Cross Platform Trojan Then Steals Linux and Mac Passwords

Russian anti-virus company Doctor Web reported about the first cross-platform backdoor to run under Linux and Mac OS X identified as “BackDoor.Wirenet.1“. This malicious program designed to steals passwords entered by the user in Opera, Firefox, Chrome, and Chromium, and passwords stored by such applications as Thunderbird, SeaMonkey, and Pidgin.

BackDoor.Wirenet.1 is the first-ever Trojan that can simultaneously work on these operating systems. BackDoor.Wirenet.1 is still under investigation.

At launch BackDoor.Wirenet.1 creates a copy in the user’s home directory. To interact with the command server located at 212.7.208.65, the malware uses a special encryption algorithm Advanced Encryption Standard (AES). BackDoor.

51.526392 -0.091389

Sabpab – Another Mac OS Backdoor Trojan Discovered

Security firm Sophos has discovered more malware for the Mac OS X platform called Sabpab. It uses the same Java vulnerability as Flashback to install itself as a “drive-by download.” Users of older versions of Java now have still more malware to worry about.

It also doesn’t require any user interaction to infect a system either just like Flashback all that needs to happen is for you to visit an infected webpage. Sabpab, according to Sophos, installs a backdoor that allows the hackers to capture screen snapshots, upload or download files and execute commands on infected Macs remotely.

The Trojan creates the files

Encrypted logs are sent back to the control server, so the hackers can monitor activity. Although one variant of Flashback installed a file in the LaunchAgents folder, not all tools for detecting Flashback do anything with that folder.

Symantec identifies the trojan as OSX.Sabpab which exploits the Oracle Java SE Remote Java Runtime Environment Denial Of Service Vulnerability (BID 52161) in order to install itself on to the compromised computer.

Sophos products, including free Mac anti-virus for home users, detect the Trojan horse as OSX/Sabpab-A.

51.526392 -0.091389

The Pirate Bay to remove most torrent files on February 29th

Anyone following the BitTorrent scene has been noticing some interesting developments lately and three new technologies in particular have stood out. A couple of them, DHT, PEX, are new ways of finding peers (users with copies of the file you want to download) without relying on the old BitTorrent tracker system. These are very important to the actual downloads but work mostly hidden from the user who may not even now when they kick in.

Magnet links, on the other hand, are a different story. They have been around for quite a few years now, yet most people have started noticing them only recently, notably since the Pirate Bay implemented them. And now that the world’s first BitTorrent indexer, which relies solely on magnet links, has showed up, more and more people may find themselves wondering how these links work and what are their advantages over .torrent files, which are still in wide use, if any.

 
‘.torrent’ files

For years, BitTorrent clients, trackers and indexers have relied on .torrent files to store information on the files shared with the popular p2p protocol. These files are stored by indexing sites and are used by BitTorrent clients to connect to the tracker sites. The files hold several types of data, a URL of the tracker site, names for the files it shared, as well as hash codes of files.

All of this is used by the client to connect with peers that have the files in the torrent, or portions of them, and also to ensure that the downloaded data is accurate. This system has several disadvantages, some technical, but one of the biggest is that BitTorrent indexers have to store the .torrent files on their servers, which leaves them vulnerable to legal threats if the content shared happens to be infringing despite containing no actual infringing data by themselves.

Magnet links

Magnet links though are just links, they have no files associated with them just data. The links are an evolving URI standard developed primarily to be used by p2p networks. They differ from URLs, for example, in that they don’t hold information on the location of a resource but rather on the content of the file or files to which they link. Technically, magnet links are made up of a series of parameters containing various data in no particular order. In the case of BitTorrent, they hold the hash value of the torrent which is then used to locate copies of the files among the peers. They may also hold file name data or links to trackers used by the torrent. You can check out the entry on Wikipedia for a more detailed technical description.

With magnet links, BitTorrent indexers don’t have to store any file at all, just a few snippets of data leaving the individual client apps to do all the heavy lifting. In fact, magnet links can be copy-pasted as plain text by users and shared via email, IM or any other medium. For the indexer sites, the allure is clear, using magnet links makes it harder for them to be accused of any wrong-doing in court. Theoretically, magnet links should not have any disadvantages for the users over .torrent files either. It would also potentially make downloads faster as it would enable the clients to download from peers which have identical files but with different names, for example.

