Tag Archives: hacking

RESEARCHERS PROVE ABILITY TO HACK DEVICES USING SOUND WAVES

Yesterday, computer security researchers from the University of Michigan and the University of South Carolina proved they have discovered a way to hack into a device using sound ways. This newly found weakness allows them to control or influence devices through tiny accelerometers. Accelerometers are instruments that measure acceleration and are manufactured as dynamic silicon chip-based devices used to sense movement or vibrations known as microelectromechanical systems, or MEMS. They are used for navigating, determining the orientation of a tablet and calculating distance in fitness monitors. Accelerometers are standard in consumer products such as smartphones, Fitbits and automobiles.

In the paper highlighting the research, they demonstrate how they were able to add additional steps to a Fitbit monitor, as well as, play a “malicious” music file from a smartphone, demonstrating they can control the phone’s accelerometer. Kevin Fu, one author of the paper, stated, “It’s like the opera singer who hits the note to break a wine glass, only in our case, we can spell out words.” He went on to say, “You can think of it as a musical virus.”

In addition, research from the paper shows that with the toy car, they did not infiltrate the car’s microprocessor, but rather controlled the car by forcing the accelerometer to generate fake readings. Computer security researchers remarked that this is new insight into cybersecurity challenges in complex systems, which show how analog and digital components can interact in unpredictable ways.

Vinny Troia, CEO of NightLion Security commented, “as we see a heightened push to develop self-driving vehicles from numerous companies, undetected vulnerabilities, such as this one, that could allow an attacker to remotely control a self-driving vehicle is disturbing, but a reality that should be seriously considered.”

The computer security researchers will be presenting their findings at the IEEE European Symposium on Security and Privacy in Paris next month.

Advertisements

Banks, Globally, Attacked by Fileless Malware

Banks around the world are being infected with a new form of fileless malware. This type of malware is invisible, as it lies undetected within the memory of a bank’s network gathering passwords and administrative information. The malware then feeds this data back to the hackers, who use it to control the bank’s computer system remotely.

According to Kaspersky Lab, who discovered the new form of malware, there have been reports of this malware at 140 different enterprises in 40 different countries throughout the globe, including: banks, telecoms and government institutions. The United States being hit the hardest with 21 reported incidents.

“What is interesting here is that these attacks are ongoing globally against banks themselves,” said Kaspersky Lab expert Kurt Baumgartner to Ars Technica late last week. Baumgartner went on to explain, “the banks have not been adequately prepared in many cases to deal with this.”

Fileless malware attacks are becoming more common than anyone imagined, which is why cyber security has become such an important tool. Digital Forensic Firms, such as,  NightLion Security, offer malware detection and removal with 24/7 service. Vinny Troia, CEO of the St. Louis Digital Forensics Firm, commented that banks are being targeted because they do not have the proper security in place to protect them against this type of invisible malware distribution.

Kaspersky Lab is unsure who is behind the attack or if it is more than one group using the same tools. They plan on releasing their findings later today.

Whoever is behind these attacks is focusing on computers that run automatic teller machines and “pushing money out of the banks from within the banks,” explains Baumgartner. He goes on to say that many of these attacks varied in the way they were executed, which is why they think numerous groups could be involved.

Credit Card Skimmers striking at gas stations

Most people don’t even think twice when inserting their credit cards into the machine to get gas. But you can never be careless when dealing with credit cards unfortunately.

St. Louis, as well as a ton of places in the U.S., have been experiencing a rise in credit card skimming devices at gas stations. The reason gas pumps are more popular for skimming devices than ATMs is because the keys to get inside the pumps are much easier to access and can even be sold online.

Vinny Troia, Digital Forensics Investigator and CEO of Night Lion Security, said that skimming devices are very hard to avoid and even the new credit cards with the chip won’t prevent you from being hacked. The only thing you can do, Troia explained, is to check your credit card statements daily.

Watch the video from FOX 2 News here. 

Apple fighting against the FBI

A big issue right now is the battle between the FBI and Apple over an iPhone salvaged from the investigation of the San Bernardino massacre in December. Apple was asked by the FBI to help hack into the phone and Apple had declined. Following that, the FBI sent Apple a court order to create a forensics tool and Apple is trying to fight this.

Apple’s recognized for their guaranteed user privacy, so the Feds have blamed Apple for putting their brand image above a terrorism investigation. The reason why Apple does not want to create this tool is because it will be extremely dangerous since it would end up becoming public. When it becomes public, that means it’ll be usable by any law enforcement, foreign governments and criminal organizations.

There are two feasible sides to this issue but to protect all devices in the future, I’m siding with Apple.

Visit New York Digital Forensics Company for any questions or in need of a free consultation.

Hacking Forensic Investigator discusses US Bank data breaches

Customer information was hacked at JP Morgan and 9 other US banks. There was no money actually taken from accounts but through credit cards. Apple pay system was designed to prevent credit card hacks. There is no possible way to obtain the credit card number with the Apple pay system. Vinny Troia, Hacking Forensic Investigator and CEO of Night Lion Security, a cyber security and IT risk management company, discusses this topic on Fox Business.

Troia explains that the next logical way for hackers will be to match usernames and passwords of people’s bank accounts and drain their money. This would be an enormous upset for banks, when this does happen. The banks would have to give whatever money was stolen back to their customers.

Cyber Security Expert talks about recent hacker

A recent article on Fox News talks about a Bahamian man who hacks into tons of celebrity emails to steal unreleased movies and TV scripts. Alonzo Knowles is the man being investigated for criminal copyright infringement and identity theft charges. Knowles is also giving away social security numbers and other personal things. Vinny Troia, Certified Hacking Forensic Investigator and CEO of Night Lion Security, a digital forensics and penetration testing firm, doesn’t believe that Knowles hacked into celebrity email accounts. In fact, he believes this is all a scam and that Knowles never hacked anything at all.

Troia thinks this was just a challenge to lure customers in to buying some of the things he hacked. Once the customers decided to buy the social security numbers, for example, Knowles would run away and leave the customer with nothing, Troia presumes. Knowles’ plan was working for him because people believe it is hard to obtain social security numbers but it is actually incredibly simple, Troia explains. Troia clarifies that one hack would have been difficult enough to pull off and there is no evidence to suggest that he is skilled enough to pull off all of these hacks and steal all of this information.

Cyber Security Expert Discusses Hacked Celebrity Photos

With the rise of celebrity’s photos getting hacked, Vinny Troia, Certified Hacking Forensic Investigator and CEO of Night Lion Security, discusses this issue with Rebecca Jarvis on ABC World News. Celebrities like Jennifer Lawrence, Kate Upton, and many others have all experienced these awful hacks. Apple announced that there were no hacks on their systems but on the celebrity’s user names, passwords and security questions.

Night Lion Security is a St. Louis based Digital Forensics firm, Troia explains how hackers can find a lot of the information to hack them through their Wikipedia pages. The hackers can find the latitude, longitude and altitude of where these photos were taken and they make lots of money doing this. The only solution to these hacking problems is to create unique passwords and changing them frequently.