Login

Register

Login

Register

#cybersecurity | hacker | FSB contractor breach exposes secret cyber weapons program leveraging IoT vulnerabilities


The hack of an FSB contractor has exposed details of the Russian
intelligence agency’s cyber weapons program aimed at exploiting vulnerabilities
in IoT devices.

Digital Revolution, a Russian hacking group, has claimed credit
for the April 2019 breach of subcontractor ODT
(Oday) LLC, which was working with frequent Russian Ministry of Internal
Affairs contractor InformInvestGroup CJSC, and published 12 technical documents
revealing what the FSB has dubbed the Fronton Program.

Inspired by the Mirai botnet, the program developed in 2017
and 2018, according to a ZDNet report,
suggests creating an IoT botnet for the FSB marshalling devices – particularly internet
security cameras and digital recorders – that still use default logon credentials
or easy-to-crack user names and passwords.

Once pulled into the botnet, the devices could be used to
execute DDoS attacks. “If they transmit video, they have a
sufficiently large communication channel to effectively perform DDoS,”
the report cited an expose
by BBC Russia as saying.

The FSB’s unit No. 64829, or FSB Information Security
Center, apparently placed a procurement order for the project.

This isn’t the first time the FSB has suffered
an embarrassing breach. Hackers reportedly stole
7.5 TB of data from the intelligence service’s contractor SyTech, which
revealed details on several of its activities or prospective projects,
including the collecting of information on users of social media services Tor
and P2P networks.

SyTech,
has worked for FSB’s radio-electronic intelligence unit 71330 since 2009. The
July 13 breach reportedly exposed details on “Nautilus,” a plan to gather
information on users of Facebook, MySpace, LinkedIn and similar services;
“Nautilius-S,” a project to deanonymize Tor traffic using Tor servers; and
“Reward,” a scheme to secretly penetrate P2P networks.



Original Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


NATIONAL CYBER SECURITY RADIO
[spreaker type=player resource="show_id=4560538" width="100%" height="550px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]
HACKER FOR HIRE MURDERS
 [spreaker type=player resource="show_id=4569966" width="100%" height="350px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW