News Posts matching "hack"

Return to Keyword Browsing

Where's My Bitcoin? "Cerber" Ransomware Starts Stealing Cryptocurrency Wallets

"Where's my Bitcoin?" is a question no miner, investor or mere user in the cryptocurrency ever wants to have to ask. There's always someone willing to take advantage of someone else's hard work or subjection to risk in order to increase their own value; and if there's something years of cyber security have told us, is that hackers seldom lag in picking up new sources of undeserved revenue. So it was only a matter of time before general purpose ransomware started seeing updates so as to take advantage of the newer trends in valuable assets. Enter cryptocurrency. And you can probably guess the rest of this piece.

The new, updated Cerber ransomware routine now not only encrypts a user's files, it also looks for some specific, known Bitcoin wallet applications (namely, and as of time of writing, Bitcoin Core, Electrum, and Multibit), copies them to an external server controlled by the hackers, and proceeds to delete them from the user's PC. Naturally, Cerber also has a routine that handles copying passwords that are stored in your browser of choice. The wallet stealing and copying isn't much of a concern per se; there are additional security measures in any given wallet before the hackers can access their potential treasure trove of cryptocurrency. However, many people also keep files with passwords or some such on their computers; and could be doing a disfavor to themselves by not keeping another copy of their wallets on a secure, non-internet connected hardware wallet, or even USB pen. Naturally, a user who kept the password for their wallet on their system is vulnerable to the entire "ransomware" portion of the Cerber malware; and if someone doesn't even have another copy of their wallet but keeps an ungodly amount of value in it, could very well be facing losses towards the entirety of their wallet. Definitely not a good place to be.

Sources: Trend Micro Cerber Ransomware Removal Tool, Trend Micro, Trend Micro on Cerber Ransomware, via HotHardware, Picture Source

AMD Confirms its Platform Security Processor Code will Remain Closed-Source

Since the launch of AMD Ryzen, a small piece of hardware that handles basic memory initialization as well as many security functions has been the center of some controversy. Called the Platform Security Processor (the "PSP" for short) it is essentially an arm core with complete access to the entire system. Its actions can be considered "above root" level and are for the most part invisible to the OS. It is similar in this regard to Intel's Management Engine, but is in some ways even more powerful.

Why is this a bad thing? Well, let's play a theoretical. What happens if a bug is discovered in the PSP, and malware takes control of it? How would you remove it (Answer: you couldn't). How would you know you needed to remove it? (answer, unless it made itself obvious, you also wouldn't). This scenario is obviously not a good one, and is a concern for many who asked AMD to open-source the PSPs code for general community auditing.

Petya/NotPetya: The Ransomware That Wasn't Actually Looking to Ransom Anything

You've heard of the Petya ransomware by now. The surge, which hit around 64 countries by June 27th, infected an estimated 12,500 computers in Ukraine alone, hitting several critical infrastructures in the country (just goes to show how vulnerable our connected systems are, really.) The number one hit country was indeed Ukraine, but the wave expanded to the Russian Federation, Poland, and eventually hit the USA (the joys of globalization, uh?) But now, some interesting details on the purported ransomware attack have come to light, which shed some mystery over the entire endeavor. Could it be that Petya (which is actually being referred to as NotPetya/SortaPetya/Petna as well, for your reference, since it mostly masquerades as that well-known ransomware) wasn't really a ransomware attack?

Intel Patches Remote Execution Flaw on Its CPUs - Active Since 2008

A bug in Intel's AMT (Active Management Technology), ISM (Standard Manageability) and SBT (Small Business Technology) firmware versions 6 to 11.6 sits unpatched since 2008 - a bug which allows "an unprivileged attacker to gain control of the manageability features provided by these products." Potentially, this could have led systems to be exploited for remote control and spyware infection (and maybe it did lead to that, and we just don't know about it.) Through this flaw, hackers could log into a vulnerable computer's hardware - outside the security features of the OS and any anti-virus suites - and silently install malware and other thriving pieces of malevolent coding. AMT having direct access to the computer's network hardware ensures this could have been done outside of local tampering. The vulnerable AMT service is part of Intel's vPro suite of processor features, so it's catering more to businesses and server boxes than for the usual consumer-based products - though we all know some hardware enthusiast's usage of this kind of processors in their personal rigs. If you don't have vPro or AMT present at all, you are in the clear. However, some outlets report that Intel systems are vulnerable to direct hardware access even if their AMT, ISM, or SBT implementations aren't provisioned - it's just the network access that doesn't work.

