With a Digital Sneeze I got a Wireless Virus!

In 2009 and in 2012 the Australian Science organisation CSIRO won landmark court case’s on the invention of Wi Fi technology. From its introduction Wi Fi security has been an issue ignored in the wake of the convenience of its features and potential. In early 2000 I recall reading that Queensland University students proved that Wi Fi could never be made totally secure. A gene out of its bottle is rarely put back in and in the case of technology it’s the risk reward ratio that kept the Wi Fi gene out of the bottle as it made device based mobile computing possible and now indispensable.

In Wi Fi’s earliest days I would observe many a poor uni student hunkered down in a shopping mall with a laptop, piggy backing the shopping malls Wi Fi to do their research for free. Now that’s just taken for granted and we expect open access Wi Fi wherever we go as a no charge customer service.
Some time ago a student showed me a device he bought at an electronics store.
“It scans for Wi Fi networks.” He said.
“Why do you need it?”
“I might want to see if I can get online from the wood shed down the bottom of my back yard.”
“Right …….. So how many unsecured Wi Fi networks did you find down your street then?”
“Five”
Wi Fi security is now under a new threat. A digital influenza is now possible. ‘Chameleon’ a codenamed virus designed by researchers at the University of Liverpool have developed an airborne Wi Fi virus.
Piggy backing Wi Fi waves this coded common cold spreads faster than Bali Belly from network to network. The denser the networks the faster it spreads.
It was assumed, however, that it wasn’t possible to develop a virus that could attack Wi Fi networks,” computer security expert Professor Alan Marshall said. “But we demonstrated that this is possible and that it can spread quickly.
So those places offering open access networks, the shopping malls, the coffee shops, free hotspots and my TAFE campus could be dangerous places easily infiltrated.
Straining the distinction between research and Ukrainian hackers the team designed and simulated attacks that spread quickly between home and business avoiding detection and also finding and remembering unprotected networks. In a laboratory setting which must make it alright, they simulated successful attacks on Belfast and London. The team reported that “Chameleon” behaved just like a real airborne virus.

 

When “Chameleon” attacked an AP (Access Point) it didn’t affect how it worked, but was able to collect and report the credentials of all other Wi Fi users who connected to it. The virus then sought out other Wi Fi APs that it could connect to and infect.”
Alan Marshall, Professor of Network Security

 

Shopping malls could become areas of high digital pestilence, with the majority of AP’s in close proximity mostly within a 10-50 metre radius; a Wi Fi virus like “Chameleon” will propagate like the plague.
It slips past virus protection because virus protection software only looks at viruses on our devices not within the Wi Fi network itself. You might beat it with your home and business secured AP only to find yourself “nailed” at your favorite coffee shop or conference.

 

Wi Fi connections are increasingly a target for computer hackers because of well-documented security vulnerabilities, which make it difficult to detect and defend against a virus. It was assumed, however, that it wasn’t possible to develop a virus that could attack Wi Fi networks but we demonstrated that this is possible and that it can spread quickly. We are now able to use the data generated from this study to develop a new technique to identify when an attack is likely.” Professor Marshall

 

Well thanks for that but, what about copy cats. I think the first computer virus was let loose by some early computer genius having a random academic moment wondering if he could give networked computers a form of digital cancer, contemplated some likely code and hit the enter key forgetting he was on a huge university network and thus gave birth to the first computer virus. He owned up and apologized but that gene was out of its bottle.

 
I really do wonder sometimes why we keep a laboratory sample of a virus or bacteria causing a horrific disease that took hundreds of years to eradicate just in case we might need it in the future. It’s a trust us scenario because we are scientists and you are just people who don’t know any better and you should leave it to us.
Are they going to do a perpetual computerized quarantine of “Chameleon” while they protect us from others that might invent a “Chameleon” knock off but who are not them? I would either look to putting virus protection on my smart phone or try going to a coffee shop to just have a cup of coffee with a friend and talk, a device free time. It’s fast becoming one of those life crisis issues requiring professional help and mental health coverage on your medical insurance plan.

