Menu

AdvancedTR,LLC

Computer Repairs & Networking                                    Business & Residential 

TV HACK

blog post

Over 300 Cisco products are affected by a zero-day vulnerability Cisco discovered last week, and for which no patch is available at the time of writing.

Cisco engineers discovered the zero-day following a company-wide effort to investigate how the recently disclosed WikiLeaks "Vault 7" leak affected the company's products.

Solution: This vulnerability (CVE-2017-3881) resides in the Cluster Management Protocol code in Cisco IOS and Cisco IOS XE Software. According to Cisco, the firmware installed on 318 product models is currently affected.

The company's engineers say the zero-day can be exploited only via Telnet, so disabling Telnet and enabling SSH would protect all devices and still give network admins a means to manage devices from remote locations.

If disabling Telnet is not a solution, implementing infrastructure access control lists (iACLs) can help admins limit who can access the Telnet port.

Cisco says it did not detect any attempts to exploit the flaw prior to going public with its findings.

 

Android Ransomware Infects LG Smart TV

December 28th 2016

Android Ransomware Infects LG Smart TV

Security firms have been warning us for more than a year about the possibility of Android malware jumping from phones and tablets to other Android-powered devices, such smart TVs. The latest incident involving ransomware on a smart TV involves software engineer Darren Cauthon, who revealed that the LG smart TV of one of his family members was infected with ransomware right on Christmas day.

 

Ransomware asks for $500 to unlock device, LG asks for $340 to help

TV infected by installing mysterious app

Asked to detail how he got infected with the ransomware, Cauthon said "They [the relatives] said they downloaded an app to watch a movie. Halfway thru movie, tv froze. Now boots to this."

It is unclear at this moment if Cauthon's relative downloaded an app from the official Play Store, or from a third-party source.

Twitter users didn't wait for this confirmation, and one user was quick to answer Cauthon: "Someone downloaded an app on an ancient tv to watch pirated movies. Suddenly all SmartTVs are bad?"

 

blog post

The Proteus Malware current version number is 2.0.0. and it can perform the following actions:

  • Creates a socket and set up port forwarding in order to relay malicious traffic through the infected machine, which now acts like a SOCKS proxy.
  • Deploy the following crypto-currency miners: SHA256 miner, CPUMiner, and ZCashMiner. These tools can be used to mine for crypto-currencies such as Bitcoin, Litecoin, Zcash, and others, using the local PC's GPU or CPU.
  • Check if passwords still work on stolen user accounts for services like Amazon, eBay, Spotify, Netflix, and some German (.de) domains, and then extract profile information from working accounts.
  • Set up a keylogger.
  • Download and execute an executable on request.

Search

Archive

Comments

There are currently no blog comments.