These insecure management features have been available in various Intel chipsets for nearly a decade, starting with the Nehalem Core i7 in 2008, all the way up to this year's Kaby Lake Core parts. Luckily, this "feature", which is present in millions of Intel chips and potentially provides a "backdoor-esque" entry point to equal millions of systems, appears to be able to be addressed through a microcode update. However, this update will have to be pushed by your system manufacturer, and you can probably begin to imagine by now how such a process will linger on, and how hard it will be for this to happen to every affected system.

NSA's Windows Exploit "DoublePulsar" Being Actively Utilized in the Wild

The "DoublePulsar" exploit exposed recently as part of the leaked NSA-derived hacking toolkit posted online, is set to become one of the more significant issues related to the leak. Not because it is unpatched, because it has been patched for roughly a month, but rather because according to a threatpost.com report, few users are as up to date as they should be.

Intel's Skylake and Kaby Lake-based Systems Vulnerable to USB Exploit

At this year's CCC hacker congress, researchers from Positive Technologies have released information, which documents vulnerabilities in Intel's Skylake and Kaby Lake series processors' handling of USB 3.0-based debugging - which could be used to attack, corrupt, and even subvert a user's system.

This vulnerability allows attackers to bypass typical security mechanisms - both at the hardware and at the OS level - by using a new debugging interface, which could allow them to install malware and/or rewrite the system's firmware and BIOS. The exploit is currently undetectable using existing security tools, and according to the researchers, this mechanism can be used on a hacked system regardless of the OS installed.

Steam and Linux on the PS4 - AMD's "Bonaire" GPU Register Reference Found

While trying to hack the PS4 in order to make it run Linux (in a bid to get Steam and possibly other programs running on the PS4's hardware), hackers hit a snag: they couldn't get the PS4's GPU to display any kind of output or process any kind of graphics. Like any good researcher would, when hit with a snag, the hackers turned to scouring the Internet in hopes of finding any kind of documentation that could help them harness the PS4's Pitcairn-based GPU.

Epic Games Forums Hacked; Over 800,000 Passwords Stolen

The official discussion board for Epic Games, frequented by developers and gamers of Unreal Engine, "Unreal Tournament," and soon "Paragon," was hacked, exposing dates of birth, IP addresses, registration dates, registration e-mail addresses, and allegedly passwords, of over 800,000 users, reports The Hacker News. The hackers reportedly got their hands on the data by exploiting a vulnerability in the outdated version of vBulletin that Epic Games uses.

Epic Games, however, denies that the hackers got their hands on passwords. "We believe a recent Unreal Engine and Unreal Tournament forum compromise revealed email addresses and other data entered into the forums, but no passwords in any form, neither salted, hashed, nor plaintext," the company stated. ZDNet reports that a larger portion of the vBulletin database, which includes user posts and private-messages, could also have been stolen.

Source: The Hacker News

NSA Hides Spying Backdoors into Hard Drive Firmware

Russian cyber-security company Kaspersky Labs exposed a breakthrough U.S. spying program, which taps into one of the most widely proliferated PC components - hard drives. With the last 5 years seeing the number of hard drive manufacturing nations reduce from three (Korean Samsung, Japanese Hitachi and Toshiba, and American Seagate and WD) to one (American Seagate or WD), swallowing-up or partnering with Japanese and Korean businesses as US-based subsidiaries or spin-offs such as HGST, a shadow of suspicion has been cast on Seagate and WD.

According to Kaspersky, American cyber-surveillance agency, the NSA, is taking advantage of the centralization of hard-drive manufacturing to the US, by making WD and Seagate embed its spying back-doors straight into the hard-drive firmware, which lets the agency directly access raw data, agnostic of partition method (low-level format), file-system (high-level format), operating system, or even user access-level. Kaspersky says it found PCs in 30 countries with one or more of the spying programs, with the most infections seen in Iran, followed by Russia, Pakistan, Afghanistan, China, Mali, Syria, Yemen and Algeria.

