should be dispensed based on the number of bills. If any of the cassettes have less than the maximum number of 40 bills, it releases whatever is left, repeating that process until the ATM is empty.

Kevin Haley, director of Symantec Security Response, said in an interview earlier this month that the attackers have deep knowledge of the software and hardware of the particular ATM model.

“They clearly know how this machine worked,” he said.

The source code of Ploutus “contains Spanish function names and poor English grammar that suggests the malware may have been coded by Spanish-speaking developers,” Regalado wrote.

In a new blog post, Regalado wrote that the attackers made Ploutus more robust and translated it into English, indicating the same ATM software can be exploited in countries other than Mexico.

The “B” variant of Ploutus has some differences. It only accepts commands through the keypad but will display a window showing the money available in the machine along with a transaction log as it dispenses cash. An attacker cannot enter a specific number of bills, so Ploutus withdraws money from the cassette with the most available bills, Regalado wrote.

Symantec advised those with ATMs to change the BIOS boot order to only boot from the hard disk and not CDs, DVDs or USB sticks. The BIOS should also be password protected so the boot options can’t be changed, Regalado wrote.

Source

LG Goes Self-Healing

LG is upping the ante in smartphone technology with a new handset that has a curved touchscreen, along with a special “self healing” technology that the company claims can prevent scratches on the phone’s casing.

The South Korean electronics vendor unveiled the new phone on Monday, calling it the LG G Flex. Digital renderings of the handset were leaked earlier this month. But in its Monday announcement the company offered further details on the phone, showing that it contains a few new technologies, along with its curved display.

The G Flex is the second phone to feature a curved display, the first coming from Samsung Electronics with its Galaxy Round handset. The top and bottom of the G Flex’s 6-inch screen are curved towards the user, while on the Samsung phone it is the sides that are curved towards the viewer.

This makes LG’s handset closer to the curve of a traditional fixed-line phone handset, a design choice LG said is optimized for the contours of a face. Users can more comfortably hold the phone to their mouth and ear, improving its voice and sound quality, according to LG.

The company also touted the design by stating that the phone offers an easier grip, and holds better in a person’s back pocket. In addition, LG said the curved screen gives an “IMAX-like” experience when viewing videos, allowing for a greater field of view.

Source

Will Twitter IPO Shares Reach $20?

Twitter has decided to price its IPO shares between $17 and $20 when it lists on the New York Stock Exchange, the company said in its filing.

Based on an assumed initial public offering price of $18.50 — the midpoint of the range — Twitter estimates the net proceeds from the sale of shares of common stock will be roughly $1.25 billion, the company said in documentsfiled with the U.S. Securities and Exchange Commission.

Some 80.5 million shares of common stock will be registered, according to the filing.

Releasing its IPO price range positions Twitter to begin its “road show,” seeking to raise funds from investors across the country. In documents filed last week, the company said it would list its shares under the ticker symbol TWTR on the New York Stock Exchange, representing a big win for the market over rival Nasdaq.

Twitter has yet to determine a date for the listing, though one report suggested Nov. 15 could be the day.

Twitter’s IPO is likely to be one of the hottest of the year and the most prominent in social media since Facebook went public last year. Twitter’s share price range will be markedly lower than Facebook’s, which priced its IPO at $38 per share.

Twitter filed for its highly anticipated public offering earlier last  month.

Source

Banks Join Instant Chat

Goldman Sachs Group Inc, JPMorgan Chase & Co and six other financial institutions have agreed to join a new instant messaging network from Markit and Thomson Reuters Corp to connect disparate messaging systems.

The network, called Markit Collaboration Services, launched on Monday and allows members to chat with one another regardless of the proprietary messaging technology that each firm uses.

This open platform differs Bloomberg LP’s messaging system, which is a closed network only for users of Bloomberg terminals.

Bloomberg messaging is the most popular form of chat on Wall Street, and often cited as one of the reasons banks are willing to pay around $20,000 a year for a subscription to a Bloomberg terminal.

