Tag Archives | Hacking

E-ZPass Is Being Used To Track Your Car Far From Tollbooths

Via Forbes, a video from a Defcon conference presenter who hacked his E-ZPass and found that his car's location was being tagged continuously while he drove through New York City:
He hacked his RFID-enabled E-ZPass to set off a light and a “moo cow” every time it was being read. Then he drove around New York. His tag got milked multiple times on the short drive from Times Square to Madison Square Garden in mid-town Manhattan…and also on his way out of New York through Lincoln Tunnel, again in a place with no toll plaza. At Defcon, where he presented his findings, Puking Monkey said he found the reading of the E-ZPass [in non-toll situations] “intrusive and unsettling.”
Continue Reading

The Time An Alien Cult Hacked the BBC

Screen Shot 2013-09-20 at 10.48.44 AM

Totally not Legolas.

The Kernel recalls a particularly strange episode in British broadcasting history: An evening when an “alien” named “Vrillon” took over the airwaves:

Via The Kernel:

As Andrew Gardner read out news of the conflict in Rhodesia, a hissing, shuffling sound drowned out his voice. Suddenly, a booming voice addressed the startled viewers, as the screen still showed the oblivious newsreader reading through the day’s headlines.

This is the voice of Vrillon, a representative of the Ashtar Galactic Command, speaking to you.

It was now ten past five in the evening. With the news report still continuing on the screen, the deep, oscillating voice continued with his message.

For many years you have seen us as lights in the skies.

None of the evening staff at Southern Television were aware of the intrusion to their signal. International Broadcasting Authority engineers in Croydon, Surrey did not hear the rogue signal, nor was it detected at the main transmitter site in Southampton.

Read the rest
Continue Reading

When Your “Smart Home” Gets Hacked

smart home

Via Forbes, Kashmir Hill reveals that the “demonic house” horror archetype may soon be coming true:

“I can see all of the devices in your home and I think I can control them,” I said to Thomas Hatley, a stranger in Oregon who I had rudely awoken with an early morning phone call.

He and his wife were still in bed. Expressing surprise, he asked me to try to turn the master bedroom lights on and off. Sitting in my living room in San Francisco, I flipped the light switch with a click, and resisted the Poltergeist-like temptation to turn the television on as well.

Googling a very simple phrase led me to a list of “smart homes” that had done something rather stupid. The homes all have an automation system from Insteon that allows remote control of their lights, hot tubs, fans, televisions, water pumps, garage doors, cameras, and other devices, so that their owners can turn these things on and off with a smartphone app or via the Web.

Read the rest
Continue Reading

A List Of Online Encryption Tools That The NSA Has Already Foiled

encryption

Why even bother trying? The New York Times reveals:

The NSA is winning its long-running secret war on encryption. Below are encryption tools the agency has had some success in cracking, according to documents provided by Edward Snowden.

Virtual Private Networks – Commonly used by businesses to allow employees to access work networks from outside the office, via an encrypted “tunnel” through a public network.

Encrypted chat – Available with chat programs like Adium or with software added to programs like AOL Instant Messenger, providing “end to end” encryption, in which the data cannot be decrypted at any point along the transfer (even by the messaging service).

Encrypted Voice over Internet Protocol – Services like Microsoft’s Skype and Apple’s FaceTime allow users to make free, encrypted phone and video calls over the Internet. The documents suggest that the N.S.A. is working with some VoIP services to obtain pre-encryption access to such messages.

Read the rest
Continue Reading

Defcon Hacker Conference To Detail How Moving Cars Be Remotely Sabotaged

defcon

From now on, are all notable car crashes suspicious? Engadget reports:

Famed white hats Charlie Miller and Chris Valasek are preparing to unleash a 100-page paper at the annual hacker conference in Las Vegas, and notably, hacks that overtake both Toyota and Ford automotive systems will be positioned front and center. The information was gathered as part of a multi-month project that was funded by the US government, so note that the specifics of the exploits will not be revealed to the masses; they’ll be given to the automakers so that they can patch things up.

Using laptops patched into vehicular systems, the two were able to force a Prius to “brake suddenly at 80 miles an hour, jerk its steering wheel, and accelerate the engine,” while they were also able to “disable the brakes of a Ford Escape traveling at very slow speeds.”