Current limitations

In practice though, since the technology is still being actively developed, some kinks still creep up. Up until very recently, many of the major BitTorrent clients didn’t support magnet links at all. After the Pirate Bay introduced them, this is no longer a problem, but there are still things to work out. Indexer sites haven’t agreed on a single link format, so it’s up to the clients to support the various implementations. And for the users, the experience isn’t on par with using plain .torrent files yet. For example, magnet links on the Pirate Bay don’t have any additional data on the torrent other than its content so when the link is opened in uTorrent, for example, the torrent won’t have a name or list the files in it.

This leads to a second problem, without knowing the contents of the torrent, uTorrent starts downloading it directly in the default location, preventing users from selecting a custom location or selecting just some files in a multiple-file torrent. These are likely to be just temporary set-backs, the recently-launched TorrIndex, the world’s first magnet link-only BitTorrent indexer, is listing links which have additional information like tracker URLs and the torrent’s name. And with broader support from BitTorrent clients and indexers, magnet links will eventually replace .torrent files sooner than you might expect.

Some of the most popular BitTorrent clients which support magnet links,

for Windows:
uTorrent is available for download here.
Vuze is available for download here.
BitComet is available for download here.

For Mac OS X:
Transmission is available for download here.

For Linux:
Transmission is available for download here.

Source:

http://www.theverge.com

http://news.softpedia.com

 

 

51.526392 -0.091389

Apple Laptops Hack That Kills Batteries

Your laptop’s battery is smarter than it looks. And if a hacker like security researcher Charlie Miller gets his digital hands on it, it could become more evil than it appears, too.

At the Black Hat security conference in August, Miller plans to expose and provide a fix for a new breed of attack on Apple laptops that takes advantage of a little-studied weak point in their security: the chips that control their batteries.

Modern laptop batteries contain a microcontroller that monitors the power level of the unit, allowing the operating system and the charger to check on the battery’s charge and respond accordingly. That embedded chip means the lithium ion batteries can know when to stop charging even when the computer is powered off, and can regulate their own heat for safety purposes.

When Miller examined those batteries in several Macbooks, Macbook Pros and Macbook Airs, however, he found a disturbing vulnerability. The batteries’ chips are shipped with default passwords, such that anyone who discovers that password and learns to control the chips’ firmware can potentially hijack them to do anything the hacker wants. That includes permanently ruining batteries at will, and may enable nastier tricks like implanting them with hidden malware that infects the computer no matter how many times software is reinstalled or even potentially causing the batteries to heat up, catch fire or explode. “These batteries just aren’t designed with the idea that people will mess with them,” Miller says. “What I’m showing is that it’s possible to use them to do something really bad.”

Miller discovered the two passwords used to access and alter Apple batteries by pulling apart and analyzing a 2009 software update that Apple instituted to fix a problem with Macbook batteries. Using those keys, he was soon able to reverse engineer the chip’s firmware and cause it to give whatever readings he wanted to the operating system and charger, or even rewrite the firmware completely to do his bidding.

From there, zapping the battery such that it’s no longer recognized by the computer becomes trivial: In fact, Miller permanently “bricked” seven batteries just in the course of his tinkering. (They cost about $130 to replace.) More interesting from a criminal perspective, he suggests, might be installing persistent malware on the chip that infects the rest of the computer to steal data, control its functions, or cause it to crash. Few IT administrators would think to check a battery’s firmware for the source of that infection, and if undiscovered the chip could re-infect the computer again and again.

“You could put a whole hard drive in, reinstall the software, flash the BIOS, and every time it would reattack and screw you over. There would be no way to eradicate or detect it other than removing the battery.” says Miller.

That attack would require finding another vulnerability in the interface between the chip and the operating system. But Miller says that’s not much of a barrier. “Presumably Apple has never considered that as an attack vector, so it’s very possible it’s vulnerable.”

And the truly disturbing prospect of a hacker remotely blowing up a battery on command? Miller didn’t attempt that violent trick, but believes it might be possible. “I work out of my home, so I wasn’t super inclined to cause an explosion there,” he says.

