Security Brief: badBIOS Malware, Political Attacks, Social Media Hacks

The main events of the week between October 28 and November 3

In case you haven’t been online much over the past week, we have some interesting IT security stories for you.

The Anonymous movement has been highly active over the past week all over the world. Hackers in Cambodia targeted the Extraordinary Chambers in the Courts of Cambodia for silencing victims of crimes against humanity.

In Ukraine, Anonymous hacktivsts initiated OpIndependence, a campaign that supports the country’s independence of NATO, the European Union and others. Several websites have been hacked or disrupted with DDOS attacks.

The Syrian Electronic Army has also been active this week. The hackers managed to hijack the Facebook and Twitter accounts of US President Barack Obama by compromising ShortSwitch and Blue State Digital systems.

However, the Syrian Electronic Army isn’t the only collective that’s been active. Other Syrian hackers, ones that don’t support the Assad government, have breached and defaced three websites.

In Argentina, hacktivists defaced the website of opposition leader Sergio Massa during elections to remind him of the promises he had made during his campaign.

The Moroccan Ghosts are back. After Nigerian lawyers revealed their intentions of dragging Morocco, France and Spain to the European Court of Human Rights for the illegal occupation of Western Sahara, the hacktivists defaced the official website of Nigeria’s Ministry of Defense. The hackers say the Sahara belongs to Morocco.

Anonymous hackers have set their sights on Singapore. They’re unhappy with the implementation of the Internet licensing framework.

They’ve clarified that their main target is the Singapore government and not the people of Singapore. The Straits Times has learned firsthand about the consequences of not clearly specifying the targets of a campaign.

The Syrian Electronic Army is not the only group that hacks social media services to achieve their goals. Cybercriminals have sent out spam messages on tens of thousands of social media accounts after breaching Buffer.

Interestingly, they’ve breached Buffer after gaining access to the databases of MongoDB.

In the social media hack section, we also have a Twitter vulnerability that could have been leveraged to upload any files to the company’s systems. Ebrahim Hegazy, a cyber security analyst consultant at Q-CERT, provides details and even POC videos.

The badBIOS malware has been in the center of many discussions. The researcher who discovered it, Dragos Ruiu, claims the threat can do some unbelievable things, including heal itself and jump air gaps through microphones and speakers. However, there are a lot of skeptics.

Many of the capabilities described by Ruiu appear to be straight out of a Sci-Fi movie and some things simply don’t add up. Hopefully, we’ll find out soon if the malware is real or just part of an experiment (or a hoax).

We also had some interesting espionage stories this past week. China and Russia are suspected of launching a campaign against Finland.

An even more interesting story comes from Russia. Authorities have identified a shipment of home appliances that contain microchips designed to connect to computers via Wi-Fi and steal information.

In the law enforcement/legal section, we have the guilty plea of Vladimir Kats, the co-founder of Liberty Reserve. We also have the arrests of four Dutch men who allegedly used the TorRAT malware to empty bank accounts.

A British man, 28, has been arrested and charged for hacking into the systems of NASA, the US Army, the Missile Defense Agency and other high-profile organizations.

Unsurprisingly, LulzSec hacker Sabu hasn’t been sentenced. He’s still working with authorities so the government has asked for the sentencing to be postponed once again, this time until January 13, 2014.

Here are some other stories in case you’ve missed them:

Google Bolivia defaced via DNS hijacking

Obamacare website is full of security holes and the government is well aware of it

Researchers prove that they can hack a counterfeit money detector to accept paper as valid currency

At least 39 million users affected by Adobe hack

Hacker attack caused shutdown of major Israeli roadway

Prince Harry’s phone was hacked

Hot right now  ·  Latest news