Tech content trusted by users in North America and around the world
6,135 Reviews & Articles | 39,406 News Posts

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 85

Another OS X Trojan has been identified, this one bypasses user permissions

Apple have been hit again, with security firm Intego and their virus team identifying yet another Trojan horse that attacks Apple's Mac platform. The new Trojan called "Crisis", hasn't been seen in the wild yet, but Intego says that the Trojan is engineered to make analysis of the malware difficult for security experts.


TweakTown image news/2/4/24993_03_another_os_x_trojan_has_been_identified_this_one_bypasses_user_permissions.png


Intego have stressed alertness regarding Crisis, as it appears to be quite smart, having the ability to bypass OS X security features and install itself, all without any user interaction.


Crisis has been tracked, back to the IP address of, which it then calls back to every five minutes for instructions. There's only two OS X versions that are said to be susceptible to Crisis, OS X 10.6 and 10.7. Crisis can install and run itself without the need for the user to enter in their password. It's also resistant to reboots, and will run until it is detected and removed.

Continue reading 'Another OS X Trojan has been identified, this one bypasses user permissions' (full post)

Your hotel keycard lock is vulnerable to hackers

A word of warning to our readers: next time you check into a hotel room, realize you're probably not the only one that can get in. Take a moment to run your fingers along the bottom of the keycard lock and check for a power port. If you find one, it means a hacker with a couple of cheap hardware parts could gain access to your room without leaving a trace.




24-year-old Mozilla software developer and self-described hacker Cody Brocious has issued this warning after he found the vulnerability while reverse engineering Onity-manufactured locks. By connecting $50 in hardware to the DC port, the door will supposedly unlock and provide access. However, in practice, it's not quite that reliable.


While demonstrating it to a Forbe's journalist, it only worked on one of the three doors they tried and only on the second try after Brocious tweaked his software. Still, with a bit of time, a hacker could perfect the software and technique and somewhere around 4 million doors would immediately be able to be opened.


The method to do this will be released by Cody Brocious at the Black Hat security conference in Las Vegas on Thursday. Once released, other hackers can begin working on perfectly the method. Furthermore, the NSA and other governments most likely already know about this exploit and could have already perfected it and be using it.

Gamigo's breach sees 8 million logins leaked

Earlier this year, German gaming company Gamigo was hacked where over 11 million e-mail addresses and encrypted passwords were stolen. It has been the biggest breach of its kind for 2012.


TweakTown image news/2/4/24974_06_gamigo_s_breach_sees_8_million_logins_leaked.jpg


Gamigo is a free-to-play MMORPG site, and after the hack security researchers analyzed the dump, which included 3 million US (.com) e-mail address, 2.4 million German (.de) addresses, 1.3 million French (.fr) addresses, and 100,000 addresses. Gamigo have forced password resets ahead of time, meaning if you're a member of the site, you don't have to worry just yet.


But, for people who use the same e-mail address and password on multiple sites may have something to worry about. The leak contains addresses for various services including Windows Live Hotmail, Gmail and Yahoo, as well as other accounts at companies like Allianz, Deutsche Bank, ExxonMobil, IBM and Siemens.

New malware out is targeting OS X, Linux and Windows at the same time

Security firms Sophos, and F-Secure have both noted that there's a new piece of malware floating round that is targeting Mac, Windows and Linux users all at the same time. The malware pretends to be a required add-on.


TweakTown image news/2/4/24899_15_new_malware_out_is_targeting_os_x_linux_and_windows_at_the_same_time.png


Of course, it's not, and in reality its victims are opening up a Java archive file, which then detects the platform the victim is using, before connecting to a remote server to fetch the additional code, creating a back door for hackers. THe Mac-based malware is identified by F-Secure is "Backdoor:OSX/GetShell.A."


What makes this new piece of malware stand out from the very crowded sea of infectious crap that is out there is that this particular code is targeting multiple platforms at once. Most hackers usually stick to attacking Windows, or OS X. Hopefully it doesn't get too much more widespread, and people continue to educate themselves on what to, and what not to, click, open or accept.

Yahoo! confirms server breach, had 400k accounts compromised as a "wake-up call"

We've seen some serious hacking over the last few years, with the last notable tech-related hack being Sony, but now Yahoo! have joined the ranks of victims being hit. Yahoo! confirmed that it had the usernames, and passwords of over 400,000 accounts stolen from its servers earlier this week, and that data from these accounts were posted online briefly.


TweakTown image news/2/4/24889_06_yahoo_confirms_server_breach_had_400k_accounts_compromised_as_a_wake_up_call.jpg


The data has since been yanked offline, but it turns out that it wasn't just for Yahoo! accounts, as Gmail, AOL, Hotmail, Comcast, MSN, SBC Global, Verizon, BellSouth and login info was also taken on the day and placed online. Those who hacked the servers said that they did it simply to show Yahoo! the weaknesses in their security software, elaborating:


We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat. There have been many security holes exploited in Web servers belonging to Yahoo Inc. that have caused far greater damage than our disclosure. Please do not take them lightly. The subdomain and vulnerable parameters have not been posted to avoid further damage.

Continue reading 'Yahoo! confirms server breach, had 400k accounts compromised as a "wake-up call"' (full post)

NVIDIA shut down the NVIDIA forums, suspect they've been hacked

NVIDIA have just announced they've "suspended operations" of the NVIDIA Forums, for what seems like a breach of their systems. They've run a preliminary investigation, where they've identified that unauthorized third-parties gained access to some user information including usernames, e-mail addresses, hashed passwords, and public-facing "About Me" profile information.