In fact, the batteries he examined have other safeguards against explosions: fuses that contain an alloy that melts at high temperatures to break the circuit and prevent further charging. But Miller, who has worked for the National Security Agency and subsequently hacked everything from the iPhone to virtual worlds, believes it might still be possible. “You read stories about batteries in electronic devices that blow up without any interference,” he says. “If you have all this control, you can probably do it.”

Miller, currently a researcher with the consultancy Accuvant, isn’t the first to explore the danger of explosive batteries triggered by hackers. Barnaby Jack, a researcher for with antivirus giant McAfee, says he worked on the problem in 2009, but he says he ”benched the research when I didn’t succeed in causing any lithium ion fires. Charlie has taken it a lot further and surpassed where I was at the time.”

Miller says he’s received messages from several other researchers asking him not proceed with the battery work because it could be too dangerous. But Miller has worked to fix the problems he’s exposing. At Black Hat he plans to release a tool for Apple users called “Caulkgun” that changes their battery firmware’s passwords to a random string, preventing the default password attack he used. Miller also sent Apple and Texas Instruments his research to make them aware of the vulnerability. I contacted Apple for comment but haven’t yet heard back from the company.

Implementing Miller’s “Caulkgun” prevents any other hacker from using the vulnerabilities he’s found. But it would also prevent Apple from using the battery’s default passwords to implement their own upgrades and fixes. Those who fear the possibilities of a hijacked chunk of charged chemicals in their laps might want to consider the tradeoff.

“No one has ever thought of this as a security boundary,” says Miller. “It’s hard to know for sure everything someone could do with this.”

 

http://blogs.forbes.com

51.526392 -0.091389

How To Reformat Your Drive

Here is a little tutorial about formatting your hard drive, this is dedicated to my friend Micheal who has asked be about this twice now and to save time I thought I would type it up and share it with the web at large. Enjoy!

A hard drive can be used on any type of computer—PC or Mac. But in order for the computer and drive to talk to one another, the drive has to be formatted.

Seagate external drives come preformatted but Maxtar’s do not—some for PCs, some for Macs. So if you buy the right drive for your computer, you don’t have to do anything else. Just connect the drive to your computer and it will work.

But if you have a drive that’s formatted for a different type of computer or a drive that isn’t preformatted, you’ll need to format the drive before you can use it.

One very important point: FORMATTING ERASES EVERYTHING ON THE DRIVE. So if you’re formatting a drive that has already been used, be sure to copy any files you’ll ever want to see again onto a computer of backup drive.

Formatting your drive for Windows Vista / Windows 7

STEP 1: Open Computer Management like this:

1. Right-click on the Computer icon.
2. Click Manage.

If you’re prompted for an administrator password or confirmation, type the password or provide confirmation.

STEP 2: In the pane on the left, under Storage, click Disk Management.

STEP 3: Right-click the drive that you want to format—be sure it’s the correct drive—then click Format

STEP 4: To format with the default settings, in the Format dialog box, click OK, and then click OK again.

Formatting your drive for Windows XP

STEP 1: Open Disk Management like this:

1. Right-click on the My Computer icon.
2. Click Manage.
3. In the pane on the left, under Storage, click Disk Management.

STEP 2: Right-click on the drive you want to format. Be sure it’s the correct drive.

STEP 3: If you want, you can type a name for the drive in the Volume Label box. This is an optional step.

STEP 4: Click the file system that you want to use in the File System box. You can also change the disk allocation unit size, specify whether you want to perform a quick format, or enable file and folder compression on NTFS volumes.

Note: Before changing the default allocation unit size please refer to Microsoft Knowledge Base Article 314878.

STEP 5: Click OK. When you’re prompted to format the drive, click OK again.

Formatting your drive for a Mac

STEP 1: Open Disk Utility like this:

1. Click Finder.
2. Click Applications.
3. Click Utilities.
4. Click Disk Utility.

STEP 2: Select the drive you want to format. Be sure it’s the correct drive.

STEP 3: Go to the Partition tab.

STEP 4: Click on the Current Volume Scheme drop-down menu and select One (1) partition.