 

Related Articles:
How CSIRO’s stars won the WiFi battle
Detection and analysis of the Chameleon WiFi access point virus
Adelaide CBD wi-fi network

Only one on-line slip up

Back in the last share boom before the GFC (Great Financial Crisis) everyone thought they were a red hot trader. Mums were spending their day in a trading pod checking the websites spruiking todays penny dreadfuls. I recall one scam. Young Australian guy spam mailed all these hot trade tip web sites with a fake report on a penny dreadful, taking a big position before hand of course. The sheep got on board in the first hour of the day and he sold into it making about $21,000 for the mornings work. Only problem was he did it from home and got done. Caught and charged. I remember thinking at the time why didn’t he get one of those dodgy promotional CD’s with 10 hours free internet time from one the undercutting ISP companies who never answered the phone, had non-existent support and an address that turned out to be a car park. Take the CD into an internet cafe and our “perp” would have been away clean.

Those days are gone. The arrest on the 1st October of “Silk Roads” Ross William Ulbricht illustrates the point. The online drug and dodgy deeds site had apparently turned over more than $1 billion from hundreds of thousands of customers. From fake ID’s to top grade heroin the site had cleverly covered itself using complex server configurations, anonymity software and Bitcoin money, Silk Road had become a major player in the “Dark Net.” Until Ross made one stupid, rookie blunder that bought it all undone.

Strutting his stuff on a forum Ross used a user profile called “altoid” and said he was looking for an expert in Bitcoin and stupidly gave the address to send applications to as rossulbricht @gmail.com. In itself innocent enough but the FBI tracing the user name “altoid” found two earlier posts  about Tor being a kind of “anonymous amazon.com” Both posts referenced  “silkroad420.wordpress.com.” Duh!!
Did this make Ulbricht a person of interest to the FBI? It sure did. Further footprints followed.  A Google+ profile of rossubicht@gmail.com included video links that enabled the FBI to cross link Ross with his Silk Road handle “Dread Pirate Roberts.” Both Ross and the Dread Pirate seemed to both be believers in the Austrian Economic Theory on which Silk Roads market model was based.
The final bread crumb was a post by Ross on a forum on “How can I connect to a Tor hidden service using curl in php?” Later forensic analysis on a Silk Road hard drive found exactly the same code.

Even if the “Dread Pirate Roberts” initial slip up didn’t require the powerful surveillance capability of the NSA it is suspected that while chasing child pornographers the FBI agents exploited a vulnerability in the Firefox browser to unmask Tor users and may have used this to expose the Silk Roads kingpin.

Many people concerned over Snowden’s NSA revelations have started to use software like Tor recommended by the Cryptoparty to stay anonymous. If it’s just to keep pesky profile marketing away and otherwise having nothing to hide, all well and good. However with something to hide it becomes a bigger challenge everyday as any investigator need only to wait and stay vigilant and they will get lucky with that one slip up.

Related Articles:
Silk Road mastermind couldn’t even keep himself anonymous online

A Slave Ratting on a RATer.

“Cutefuzzypuppy” he called himself. This was the not so cute online handle of 19 year old Jared James Abrahams who captured Miss Teen USA Cassidy Wolf’s laptop webcam using RAT technology and revelled in getting unbeknown naked pictures of her.

I mean even in the privacy of your own room how much time do you spend naked? It’s probably inversely proportional to your age. The older you are the less time you spend naked. From a baby when you are always naked to a 90 year old that’s never naked even in the shower. Jared had over 150 “slaves” at the height of his career as a RAT. That’s controlling the webcams of the 150 girls Jared monitored, many he snapped “nuddy” images of to boast about, post and share with his forum friends. Now this is a serious investment of time. To catch these girls in the buff would require near constant monitoring. It probably took all of Jared’s time to watch and wait. It makes him not so much a cute puppy but a very sick puppy. The American term “Jerk off” probably literally applied to Jared.