Does NVIDIA Display Driver Service Make Your System Vulnerable?

An [ethical?] hacker going by the Twitter handle @peterwintrsmith discovered a gaping security hole in NVIDIA's display driver service that allows ordinary local and remote users to gain administrator privileges in Windows. Mr. Winter-Smith posted a description and details of the exploit, in which he describes the NVIDIA Display Device server (NVVSVC) as listening on a pipe (a means by which different processes talk to each other) "\pipe\nsvr," which has an null/empty discretionary access control list (DACL, a security whitelist for users/groups), letting ordinary logged in local and remote users (firewall permitting, and the remote admin has a local account) to gain administrator rights to the system. In our opinion, the exploit is plausible, and could cut short winter breaks of a few in Santa Clara.

Source: TechPowerUp Forums

Blizzard Servers Hacked, User Data Compromised

Online gaming giant Blizzard Entertainment reported unauthorized access to its servers. The security breach was detected earlier this week, and the company claims that the hackers may have accessed user data such as e-mail addresses of Battle.net users, their personal security questions, and information related to mobile and dial-in authentications.

Blizzard claims that the information compromised is not enough for anyone to gain access to the Battle.net accounts, and that there was no evidence to suggest that more vital bits of user data, such as real names, credit card information, or billing addresses were accessed. Users' Battle.net passwords, which are cryptographically-scrambled, may have been accessed. Since SRP (secure remote protocol) is used to protect the passwords, it is extremely difficult to unscramble them. Blizzard strongly recommends users to change their passwords as investigations into the security breach are on.Source: Shack News

OUYA: A Hacker-Friendly Android Console

A new Kickstarter project is making waves, by proposing an open-source, hacker-friendly platform using Android as its backbone. "OUYA" merges the "satisfying" experience of a console with the developer-friendly nature of the Android marketplace. The project is seeking nearly a million dollars in funds, but it's already managed to reach more than half its lofty goal within just a day. The project's goal is $950,000, a figure it's likely to hit. It's been less than a day, and it's hit more than $590,000. That's no doubt because the higher dollar amounts, $95 and $99, offer the console itself as a reward. So far, the project hasn't outlined any stretch goals, but they seem likely. The funding will go towards converting the prototype to production models with approvals from regulatory agencies, development kits, production orders, and possibly some first-party game development. It also claims that games will be required to offer a free element, be it a demo or the full game with microtransactions. OUYA has already specified its technical specs, including a Tegra3 quad-core processor, 1 GB of RAM, 8 GB of flash storage, an HDMI connection, and Android 4.0. The controller looks fairly standard for consoles, with eight action buttons, two analog sticks, a D-pad, and the addition of a touch pad.

Source: Shacknews

Max Payne 3 Multiplayer Pits Cheaters Against Cheaters

Playing against hackers and cheaters in multiplayer games is rarely fun, so now Rockstar is showing them just how it feels. It's hit upon a cruel and unusual punishment for cheaters in Max Payne 3's multiplayer: forcing them to play in a "Cheaters Pool" filled only with other hoodlums. "Anyone found to have used hacked saves, modded games, or other exploits to gain an unfair advantage in Max Payne 3 Multiplayer, or to circumvent the leaderboards will be quarantined from all other players into a 'Cheaters Pool', where they'll only be able to compete in multiplayer matches with other confirmed miscreants," Rockstar explains in a blog post. They'll also be cut from the leaderboards. Rockstar could deign to allow these rapscallions to rejoin civilised society, but will permaban them for a second infraction. Lets hope that one day all online games will adopt such measures.

Source: Shacknews

Diablo 3 Declared 'Fastest Selling PC Game' Ever

From the launch day server meltdown to the way everyone you know seems to be playing, it's pretty clear that Diablo III is quite popular. But just how popular? Blizzard announced today that it sold 3.5 million copies within the first 24 hours, which supposedly makes it the fastest-selling PC game of all time. On top of those 3.5 million copies were another 1.2 million doled out free to World of Warcraft Annual Pass subscribers. After a week, Blizzard says, Diablo III was up to 6.3 million players--not including South Korean game rooms, where it's estimated to have a 39% share. "We're definitely thrilled that so many people around the world were excited to pick up their copy of Diablo III and jump in the moment it went live," CEO Mike Morhaime said in the announcement.

