The Hacker News Logo
Subscribe to Newsletter

The Hacker News — Cyber Security and Hacking News Website: malcon

Hardware based malware steals contacts from all mobile platforms using only the Audio Jack!

Hardware based malware steals contacts from all mobile platforms using only the Audio Jack!

November 28, 2012Mohit Kumar
Indian Security Research Atul Alex presented his surprise paper at the International Malware Conference, MalCon on what can be termed as the onset of next generation of hardware based malware that can target mobile devices irrespective of Platforms. Typically, one of the largest challenges for malware coders are to target multiple platforms. A malware for Android will not work in Windows phone, Symbian or Apple iOS, which come in way of malware coders. Also, devices such as iPhone are extremely secure and there is little that can be extracted from a locked / secure iPhone, unless they are jailbroken. Atul Alex's research abuses voice dialing feature which is enabled by default on all mobile platforms - and combines a bugged headset with a micro controller and code to steal private data. The bugged headset can also dial a pre-defined number by detecting if the device is in use or not and turn the phone into a spy device. Further, it can steal contacts from all devices -
Hackers release Windows Phone 8 Malware - to be showcased at MalCon

Hackers release Windows Phone 8 Malware - to be showcased at MalCon

November 10, 2012Mohit Kumar
It's be Just hours Windows Phone 8 has been released - and hackers have already dished out a malware prototype for the platform. Windows Phone 8 is the second generation of the Windows Phone mobile operating system. Windows Phone 8 Microsoft’s latest in mobile OS technology - comes in as a direct competition to rivals Apple and Google. The research firm Gartner indicates that by 2016 the increase in Windows Phone users will slightly fall below Apple`s iOS users. To be showcased at the International Malware Conference, MalCon - on 24th November in India, the prototype has been created by Shantanu Gawde, who has previously created a malware that utilized the famed Xbox Kinect. Windows Phone 8 replaces its previously Windows CE-based architecture with one based on the Windows NT kernel with many components shared with Windows 8, allowing applications to be easily ported between the two platforms. While no further details of the malware are available at this point of time, it will
Android 4.2 Jelly Bean Security Improvements overview

Android 4.2 Jelly Bean Security Improvements overview

November 02, 2012Mohit Kumar
Google is bringing a host of new features to its Android 4.2 Jelly Bean operating system designed to increase productivity, creativity and peace of mind and some very promising security improvements including: client side malware protection, Security Enhanced Linux, and always-on VPN . Most important Security Improvements in Android 4.2 is that it now includes a service based on Bouncer that works with all apps, not just those on Google Play. For example, it can check the apps you download on the Amazon App Store, or from 3rd Party sites. Whenever user will install any app from a different source than the official market, and will scan it for any malicious code that may prove potentially harmful for your device. Other than this, Users can now control how much data apps can access and share. This is made even more secure by something called VPN lockdown that can limit the amount of information sent over a connection that may not be secure or that is shared rather than priv
New windows malware can target smart cards for full remote access

New windows malware can target smart cards for full remote access

October 25, 2012Mohit Kumar
If you think that having a USB Token Smartcard is extremely secure for Digital signatures or other activities, you may be wrong! The research done by Paul Rascagneres can remotely give access to victims smartcard! What makes the attack unique is it uses a keylogger to get the PIN or password and exports the complete USB device in raw to a command and control server (C&C) and uses a device driver to let the attacker use the victims smartcard remotely! The attack also impacts the eID (Belgium identity card) and millions of USB Tokens for Digital Signatures in India by Directors, Secretaries and CA firms for filing returns and signing corporate documents! To be showcased at MalCon next month - we asked Paul a few questions: Does the malware infect the PC or the smartcard? - The malware infects the PC not the hardware. So the attacker can use the smartcard of the victim remotely? - Exactly, the attacker can remotely use a smartcard connected to an infected computer. What makes
Exclusive Deals

Get Daily News Updates By Email

Join over 350,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.