backdoor
Latest
Flame malware snoops on PCs across the Middle East, makes Stuxnet look small-time
Much ado was made when security experts found Stuxnet wreaking havoc, but it's looking as though the malware was just a prelude to a much more elaborate attack that's plaguing the Middle East. Flame, a backdoor Windows trojan, doesn't just sniff and steal nearby network traffic info -- it uses your computer's hardware against you. The rogue code nabs phone data over Bluetooth, spreads over USB drives and records conversations from the PC's microphone. If that isn't enough to set even the slightly paranoid on edge, it's also so complex that it has to infect a PC in stages; Flame may have been attacking computers since 2010 without being spotted, and researchers at Kaspersky think it may be a decade before they know just how much damage the code can wreak. No culprit has been pinpointed yet, but a link to the same printer spool vulnerability used by Stuxnet has led researchers to suspect that it may be another instance of a targeted cyberwar attack given that Iran, Syria and a handful of other countries in the region are almost exclusively marked as targets. Even if you live in a 'safe' region, we'd keep an eye out for any suspicious activity knowing that even a fully updated Windows 7 PC can be compromised.
ZTE confirms the Score M has a backdoor, hopes to patch up soon
Who knew that owning a ZTE Score M would mean living life on the edge? ZTE has confirmed that the MetroPCS phone has a backdoor vulnerability which could let a less-than-scrupulous hacker get root-level control over the Android 2.3 phone -- and because it's a unique app baked into the firmware, the login credentials won't change as long as the exploit survives. Other ZTE phones, like the Skate, supposedly face the same hole as well. The company says it should have a patch ready to push over the air in the "very near future," but it hasn't said why the app existed in the first place. Either way, if you currently pocket the Score M or one of ZTE's other recent Android devices, we'd keep watch for any suspicious goings-on until a fix is in place.
The Summoner's Guidebook: The game without a meta
It should be no shocker that the Crystal Scar is my favorite League of Legends map. Dominion is a more frantic and dynamic gametype, and it rewards tactical, free-thinking play more than the Classic game mode. The Classic maps reward technical skill and strategic thinking, but they aren't my preferred battlefield. I know a lot of you dear readers feel the same way. Dominion is weird because it doesn't have a real, established metagame. Although cries of "4 top, 1 bottom" can be heard in virtually every match, they rarely hold up for more than a few minutes, and the four top players can be seen running backdoors, ganking bottom, or solo jungle roaming as the game progresses. This is my first attempt at a Dominion overview, but the honest truth is that even the hardcore analyst-types like yours truly struggle to define exactly what wins Dominion games. There's a lot of room for discussion on this one, so let's get started.
F-Secure reports Mac trojan poses as PDF
Security firm F-Secure has unearthed a troubling trojan for Macs that hides itself as a PDF, only waiting until the file is opened up and displaying some Chinese characters before it dives into your Mac's hard drive and sets up a backdoor control. Currently, according to F-Secure, the backdoor doesn't actually do anything harmful, but obviously that could change in the future, either if the original hackers take advantage of the trojan, or if someone else does. F-Secure says that the trojan currently doesn't have an icon associated with it, so in the current spotted form, it should be pretty easy to identify as a virus (especially if it shows up in just a random email). But if the trojan is embedded in a file with an extension and an icon that matches a familiar document type (like a PDF, or any other kind of file you'd open in everyday use), it's possible that the backdoor could get installed. In other words, you've got to do what you should always do on any computer: beware of any file downloaded from an untrusted source on the Internet, or any email attachments coming from a sender you don't know or recognize.
Google flips Android kill switch, destroys a batch of malicious apps (update)
When 21 rogue apps started siphoning off identifying information from Android phones and installing security holes, Google yanked the lot from Android Market, and called the authorities to boot. But what of the 50,000 copies already downloaded by unwitting users? That's what Google's dealing with this week, by utilizing Android's remote kill switch to delete them over the air. But that's not all, because this time the company isn't just removing offending packages, but also installing new code. The "Android Market Security Tool March 2011" will be remotely added to affected handsets to undo the exploit and keep it from sending your data out, as well as make you wonder just how much remote control Google has over our phones. Yes, we welcome our new Search Engine overlords and all that, so long as they've got our best interests at heart, but there's a certain irony in Google removing a backdoor exploit by using a backdoor of its own -- even one that (in this case) will email you to report what it's done. Update: TechCrunch says there were 58 malicious apps and 260,000 affected phones in total.
RIM opens door for Indian officials, promises to keep Enterprise Server locked up tight
Things weren't looking good for BlackBerry in India, with threats of bans that were avoided at the last minute. We knew at the time that RIM had made "certain proposals" that would enable its messaging services to stay alive in India and now, about four months later, we're learning what those proposals amount to. Basically, RIM has created a backdoor into the company's messaging services, a "lawful access capability" that "meets the standard required by the government of India for all consumer messaging services offered in the Indian marketplace." That's a little disconcerting, but if you're pinging your connects exclusively through BlackBerry Enterprise Server you can take it easy, as RIM is keeping that service locked up tight -- or, at least, that's what it wants you to believe.
Energizer confirms software vulnerability in Duo charging software
Energizer's Duo USB battery charger has been around for a couple of years now, but the company has just now fessed up to a fairly significant vulnerability in the software for the device after being informed of the problem by CERT. While the software was intended to simply let you keep watch on the battery charging status, it apparently also opened up a backdoor that allowed commands to be executed remotely, including the ability to list directories, send and receive files, and run programs. That vulnerability is only found in the Windows version of the software, and Energizer has already discontinued the product altogether and removed the download from its website. Anyone that already has the software installed is advised to first uninstall it and then remove the Arucer.dll file from the Windows system32 directory. [Thanks, Michael]
Sneak Peek: 1Password 3.0 + secret beta-enabler tweak
As Christina mentioned a while ago, 1Password version 3 is on the horizon, and we've got some sneak peeks to show you. There are some great improvements to the core, but more immediately noticeable are the visual tweaks to the interface. The entire UI has been overhauled, and I'm impressed. Take a look at the gallery to see for yourself. Oh, and check the end of the post if you missed out on the private beta but want to play with version 3 on your machine! Haven't heard of 1Password? It's a form-filling, password-storing, iPhone-syncing, highly-secure information storage system. It handles software licenses, secure notes, credit cards and, of course, passwords. It can generate impossible-to-crack passwords on-the-fly, and then remember them for you. All you have to remember is, that's right, one password. Get it? Read on for a quick walkthrough of new 1Password features, and a little trick to get your hands on it early ...
Apple's not fighting back against Apple TV hacks
We had a word with Apple yesterday about the Apple TV -- specifically about that supposed backdoor. We asked whether enthusiasts really are in fact having services and hacks shut down through surreptitious software updates and backdoors into the Apple TV, to which Apple let us know that is absolutely not the case. Although they didn't account for any issues these have been experiencing when upgrading their machines, Apple is certain that they didn't do any of that funny stuff that would make Sony's legal team cringe. Apple's stance, it claims, is more along the lines of: it's your box, do with it what you please -- but be mindful of voiding that warranty. Guess this is just the stuff you've got to deal with when tooling around with an STB -- your hacks aren't necessarily always going to stick and work, which is why they're hacks.
