Forgot your password?

Chinese Hackers Infiltrate Firms Using Malware-Laden Handheld Scanners 93

Posted by timothy
from the location-location-location dept.
wiredmikey (1824622) writes China-based threat actors are using sophisticated malware installed on handheld scanners to target shipping and logistics organizations from all over the world. According to security firm TrapX, the attack begins at a Chinese company that provides hardware and software for handheld scanners used by shipping and logistics firms worldwide to inventory the items they're handling. The Chinese manufacturer installs the malware on the Windows XP operating systems embedded in the devices.

Experts determined that the threat group targets servers storing corporate financial data, customer data and other sensitive information. A second payload downloaded by the malware then establishes a sophisticated C&C on the company's finance servers, enabling the attackers to exfiltrate the information they're after. The malware used by the Zombie Zero attackers is highly sophisticated and polymorphic, the researchers said. In one attack they observed, 16 of the 48 scanners used by the victim were infected, and the malware managed to penetrate the targeted organization's defenses and gain access to servers on the corporate network. Interestingly, the C&C is located at the Lanxiang Vocational School, an educational institution said to be involved in the Operation Aurora attacks against Google, and which is physically located only one block away from the scanner manufacturer, TrapX said.

+ - White House responds to petition to allow Tesla Motors to sell directly to consu->

Submitted by devloop
devloop (983641) writes "White House posts an official response to this petition, already with nearly 140,000 votes in favor, to allow direct sales to consumers in all 50 states. "We believe in the goal of improving consumer choice for American families, including more vehicles that provide savings at the pump for consumers. However, we understand that pre-empting current state laws on direct-to-consumer auto sales would require an act of Congress.""
Link to Original Source

Comment: Re:Wait a minute... (Score 4, Insightful) 162

by Shakrai (#47430023) Attached to: Hair-Raising Technique Detects Drugs, Explosives On Human Body

I don't know about Acetaminophen, but I've heard compelling cases made that if Aspirin were discovered today it would be a prescription drug. Think of the side effects, the modern day "think of the children!" attitude, and pathetic need of the body politic to feel "safe" from any and everything.

Comment: Re:Correction...That you know of... (Score 1) 115

by Shakrai (#47379777) Attached to: Use of Encryption Foiled the Cops a Record 9 Times In 2013

The only difference between today and the past is that you can easily see an encrypted file, you can know it's encrypted

Huh? Modern ciphertext is indistinguishable from random noise. Some implementations leave behind clues (i.e., Truecrypt containers are always divisible by 512 bytes), and of course the user can give it away ("KIDDIE PORN COLLECTION.TC" <--- Probably not the best naming scheme) but I'm not aware of any foolproof method to concretely identify an encrypted file as such with modern implementations.

Comment: Re:I smell a rat. (Score 4, Informative) 115

by Shakrai (#47379737) Attached to: Use of Encryption Foiled the Cops a Record 9 Times In 2013

There are obviously thousands of people using encryption because they have a legitimate reason to hide something

My hard drives are encrypted simply because my entire life is on them and I'd rather not have everything you need to steal my identity fall into the hands of whomever broke into my house and stole my PC. I take similar precautions with physical documents that could be used to the same end. My SSA card and Passport are kept in the Safe Deposit Box except when needed, other forms of ID are always kept on or near my person, so they're not apt to be stolen in a burglary.

I don't know or care if LUKS and Truecrypt are secure enough to resist access by a well resourced and competent government agency. They provide ample security for the threat vectors that I care about.

Most people under investigation have software planted on computers or hardware keyloggers.

This, along with other side channel attacks (social engineering, or even simply guessing the password, remembering that most people use easily guessable passwords) is the most likely explanation. If the United States Federal Government has ways of breaking modern ciphers they're not going to throw it away to secure mundane criminal convictions.

Comment: Re:Analogy Sucks... (Score 2) 255

by Shakrai (#47378097) Attached to: Austrian Tor Exit Node Operator Found Guilty As an Accomplice

Comcast is turning users' cable modems into public hotspots. So anyone could connect to a user's modem and use it for any purpose that one might connect to the Internet for. If said use is illegal, would the person who owned (or leased it from Comcast as the case may be) be liable as an accomplice?

My understanding is that it's not a public hotspot, the access is only made available for other Comcast customers, and that in any event the traffic is handled separately from the owner of the connection. It goes out with a different globally valid IP and does not count against the owner's bandwidth cap or otherwise inconvenience him.

Comment: Re:Uh no (Score 1) 255

by Shakrai (#47378075) Attached to: Austrian Tor Exit Node Operator Found Guilty As an Accomplice

Uhh, did you even read the Wikipedia article you linked, never mind actually researching the case in question on your own?

"Ryan Joseph Holle (born November 17, 1982) was convicted in 2004 of first-degree murder under the felony murder rule for lending his car to a friend after the friend and others at the party discussed their plans to steal drugs, money and beat up the 18 year old daughter of a marijuana dealer."
"Holle, who had given the police statements in which he seemed to admit knowing about the burglary, was convicted on August 3, 2004"

I don't see a problem here. "Hey, we're going to go rob this person. Can we borrow your car?" "Sure, here are the keys." What would possibly go wrong?

Comment: Re:Would be different (Score 3, Insightful) 185

by Shakrai (#47377571) Attached to: Judge Frees "Cannibal Cop" Who Shared His Fantasies Online

That's FUD. Yes the Southern Border is porous. Find me one example of a terrorist that has entered the country via that route. Just one. I'm not aware of it having happened. The United States shares intelligence with Mexico and Canada, so you're still dealing with the same fundamental problem of getting into the Western Hemisphere without being detected. Effectively you've given the security forces two bites at your apple, because you're going to have to sneak past Canadian/Mexican customs and American customs (legal route) or the Border Patrol (illegal route). If it was as easy as you make it sound it would have happened already. Heck, they've actually tried it from the Northern Border, and been caught while doing so.

The gun stuff is FUD too. It's "very easy" to get your hands on a cache of firearms large enough to conduct a Mumbai style attack? Where exactly is it "easy" to do that? You can't go the legal route as a non-citizen. That leaves you with the choice of obtaining them from private sellers and/or the black market. Option #1 doesn't scale and Option #2 runs the risk of detection by law enforcement. The only way I can see pulling it off would be to have a sleeper agent in the United States months before your planned attack, who slowly assembled the required weapons cache, but the longer you're here the more likely it is that you get caught. Murphy's Law applies even to terrorists.....

Comment: Re:Would be different (Score 1) 185

by Shakrai (#47377417) Attached to: Judge Frees "Cannibal Cop" Who Shared His Fantasies Online

Tom Clancy was actually interviewed by CNN on 9/11. I remember listening to it on the local radio station, which decided to cut their normal feed and broadcast CNN Radio for the duration of the day. We got all of our news from the radio that day, along with the extra edition of the local paper, because we were at work with no television and the internet was too bogged down to be useful. None of us actually saw what had happened until we got home from work, which made it really surreal.

For some reason the Clancy interview is one of the things that sticks out in my mind when I think of that day. Maybe because I had already read Debt of Honor.

"Hey Ivan, check your six." -- Sidewinder missile jacket patch, showing a Sidewinder driving up the tail of a Russian Su-27