STEP 5: Click Options. From the Partition Schemes provided:

• Click on the GUID Partition Table radio button.
  –OR–
• Click on the Apple Partition Map radio button.

STEP 6: Click OK. Select other options as desired (e.g., Volume Name, Format, etc).

STEP 7: Click Apply. The Partition Disk screen opens.

STEP 8: Click Partition. At this point, the volume dismounts from the desktop and the drive is partitioned and formatted.
Note: When Volumes are created, Time Machine may open, asking if you would like to use the volume for backups. Click Cancel to proceed.

STEP 9: When finished, select the Disk Utility from the Apple Menu and choose Quit Disk Utility.

51.526392 -0.091389

Your Privacy is at an End: Creepy App

Creepy is a software package for Linux or Windows – with a Mac OS X port in the works – that aims to gather public information on a targeted individual via social networking services in order to pinpoint their location. It’s remarkably efficient at its job, even in its current early form, and certainly lives up to its name when you see it in use for the first time.

 

 

Screenshots:

Map with results

Features

Map providers available :

• Google Maps
• Virtual Maps
• Open Street Maps

Location information retieval from :

• Twitter’s tweet location
  • Coordinates when tweet was posted from mobile device
  • Place (geographical name) derived from users ip when posting on twitter’s web interface. Place gets translated into coordinates using geonames.com
  • Bounding Box derived from users ip when posting on twitter’s web interface.The less accurate source , a corner of the bounding box is selected randomly.
• Geolocation information accessible through image hosting services API
• EXIF tags from the photos posted.

Social networking platforms currently supported :

• Twitter
• Foursquare (only checkins that are posted to twitter)

Image hosting services currently supported :

• flickr – information retrieved from API
• twitpic.com – information retrieved from API and photo exif tags
• yfrog.com – information retrieved from photo exif tags
• img.ly – information retrieved from photo exif tags
• plixi.com – information retrieved from photo exif tags
• twitrpix.com – information retrieved from photo exif tags
• foleext.com – information retrieved from photo exif tags
• shozu.com – information retrieved from photo exif tags
• pickhur.com – information retrieved from photo exif tags
• moby.to – information retrieved from API and photo exif tags
• twitsnaps.com – information retrieved from photo exif tags
• twitgoo.com – information retrieved from photo exif tags

Automatic caching of retrieved information in order to reduce API calls and the possibility of hiting limit rates.

GUI with navigateable map for better overview of the accumulated information

4 Maps providers (including Google Maps) to use.

Open locations in Google Maps in your browser

Export retrieved locations list as kmz (for Google Earth) or csv files.

Handling twitter authentication in an easy way using oAuth. User credentials are not shared with the application.

User/target search for twitter and flickr.

Creepy is the brainchild of Yiannis Kakavas, a 26-year-old academic working on his thesis on critical infrastructure protection at Technischen Universität Darmstadt in Germany following his completion of an MSc in information and communications security at the Royal Institute of Technology in Stockholm.

To try this totally free application go to http://ilektrojohn.github.com/creepy it is totally worth it.

51.526392 -0.091389

Mac Trojan – RAT ‘BlackHole’ Now in Beta

In a sign that hackers, like everyone else, are taking an interest in everything Apple, researchers at Sophos say they’ve spotted a new Trojan horse program written for the Mac.

It’s called the BlackHole RAT (the RAT part is for “remote access Trojan”) and it’s pretty easy to find online in hacking forums, according to Chet Wisniewski a researcher with antivirus vendor Sophos. There’s even a YouTube video demonstration of the program that shows you what it can do.

Sophos hasn’t seen the Trojan used in any online attacks — it’s more a bare-bones, proof-of-concept beta program right now — but the software is pretty easy to use, and if a criminal could find a way to get a Mac user to install it, or write attack code that would silently install it on the Mac, it would give him remote control of the hacked machine.

BlackHole is a variant of a Windows Trojan called darkComet, but it appears to have been written by a different developer. The darkComet source code is freely available, so it looks like BlackHole’s author simply took that code and tweaked it so it would run on the Mac, Wisniewski said.