Read the rest

Continue Reading

Hacker Dies Before Planned Presentation on Lethal Pacemaker Hacks

isH220EyUfi8The presentation was scheduled for hacker conference DEFCON:

Via Reuters:

Well-known hacker Barnaby Jack has died in San Francisco, a week before he was due to show off techniques for attacking implanted heart devices that he said could kill a man from 30 feet away.

The San Francisco Medical Examiner’s office said he died in the city on Thursday. It gave no details.

Jack, a security expert, became one of the most famous hackers on the planet after a 2010 demonstration in which he forced ATMs to spit out cash, dubbed “Jackpotting.”

Hat tip: BoingBoing.

Read the rest

Continue Reading

When Someone Hacks And Roots Your Google Glass

google glassThe future is hazardous. Technology consultant Jay Freeman discusses unlocking your Google Glass and describes what will happen when your pair is (inevitably) hacked:

Once the attacker has root on your Glass, they have much more power than if they had access to your phone or even your computer: they have control over a camera and a microphone that are attached to your head. A bugged Glass doesn’t just watch your every move: it watches everything you are looking at (intentionally or furtively) and hears everything you do. The only thing it doesn’t know are your thoughts.

It also hacks into every device you interact with. It knows all your passwords, for example, as it can watch you type them. It even manages to monitor your usage of otherwise safe, old-fashioned technology: it watches you enter door codes, it takes pictures of your keys, and it records what you write using a pen and paper.

Read the rest
Continue Reading

Hacker Who Exposed Steubenville Rapists Raided By FBI, Faces Ten-Year Prison Sentence

hackerPrison sentence for rape: a year or two. Prison sentence for hacking a high school football team’s website in order to expose said rapists: potentially a decade, Mother Jones reports:

In April, the FBI quietly raided the home of the hacker known as KYAnonymous (whose real name is Deric Lostutter) in connection with his role in the Steubenville rape case. Today he spoke out for the first time about the raid and his motivations for pursuing the Steubenville rapists.

Lostutter may deserve more credit than anyone for turning Steubenville into a national outrage. After a 16-year-old girl was raped by two members of the Steubenville High football team last year, he obtained and published tweets and Instagram photos in which other team members had joked about the incident and belittled the victim.

Lostutter says he played no role in the hacking the Steubenville team’s fan page; he points out that another hacker, Batcat, has publicly taken the credit.

Read the rest
Continue Reading

Police Arrest and Delete Footage From Hacker, Hacker Gets It Back

WeAreChange recently got a chance to meet up with Alex from Federal Jack and Hack Miami, to get the full story of his arrest and destruction of evidence by the Miami Police Department. Alex was arrested for merely filming the police in Miami, the police later illegally deleted the footage from Alex’s camera and charged him with resisting arrest. The Miami Police officer who made the arrest, Richard Anastasi was later found guilty of extortion and kidnapping in a separate case.

How To Recover Video Footage That Was Deleted By The Police

In this video Alex breaks down how he was able to recover his video footage that was able to exonerate him from the false charges put on him by the Miami PD. Here is a step by step process on how to recover deleted files from your camera.

This is a link to the software to recover deleted footage http://www.cgsecurity.org/

Via WeAreChange

Read the rest

Continue Reading

Hacker Demonstrates Android Smartphone App To Hijack A Plane Midair

hijack a planeOn your next flight, you may want to look over your shoulder at what the person next to you is doing. Help Net Security reports:

An extremely well attended talk by Hugo Teso, a security consultant at n.runs AG in Germany, galvanized the crowd attending the Hack In The Box Conference in Amsterdam. Teso showcased an Andorid app, PlaneSploit, that remotely controls airplanes on the move.

Teso has been working in IT for the last eleven years and has been a trained commercial pilot for a year longer than that. By creating an exploit framework (SIMON) and an Android app (PlaneSploit) that delivers attack messages to the airplanes’ Flight Management Systems (computer unit + control display unit), he demonstrated the terrifying ability to take complete control of aircraft.

His testing laboratory consists of a series of software and hardware products. But the connection and communication methods, as well as ways of exploitation, are absolutely the same as they would be in an actual real-world scenario.

Read the rest
Continue Reading