Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: encryption – Page 29

The FBI Forced A Suspect To Unlock Amazon’s Encrypted App Wickr With Their Face

In November last year, an undercover agent with the FBI was inside a group on Amazon-owned messaging app Wickr, with a name referencing young girls. The group was devoted to sharing child sexual abuse material (CSAM) within the protection of the encrypted app, which is also used by the U.S. government, journalists and activists for private communications. Encryption makes it almost impossible for law enforcement to intercept messages sent over Wickr, but this agent had found a way to infiltrate the chat, where they could start piecing together who was sharing the material.

As part of the investigation into the members of this Wickr group, the FBI used a previously unreported search warrant method to force one member to unlock the encrypted messaging app using his face. The FBI has previously forced users to unlock an iPhone with Face ID, but this search warrant, obtained by Forbes, represents the first known public record of a U.S. law enforcement agency getting a judge’s permission to unlock an encrypted messaging app with someone’s biometrics.

According to the warrant, the FBI first tracked down the suspect by sending a request for information, via an unnamed foreign law enforcement partner, to the cloud storage provider hosting the illegal images. That gave them the Gmail address the FBI said belonged to Christopher Terry, a 53-year-old Knoxville, Tennessee resident, who had prior convictions for possession of child exploitation material. It also provided IP addresses used to create the links to the CSAM. From there, investigators asked Google and Comcast via administrative subpoenas (data requests that don’t have the same level of legal requirements as search warrants) for more identifying information that helped them track down Terry and raid his home.

The most dangerous keylogger malware of 2022: Snake Keylogger

Check Point Research, the Threat Intelligence division of the company, a leading global cybersecurity specialist provider, has released its Global Threat Index for the month of June 2022. Researchers have found that Emotet continues to be the number one malware and has also increased its global incidence by around 6%. Continuing with its climb of the last month, Snake Keylogger sneaks into the top three positions, taking the Formbook position, both still far from Emotet.

Emotet, has affected 14% of organizations around the world in June, an increase that is almost double compared to the previous month. This malware is highly profitable thanks to its ability to go unnoticed. Its persistence also makes it difficult to remove once a device is infected, making it the perfect tool in a cybercriminal’s arsenal. Conceived as a banking Trojan, it is often distributed via phishing emails and has the ability to embed other malware, increasing its ability to cause widespread damage.

There are other malwares that have increased their presence such as Raspaberry Robin, GuLoader and Wacatac. The first one was discovered a few months ago (September 2021) and is distributed via infected USB drives, uses various legitimate Windows functionalities to communicate with its C&C servers and execute malicious payloads. GuLoader first appeared in December 2019 and was used to download Parallax RAT, but has been applied to other remote access Trojans such as Netwire, FormBook, and Agent Tesla. Lastly, Wacatac is a Trojan threat that locks files but does not encrypt them like typical ransomware. When Wactac infiltrates a user’s system, it changes the names of the target files by appending a “”.wctw” extension. The lack of data encryption capability makes this threat reversible. Wactac is normally spread using spam email campaigns and rogue software.

NIST Acknowledges First Four Quantum-Resistant Encryption Tools

The US Department of Commerce’s National Institute of Standards and Technology (NIST) has selected the first-ever group of encryption tools that could potentially withstand the attack of a quantum computer.

The four selected encryption algorithms will now reportedly become part of NIST’s post-quantum cryptographic (PQC) standard, which should be finalized in about two years.

More specifically, for general encryption (used for access to secure websites), NIST has selected the CRYSTALS-Kyber algorithm.

Telegram is ‘not a secure platform,’ NATO-backed strategic comms chief warns

Telegram, a leading encrypted messaging and social media application, has been compromised by Russia, according to a NATO-backed assessment.

“Telegram is not really as it used to be,” Janis Sarts, the director of NATO’s Strategic Communications Center of Excellence in Riga, Latvia, told the Washington Examiner. “I do have reasons to believe that there is not full integrity. … Certainly, I would not see it as a secure platform.”