Mac OS X has been gaining market share on Windows lately, and that’s starting to make it a more interesting platform for criminals. Wisniewski said that while Mac malware is still very rare, he has seen another Trojan, called HellRTS, circulating on file-sharing sites for pirated Mac software.

The version suggest that ‘BlackHole’ is currently in its early stage. However, the author seems to start showcasing the following functionalities:

• Remote execution of shell commands.
• Opens webpage using user’s default browser.
• Sends a message which is displayed on the victims screen.
• Creates a text file.
• It is capable to perform shutdown, restart and sleep operation.
• It is capable to request for admin privileges.

51.526392 -0.091389

How to Create a Portable Hackintosh on a USB Thumb Drive

There are tons of awesome live, bootable Linux systems, but what if you need to run OS X? Reader Will shows us how to put a portable version of OS X on a thumb drive and boot it on (most) Intel computers.

People put linux on their flash drives all the time. They also get hackintosh on their hard drives quite often. However, it’d be nice to be able to get the same live experience we get with Linux using OS X. With a distribution of OS X 10.6.2 called iPortable Snow, we can.

You’ll need an actual Mac to create the thumb drive (some Hackintoshes may work; mine didn’t). Search your favorite torrent site for iPortable Snow and download it. While it’s downloading, format your external hard drive or thumb drive (You’ll need at least an 8 GB thumb drive for this). Open up Disk Utility and select the drive you want to put OS X on. Go to the Partition tab and create one partition, formatted as Mac OS Extended (Journaled). Hit Options and make sure you’re using the Master Boot Record option. Then hit Apply to format the drive.

To read more about this fascinating subject have a look at Lifthacker.com

51.526392 -0.091389

How to Build a Working PC in a Mac Classic Case

Over at Instructables, they’ve put together a guide to building a usable PC inside an ancient Macintosh Classic Case.

Essentially, the guide shows you how to take a Netbook, a few supplies, and a bunch of tools—and turn it all into a working PC inside of the Mac Classic. It’s probably not a job for non-geeks, but then you’d have to be seriously geeky to even attempt something like this.

PC in a Macintosh Classic Case

51.526392 -0.091389

List of the Best Free Mac Downloads

Now let me just say, I take no credit for this post as I was writing a post about free MAC ware when one of my friends pointed out the following post on lifehacker. Don’t forget to visit their site for some awesome How To’s and guides.

Looking to beef up your Mac with a few great—and free—apps that cover a whole lot of your productivity and computing needs? Our annual Lifehacker Pack for Mac rounds up the best free downloads for OS X.

Productivity

Quicksilver: Quicksilver is an application launcher and then some, capable of browsing your file system, firing off quick emails, flipping through your iTunes library, and much, much more. It can be a bit difficult to wrap your head around, so rather than go into too much detail here, check out our beginner guide, settings tweaks, and video demonstrations. [Download]

Bean: You’re on a Mac, and chances are pretty good you’re not eager to shell out cash for Microsoft Office to open and edit the occasional Word document. Bean is an extremely fast, lightweight document editor (and written in Cocoa) that handles Word documents like a gem. It’s not a replacement for Word, but if you don’t need everything that word offers (and you don’t want a bloated replacement like OpenOffice.org), Bean’s a great option. [Download]

Notational Velocity: This brilliant little note-taking application creates, searches, tags, and syncs plain text notes between desktops, the web, and even your iPhone (syncing takes place either through Dropbox [see below] or the excellent web-based Simplenote). If you’re an obsessive plain text note-taker or to-do list creator, you won’t regret giving it a test run. [Download]

TextWrangler: If you do heavier text editing than Notational Velocity offers—like, say, coding—free text editor TextWrangler is a great tool for the job. A good share of Mac fans pony up for premium apps like TextMate, but if you don’t feel like shelling out $50 to get your coding on, TextWrangler’s a great option. [Download]

Internet/Communication

Firefox/Chrome: These two are fighting for default browser status on many a Mac, and frankly, they’re neck and neck in our hearts at this point. Google just dropped the beta tag from Chrome for Mac and released their first stable build; meanwhile, Firefox still has a few features we’d sorely miss if we switched over to Chrome. For now, we’d happily recommend either. [Download: Firefox/Chrome]

