30 seconds and 50 dollars is all it takes to steal your PC login

Imagine you’ve been at work for a few hours. It’s time to get up, grab a coffee and some morning tea. You’ll only be away from your desk for ten minutes so you know it will be easier to just hit the lock screen on your workstation than to completely log out and then log back in again when you return. No one has your password so your workstation is safe, right?

Many people believe that leaving their computer unattended won’t pose any security risks as long as the device is locked. However, researcher Rob Fuller, principal security engineer at R5 Industries demonstrates that an attacker with physical access to your device can capture your login credentials (username and password) in under a minute if your computer is still logged in.

Credit: Rob Fuller

How it works

Fuller tested the attack method using USB Armory and Hak5 LAN Turtle, two USB drive-size complete computers designed for security application and penetration testing. Each was loaded with hacking app ‘Responder’. When plugged in, these devices capture credentials from a locked, logged-in system by disguising them as a USB Ethernet adapter.

He explained that the hack worked on all versions of Windows and expressed disbelief at how easily he was able to obtain the login details of the workstation. Sure, the data is encrypted, but it can be decrypted easily at another time. The success of this attack is the speed with which credentials can be taken to be used later.

In his report Fuller writes that he “tested it so many ways to confirm” since he had such a hard time believing it was possible. “This is dead simple and shouldn’t work, but it does.”

What it looks like

In an email to Ars Technica, Fuller explained:

“What is happening in the video, is the USB Armory is being plugged into a locked (but logged in) system. It boots up via the USB power, and starts up a DHCP server, and Responder. While it’s doing this, the victim is recognizing it as a Ethernet adapter. The victim then makes route decisions and starts sending the traffic it was already creating to the Armory instead of the “real” network connection. Responder does its job and responds to all kinds of services asking for authentication, and since most OSs treat their local network as “trusted” it sees the authentication request and automatically authenticates. Seeing that the database of Responder has been modified the Armory shuts down (LED goes solid).”

Surely the scariest thing is how easily and quickly this technology can be adapted to perform more efficiently for less. Mubix reported that some people have already had success with a similar setup on a RaspberriPi Zero, making the cost of this hack around $5 with 10 minutes of configuration.

For further technical information on how his hack works, you can read Fuller’s full report.

Credit: Rob Fuller

What you can do

Anti-Malware programs can’t block attacks like this one. This kind of attack is completed by an entire computer within a usb stick that uses a design flaw in Windows to get in and is how many operating systems deal with newly connected hardware.

Fuller endorses this prevention post: An intro to Windows Device Guard.

But, your simplest and best defence?

Don’t leave your workstation logged in while it is unattended. As seen above, even if you lock the screen, your login credentials can be obtained in under a minute.

Have a great (malware-free) day!

Related Posts:

• ALERT: Google Drive Phishing Scam


• Hacker group LizardSquad used home routers to attack Xbox…


• Protecting your information with hard disk encryption –…


• Large scale Windows SMB vulnerability puts user login…


• Will passwords become a thing of the past?

30 seconds and 50 dollars is all it takes to steal your PC login

Malware in sex toys: How private is your playtime?

In a time where fridges self-monitor their own food levels and cars can drive themselves, it was inevitable that the Internet of Things would catch up with the sex toy industry. Our playthings can now be controlled by an app and that can be paired to another person’s phone from wherever in the world they happen to be. But what would you do if you found out that the person at the other end of the controls was not your partner?

The We-Vibe, a device released by Standard Innovation, allows users to exchange text messages and engage in video chats when their smartphone is paired with the We-Connect app. It also allows a partner to control the device remotely. Beyond the security issues, such as a man-in-the-middle attack, a woman recently filed a lawsuit claiming the device measured highly personal information such as the date and time of each use, the intensity and mode chosen by the user, the email address of registered users and the device’s temperature at various times. This data was transmitted by the device back to the manufacturer with no explanation of how this information was being used.

Read the complaint (PDF).

CNET reports that “potential issues with the product came to light last month at the annual Defcon hacking convention when two researchers demonstrated how flaws in the software could let a hacker take over the vibrator while it’s in use. They also learned what kinds of data are being sent back to the company by taking the vibrator apart and studying the information it sends and receives.”

But, what if this information was stolen? Hacks of large companies, such as the recent attack on Yahoo which compromised over 500 million user demonstrate the magnitude of information that can be illegally obtained. One can only imagine the implications of large scale hack of very personal information such as the data held by Standard Innovation.

Is it sexual assault?

Couples toys that can be controlled by your partner remotely have been growing more and more popular. With built-in video calling and messaging, your partner can see you and control the device simultaneously.

It was revealed in the Defcon demonstration that an unknown person could easily hack the application, access your webcam and be in control of the toy without your knowledge. As well as being a gross violation of your privacy, some organisations are suggesting a far more serious crime is in play.