Markit and Thomson Reuters said they hoped their open messaging network will attract banks that want to chat with their clients or other financial institutions but cannot currently do so because they are on different messaging systems.

The other banks that have joined the new network are Deutsche Bank, Bank of America Merrill Lynch, Barclays, Citigroup, Credit Suisse and Morgan Stanley, according to a statement from Markit.

The banks collectively employ more than 1 million people worldwide, though it was not immediately clear how many individuals will use the new Markit service.

David Craig, president of Thomson Reuters’ Financial & Risk division, said one of the challenges facing banks is that their messaging systems do not always talk to one another. “That creates costs and complexity,” he said.

Markit and Thomson Reuters said the messages on the new network are encrypted, and the system does not store them.

Representatives from Bank of America, Deutsche Bank, Goldman Sachs and Morgan Stanley were not immediately available to comment on the new messaging system. Representatives from Barclays, Citi, Credit Suisse and JPMorgan also declined to comment.

Source

Does Intel Need Help?

As time runs out for Intel to bring its Internet-based TV service by the end of the year, the outfit has approached Samsung and Amazon to ask them to lend a hand. Intel has asked about providing funding and distribution for the service. It looks like the set-top box project could be scrapped if a strategic partner isn’t found soon.

OnCue was supposed to allow users to watch live TV, on demand, and other offerings. Intel said it would provide the hardware and services directly to consumers and that the box would come with a camera that can detect who is in front of the TV. More than 300 engineers are working on the project under Erik Huggers, the head of Intel Media. A version of the service running on Intel hardware is testing with 3,000 Intel employees. Goodness knows what content they are running. Intel is having difficulty getting content deals.

Intel has yet to announce any TV programming partners, and Time Warner Cable and other cable TV providers have been pressuring channel owners to shun pacts with Intel and other Internet-based TV providers. Samsung, which ships millions of smart TVs, could distribute the service as a bundle, while Amazon could provide access to its growing library of movies and TV shows.

Source

Apple Hacked

A group of German hackers claimed to have successfully breached the iPhone fingerprint scanner on Sunday, just two days after Apple Inc debuted the technology that it promises will better protect devices from criminals and snoopers seeking access.

If the claim is verified, it will be embarrassing for Apple which is betting on the scanner to set its smartphone apart from new models of Samsung Electronics Co Ltd and others running the Android operating system of Google Inc.

Two prominent iPhone security experts told Reuters that they believed the German group, known as the Chaos Computing Club, or CCC, had succeeded in defeating Apple’s Touch ID, though they had not personally replicated the work.

One of them, Charlie Miller, co-author of the iOS Hacker’s Handbook, described the work as “a complete break” of Touch ID security. “It certainly opens up a new possibility for attackers.”

Apple representatives did not respond to requests for comment.

CCC, one the world’s largest and most respected hacking groups, posted a video on its website that appeared to show somebody accessing an iPhone 5S with a fabricated print. The site described how members of its biometrics team had cracked the new fingerprint reader, one of the few major high-tech features added to the latest version of the iPhone.

The group said they targeted Touch ID to knock down reports about its “marvels,” which suggested it would be difficult to crack.

“Fingerprints should not be used to secure anything. You leave them everywhere, and it is far too easy to make fake fingers out of lifted prints,” a hacker named Starbug was quoted as saying on the CCC’s site.

The group said it defeated Touch ID by photographing the fingerprint of an iPhone’s user, then printing it on to a transparent sheet, which it used to create a mold for a “fake finger.”

CCC said similar processes have been used to crack “the vast majority” of fingerprint sensors on the market.

“I think it’s legit,” said Dino Dai Zovi,” another co-author of the iOS Hacker’s Handbook. “The CCC doesn’t fool around or over-hype, especially when they are trying to make a political point.”

Touch ID, which was only introduced on the top-of-the-line iPhone 5S, lets users unlock their devices or make purchases on iTunes by simply pressing their finger on the home button. It uses a sapphire crystal sensor embedded in the button.

