-->
#1 Trusted Cybersecurity News Platform
Followed by 5.70+ million
The Hacker News Logo
Get the Latest News
cybersecurity

Search results for backdoor hack | Breaking Cybersecurity News | The Hacker News

Kernel Backdoor found in Gadgets Powered by Popular Chinese ARM Maker

Kernel Backdoor found in Gadgets Powered by Popular Chinese ARM Maker

May 12, 2016
How to Hack an Android device? It is possibly one of the most frequently asked questions on the Internet. Although it's not pretty simple to hack Android devices and gadgets, sometimes you just get lucky to find a backdoor access. Thanks to Allwinner, a Chinese ARM system-on-a-chip maker, which has recently been caught shipping a version of Linux Kernel with an incredibly simple and easy-to-use built-in backdoor. Chinese fabless semiconductor company Allwinner is a leading supplier of application processors that are used in many low-cost Android tablets, ARM-based PCs, set-top boxes, and other electronic devices worldwide. Simple Backdoor Exploit to Hack Android Devices All you need to do to gain root access of an affected Android device is… Send the text " rootmydevice " to any undocumented debugging process. The local privileges escalation  backdoor code for debugging ARM-powered Android devices managed to make its way in shipped firmware after fir...
Hacker Installed a Secret Backdoor On Facebook Server to Steal Passwords

Hacker Installed a Secret Backdoor On Facebook Server to Steal Passwords

Apr 22, 2016
How to Hack Facebook? That’s the most commonly asked question during this decade. It’s a hacker dream to hack Facebook website for earning bug bounty or for any malicious purpose. Facebook security team recently found that someone, probably a blackhat hacker with malicious intent, has breached into its server and installed a backdoor that was configured to steal Facebook employees' login credentials. Since the backdoor discovered in the Facebook’s corporate server, not on its main server, Facebook user accounts are not affected by this incident. Though the company would have never known about the backdoor if a whitehat hacker had never spotted the backdoor script while hunting for vulnerabilities. Also Read: Ever Wondered How Facebook Decides, How much Bounty Should be Paid? Security researcher Orange Tsai of Taiwanese security vendor DEVCORE accidentally came across a backdoor script on one of Facebook’s corporate servers while finding bugs to earn cash reward fr...
Hidden Backdoor Found In WordPress Captcha Plugin Affects Over 300,000 Sites

Hidden Backdoor Found In WordPress Captcha Plugin Affects Over 300,000 Sites

Dec 20, 2017
Buying popular plugins with a large user-base and using it for effortless malicious campaigns have become a new trend for bad actors. One such incident happened recently when the renowned developer BestWebSoft sold a popular Captcha WordPress plugin to an undisclosed buyer, who then modified the plugin to download and install a hidden backdoor. In a blog post published on Tuesday, WordFence security firm revealed why WordPress recently kicked a popular Captcha plugin with more than 300,000 active installations out of its official plugin store. While reviewing the source code of the Captcha plugin, WordFence folks found a severe backdoor that could allow the plugin author or attackers to remotely gain administrative access to WordPress websites without requiring any authentication. The plugin was configured to automatically pull an updated "backdoored" version from a remote URL — https[://]simplywordpress[dot]net/captcha/captcha_pro_update.php — after installati...
cyber security

The Systems That Power America Are Under Threat. Is Your ICS/OT Program Ready?

websiteSANS InstituteCritical infrastructure / Webinar
Discover where federal ICS programs are most exposed and what closing the skills gap requires in practice.
cyber security

Inside Device Code Phishing: Live Demos, Real Kits, and What's Next

websitePush SecurityPhishing Attack / Webinar
Device code attacks are up 37x this year, with 18+ kits in the wild. Now available on-demand.
Warning — Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Warning — Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Feb 21, 2016
Are you also the one who downloaded Linux Mint on February 20th? You may have been Infected! Linux Mint is one of the best and popular Linux distros available today, but if you have downloaded and installed the operating system recently you might have done so using a malicious ISO image. Here's why: Last night, Some unknown hacker or group of hackers had managed to hack into the Linux Mint website and replaced the download links on the site that pointed to one of their servers offering a malicious ISO images for the Linux Mint 17.3 Cinnamon Edition . "Hackers made a modified Linux Mint ISO, with a backdoor in it, and managed to hack our website to point to it," the head of Linux Mint project Clement Lefebvre said in a surprising announcement dated February 21, 2016. Who are affected? As far as the Linux Mint team knows, the issue only affects the one edition, and that is Linux Mint 17.3 Cinnamon edition. The situation happened last night, s...
Warning! This Cross-Platform Malware Can Hack Windows, Linux and OS X Computers