Jared is no good with people, no surprise there, so he distributed software like DarkComet to victims because that was the only way he could connect with them, secretly as a virus. He admitted “He sucked at social engineering.”  This of course means he had no face to face social skills. His first major success was to use a girl he went to school with. Cassidy Wolf the new Miss Teen USA innocently communicated with an old school acquaintance to have him infect her laptop with a RAT tool.
In May 2012 he announced on hackforums.net:
Recently I infected a person at my school with Darkcomet. It was total luck that I got her infected because I suck at social engineering. Anyway, this girl happens to be a model and a really good looking one at that: D. I was hoping I could use her and her Facebook account to further spread my darkcomet rat. I want to mass message all her friends on Facebook but I have no idea what to message them to get them to download the rat. Any ideas or suggestions would be greatly appreciated :).” 
Reported by Nate Anderson (ars Technica Sep 28th)

Cassidy became suspicious when someone attempted to change her passwords to Facebook, Twitter, Tumblr and Yahoo. The first semi-nude of her turned up on Twitter. Only 30 minutes later she received an email from our Jared demanding  that she either send him “good quality” nude pictures, a video of herself, or that she “go on Skype with him and do what I tell you to do for 5 minutes.” Any refusal to his demands would result in the release of compromising images of her, some of which he sent her to show he meant business.
The idiot tried to blackmail her. What is it with men and our obsession with the pursuit of status and influence? Of any kind. Even if it’s only to be the biggest fish in the tiniest ocean we will go for it. From the dickhead Dad with his Hitler control trip over the under 10 basketball team from a town you can spend a year in, in a single day to Jared wanting to be the “Man” on a forum full of sickos by showing them a video of his “slave” obeying his every command. What’s more she is Miss Teen USA so beat that!

To her credit Cassidy called the cops.
The FBI looked at her laptop and found evidence of both DarkComet and another RAT known as Blackshades, which confirmed how Jared had taken his photos.
Jared thinking he was smart used a VPN (Virtual Private Network) to conceal his identity but his own RAT buddies betrayed his location because of his bragging. These RATs had connected back to Jared by accessing no-ip.org. This is a service which allows users to dynamically map their IP address to a domain name. This allows the “slaves” to phone home while Jared remains safe using a dynamic IP address from a home Internet account or so he thought. The resulting No-ip.org records however allowed the FBI to establish the existance of a no-ip.org account in the name of Jared’s father and the username on the account was “cutefuzzypuppy.” A Google search and there is our Jared alias “cutefuzzypuppy” writing about RATs online.
Facebook gave the FBI, Jared’s personals including his college.  He was staked out and secretly observed in the computer room accessing the “no logging” VPN from the college network. The FBI had a case, Jared James caught red handed, done and dusted.

Yet to realise and making matters much worse for himself Jared continued to threaten Cassidy Wolf. Unless she complied with his demands, he threatened to post her picture to hacked accounts of her friends on Facebook, and said that nothing she could do would stop him.
“Block all the people, delete your account, whatever, just know that I finally decided I have enough Facebook’s and will upload your picture on all of them,” Jared wrote.
Jared turns out to be a multinational RAT, making similar threats to girls from Canada, Ireland and the list went on. He forced some to strip for him on Skype while he recorded it.
An Irish girl had pleaded “Please remember I’m only 17. Have a heart,”
Jared replied: “I’ll tell you this right now! I do NOT have a heart!!!”

Later after his arrest, Jared was to tell FBI officers that he was “not normally aggressive.”

Of those who did not comply with his demands some had their photos released. While the FBI was interviewing one of the victims she discovered nude photos of her had been posted on Instagram.

Closing the case was the discovery on June 4th in a raid on Jared’s family home of numerous videos of his victims along with RAT software tools. He admitted to everything. This master RAT knew every major webcam type and driver and had got “no lights” RATting down to a fine art. That is monitoring a captured webcam ensuring the light on the camera is remotely turned off during operation.