The messaging service, founded in Dubai by a Russian tech titan who has clashed with Russian President Vladimir Putin’s surveillance apparatus, rocketed to global popularity in 2014 as one of the first applications to offer users the ability to communicate on an encrypted line. It proved valuable to Belarusian protesters who denounced President Alexander Lukashenko’s self-declared victory in a 2020 presidential election, but a warning about the program has begun to circulate among Western officials.

Quantum ransomware seen deployed in rapid network attacks

The Quantum ransomware, a strain first discovered in August 2021, were seen carrying out speedy attacks that escalate quickly, leaving defenders little time to react.

The threat actors are using the IcedID malware as one of their initial access vectors, which deploys Cobalt Strike for remote access and leads to data theft and encryption using Quantum Locker.

The technical details of a Quantum ransomware attack were analyzed by security researchers at The DFIR Report, who says the attack lasted only 3 hours and 44 minutes from initial infection to the completion of encrypting devices.

This ‘Tamper-Evident Container’ Snitches on Meddlers and Thieves

The 3D-printed containers keep a log of all break-in attempts, meaning your snail mail just got way safer.

Suppose you want to mail a court document to someone across the country—you don’t want anyone to see the secure information inside, of course. So, you seal it into a container that has special sensors built into its walls, and electronics that monitor the shield of sensors. Now, the container is armed and monitoring.

On the way to its intended recipient, let’s say the container is hacked. When the intended recipient later opens the container, they pull out the court document, along with an SD card (just like the ones you might use to store digital photos). They plug the card into a computer and look at the file. They see an encrypted historical record of the container’s experiences, from the time you put that document into the container and sealed it, up until the time they opened it. In the list of messages is a notification about a tampering attack, along with the date and time of the incident. The message also specifies the type of breach detected, such as the container being opened or cut.

A team at Los Alamos National Laboratory in New Mexico hopes this ability to see recorded, real-time security information about sensitive physical materials will become an everyday tool. Using a 3D printer, engineers built a prototype “Tamper-Evident Container” (TEC) that looks like a cylindrical box on the outside, but inside holds a complex network of sensors and electronics that record potential break-ins.

Researchers break world record for quantum-encrypted communications

Researchers in Beijing have set a new quantum secure direct communication (QSDC) world record of 102.2 km (64 miles), smashing the previous mark of 18 km (11 miles), The Eurasian Times reported. Transmission speeds were extremely slow at 0.54 bits per second, but still good enough for text message and phone call encryption over a distance of 30 km (19 miles), wrote research lead Long Guilu in Nature. The work could eventually lead to hack-proof communication, as any eavesdropping attempt on a quantum line can be instantly detected.

QSDC uses the principal of entanglement to secure networks. Quantum physics dictates that entangled particles are linked, so that if you change the property of one by measuring it, the other will instantly change, too — effectively making hacking impossible. In theory, the particles stay linked even if they’re light-years apart, so such systems should work over great distances.

The same research team set the previous fiber record, and devised a “novel design of physical system with a new protocol” to achieve the longer distance. They simplified it by eliminating the “complicated active compensation subsystem” used in the previous model. “This enables an ultra-low quantum bit error rate (QBER) and the long-term stability against environmental noises.”

A new quantum encryption breakthrough could lead to hacker-proof communication

Scientists from Beijing set a new quantum secure direct communication (QSDC) world record of 102.2 km (64 miles), a massive leap over the previous record of 18 km (11 miles), according to The Eurasian Times.

The research could eventually lead to a massive quantum communications network that would be virtually hacker-proof due to the nature of the technology.

The researchers, who published their findings in a paper in Nature, demonstrated transmission speeds of 0.54 bits per second, much slower than communications using classical computing devices. Still, this was fast enough for phone call and text message encryption over a distance of 30 km (19 miles).

/* */