"We also regret that our preparations were not enough to ensure everyone had a seamless experience when they did so. I want to reaffirm our commitment to make sure the millions of Diablo III players out there have a great experience with the game moving forward, and I also want to thank them for their ongoing support." As well as rolling out sneaky little balance updates, Blizzard is investigating reports of nasty hacks, and preparing to launch the real-money auction house on May 29.

Source: Shacknews

Diablo 3 Launch Overloads Servers

Shacknews is reporting Diablo III is pretty popular. So popular, in fact, that the servers have been overloaded by the flood of clickmaniacs trying to play when it launched at midnight. As Diablo III requires players be online to play, even by themselves, there are a lot of sullen faces around this morning, staring glumly at 'Error 37' messages. Still, some are able to play. There's a little good D3 news in that Blizzard is helping out Australian fans who pre-ordered from GAME, after the failing retailer said it wouldn't honour their orders but would keep their money.

"Due to high concurrency the login servers are currently at full capacity. This may cause delays in the login process, account pages and web services," a Blizzard representative said of Error 37. "We apologise for any inconvenience this may cause and thank you for your patience while this is being resolved." A message on the login screen notes, "We're also aware of issues affecting character creation and are working to resolve them at this time." Hang in there, then. As for the land down under, after GAME entered administration earlier this week, it told Diablo III pre-orders that they wouldn't receive their game, but nor could they get a refund. Blizzard kindly stepped in to save them, explaining that those with proof of preordering can buy a digital copy through Battle.net then submit their GAME receipt for a refund. You'll need to buy before May 21, and send your receipt in by June 30, though.

Source: Shacknews

Wolfenstein 3D Celebrates 20th Anniversary with a Browser Edition

This month is the 20th Anniversary of Wolfenstein 3D. To celebrate id Software and Bethesda have given us all a free browser-based version of its seminal shooter. John Carmack has also given a director's commentary, full of the usual fascinating Carmackchat. You can play the snazzy HTML 5 version of Wolf 3D if you're browsing in Firefox 10, Chrome 16, Internet Explorer 9, Safari 5, or newer. Fingers crossed that your work computer is updated vaguely frequently. id Software got distracted by Doom and Quake after the release of a Wolf 3D prequel, but the series returned in 2001 with Return to Castle Wolfenstein from Grey Matter and Nerve Software. Splash Damage followed this with the superb free multiplayer spin-off Wolfenstein: Enemy Territory, then the last entry in the series was Raven's Wolfenstein in 2009. The iOS version is also going temporarily free in the App Store some time later today. Here is the Link

Source: Shacknews

StarCraft 2 Getting Global Play, and More!

As Blizzard winds up to launch StarCraft II: Heart of the Swarm later this year, it's also preparing to finally roll out some features fans have been asking for since before SC2: Wings of Liberty launched back in 2010. These include resuming multiplayer matches from replays, playing in other global regions, and watching replays together with other folks. These features and more should be patched in "at or around the launch of Heart of the Swarm," production director Chris Sigaty wrote in a blog post. Resuming from replays will help tournaments go smoother, as SC2's lack of a LAN mode means that problems with a Internet or Battle.net connections can spoil a match.

Rather than starting over from scratch or having judges rule on whether to award the win to one player, they'll be able to pick up where they left off. Global play will let you, as you can probably guess, play on other regional servers around the world, rather than being limited to your home region. Multiplayer replay viewing is a feature from the original StarCraft but cut from the sequel, for when you fancy watching a replay with some chums and discuss the game together. Multilanguage support, a clan/group system, and unranked matchmaking are also in the works.

Source: Shacknews

"Hackintoshing" Easiest with GIGABYTE 3D UEFI BIOS

Hackintosh (running Apple OS X on a non-Apple PC) interest group tonymacx86 discovered that GIGABYTE's 3D UEFI BIOS is most trouble-free with hackintoshing, leaving you with no risky BIOS modding to do. The BIOS tells OS X about what the hardware environment is like. If the OS doesn't have an environment that it's designed for, it crashes with a kernel panic.

