China hacking Hong Kong protesters’ smartphones, says security firm

Hong Kong protestersBy IAN ALLEN | intelNews.org
A mobile telephone security company has said the government of China is probably behind a sophisticated malware designed to compromise the smartphones of protesters in Hong Kong. Ever since the Hong Kong ‘umbrella revolution’ began to unfold, countless reports have referred to the use of smartphone applications as organizing tools by the protesters. According to one account, an application called FireChat was downloaded by more than 100,000 smartphone users in Hong Kong in less than 24 hours. FireChat is said to allow protesters to continue communicating with each other even when their individual devices are unable to connect to a mobile network. But a California-based mobile telephone security firm has warned that the Chinese government could be using such enabling applications to compromise the smartphones of pro-democracy protesters in the former British colony. Lacoon Mobile Security, which specializes in assessing and mitigating mobile security threats, said on Tuesday that it had detected several types of malware camouflaged as mobile phone applications designed to help the protesters organize. In a statement posted on its website, the security firm said that, once downloaded by a smartphone user, the malware gives an outsider access to the address book, communication logs and other private data stored on the unsuspecting user’s device. Lacoon added that what made the malware unusual was that it came in two different versions; one appears to target smartphones that run Apple’s iOS operating system, while the other is designed to compromise phones using Google’s Android software. The company noted that the types of malware that are circulating among Hong Kong protesters were some of the most sophisticated it had ever seen. They made use of a method called mRAT, which stands for multidimensional requirements analysis tool. Among other things, mRAT allows a hacker to take surreptitious pictures using the phone camera of a compromised smartphone. According to Lacoon, the design of the malware in question is so advanced that it is “undoubtedly backed by a nation state”. Read more of this post

Advertisements

News you may have missed #857 (hacking edition)

Mossad sealBy IAN ALLEN | intelNews.org
►►UK spies hacked Belgian phone company using fake LinkedIn page. British spies hacked into the routers and networks of a Belgian telecommunications company Belgacom by tricking its telecom engineers into clicking on malicious LinkedIn and Slashdot pages, according to documents released by NSA whistleblower Edward Snowden. The primary aim, reports the German newsmagazine Der Spiegel, which obtained the documents, was to compromise the GRX router system that BICS controlled, in order to intercept mobile phone traffic that got transmitted by the router.
►►Indonesian hackers behind attack on Australian spy service website. Indonesian hackers are believed to have brought down the website of the Australian Secret Intelligence Service, Australia’s leading spy agency. The page was not working on Monday afternoon after hackers launched a “denial of service” attack. A “404 not found” message typically appears when a website crashes under a “denial of service” attack. The cyber attack is reportedly a response to revelations that Australia had been spying on its closest neighbor through its Jakarta embassy.
►►Hamas blasts alleged Mossad website. Hamas officials released a warning about a website called Holol (“solutions”), claiming it is a ruse set up by Israel’s Mossad intelligence agency to recruit Gazans as informants. The website’s “Employment” page states, “due to our connections with the Israeli Civil Administration, we can help you bypass the bureaucratic tape and procedural processes which prevent you from leaving Gaza”. The site also offers Israeli medical assistance, “due to connections with the Ministry of Health and the Israeli Civil Administration”. Palestinians interested in contacting the website’s officials are asked to provide their full name, telephone number, email, topic of inquiry, and an explanation of why they are asking for help. Last month, Lebanese group Hezbollah accused the Mossad of being behind a website seeking information on Hezbollah’s intelligence wing.

Leaked documents show capabilities of new surveillance technologies

Net Optics logo

Net Optics logo

By JOSEPH FITSANAKIS | intelNews.org |
A trove of hundreds of documents, obtained by participants in a secretive surveillance conference, displays in unprecedented detail the extent of monitoring technologies used by governments around the world. The Wall Street Journal, which obtained the leaked documents, says they number in the hundreds; they were reportedly authored by 36 different private companies that specialize in supplying government agencies with the latest surveillance hardware and software. They were among dozens of vendors that participated in an unnamed conference near Washington, DC, in October, which attracted interested buyers from numerous government agencies in America and beyond. The Journal, which has uploaded scanned copies of the leaked documents, says that many include descriptions of computer hacking tools. The latter enable government agencies to break into targeted computers and access data stored in hard drives, as well as log keystrokes by the targeted computers’ users. Other applications target cellular telecommunications, especially the latest models of so-called ‘smartphones’; one vendor in particular, Vupen Security, gave a presentation at the conference, which describes how its products allow for electronic surveillance of cell phones by exploiting security holes unknown to manufacturers. Some of the most popular products at the conference related to what the industry calls “massive intercept” monitoring, namely large-scale software systems designed to siphon vast amounts of telephonic or email communications data, or to capture all Internet exchanges taking place within a country’s computer network. One conference participant, California-based Net Optics Inc., bragged in its presentation about having enabled “a major mobile operator in China” to conduct “real-time monitoring” of all cell phone [and] Internet content on its network. The stated goal of the surveillance was to “analyze criminal activity” and “detect and filter undesirable content”. Read more of this post

News you may have missed #546

Thomas Drake

Thomas Drake

By IAN ALLEN | intelNews.org |
►►Whistleblower says NSA mismanagement continues. Former US National Security Agency employee Thomas Drake was recently sentenced to a year’s probation for leaking secrets about the agency to a journalist. The presiding judge did not sentence him to prison, recognizing that his genuine intention was to expose mismanagement. Soon after his sentencing, Drake told The Washington Times that mismanagement continues at the NSA, which he compared to “the Enron of the intelligence world”. He also told the paper that NSA’s accounts were “unauditable”, like those of most of the other agencies operating under the Pentagon. ►►Taliban claim phones hacked by NATO. The Afghan Taliban have accused NATO and the CIA of hacking pro-Taliban websites, as well as personal email accounts and cell phones belonging to Taliban leaders, in order to send out a false message saying that their leader, Mullah Mohammad Omar, had died. Taliban spokesman Zabihullah Mujahid told the Reuters news agency that the hacking was “the work of American intelligence” and that the Taliban would “take revenge on the telephone network providers”. ►►Rumsfeld memo says ‘US can’t keep a secret’. “The United States Government is incapable of keeping a secret”. This was opined in a November 2, 2005 memo authored by Donald Rumsfeld. The memo by the then-Defense Secretary continues: Read more of this post

Phone hacking ring helped groups evade eavesdroppers

By JOSEPH FITSANAKIS | intelNews.org |
Even though computer hacking tends to monopolize information security headlines, phone hacking, or phreaking, as it is technically known, remains a major source of headache for communications security professionals. Last Friday, law enforcement agencies in several countries announced the arrest of more than half a dozen individuals in the US, Italy and the Philippines, who were operating a major international phreaking network. The group had apparently broken into thousands of corporate telephone networks in Australia, Canada, the US, and Europe, and was channeling near-free telecommunications services to several criminal and militant organizations around the world. According to law enforcement insiders, “the hacked networks might have been used by terrorist organizations to thwart eavesdropping and tracking by intelligence agencies”. Read more of this post