Hackers Can Turn Everyday Speakers Into Acoustic Cyberweapons

Speakers are everywhere, whether it’s expensive, standalone sound systems, laptops, smart home devices, or cheap portables. And while you rely on them for music or conversation, researchers have long known that commercial speakers are also physically able to emit frequencies outside of audible range for humans. At the Defcon security conference in Las Vegas on Sunday, one researcher is warning that this capability has the potential to be weaponized.

It’s creepy enough that companies have experimented with tracking user browsing by playing inaudible, ultrasonic beacons through their computer and phone speakers when they visit certain websites. But Matt Wixey, cybersecurity research lead at the technology consulting firm PWC UK, says that it’s surprisingly easy to write custom malware that can induce all sorts of embedded speakers to emit inaudible frequencies at high intensity, or blast out [...]  read more

Watch a Drone Take Over a Nearby Smart TV

For all the focus on locking down laptops and smartphones, the biggest screen in millions of living rooms remains largely unsecured, even after years of warnings. Smart TVs today can fall prey to any number of hacker tricks—including one still-viable radio attack, stylishly demonstrated by a hovering drone.

At the Defcon hacker conference today, independent security researcher Pedro Cabrera showed off in a series of hacking proofs-of-concept attacks how modern TVs—and particularly Smart TVs that use the internet-connected HbbTV standard implemented in his native Spain, across Europe, and much of the rest of the world—remain vulnerable to hackers. Those techniques can force TVs to show whatever video a hacker chooses, display phishing messages that ask for the viewer’s passwords, inject keyloggers that capture the user’s remote button presses, and run cryptomining software. All of those attacks stem from the general lack of authentication in TV networks’ communications, [...]  read more

A Remote-Start App Exposed Thousands of Cars to Hackers

Last winter, a hacker who goes by the handle Jmaxxz was looking for a Christmas present for his girlfriend. She’d recently flown back from a work trip and complained that her fingers had been painfully cold on her drive home from the airport, thanks to below-freezing winter weather and a circulatory system condition known as Raynaud’s disease. So Jmaxxz had the idea to buy her a remote starter that would connected to her car’s dashboard and, with an accompanying device and app called Linkr, allow her to start the car’s engine with a tap on her phone. That way, on her next trip, she could start heating up the car as soon as her plane touched down.

But even as he was installing that setup, he had misgivings. A security-minded software engineer for a company he declined to name, Jmaxxz wondered what sort of remote hacking he might have left his girlfriend’s car susceptible to. “In the back of my head I kept thinking, what’s the risk of this system, I’m putting her [...]  read more

Hackers Could Decrypt Your GSM Phone Calls

Most mobile calls around the world are made over the Global System for Mobile Communications standard; in the US, GSM underpins any call made over AT&T or T-Mobile’s network. But at the DefCon security conference in Las Vegas on Saturday, researchers from the BlackBerry are presenting an attack that can intercept GSM calls as they’re transmitted over the air and decrypt them to listen back to what was said. And the vulnerability has been around for decades.

Regular GSM calls aren’t fully end-to-end encrypted for maximum protection, but they are encrypted at many steps along their path, so random people can’t just tune into phone calls over the air like radio stations. The researchers found, though, that they can target the encryption algorithms used to protect calls and listen in on basically anything.

“GSM is a well documented and analyzed standard, but it’s an aging standard and it’s had a pretty typical cybersecurity journey,” [...]  read more

Teen Hacker Finds Bugs in School Software That Exposed Millions of Records

Blackboard also thanked Demirkapi, but argued that based on its analysis no one else had accessed those records through the vulnerability he exposed. “We commend Bill Demirkapi for bringing these vulnerabilities to our attention and for striving to be part of a solution to improve our products’ security and protect our client’s personal information,” reads a statement from a Blackboard spokesperson. “We have addressed several issues that were brought to our attention by Mr. Demirkapi and have no indication that these vulnerabilities were exploited or that any clients’ personal information was accessed by Mr. Demirkapi or any other unauthorized party.

Advanced Persistent Teen

Demirkapi says he started digging up the two companies’ security flaws out of a combination of teenage boredom and an ambition to learn more about cybersecurity and web-based hacking. “I have a passion to, I guess, break things,” Demirkapi says. “I really wanted to learn about web application [...]  read more

This Tesla Mod Turns a Model S Into a Mobile ‘Surveillance Station’

Automatic license plate reader cameras are controversial enough when law enforcement deploys them, given that they can create a panopticon of transit throughout a city. Now, one hacker has found a way to put a sample of that power—for safety, he says, and for surveillance—into the hands of anyone with a Tesla and a few hundred dollars to spare.