TweakTown image news/2/4/24882_03_nvidia_shut_down_the_nvidia_forums_suspect_they_ve_been_hacked.jpg


NVIDIA state that they didn't store any passwords in clear text, and that their "About Me" optional profiles could include a user's title, age, birthdate, gender, location, interests, e-mail, and website URL, all of which was publicly accessible. NVIDIA also add that they're continuing their investigation, and hope to restore the Forums soon. They're also implementing additional security measures in order to minimize the impact of future attacks.


All passwords will be reset when the Forums go live again, and at that time NVIDIA will send out an e-mail with a temporary password, as well as instructions on how to change the password. NVIDIA (as well TweakTown) recommend that if you have any identical passwords on any other site, that you change them as soon as possible.

Spam being sent from a botnet composed of Android devices

Spam e-mail is nothing new. Most users have figured out ways to combat it either through the use of spam boxes or spam blockers on the e-mail servers themselves. This spam is traditionally sent out via compromised computers that have been pulled together into a botnet. The botnet can be ordered to do whatever nefarious activities its commander wants.


TweakTown image news/2/4/24796_1_spam_being_sent_from_a_botnet_composed_of_android_devices.jpg


With Windows becoming more secure, however, it has been harder for hackers to gain these computers for botnets. Terry Zink of Terry Zink's Cyber Security Blog on the MSDN noticed something interesting about the spam he has been receiving lately. At the bottom of the message it says "Sent from Yahoo! Mail on Android."


Furthermore, he examined the headers of the e-mail and found "Message-ID: 1341147286.19774.androidMobile(at)" I'm sure you can see where this is going. A spammer somewhere has a botnet that lives on Android devices, much like the rumors we've all heard. What's even more interesting is where these devices are located.


Yahoo places the IP of the device in the header so Terry Zink took a gander at where these IPs were located on the globe. The IPs come from Chile, Indonesia, Lebanon, Oman, Philippines, Russia, Saudi Arabia, Thailand, Ukraine, and Venezuela. The majority of these countries are developing countries and Zink has an explanation:

Continue reading 'Spam being sent from a botnet composed of Android devices' (full post)

Another new Mac OS X backdoor found, further proves OS X not as secure as previously thought

Once again, Apple's OS X is being confronted with a security risk. The latest backdoor has been discovered by Russian security firm Kaspersky Labs and is being used as part of a Advanced Persistent Threat campaign. This is just the latest in a series of security risks present in the Mac OS X operating system.


TweakTown image news/2/4/24794_1_another_new_mac_os_x_backdoor_found_further_proves_os_x_not_as_secure_as.jpg


Kaspersky researchers found that Uyghur activists in China were being targeted by hackers. These hackers sent e-mails with a compromised attachment that was in the form of a JPEG. The code hidden inside the JPEG was a new form of the MaControl backdoor and is compatible with both the PowerPC and i386 Mac variants.


Costin Raiu, Director of Global Research & Analysis at Kaspersky Lab:


Macs are growing in global popularity, even amongst high-profile people. Many choose to use Mac OS X computers because they believe it's safer. However, we believe that as the adoption increases for Mac OS X, so will both mass-infection attacks and targeted campaigns. Attackers will continue to refine and enhance their methods to mix exploits and social engineering techniques to try and infect victims. Just like PC malware, this combination is commonly the most effective and cybercriminals will continue to challenge Mac OS X users' security, both technically and psychologically.

Continue reading 'Another new Mac OS X backdoor found, further proves OS X not as secure as previously thought' (full post)

Espionage virus sent blueprints to China

In case you needed more examples of why the United States needs to focus on cyber security, take a look at a virus discovered in Peru. "ACAD/Medre.A" is a virus that is committing espionage by sending blueprints to China from companies in Peru. It has already stolen tens of thousands of blueprints, according to ESET.


TweakTown image news/2/4/24651_1_espionage_virus_sent_blueprints_to_china.jpg


The virus targeted the software AutoCAD which is a primary tool used by industrial designers and architects. It is believed the virus was first distributed to Peruvian companies through the use of an AutoCAD template given to public bodies. The virus was detected several months ago but has just seen a spike in usage.


The virus sends back blueprints to e-mail accounts provided by two Chinese internet firms, and However, this doesn't prove China or the Chinese were behind the virus. What it does prove is that companies and governments alike need to strengthen their cyber security measures to prevent things like this from happening.


"[It] represents a serious case of industrial espionage," said ESET researcher Righard Zwienenberg. "Every new design is sent automatically to the operator of this malware. Needless to say this can cost the legitimate owner of the intellectual property a lot of money as the cybercriminals have access to the designs even before they go into production."

Iran is the target of the U.S. and Israel-made Flame virus, according to sources

Flame, a highly sophisticated virus that was first discovered in Iranian oil refineries, and is supposedly the result of a U.S. and Israel joint effort to slow down Iran's nuclear program, reports The Washington Post. The information comes from multiple Western officials who purportedly have knowledge of the project, but of course want to remain anonymous.


TweakTown image news/2/4/24636_01_iran_is_the_target_of_the_u_s_and_israel_made_flame_virus_according_to_sources.jpg


This shouldn't come as a surprise considering the U.S. were unveiled as using the volatile Stuxnet virus, where The New York Times reported about Operation: Olympic Games, which is a project that used Stuxnet and Duqu, both sophisticated viruses. These viruses targeted Iranian SCADA systems, that allowed the creators of this virus to gather intelligence and even control aspects of Iran's nuclear and oil refining facilities.


Stuxnet code has been found within the Flame virus, according to security researchers, which is an unofficial confirmation that the creators of the Stuxnet virus (the U.S. government) are also behind this new nasty virus. Once this was discovered, in Get Smart fashion, the virus began to self-destruct, hastily removing itself from infected computers... not suss, huh?

Continue reading 'Iran is the target of the U.S. and Israel-made Flame virus, according to sources' (full post)

Latest Tech News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases