WikiLeaks Reveals CIA Hacking PCs via USB
The popular WikiLeaks Vault 7 series has more revelations regarding CIA hacking activities. This time the documents encloses the techniques used by CIA to infect the “air-gapped” PCs through USB stick.
Hacking methods exposed by Julian Assange’s WikiLeaks on Thursday, are similar to the relatively unpopular Stuxnet attacks. These Stuxnet attack were planned by the US and Israel to inject vulnerabilities into nuclear plants in Iran that also utilizes thumb drives to access the critical systems.
this kind of attack could exploit vulnerabilities that easily spread in no time when a user opens the files on the thumb drive in Windows Explorer. For that, they just need to peruse these files, to get infected as explained by an independent research going by the name xorz. That specific part of the Brutal Kangaroo attack suite was similar to the one squandered by Stuxnet. In this attack, it was transferred through malicious.Ink files.
Therefore, CIA malware could target the disconnected PCs used by terrorists and Industrial groups, said xorz.
Data Leak exposed nearly 200 million U.S voters
The largest leak of voter’s history has been recorded when almost 200 million U.S voters from all the political parties, were exposed in a data breach.
ZDnet reports that the database was left open to the public for download without a password by a data analytic company hired by Republican National Committee (RNC). However, through such an immense data breach it’s not unusual to depict a risk of cyber attack to any of the political party. Although GOP’s claim that they could initiate and run a more secure 2016 presidential campaign than the opposition Democratic National Committee (DNC).
Gross negligence by the Democratic National Committee allowed hacking to take place.The Republican National Committee had strong defense!
— Donald J. Trump (@realDonaldTrump) January 7, 2017
This flaw was first discovered by a security firm Upguard researcher, Chris Vickery. The vulnerability was first reported to the RNC which was patched a week before the news has revealed.
About 25 terabytes of data were exposed on Amazon S3 server by the contracted Deep Root Analytics. Therefore, an open database could be used for any of the malicious purposes of the one who knows the place to access.
Your Router Could Serves as a Spy for CIA
A report released by WikiLeaks on Thursday accused the CIA of tracking router users through altering a part of Router’s software. This could lead to the monitoring of the online activity of an individual using that router.
That installed software could let the agent monitoring the router traffic to get the user personal data such as passwords. He is also able to direct the router uses to a web page where he might ask that particular user to download any kind of malware.
If you are using a router by companies such as Belkin, Dell, Dlink, Linksys, Motorolla, and many others that you may have the flawed router. According to WikiLeaks, the CIA could also alter the routers even before it delivers to the customers.
However, the CIA is capable of tempering the router’s activity without any physical access to it. Through one of their favorite methods as said by WikiLeaks, they could siphon the target router off from the supply line and could monitor it from far through installing their own firmware.
Since few months, several claims from Wiki Leaks have been made regarding the CIA surveilling activities.
Massive Cyber Attack Hit The Leading University
A world’s renowned University, University College London (UCL) has been targeted by a major cyber attack.
Resembling the last month’s massive ransomware attack, the university claims it to be an attack of that kind. Till Thursday, the attack remains continued with access to the online network being blocked. Yet, to avoid any further data loss, the university has warned the students and the staff of “very substantial disruption”.
The depicted cause as explained by the University was a so-called phishing email with fraudulent links to the malicious software. However, they later considered a compromised website as the cause for reported cyber attack. Through clicking on a pop-up page may have transmitted the malware.
North Korean Hackers Blamed For WannaCry
The aftermaths of massive ransomware ‘WannaCry’, reported couples of weeks ago are still being discovered.
According to BBC, the hackers behind the ransomware attack on UK’s National Health Service were from North Korea. This hacker group named Lazarus is believed to be the one who has targeted the Sony Pictures in 2014 when they were about to release a movie, The Interview.
However, NHS was not the only target of WannaCry ransomware but affected the systems from many countries. Hence, it was reported as the biggest ransomware attack which has demanded large bitcoin payment in return to unlock the affected devices.
In May, a Google security researcher Neel Mehta has originally claimed North Korea as the origin of the b attack.
According to Kaspersky researchers, the code she posted on Twitter was similar to the previous two of which one is of early versions of WannaCry and Other from the Lazarus.
Microsoft Releases Ransomware Defense for Windows 8
The users of older version of Windows will now be able to defend themselves against the Ransomware attack such as last month’s WannaCry. Microsoft on Wednesday has announced the updates for the previous unpatched Windows versions.
The massive WannaCry attack has majorly affected the outdated Windows versions such as Windows XP and Windows 7. This includes the well-known organizations such as FedEx and UK’s National Health Service.
Adrienne Hall, the general manager of Window’s Cyber Defense Operations Center, said in a blog post, “It is important to note that if you’re running a supported version of Windows, such as Windows 10 or Windows 8.1, and you have Windows Update enabled, you don’t need to take any action.”
Share this article
About the Author
Zehra Ali is a Tech Reporter and Journalist. She has done her Masters in Mass Communication. Topics related to cybersecurity, IoT, AI, Big Data and other privacy matters are extensively covered by her on various platforms. You can follow her on twitter.
More from Zehra AliRelated Posts
Passengers’ Data Stored on User Devices, not on DigiYatra Storage, says India Govt
KEY TAKEAWAYS Unblocking streaming content from Amazon Prime is easy only if you know the reliable V...
NCSC Chief: Clear Rules Needed to Prevent Cyberspace Conflict and Struggle
A safe and secure digital world necessitates a clear definition and enforcement of international cyb...
‘Revive’ has been upgraded to a banking Trojan on Android
This month, Cleafy’s security researchers discovered a new Android Banking Trojan in the wild....
Asian Industrial Control Systems Targeted by Hackers Using the Shadowpad Backdoor
Unpatched Microsoft Exchange servers in various Asian countries were the target of an attack campaig...
Data Breaches Could Occur Due to Kubernetes Misconfigurations That Were Leaked.
Over 900,000 Kubernetes (K8s) have been discovered to be vulnerable to malicious scans and/or data-e...
Attacks by Cybercriminals Will Become the Main Threat in 2024. Privacy Issues Tendencies
Internet Privacy is the main Concern today Advertisers track your online activities and interf...