Adium: Adium is hands-down the best multi-protocol instant messaging client we’ve used on any platform. It’s completely customizable, works with almost any chat network you’d want, and still outdoes iChat on most fronts. (Though if you’re a big user of iChat’s admittedly great screen sharing and video chat tools, it’s unfortunately not up to snuff on those points.) [Download]

Cyberduck: This excellent open source client can connect to and upload/download files via FTP, SFTP, WebDAV, Amazon S3, and even Google Docs. Cyberduck’s impressive feature list is a little too long to dive into, but if you thought you needed to pay money for a solid FTP client on your Mac, take a look at Cyberduck first. [Download]

Fluid: If you turn to web applications more than you do desktop apps, this free, open source tool creates standalone “apps” for any web site you throw at it. With the right set of user scripts and tweaks, your Fluid-made site-specific-browsers (or SSBs) can display Growl notifications, Dock badges, and make your web apps feel more like they’re running on your desktop. [Download]

Utilities

The Unarchiver: Your Mac’s built-in Archiver Utility isn’t bad, but if you regularly traffic in archive file types like the popular RAR format, it can’t handle all your needs. The Unarchiver unpacks traditional ZIP archives along with RAR, TAR, 7Z, Stuffit, and most obscure archive types you could get your hands on. [Download]

uTorrent/Transmission: It used to be that when it came time to download something on your Mac via BitTorrent, you only really had one solid choice: the open source Transmission. But as of just a few days ago, uTorrent—the most popular BitTorrent client for Windows—upgraded to a 1.0 release. uTorrent for Mac still isn’t up to snuff when compared to the Windows version, but we still think it’s a solid alternative to Transmission—though some would argue that Transmission is more “Mac-like”. [Download: uTorrent/Transmission]

Burn: OS X’s built-in Disk Utility is actually quite good at burning ISOs and other disk images to optical media like CDs and DVDs, but the aptly-named, open-source Burn is a great supplement for less esoteric burning duties. Burn handles data, audio, video, and disc copying in a very user-friendly interface. [Download]

Growl: Growl is a universal system notification tool that displays attractive system notifications and integrates with nearly every really popular Mac application (including the majority of the apps on this list). As handy and popular as this universal notification application is, it’s still hard to believe it hasn’t been built into OS X already. [Download]

Dropbox: This handy utility adds a Dropbox folder to your user directory and instantaneously syncs any file you add to, edit, or delete from that folder to Dropbox’s cloud servers and to any other computer you’ve installed Dropbox on. If you regularly move around between a couple of computers or you just wouldn’t mind a way to access and back up a few of your most important files, Dropbox is a must. [Download]

Mozy: We regularly preach the importance of backup, and the newest release of Mozy is a double-threat of both on-site and off-site backup with impressive ease of use. You get the local backup and 2GB of online backup for free, or for $5 a month, you get unlimited online backups. We don’t normally urge people to pry open their pocketbooks, but with Mozy’s unlimited backup, we strongly believe it’s worth it. [Download]

Media

VLC: Throw any video or audio file you can find at VLC and it’ll play it, no matter how obscure the format. While not necessarily as friendly on the eyes as QuickTime, VLC is a workhorse of a media player that we’ve turned to in many a dark hour when it looked like a file might not play. [Download]

iTunes: iTunes may be one of the most controversial apps on this list. Some love it, some hate it, but the fact remains that if you’re firmly planted in Apple hardware and software, iTunes is the glue that keeps all of your media together. And if you’re an iPhone/iPod/iPad owner, it’s still a must. [Download]

Seashore: Photoshop may be the gold standard for image editing, but if all you need to do is some basic photo editing and you don’t want to fire up an industrial workhorse to get it done, Seashore is a handy tool to have on hand. [Download]

Picasa: If you’re unhappy with iLife’s default photo management software, iPhoto—and many Mac users on the Lifehacker staff are—Google’s Picasa offers a strong alternative. It handles many of the same features iPhoto does, plus it integrates like a charm with your Google account and Picasa Web Albums online. [Download]

Handbrake: Got a DVD you’d like to rip to your hard drive in a high-quality, portable-device-friendly format? Turn to the extremely popular, always handy Handbrake. [Download]

51.526392 -0.091389