According to The Guardian, “a lot of people in the past have said it’s not really a serious issue, but if you come back to the face that we’re talking about people, unwanted activation of a vibrator is potentially sexual assault.”

Implications for manufacturers

In addition to the violation of a user’s privacy, there are significant security risks for manufacturers collecting such private information.

“If I hack a vibrator it’s just fun,” Raimund Genes, Chief Technology Officer at Tokyo-listed Trend Micro, told reporters at the CeBIT technology fair in Hannover.

“But if I can get to the back-end, I can blackmail the manufacturer,” he added, referring to the programming system behind a device’s interface.

Ransomware in the medical profession is highly profitable. A recent attack on a hospital in the US saw patient files held to ransom. The hospital felt forced to pay to ensure that the daily operation of the hospital was not interrupted and patient data could be returned. The collection of highly sensitive information such as that held by Standard Innovation is a prime target for a ransomware attack, risking the privacy of WeVibe’s users and the integrity of it’s manufacturer.

Sex toys that can be accessed by anyone anywhere anytime have implications for users and for the toy’s manufacturers. So, how can you stay safe?

Read the User Policies upon purchase, particularly with regards to what information apps are able to collect and how this information will be used.

Have a nice (malware-free) day!

Related Posts:

• The alarming state of computer security in healthcare


• Keysweeper: proof that it’s relatively simple to hack…


• iPhones having spyware built-in?


• LinkedIn Lawsuit: Mining Email Contact Lists


• Privacy Alert: Adobe’s Digital Editions eReader is…

Malware in sex toys: How private is your playtime?

No honour among thieves: hackers who hack each other

In ransomware, as in any profitable business, there is a constant struggle to compete in the marketplace. Ransomware, the strain of malware which crypto locks a victim’s hard drive until the developer of the malware is paid, is a highly lucrative – and illegal- income earner for its authors. The strategy is so successful that some ransomware developers have even begun sabotaging other’s ransomware in a bid to secure their share of victims.

An exploitative crime, ransomware is a type of malware that encrypts your personal data or locks your entire PC. You are asked to pay a “ransom” via an anonymous service in order to unlock your computer and free your data. Ransomware makes up a huge part of today’s active threats as it turned out to be one of the easiest income earners for attackers. Most other malware makes its developers money indirectly (by using or selling your computer power), but ransomware directly asks you (the victim) for cash to return your data or access to your PC. This is usually achieved through a lockout screen with a countdown timer and a link to a payment page where you are required to pay your ransom and receive a decryption key to unlock your files or computer.

To gain a competitive edge, hackers recently gained access to 3500 decryption keys for a competing organisation’s ransomware with a plan to release them to the public. Thus, rendering entire strains of their competition’s ransomware completely ineffective.

Fake ransomware has also become an issue which undermines the profitability of actual ransomware types, or, families. Actual ransomware developers are hacking developers of fake ransomware to ensure the continued profitability of this kind of crime.

F-secure recently reported that corporate sabotage has also been revealed as a key income generator in this field. A ransomware group claims they were paid handsomely by a Fortune 500 company to hack and infect a competing business. By locking the files of the competitor, the offending company was able to halt the competing company’s production and release a similar product first. This ransomware developer was paid twice, first by the offending company and secondly by the infected company via the ransomware lockout instructions.

If the profitability of ransomware is being threatened at all, it is being defended by those who know it best. This kind of malware shows no signs of disappearing any time soon.

How can you protect yourself from ransomware?

Though the basic features of ransomware are the same, there are many different ransomware families. We tested our product against 20 crypto-ransomware families to see how Emsisoft Anti-Malware held up. See the results here.

So, it’s not all bad. There are preventative steps you can take to keep your data free from ransomware.

1. Make sure all your software is up to date – especially your operating system, your web browser and all browser plugins like Adobe Flash Player or Oracle’s Java Platform.


2. Be cautious. Ask questions before you click. Read about how threats (and scams) work to avoid becoming a victim.


3. Backup all of your personal files and documents. If somehow your computer is infected with ransomware, you can reinstall your system and restore your files.


4. Make sure you run a strong anti-malware software with real-time protection and surf protection such as Emsisoft Anti-Malware.


5. Run an occasional scan with a second opinion scanner, such as Emsisoft Emergency Kit, Malwarebytes Anti-Malware or Hitman Pro to check whether your PC is ransomware-free.

Have a great (malware-free) day!

Related Posts:

• The smartest way to stay unaffected by ransomware? Backup!


• Strong indications that ransomware devs don’t like…


• Warning: File Encrypting Ransomware, Now on Android


• Stay one step ahead of ransomware – Emsisoft’s…


• The malware landscape has shifted – These online…

No honour among thieves: hackers who hack each other