Jared can perhaps consider himself lucky he will not be convicted and sentenced to a custodial term in an Australian prison. In the informal prisoner ranking system a RAT would probably rank just above a “rock spider.” This is an Australian prison term for a paedophile. They are considered the very bottom of the bottom feeders. Australian inmates in our prisons go out of their way to ensure a “rock spider” does really hard time. Jared would be the object of some very tough love.

Related Articles:

Dark Google and the RATTER’S

In a previous post called ratters and slaves I said a smart girl forewarned and armed with a band-aid to stick over her web-cam can prevent a pimply pervert turning her into a photo slave and presenting her in a forum to other socially dead ratters like himself.

As like attracts like and birds of a feather flock together Karma insures that these loathsome lads will fall in love with a harridan from hell who will one day leave and take from them everything they own and love, and anything they could ever own and love. You can only hope, because they deserve it.

Perhaps a ratter’s future fate is in even worse hands, in a Russian ratter’s hands that is. In another web-cam scam Australian men watching pornography have been captured through the cam with their pants down and blackmailed using “Ransomware” software.
The victims are instructed by the hackers to pay a fine and if the fine is not paid within 72 hours, the incriminating images are released to the world or data files on their computer encrypted until payment or wiped.

Sean Kopelke, technology director with IT security firm Symantec has identified 16 versions of malware linked to organised crime gangs in Russia, Europe and the Middle East.
A recent Symantec study of one virus found 68,000 computers were infected within a month, with 2.9 per cent of those ensnared by the scam making payments of almost $400,000.

Another tool in the tool box for a RAT (Remote Administration Tools) is Shodan. Named after a bad guy in the “RPG” Game System Shock this search engine adds information on half a million new devices every month.
The ‘scariest search engine’ is peering in the darkest corners of the internet and finding servers, webcams, traffic lights and even power plants open to anyone with a computer.” CNN Reports

Anyone on the prowl in this “Dark Google” search engine can roam from causing brainless, spur of the moment idiocy to some very dark and dirty stuff! From making your mates garage roller door go up and down forever, to a suspected killing of a journalist by controlling his cars computer and doing a “Top Gear” high speed assassination on him.

Few of these thousands of devices even have passwords and were never intended to go online in the first place. Even if they do have passwords its ‘admin’ or ‘1234’ and you are in. It’s becoming like another Millennium bug mania at the time the clock turned 12 into the year 2000.

From nuisance raids on your home security system and lighting to the local pubs cooler rooms, the local crematorium and to turning the traffic lights off in the whole town or city, the possibilities are numerous. Then what about power stations, a particle-accelerating cyclotron or nuclear power plant, many may be open to device hacking.

Tens of thousands of webcams, hydrogen fuel cells used in military instillations, power meters, theatre lighting, heat pumps are all online. You could really do some damage with this” – Independent security tester Dan Tentler, said at a Defcon cybersecurity talk.

The darkest rumour so far, from the “Dark Google” world is that of Rolling Stone reporter Michael Hastings who friends said “drove like a Grandma” dying in an unusual high speed crash on June 20th.
I’m not a conspiracy guy. In fact, I’ve spent most of my life knocking down conspiracy theories. But my rule has always been you don’t knock down a conspiracy theory until you can prove it wrong. And in the case of Michael Hastings, what evidence is available publicly is consistent with a car cyber attack. And the problem with that is you can’t prove it.”
Richard Clarke, Former U.S. National Coordinator for Security, Infrastructure Protection, and Counter-terrorism.

Considering the possibility of a cyber attack on your car or your roller door going up and down mindlessly forever reminds me of the Steve Wozniak quote: “Never trust a computer you can’t throw out a window”

Related Articles

The Complete Hackers Handbook

A study just conducted by Google reveals we are no better with passwords now than we were 30 years ago.
In 1985 I was running an Apple Training Centre for a Computerland franchise. Back then we had Thursday “Latenight Shopping”. Instead of closing at 5 o’clock like every other day, retailers were allowed to stay open until 9 o’clock at night every Thursday. You have to remember that this was when nothing was allowed to open on Sunday. I’m not kidding, nothing except a designated Chemist shop in case you were dying, otherwise the main street of your town was a transactional dead zone. No body to take your money. It’s had to believe now I know.