GIGABYTE 3D UEFI BIOS, tonymacx86 reports, as tested on a GA-Z77-DS3H, already has power-management descriptors, so you don't have to add any power-management DSDT tables for sleep/wake or power-management functions. Most other onboard devices on the Z77-DS3H run seamlessly with Apple's native drivers. The Atheros gigabit Ethernet controller works with MultiBeast driver, Realtek ALC887 HDA codec works with ALC8xxHDA/AppleHDA, and Intel HD 3000 graphics embedded into the Core i5-2500K (used in the testing) works just fine.

Sources: tonymacx86, VR-Zone

Human Head hasn't Worked on Prey 2 in Months, RUNE Sequel Possible

News that Prey 2 had not been cancelled, but rather delayed, was relieving to fans of the original. However, why has there been such secrecy surrounding the project over the last several months? According to a Shacknews source who asked not to be identified, Human Head was not happy with the terms of its contract with ZeniMax, and deliberately stopped work on the game in November so it could try to negotiate a more favorable deal. While doing that, many on the development team were laid off, with the hope they would be rehired if the contract issue was resolved favorably. The process seemed to be gathering some positive momentum until January when ZeniMax's responses all but stopped, causing some of the laid-off Prey 2 team to wonder if the game would ever see the light of day.

By March 1, the source said, things had progressed a bit, leaving the Prey 2 team hopeful that they would return to work soon. But that quickly soured the following day. The source could provide no further first-hand details after March 2. When contacted for a response, an official at ZeniMax responded that "we aren't commenting on the game's development beyond what was said in the statement that was released this morning." In light of the new information, the official stance that "the delay is due to the fact that game development has not progressed satisfactorily this past year, and the game does not currently meet our quality standards" seems to throw Human Head under the creative bus. With development stalled for months, it's no surprise that the game would be unable to meet so-called "quality standards."

Borderlands 2 Developer Already Detailing DLC

According to Kotaku and Shack News, Borderlands 2 developer Gearbox Software is already working on DLC before the game is even released. What can you expect? A new character class. At a PAX East panel this past weekend, the developer showed conceptual images for a new Mechromancer class. The class will be available to everyone when the DLC hits 60-90 days after the game hits shelves, but it will be free to those that pre-order the game, according to Kotaku. Gearbox also detailed two special editions for the game. The first will be the "Deluxe Vault Hunters Edition" for $99, completed with a bobble-head doll of game narrator and weapons dealer Marcus Kincaid. The second will be the "Ultimate Loot Chest Edition," which offers a Borderlands 2-style loot chest, sans hydraulics. Finally, the Gearbox gang tossed out Easter eggs with codes inside, redeemable at a special website, that allowed attendees to compete to potentially insert their names into Borderlands 2 or Aliens: Colonial Marines as an Easter egg.

Source: ShackNewsKotaku

Report: PC Gaming On The Rise

This may not be a surprise to the PC enthusiast community but, the PC gaming market has never been healthier, according to a report from the not-for-profit consortium PC Gaming Alliance (PCGA). The report claims that in 2011, the industry reached a global record $18.6 billion, a growth of 15 percent over the prior year. The report cites burgeoning foreign markets and social games as large factors in the findings. The results of the PCGA's third annual "Horizons" research report found that China is growing at almost twice the rate of the global market, bringing in $6 billion for a total growth of 27 percent. The US, UK, Korea, Japan, and Germany saw increased revenue of 11%, by comparison. Asian companies, in general, are noted for spurring on sales in their markets.

The report also cites Zynga and Nexon (of MapleStory fame) as frontrunners in the PC space. Zynga in particular doubled its revenue to roughly $1.1 billion, putting it on-par with Nexon. Zynga and the German company Bigpoint were noted for pushing the free-to-play model, already popular in Asian territories, into North America and Europe. The report also notes the movers and shakers of big-budget PC games from the western market, like Star Wars: The Old Republic and Rift, along with multiplatform titles like Battlefield 3 and Call of Duty: Modern Warfare 3. Looking forward, the report speculates that the industry will grow to $25.5 billion (37 percent increase) by 2015, thanks to increased broadband penetration and digital delivery. The report is from a PC gaming coalition with a vested interest in trumpeting the industry's health, but even so, the rumors of PC's death have greatly exaggerated.Source: Shacknews

ISPs Should Do More to Safeguard the Web: FCC Chairman

US Federal Communications Commission (FCC) chairman sought "smart, practical, voluntary solutions", without mandating his own, for internet service providers (ISPs) to fight online fraud and data theft. Chairman Julius Genachowski estimated that 8.4 million credit-card details are stolen online, each year. "If consumers lose trust in the Internet, this will suppress broadband adoption and online commerce and communication, and all the benefits that come with it," Genachowski said in a speech. The FCC feels ISPs can come up with solutions that prevent client PCs in the US from being forced into malicious botnets by hackers, without having to encroach upon users' privacy.