Warning! This Cross-Platform Malware Can Hack Windows, Linux and OS X Computers

Sep 08, 2016
Unlike specially crafted malware specifically developed to take advantage of Windows operating system platform, cyber attackers have started creating cross-platform malware for wider exploitation. Due to the rise in popularity of Mac OS X and other Windows desktop alternatives, hackers have begun designing cross-platform malware modularly for wide distribution. Cross-platform malware is loaded with specialized payloads and components, allowing it to run on multiple platforms. One such malware family has recently been discovered by researchers at Kaspersky Lab, which run on all the key operating systems, including Windows, Linux, and Mac OS X. Stefan Ortloff, a researcher from Kaspersky Lab’s Global Research and Analysis Team, first discovered the Linux and Windows variants of this family of cross-platform backdoor, dubbed Mokes , in January this year. Now, the researcher today confirmed the existence of an OS X variant of this malware family, explaining a technical breakd...
Hacking Fitbit Health Trackers Wirelessly in 10 Seconds

Hacking Fitbit Health Trackers Wirelessly in 10 Seconds

Oct 23, 2015
Do you need a FitBit Tracker while jogging or running or even sleeping? Bad News! FitBit can be hacked that could allow hackers to infect any PC connected to it. What's more surprising? Hacking FitBit doesn't take more than just 10 Seconds . Axelle Aprville , a researcher at the security company Fortinet, demonstrated "How to hack a Fitbit in only 10 seconds," at the Hack.Lu conference in Luxembourg. Aprville's test was a proof of concept (POC) that did not actually focus on executing malicious payload, rather a logical attack. By using only Bluetooth, Aprville was able to modify data on steps and distance. However, she said it is possible to infect the device in an attempt to spread malware to synced devices. Fitbit Flex tracker is a flexible wristband that measures health statistics, such as blood pressure and heart rate. The Flex is a product of Fitbit, and its salient features are: It can wake you up with a silent vibrati...
Hacker Distributes Backdoored IoT Vulnerability Scanning Script to Hack Script Kiddies

Hacker Distributes Backdoored IoT Vulnerability Scanning Script to Hack Script Kiddies

Nov 09, 2017
Nothing is free in this world. If you are searching for free hacking tools on the Internet, then beware—most freely available tools, claiming to be the swiss army knife for hackers, are nothing but a scam. For example, Cobian RAT and a Facebook hacking tool that we previously reported on The Hacker News actually could hack, but of the one who uses them and not the one you desire to hack. Now, a security researcher has spotted another hacking tool—this time a PHP script—which is freely available on multiple popular underground hacking forums and allows anyone to find vulnerable internet-connected IP Cameras running the vulnerable version of GoAhead embedded web-server. However, after closely analysing the scanning script, Newsky Security researcher Ankit Anubhav found that the tool also contains a secret backdoor, which essentially allows its creator to " hack the hacker. " "For an attacker’s point of view, it can be very beneficial to hack a hacker," ...
Researchers Find Links Between Sunburst and Russian Kazuar Malware

Researchers Find Links Between Sunburst and Russian Kazuar Malware

Jan 11, 2021
Cybersecurity researchers, for the first time, may have found a potential connection between the backdoor used in  the SolarWinds hack  to a previously known malware strain. In new  research  published by Kaspersky researchers today, the cybersecurity firm said it discovered several features that overlap with another backdoor known as  Kazuar , a .NET-based malware first documented by Palo Alto Networks in 2017. Disclosed early last month, the  espionage campaign  was notable for its scale and stealth, with the attackers leveraging the trust associated with SolarWinds Orion software to infiltrate government agencies and other companies so as to deploy a custom malware codenamed "Sunburst." Shared Features Between Sunburst and Kazuar Attribution for the SolarWinds supply-chain compromise has been difficult in part due to little-to-no clues linking the attack infrastructure to previous campaigns or other well-known threat groups. But Kaspersky's l...
CowerSnail — Windows Backdoor from the Creators of SambaCry Linux Malware