I advertised a kid’s computer class hoping to capitalise on the fact that Mum didn’t want the kids under her feet while she did her late night shopping. I charged $10 and we mostly played educational games like “Rockys Boots.” This is still pre internet times but personal computer to computer connections had just become possible with software like “PC Anywhere” an ancient piece of code not to be confused with today’s Symantec software, and a pre modem contraption called an acoustic coupler. It had a couple of suction caps for your phone and was used to connect to Bulletin boards. I had one way down in the back corner of my training centre classroom.

Early one morning before school some of the smarter kids came in and asked if they could try something and went up to that back corner, consulted a book and messed with the acoustic coupler. They came back in the afternoon back up to the back corner to engage in recognisable suspicious activity. Teachers develop a sixth sense for mischief, either a quick glimpse over a shoulder, a slinking body language movement or whispering with quicksilver eyes. My Grandfather would clip me under the ear whenever I walked past him and in answer to my indignant adolescent “What was that for?” outrage he would say: “Son you are either just going into trouble or just coming out of it.”

In the morning they had loaded software that would ring every telephone number within our area code and before a flag fall charge, interrogate the number to see if it was attached to a computer and if so record that number. Now back in the afternoon with the “Complete Hackers Handbook” open they were attempting to access the three or four phone numbers uncovered. Remember this was 1985. Momentarily confiscating the Handbook it revealed adults are dumb with passwords. It will be written down and hidden in the immediate vicinity of the PC. A “stickit” note on the computer, under the blotter or stuck to the bottom of the desk drawer. It will be something they can remember. It will not be their car registration number. An adult it said can own a car for twenty years and still not remember the registration number. The handbook went on to identify the most likely passwords a person will use.

It is now 28 years later and the Google study has revealed the list to be exactly the same:

  •     Pet’s name
  •     Significant dates (like a wedding anniversary)
  •     Date of birth of a close relative
  •     Child’s name
  •     Other family member’s name
  •     Place of birth
  •     Favorite holiday
  •     Something related to favorite football team
  •     Current partner’s name
  •     The word “password”

If hackers crack into a database with your password stored, there is nothing you can do, you are hacked, you are owned. A password shouldn’t be a recognisable word in the dictionary. Password cracking programs use dictionary checking. I used to train sheepdogs. I loved it and was good at it. I was speaking to a student who had trained guard dogs for the military. He loaned me the training manual. The command word for attack was incomprehensible. I asked about this. He said: You can’t have a recognisable word otherwise that word might come up and your dog will tear your friends throat out during casual conversation. I felt a fool for asking. Of course it’s obvious.

First, don’t make it easy on hackers by choosing a common password. Splashdata uses security breaches to gather ‘most popular passwords’ lists each year. The word ‘password’, number sequences, and other simplistic phrases or numbers fill the top spots. Also, don’t use your name, a password related to another one you might have on a different site, or a login name.” – Kerry Davis

Experts recommend using at least 15 characters, upper-case letters, nonsensical words with special characters and numbers inside them, known as alphanumerics.
74% of Internet users use the same password across multiple websites, so if a hacker gets your password, they now have access to all your accounts. Reusing passwords for email, banking, and social media accounts can lead to identity theft and financial loss.” McAfee’s Robert Siciliano

The older you get the more likely you are to write your passwords down in a book. My suggestion is fake it. Make it look like a badly kept diary you know no one will ever read. Just like the old spies make it a code.
J
anuary 15th, I made out with Julie Jones in the car park after the year 10 farewell dance 1987. Using the first character we have: J1ImowJJitcpaty1fd1987
Let’s see how it rates on Intel’s Password Grader.

The result: CONGRATULATIONS! It would take about 376697693540 years to crack your password.
The other great thing about this method is you never forget what a fantastic night you had with Julie.
Damn now I have to change my password.
Damn I will have to hide my diary.

Related Links:

 

Hire a Teenage Hacker.