Data used for verification is encrypted and stored in a secure enclave of the phone’s A7 processor chip.

Two security experts who sponsored an impromptu competition offering cash and other prizes to the first hackers who cracked the iPhone said they had reviewed the information posted on the CCC website, but wanted more documentation.

“We are simply awaiting a full video documentation and walk through of the process that they have claimed,” said mobile security researcher Nick DePetrillo, who started the contest with another security expert, Robert Graham. “When they deliver that video we will review it.”

The two of them each put up $100 toward a prize for the contest winner, then set up a website inviting others to contribute. While the booty now includes more than $13,000 in cash, it was not clear that the CCC would receive the full payout, even if DePetrillo and Graham declared them winners.

Source

MIT Develops Inflatable Antenna

Satellites the size of shoe boxes, which are expected to one day allow researchers to explore space more efficiently, will soon have greater range.

MIT researchers have built and tested an inflatable antenna that can fold into such a satellite, then inflate in orbit to enable long range communications — from seven times the distance possible today.

The technology will let the small satellites, called CubeSats, move further into space and send valuable information to scientists back on earth.

“With this antenna, you could transmit from the moon, and even farther than that,” said Alessandra Babuscia, a researcher on the inflatable antenna team at MIT, in a statement. “This antenna is one of the cheapest and most economical solutions to the problem of communication. But all this research builds a set of options to allow the spacecraft … to fly in deep space.”

The MIT effort comes as engineers at the University of Michigan work on ways to propel such small spacecraft into interplanetary space. The team is building a plasma thruster that could fit in a 10-centimeter space and push a small satellite-bearing spacecraft into deep space.

The university researchers using superheated plasma that would push through a magnetic field to propel a CubeSat.

The MIT researchers are seeking to solve the communications problems and enable far-afield CubeSats to send data to and receive instructions from Earth.

The CubeSat devices cannot support radio dishes that are used today to let spacecraft communicate when far from Earth’s orbit.

The inflatable antennas significantly amplifies radio signals, allowing a CubeSat to transmit data back to Earth at a higher rate, according to the university.

MIT engineers have built two prototype antennae, each a meter wide, out of Mylar, which is a polyester film known for its strength and use as an electric insulator. One antenna was a cone shape, while the other looks more like a cylinder when inflated. Each fits into a 10-cubic-centimeter space within a CubeSat.

Each prototype contains a few grams of benzoic acid, which can be converted to a gas to inflate the antenna, MIT noted.

In testing, the cylindrical antenna performed “slightly better” than the cone shaped device, transmitting data 10 times faster, and seven times farther than existing CubeSat antennae.

Source

Dell Bets On Windows 8

Demand for Windows 8 may be still somewhat lukewarm, but Dell is maintaining its stance that it is the best operating system for business tablets and plans to roll out more Windows 8-based products later this year, according to a senior executive at the computer maker.

“Our Windows tablets are more secure and easier to manage than Android-based products and iOS-based products [because Windows is] on our tablets,” said Jeff Clarke, vice chairman and president of global operations at Dell. “And we are not going to change that.”

Windows-based devices accounted for just 4.5% of tablet sales in this year’s second quarter, according to research firm IDC. In comparison, Android-based devices had 62.6% of the tablet market and Apple’s iPad had 32.5%.

The slow adoption of Windows 8 tablets is partly due to their high prices, and to the operating system’s lack of mobile apps, analysts say. Windows 8 has also received mixed reviews, with some people citing its lack of a Start button in the desktop mode as a major problem.

But Dell expects demand for Windows 8 devices to pick up with the availability of Windows 8.1, which Microsoft will release in October.

Source

Cyber Attacks Increasing In Middle East

Syria’s civil war and political strife in Egypt have given birth to new battlegrounds on the Web and driven a surge in cyber attacks in the Middle East, according to a leading Internet security company.