At the Defcon hacker conference today, security researcher Truman Kain debuted what he calls the Surveillance Detection Scout. The DIY computer fits into the middle console of a Tesla Model S or Model 3, plugs into its dashboard USB port, and turns the car’s built-in cameras—the same dash and rearview cameras providing a 360-degree view used for Tesla’s Autopilot and Sentry features—into a system that spots, tracks, and stores license plates and faces over time. The tool uses open-source image recognition software to automatically put an alert on the Tesla’s display and the user’s phone if it repeatedly sees the [...]  read more

Hidden Algorithm Flaws Expose Websites to DoS Attacks

This week, the notorious forum 8chan went down after its infrastructure provider Cloudflare withdrew its services over the forum’s radical, violence-promoting content. Cloudflare didn’t shut the site down directly, but by removing its protection against distributed denial of service attacks, it could all but guarantee that the forum would crash. But while the classic types of DDoS attack, which overwhelm a site with junk traffic, have persisted and evolved across the web, researchers are warning about a new spinoff: subtle attacks that target not server capacity, but algorithms.

Many websites and services rely on algorithms to transform data inputs into actions and results. But new research detailed at the Black Hat cybersecurity conference Thursday shows how a small, seemingly innocuous input for an algorithm can cause it to do a huge amount of work—slowing a service down or crashing it entirely in the process, all with just a few bytes.

Lily Hay Newman covers information security, digital privacy, and hacking for WIRED.

Nathan Hauke and [...]  read more

How AT&T Insiders Were Bribed to ‘Unlock’ Millions of Phones

A dramatic saga that began with a civil lawsuit between AT&T and former employees has resulted in a high-profile arrest. Muhammad Fahd, 34, and his co-conspirators allegedly paid AT&T employees more than $1 million in bribes over five years to install malware and spying devices at their offices in Washington, according to a Department of Justice indictment unsealed Monday. He was first arrested in Hong Kong in February 2018, and was extradited to the United States Friday. Fahd is accused of orchestrating an elaborate conspiracy from the other side of the world, designed not to steal sensitive customer data or proprietary information but to illegally “unlock” more than 2 million AT&T cell phones.

The newest iPhones and Android smartphones can now cost upwards of $700. To afford them, millions of Americans sign one- or two-year contracts with their mobile carriers, which allows them to pay for their phones in monthly [...]  read more

Hackers Can Break Into an iPhone Just by Sending a Text

When you think about how hackers could break into your smartphone, you probably imagine it would start with clicking a malicious link in a text, downloading a fraudulent app, or some other way you accidentally let them in. It turns out that’s not necessarily so—not even on the iPhone, where simply receiving an iMessage could be enough to get yourself hacked.

At the Black Hat security conference in Las Vegas on Wednesday, Google Project Zero researcher Natalie Silvanovich is presenting multiple so-called “interaction-less” bugs in Apple’s iOS iMessage client that could be exploited to gain control of a user’s device. And while Apple has already patched five of them, a few have yet to be patched.

“These can be turned into the sort of bugs that will execute code and be able to eventually be used for weaponized things like accessing your data,” Silvanovich says. “So the worst-case scenario is that these bugs are used to harm users.”

Lily Hay Newman covers information security, digital privacy, and hacking for WIRED.

Silvanovich, who worked [...]  read more

5G Is Here—and Still Vulnerable to Stingray Surveillance

High-speed 5G mobile data networks may still very much be a work in progress, but they’ve already started rolling out in some US cities. As researchers comb through the 5G standard to see if it delivers not just on lightning speeds but improved security, they’re finding that it still needs some shoring up.

At the Black Hat security conference in Las Vegas next week, a group of network communication security researchers will present findings on flaws in the 5G protections meant to thwart the surveillance devices known as stingrays. Also called “IMSI catchers” after the international mobile subscriber identity number attached to every cell phone, stingrays masquerade as legitimate cell towers. Once they trick a device into connecting to it, a stingray uses the IMSI or other identifiers to track the device, and even listen in on phone calls.

“One good thing in 5G is it was developed to fix the issues that allow fake base station attacks,” [...]  read more