Another one of my unsung heroes is Christopher Boyce.  Even though he was not an Australian he spent 24 years in prison on our behalf. Boyce was a whistle blower who discovered secret communications indicating a CIA covert operation to unseat Gough Whitlam’s labour government because of its stated desire to close the secret American bases in our far north. He revealed these communications because he believed it was an inappropriate way for his country to treat its allies.  

Another young man languishes in prison today for doing his country a huge favour. Max Butler aka Iceman, an incredibly talented penetration tester while working voluntarily for the FBI in the late 90’s discovered a vulnerability on all US government networks. Without telling anyone he patched this problem because of his concern over nuclear research facilities being penetrated.  But he couldn’t help himself, he left behind a hacker’s backdoor to use again if needed. This backdoor was revealed by an Eagle eye investigator for the US air force and Max was arrested and jailed for saving his government from a huge embarrassment.
I don’t know about you but if I was a government I would have rewarded the kid, at least employed him to help me stop the blatant theft of my high tech secrets by certain unnamed foreign governments or designed for me a virus like STUXNET to bring down the centrifuges in Iran’s nuclear enrichment plant and stop them getting a nuclear bomb. But no, it’s off to jail he goes.

While in jail for 18 months he was discovered by some financial fraudsters doing time in the same jail who talked him into helping them steal money through credit card fraud when he got out. He was 86 million dollars good at it, but got caught again. He is currently serving 13 years and is scheduled for release in 2019. So why does this kid with a brain the size of a small planet, get talked into being such an idiot?   

It was because he has Asperger’s syndrome and although brilliant he is socially and life skill lacking. He probably was very young when he started learning his hacking skills before he established a moral code. Although brilliant at IT, maths and science and seemingly socially adequate online, in the real world outside he had serious difficulty developing life skills and sound judgement. Max is in jail because he has a disability. Young people like him should be helped not jailed.

Attitudes in this country are changing. The Australian Federal police (AFP) are trolling hacking forums to try and identify vulnerable kids like Max before they get into trouble and even consider them as potential employees to help in the battle against cybercrime.  Police are turning up on the doorsteps of under 18 year old hackers they have identified to turn them, if I can use that espionage term, before they turn to serious cybercrime.

Many educational institutions teaching IT are being urged to spend more time on ethics so as not to be seen turning out the next generation of hackers. In my own wonderful workplace of sensitive, switched on teachers and staff we have had quite a few kids like Max over the years. In cooperation with talented disability consultants we nurture and guide these kids hopefully through the moral and social minefield of online temptation. A kid like Max with an understanding employer can become a very valuable employee. In our teaching section we know this because we have seen it happen.

Related Articles

Hire the Hackers

Cracking Stuxnet, a 21st-century cyber weapon.

Teenage hackers in Australian Federal Police’s sights.

How UNSW creates the world’s best hackers

Who are Hackers?

 

Ratter’s and Slaves

When I was first asked as a teacher by parents concerned about protecting their children from inappropriate online content I used to say that rule number one, was don’t have an internet connection in a teenagers bedroom. Have internet connected computers in the lounge room. That way everybody in the family can see what everybody else is looking at. Probably not applicable anymore with wi-fi networks and portable devices. Impossible to police.

Which makes this post scary for any parent with a teenage daughter. There is a group of “slime-balls”, mostly young men who use “RAT” applications, (Remote Administration Tools) to gain access to computers with webcams, take them over, capture images of the girls they spy on, the more exposed the better. They call them “slaves”. Swap them, boast about them, find ways to get more of them and construct galleries of them. The hardest task is to remotely turn the camera light off so they go unnoticed as they prank and “perve”.
They give each other advice on forums about how to do this and how to get maleware methods of delivering this software on the target computer. Read more in this article, one of many references I’ve found to these “Ratters“. They use the “Hackers” search engine to find online devices.

So if you visit a family and see that smart teenage daughter with a band-aid over the web cam on her laptop, don’t pay out and laugh, she is probably smarter than you.

Related Articles

RAT Technology    JD Journal