Browsing tag
Transferring Backdoor Payloads by DNS AAAA records and IPv6 Address. in this article i want to explain how can use IPv6 Address (AAAA) records in DNStraffic for Transferring Payloads. In my previous Article I explained how can use DNS and PTR Records , now We should talk about AAAA records . This article has 2 Parts […]
Spyware is defined as a “generic term for a range of surreptitious malware such as keyloggers, remote access trojans, and backdoor trojans, especially those that allow remote surveillance of passwords and other sensitive data”. The term can also refer to “more aggressive adware”, which collects user information such as visited websites, installed applications, and other personal […]
A remote access Trojan (RAT) is a malware program that incorporates a back door for administrative control over the objective PC. RATs are normally downloaded invisibly with a client trusted program like games, Email attachments. Remcos RAT was first sold in hacking forums in late 2016 and from that point it get’s updated with more […]
The Guardian, a well known UK-based newspaper, is being heavily criticized by security researchers for publishing an unverified story on WhatsApp vulnerability. Reportedly, the news service published a report citing that it was possible to intercept encrypted messages on WhatsApp because the application contained a Backdoor. The Guardian’s report claiming a security flaw may be […]
Update (13:30 IST): Open Whisper Systems, whose Signal protocol is used in WhatsApp, has claimed that the “secret backdoor” story is not true. The ability to change the security keys for undelivered messages reduces users’ burden in case the recipient’s keys change during the course of message transfer, i.e., if he reinstalls WhatsApp on his […]
Exclusive: Privacy campaigners criticise WhatsApp vulnerability as a ‘huge threat to freedom of speech’ and warn it could be exploited by government agencies A security backdoor that can be used to allow Facebook and others to intercept and read encrypted messages has been found within its WhatsApp messaging service. Facebook claims that no one can […]
Chromebackdoor is a pentest tool, this tool use a MITB technique for generate a windows executable “.exe” after launch run a malicious extension or script on most popular browsers, and send all DOM datas on command and control. System Requirements pip install crxmake wine32 ChromeBackdoor : Install Text (V 3.0) ChromeBackdoor :1 Install Video […]
we will detail our discovery of the next two versions of MM Core, namely “BigBoss” (2.2-LNK) and “SillyGoose” (2.3-LNK). Attacks using “BigBoss” appear likely to have occurred since mid-2015, whereas “SillyGoose” appears to have been distributed since September 2016. Both versions still appear to be active. Targeted Regions And Industries In 2013 MM Core was reported to target Middle […]
Last week, a report published by the House of Representatives Judiciary Committee and the House of Representatives Energy and Commerce Committee has made it crystal clear that the US government considers encryption backdoors as a threat to its “national interests.” The report, compiled by a special assembly of experts known as the Encryption Working Group, […]
Barnes & Noble has joined the list of Android device vendors who sold smartphones and tablets affected by the Adups backdoor. According to the findings of Linux Journal reporter Charles Fisher, the company’s latest tablet, the NOOK 7 (Barnes & Noble BNTV450), includes a component manufactured by the Shanghai Adups Technology Co. Ltd. Chinese company. […]
A soon-to-be-deprecated API included with Skype for Mac contains a vulnerability that allows an attacker to bypass authentication procedures and query for user data or interact with a local Skype installation. According to researchers from Trustwave, the bug affects the Desktop API, previously known as the Skype Public API. The role of this API is […]
In the second half of 2016, ESET researchers identified a unique malicious toolset that was used in targeted cyberattacks against high-value targets in the Ukrainian financial sector. We believe that the main goal of attackers using these tools is cybersabotage. This blog post outlines the details about the campaign that we discovered. We will refer to […]
Sony has released firmware updates that remove a remotely exploitable backdoor account from 80 models of IP and security cameras. Because attackers can exploit the backdoor account via a well-crafted HTTP request, if left unpatched, the vulnerability can open the door for abuse, with crooks taking over Sony surveillance cameras and adding them to a […]
The technical nature of cyber crime can sometimes obscure the fact that creating, using, and distributing malware, phishing kits and other threats is a business, albeit an illegitimate one. Like most other businesses, cybercriminals look for ways to market and distribute their tools effectively while staying under the radar of law enforcement and the security […]
Hardware hacker Samy Kamkar has released a new tool called PoisonTap that is capable of a plethora of malicious actions, all of which work even against password-protected computers on which an attacker can’t access the desktop. PoisonTap is a small device built on top of a Raspberry Pi Zero $5 board, which runs custom software […]
Short Bytes: Kryptowire has found a secret backdoor in budget Android smartphones. They took the BLU R1 HD for testing and concluded that device has a firmware created by Shanghai AdUps Technology Co. Ltd which is being used to send device data and identifiable user information servers in China. A security research firm Kryptowire has […]
When a site gets hacked, the attack doesn’t end with the malicious payload or spam content. Hackers know that most website administrators will clean up the infection and look no further. Many go on to patch vulnerable software, change their passwords, and perform other post-hack steps. All of this is good, but hackers who follow […]
BLACKGEAR is an espionage campaign which has targeted users in Taiwan for many years. Multiple papers and talks have been released covering this campaign, which used the ELIRKS backdoor when it was first discovered in 2012. It is known for using blogs and microblogging services to hide the location of its actual command-and-control (C&C) servers. This allows […]
In early October, a hacker named Anna-senpai published the source code of a malware created to automatically scour the internet for poorly secured and easy-to-hack connected devices that could be enlisted into an Internet of Things zombie army. That malware, known as Mirai, has fueled some of the worst cyberattacks the internet has ever seen, […]
Experts from the White Fir Design discovered cybe rcriminals exploited a zero-day flaw in an e-commerce plugin for WordPress to upload a backdoor. According to the experts from the firm White Fir Design, crooks exploited a zero-day flaw in an e-commerce plugin for WordPress to upload backdoors to affected websites. The plugin is WP Marketplace, a […]
Android Smartphones from Foxconn Manufacturer Plagued with Dangerous Security Flaw known as Pork Explosion. Android operating system has become quite vulnerable to hacking issues and Google has continuously been trying to fix the security flaws and make the system reliable enough for users around the world. However, despite all these efforts to patch up the […]