Genachowski urged ISPs to adopt DNSSEC, a system that ensures people accessing sensitive sites such as their banks' online transaction portals go to the right address, and not redirected to a fraudulent password phishing site. "To be effective, everyone who is a part of the Internet ecosystem must play a meaningful role in ensuring that private and government networks, and personal computers and devices are secured," said Comcast/NBCUniversal President Kyle McSlarrow in a blog posting. Comcast is one of America's biggest ISPs. This is an example of how threats to the sanctity of a productive internet can be defeated with highly-specific solutions that don't threaten privacy and freedoms, instead of broad-scoped legislations that potentially do.

Source: Reuters

Hackers Held Symantec to Ransom Over pcAnywhere Source Code Leak

Security software maker Symantec confirmed to the press that the group of hackers that obtained source code of its pcAnywhere software were holding it to ransom. The group claims to be linked to Anonymous. The group allegedly demanded US $50,000 from Symantec in return for destroying the source code it stole, on failing to pay it, the group threatened it would leak the source code to the public, which would expose the software to malware writers and competitors.

Symantec has apparently been in negotiations with the hacker group over preventing the leak, it even agreed to pay the group its "ransom", provided it could do so in monthly installments. The group declined, and the negotiations fell through. A transcript of this email conversation was posted on Pastebin (can be accessed here). The hackers claimed to have posted the source code of pcAnywhere (in a 2.3 GB RAR archive), on a popular bit-torrent site. In our opinion, extorting money is very un-Anonymous. Anonymous, being the self-proclaimed hacktivist group that it is, would post the source code "just for the lulz", without even getting into negotiations with Symantec.

Source: Hexus.net

Hackers Banning Innocent Battlefield 3 Players

If online gaming wasn't hard enough a game-hacking site called Artificial Aiming has some members that are now targeting innocent players for Punkbuster bans in Battlefield 3. They were able to do this by corrupting a streaming Punkbuster ban list shared by certain server admins. A junior member from the Artificial Aiming forums that took the lead on this attack is focusing on servers that use GGC-Stream. He is are quoted as saying,

"We have selected ggc-stream as the target since they have the most streaming bf3 servers and makes it very easy to add fake bans. In 2011 we hit them with a mass ban wave and now were are banning real players from battlelog while ggc-stream is totally unaware. We have framed 150+ bf3 players alone"

Christmas Special: The PC Technology of 2011

Welcome to the TechPowerUp 2011 PC technology Christmas special. We hope that you will enjoy reading it while tucking into your turkey, Christmas presents and a little too much wine... In this article, we go through the technology of 2011 that has had the most significance, the most impact and was generally the most talked about. It's not necessarily the best tech of 2011 which is the most significant though, since lemons can be just as significant as the ground-breakers in how they fail to deliver - and the backlash that goes with it.

January: Intel Sandy Bridge i5 & i7

Released on January 9th, the new Intel Core i5 & i7 processors were based on Intel's second generation Core architecture built on a 32 nm production process (HEXUS review). They included an IGP (Integrated Graphics Processor) physically on the same piece of silicon along with HyperThreading. These new dual and quad core processors soundly beat all previous generations of Intel processors in terms of processing performance, heat, power use, features and left AMD in the dust. Therefore, Intel badly needed some competition from AMD and unless you have been living under a rock, you will know how that turned out in October with the launch of Bulldozer. Sandy Bridge was a sound win and is generally considered to be the only architecture worth considering at this point. The i5-2500K is currently at the sweet spot of price/performance. It comes at a stock speed of 3.3 GHz, but typically overclocks to an amazing 4.5 - 5 GHz with a decent air cooler and without too much difficulty in getting there. Models in the budget i3 range were released at various times later. See this Wikipedia article for details.
Return to Keyword Browsing