CowerSnail — Windows Backdoor from the Creators of SambaCry Linux Malware

Jul 27, 2017
Last month, we reported about a group of hackers exploiting SambaCry —a 7-year-old critical remote code execution vulnerability in Samba networking software—to hack Linux computers and install malware to mine cryptocurrencies. The same group of hackers is now targeting Windows machines with a new backdoor, which is a QT-based re-compiled version of the same malware used to target Linux. Dubbed CowerSnail , detected by security researchers at Kaspersky Labs as Backdoor.Win32.CowerSnail, is a fully-featured windows backdoor that allows its creators to remotely execute any commands on the infected systems. Wondering how these two separate campaigns are connected? Interestingly, the CowerSnail backdoor uses the same command and control (C&C) server as the malware that was used to infect Linux machines to mine cryptocurrency last month by exploiting the then-recently exposed SambaCry vulnerability. Common C&C Server Location — cl.ezreal.space:20480 SambaCry vulnerabi...
How Some Chinese Hackers Started Making Big Money

How Some Chinese Hackers Started Making Big Money

Oct 13, 2015
We know that Hackers hack for a variety of reasons: ...some hack to test their skills, …some hack to gain recognition, ...some hack to make money, ...some hack to support their Nation-State strategy, ...and, some hack alone, and some hack in Groups. And Chinese Hackers are the ones who are infamous for their dedication towards Hacking. Chinese hacking groups are better known for attacking and stealing information, organized cyber crimes, theft of intellectual property and state-sponsored cyber espionage attacks. But it seems that several Chinese hacker groups have now shifted their motive of hacking towards ‘ making money ’. How much Money Hackers Actually Make? It is a known fact that hacking makes money, but how much? Answer: At least $4,500,000/year   from one malware campaign. How? We often observe mobile and desktop applications bundled with Ad-displaying programs, called Adware, to generate revenue. Just last week we repo...
Hackers Are Distributing Backdoored 'Cobian RAT' Hacking tool For Free

Hackers Are Distributing Backdoored 'Cobian RAT' Hacking tool For Free

Sep 06, 2017
Nothing is free in this world. If you are searching for free ready-made hacking tools on the Internet, then beware—most freely available tools, claiming to be the swiss army knife for hackers, are nothing but a hoax. Last year, we reported about one such Facebook hacking tool that actually had the capability to hack a Facebook account, but yours and not the one you desire to hack. Now, a Remote Access Trojan (RAT) builder kit that was recently spotted on multiple underground hacking forums for free found containing a backdoored module that aims to provide the kit's authors access to all of the victim's data. Dubbed Cobian RAT , the malware has been in circulation since February of this year and has some similarities with the njRAT and H-Worm family of malware, which has been around since at least 2013. According to ThreatLabZ researchers from Zscaler, who discovered the backdoored nature of the malware kit, the "free malware builder" is likely capable of...
Apple is working on New iPhone Even It Can't Hack

Apple is working on New iPhone Even It Can't Hack

Feb 25, 2016
Amid an ongoing dispute with the United States government over a court order to unlock iPhone 5C of one of the San Bernardino shooters Syed Farook… ...Apple started working on implementing stronger security measures "even it can't hack" to achieve un-hackability in its future iPhones. The Federal Bureau of Investigation (FBI) is deliberately forcing Apple to create a special, backdoored version of iOS that could let them brute force the passcode on Farook's iPhone without erasing data. However, the FBI approached the company to unlock the shooter's iPhone 5C in various ways like: Create a backdoor to shooter's iPhone. Disable the Auto-destruct feature after numerous tries. Increase the brute force time to try out all combinations. Minimize the time of waiting for a window after each try. ..and much more Apple is still fighting the battle even after the clear refusal to the court that it will not provide any backdoor access to the a...
MalDrone —  First Ever Backdoor Malware for Drones