More than half of incidents in the Gulf this year were so-called “hacktivist” attacks – which account for only a quarter of cybercrime globally – as politically motivated programmers sabotaged opposing groups or institutions, executives from Intel Corp’s software security division McAfee said on Tuesday.

“It’s mostly bringing down websites and defacing them with political messages – there has been a huge increase in cyber attacks in the Middle East,” Christiaan Beek, McAfee director for incident response forensics in Europe, Middle East and Africa (EMEA), told Reuters.

He attributed the attacks to the conflict in Syria, political turmoil in Egypt and the activities of hacking collective Anonymous.

“It’s difficult for people to protest in the street in the Middle East and so defacing websites and denial of service (DOS) attacks are a way to protest instead,” said Beek.

DOS attacks flood an organization’s website causing it to crash, but usually do little lasting damage.

The Syrian Electronic Army (SEA), a hacking group loyal to the government of President Bashar al-Assad, defaced an Internet recruiting site for the U.S. Marine Corps on Monday and recently targeted the New York Times website and Twitter, as well other websites within the Middle East.

Beek described SEA as similar to Anonymous.

“There’s a group leading operations, with a support group of other people that can help,” said Beek.

McAfee opened a centre in Dubai on Monday to deal with the rising threat of Internet sabotage in the region, the most serious of which are attacks to extract proprietary information from companies or governments or those that cause lasting damage to critical infrastructure.

Cyber attacks are mostly focused on Saudi Arabia, the world’s largest oil exporter, Qatar, the top liquefied natural gas supplier, and Dubai, which is the region’s financial, commercial and aviation hub, said Gert-Jan Schenk, McAfee president for EMEA.

“It’s where the wealth and critical infrastructure is concentrated,” he said.

The “Shamoon” virus last year targeted Saudi Aramco, the world’s largest oil company, damaging about 30,000 computers in what may have been the most destructive attack against the private sector.

“Ten years ago, it was all about trying to infect as many people as possible,” added Schenk. “Today we see more and more attacks being focused on very small groups of people. Sometimes malware is developed for a specific department in a specific company.”

Source

Developers Hack Dropbox

Two developers have penetrated Dropbox’s security, even intercepting SSL data from its servers and bypassing the cloud storage provider’s two-factor authentication, according to a paper they published at USENIX 2013.

“These techniques are generic enough and we believe would aid in future software development, testing and security research,” the paper says in its abstract.

Dropbox, which claims more than 100 million users upload more than a billion files daily, said the research didn’t actually represent a vulnerability in its servers.

“We appreciate the contributions of these researchers and everyone who helps keep Dropbox safe,” a spokesperson said in an email to Computerworld. “In the case outlined here, the user’s computer would first need to have been compromised in such a way that it would leave the entire computer, not just the user’s Dropbox, open to attacks across the board.”

The two developers, Dhiru Kholia, with the Openwall open source project , and Przemyslaw Wegrzyn, with CodePainters, said they reverse-engineered Dropbox, an application written in Python.

“Our work reveals the internal API used by Dropbox client and makes it straightforward to write a portable open-source Dropbox client,” the paper states. “Additionally, we show how to bypass Dropbox’s two-factor authentication and gain access to users’ data.”

The paper presents “new and generic techniques to reverse engineer frozen Python applications, which are not limited to just the Dropbox world,” the developers wrote.

The researchers described in detail how they were able to unpack, decrypt and decompile Dropbox from scratch. And, once someone has de-compiled its source code, how “it is possible to study how Dropbox works in detail.

“We describe a method to bypass Dropbox’s two-factor authentication and hijack Dropbox accounts. Additionally, generic techniques to intercept SSL data using code injection techniques and monkey patching are presented,” the developers wrote in the paper.

The process they used included various code injection techniques and monkey-patching to intercept SSL data in a Dropbox client. They also used the techniques successfully to snoop on SSL data in other commercial products as well, they said.

The developers are hoping their white hat hacking prompts Dropbox to open source its platform so that it is no longer a “black box.”

Source

« Previous Page — Next Page »