New Technology

Aerial Assault drone is armed with hacking weapons

Hackers' arsenal was beefed up with a drone armed with weapons to crack into wireless computer networks at close range, whether they be in skyscrapers or walled compounds.

David Jordan of US-based Aerial Assault was at an infamous Def Con hacker gathering on Sunday, showing off a drone that could be dispatched on missions to land atop buildings or hover outside walls and probe for cracks in computer networks.
"There has never been this capability before," Jordan said as he showed the drone to AFP.
The drone was equipped with software tools used to perform the kind of "penetration testing" done by hackers or computer security professionals who seek vulnerabilities in computer networks.
As with drones previously launched by hackers, the Aerial Assault model scans for unsecured wireless connections to networks, according to Jordan.
Along with assessing weaknesses of networks, the drone logs precise GPS coordinates of a target and takes all the information back to its handler, he said.

Aerial Assault drones were for sale, at a price of $2,500 each.

Hackers at Def Con early on turned to drones for sniffing out unprotected wireless Internet networks, but capabilities Jordan said were built into the Aerial Assault drone raised the ante with automated tools that could be flown past physical defenses.

New hacks strike at heart of mobile innovations

As fierce competition leads to rapid innovation in the smartphone market, hackers have pounced on cracks in defenses of developments on devices at the heart of modern lifestyles, experts say.

Smartphones have become increasingly targets for cyber criminals as people cram the gadgets with troves of personal information and go on to use them for work.
"Mobile devices are taking a bigger place in businesses and in our lives," Avi Bashan of Tel Aviv based cyber defense firm Check Point Software Technologies told AFP on Thursday at a Black Hat computer security conference in Las Vegas.
"As more people use them for more things, attackers gain interest."
Check Point has seen attacks rise during the past three years on the world's leading mobile operating systems - Apple iOS and Google-backed Android, according to Bashan.

Check Point researchers at Black Hat revealed a vulnerability that allows hackers take over Android smartphones by taking advantage of a tool pre-installed that was intended to give tech support workers remote access to devices.

"It effects every version of Android," Check Point mobile threat prevention director Ohad Bobrov said.
The hack can be triggered by tricking a smartphone user into installing an application rigged to reach out and connect with the pre-installed support tool, Bobrov explained.
In some cases the hack can be accomplished by sending a text message that a recipient doesn't even have to open, he warned.
The text message tricks a smartphone into thinking it is connecting with a legitimate support technician remotely when it is actually linking to an online server commanded by a hacker.
"I need your phone number and that is it," Bashan told AFP.
Bobrov said the flaw in Android software architecture has been disclosed to Google and smartphone makers.

Dealing with Stagefright

The Check Point revelation came a week after cyber security firm Zimperium warned of a "Stagefright" vulnerability in the world's most popular smartphone operating system that also lets hackers take control with a text message.
Zimperium research senior director Joshua Drake took a stage at Black Hat to discuss Android code at the heart of the problem.

Stagefright automatically pre-loads video snippets attached to text messages to spare recipients from the annoyance of waiting to view clips.
Hackers can hide malicious code in video files and it will be unleashed even if the smartphone user never opens it or reads the message, according to Drake.
Stagefright imperils some 95 percent, or an estimated 950 million, of Android phones, according to the security firm.
Zimperium reported the problem to Google and provided the California Internet firm with patches to prevent breaches. Updates have started hitting Android devices, according to Drake.

Computer security firm Secunia on Thursday said about 80 vulnerabilities were discovered in Apple mobile operating software so far this year and about 10 were found in Android.
"There has been a big boom in mobile," Drake said.
"When there is a big boom, people take a lot of shortcuts, when you take shortcuts you build up a lot of technical debt."
Mobile operating system makers who raced ahead now have to backtrack to squash bugs, some of which are exposed by good-guy hackers.
Check Point's Bashan sees it as a case of smartphone rivals moving so fast to add features and improvements that innovation trumped security at times in the process.
"The operating systems developed so quickly," Bashan said.
"And when you develop quickly, some things get developed badly."