MalDrone — First Ever Backdoor Malware for Drones

Jan 27, 2015
The use of small Unmanned Aerial Vehicles (UAVs) called Drones is rapidly transforming the way we go to war. Drones were once used for land surveillance, Delivering Pizza's, then equipped with bombs that changed the way nations conduct war and last year, these hovering drones were also used to hack Smartphones. Recently, a security researcher has found a backdoor in the Parrot AR Drones manufactured by a French-based company, that could allow a malicious hacker to remotely hijacked the radio controlled flying quadcopter helicopter. The Parrot AR Drone, revealed at the International CES 2010 in Las Vegas, is a quadricopter helicopter which you can control with your smartphone or tablet. It features two built-in cameras, is easy to fly, and can be controlled without too much danger of it flipping over or smashing into things. FIRST EVER MALWARE FOR DRONES Security researcher, Rahul Sasi claimed to have developed the first ever backdoor malware for AR drone ARM L...
Here's How SolarWinds Hackers Stayed Undetected for Long Enough

Here's How SolarWinds Hackers Stayed Undetected for Long Enough

Jan 21, 2021
Microsoft on Wednesday shared more specifics about the tactics, techniques, and procedures (TTPs) adopted by the attackers behind the SolarWinds hack to stay under the radar and avoid detection, as cybersecurity companies work towards getting a "clearer picture" of one of the most sophisticated attacks in recent history. Calling the threat actor "skillful and methodic operators who follow operations security (OpSec) best practices," the company said the attackers went out of their way to ensure that the initial backdoor ( Sunburst  aka Solorigate) and the post-compromise implants ( Teardrop  and  Raindrop ) are separated as much as possible so as to hinder efforts to spot their malicious activity. "The attackers behind Solorigate are skilled campaign operators who carefully planned and executed the attack, remaining elusive while maintaining persistence," researchers from Microsoft 365 Defender Research Team, Microsoft Threat Intelligence Center (MSTIC)...
Hacking Smartphones Running on MediaTek Processors

Hacking Smartphones Running on MediaTek Processors

Feb 01, 2016
A dangerous backdoor has been discovered in the MediaTek processor that could be exploited to hack Android devices remotely. MediaTek is a Taiwan-based hardware company that manufacture hardware chips and processor used in the smartphones and tablets. The backdoor was discovered by security researcher Justin Case , who already informed MediaTek about the security issue via Twitter, as the chipset manufacturer had no proper vulnerability reporting mechanism in place. The vulnerability is apparently due to a debug tool that was opened up for carriers to test the device on their networks, but unfortunately, it was left open in the shipped devices, thus leaving the serious backdoor open to hackers. If exploited, the debug feature could allow hackers to compromise personal data of an Android device, including user’s private contacts, messages, photos, videos and other private data. MediaTek acknowledged the issue, saying "We are aware of this issue, and it has bee...
How A Drone Can Infiltrate Your Network by Hovering Outside the Building

How A Drone Can Infiltrate Your Network by Hovering Outside the Building

Oct 07, 2015
Imagine you are sitting in your office and working on something confidential. Once you are done, you send a command to print that document. But, What if...  ...the whole confidential document send to a hacker attacking from the air? Sounds pity but may be your Boss fires you immediately if that confidential data is leaked or misused. This is no more an imagination now, as a group of researchers has done exactly the same. Researchers from Singapore have devised a unique set up consisting of a Drone that carries a smartphone running two custom apps that are capable of intercepting wireless printer transmissions, even from outside an office building. In short, hackers can gain access to your corporate network by using a smartphone-equipped drone to hack your printer. The project was developed by the researchers at iTrust , a research center at the Singapore University of Technology and Design. They developed two applications: Cybersecurity Patrol – ...
A Second Hacker Group May Have Also Breached SolarWinds, Microsoft Says

A Second Hacker Group May Have Also Breached SolarWinds, Microsoft Says

Dec 22, 2020
As the probe into the  SolarWinds supply chain attack  continues, new digital forensic evidence has brought to light that a separate threat actor may have been abusing the IT infrastructure provider's Orion software to drop a similar persistent backdoor on target systems. "The investigation of the whole SolarWinds compromise led to the discovery of an additional malware that also affects the SolarWinds Orion product but has been determined to be likely unrelated to this compromise and used by a different threat actor," Microsoft 365 research team  said  on Friday in a post detailing the Sunburst malware. What makes the newly revealed malware, dubbed "Supernova," different is that unlike the Sunburst DLL,  Supernova  ("app_web_logoimagehandler.ashx.b6031896.dll") is not signed with a legitimate SolarWinds digital certificate, signaling that the compromise may be unrelated to the previously disclosed supply chain attack. In a  standalone write-up , ...
⚡ Top Stories This Week
Expert Insights Articles Videos
Cybersecurity Resources