The Mirai botnet caused serious trouble last fall, first hijacking numerous IoT devices to make a historically massive Distributed Denial-Of-Service (DDoS) attack on KrebsOnSecurity’s site in September before taking down a big chunk of the internet a month later. But who’s responsible for making the malware? After his site went dark, security researcher Brian Krebs went on a mission to identify its creator, and he thinks he has the answer : Several sources and corroborating evidence point to Paras Jha, a Rutgers University student and owner of DDoS protection provider Protraf Solutions. About a week after attacking the security site, the individual who supposedly launched the attack, going by the username Anna Senpai, released the source code for the Mirai botnet, which spurred other copycat assaults. But it also gave Krebs the first clue in their long road to uncover Anna Senpai’s real-life identity — an investigation so exhaustive, the Krebs made a glossary of cross-referenced names and terms along with an incomplete relational map . The full story is admittedly lengthy, clocking in at over 8000 words, but worth the time to understand how botnet wranglers make money siccing their zombie device armies on unsuspecting targets. The sources that pointed Krebs to Anna Senpai’s identity were involved in using botnets on behalf of shadowy clients, unleashing them on security companies protecting lucrative Minecraft servers that host thousands of players. When their online gaming is obstructed — say, by repeated and annoying DDoS attacks — players leave, giving servers an incentive to jump ship to whichever security provider can ensure protection…in this case, providers that arranged for the botnet attacks in the first place. According to Krebs’ source, his security site was looped into the botnet war after it revealed information in early September leading to the arrest of the two hackers behind the Israeli ‘vDos’ attack service. Anna Senpai was allegedly paid to unleash Mirai on the KrebsOnSecurity site by vengeful clients who’d used the now-defunct vDos, cementing the security firm’s interest. Source: KrebsOnSecurity
Harvard Wyss Institute researchers have been working on a soft exosuit with DARPA’s financial help for years. While they were able to present a proof of concept in 2016, it’s only now that they’ve found out just how much the suit can actually help its wearer. According to a new study published in Science Robotics , Harvard’s exosuit reduces the energy a user needs to exert while walking by 23 percent. It does that by providing assistive force to the ankle at the perfect moment when you take another step. Team leader Conor Walsh said that’s the highest percentage of reduction in energy use observed with an exosuit: “In a test group of seven healthy wearers, we clearly saw that the more assistance provided to the ankle joints, the more energy the wearers could save with a maximum reduction of almost 23% compared to walking with the exosuit powered-off. To our knowledge, this is the highest relative reduction in energy expenditure observed to date with a tethered exoskeleton or exosuit.” Of course, assistive force wouldn’t be as helpful without an effective design. As Wired explains, the muscles and tendons from the hip to the knee need to work together in stabilizing the leg to achieve an efficient stride. So the researchers couldn’t stop with something that only covers the ankles — they had to use garters to connect the ankle straps to a hip girdle. The result is the exosuit’s current form, which you can see below. That said, the researchers admit that they need to conduct follow-up tests. For one, they had the subjects offload the exosuit’s cable-based actuation, electronics and battery units before conducting the experiment. Those make up an additional 17-plus pounds that would have changed the wearers’ situation. Further, they found that the subjects’ gaits changed depending on how much assistive force they provided, which was between 10 to 38 percent of the ankle force needed to take a step. They still need to explore the possibility that the reduction in energy is a result of the subjects’ change in gait rather than the assistive force itself. In the future, Harvard’s exosuit could help the elderly and patients suffering from Parkinson’s, cerebral palsy and other conditions to walk well on their own. As you can guess from that DARPA funding, though, it also has a potential military application: the agency hopes it can help soldiers carry heavy supplies far longer than they’d normally be able to. [Image credit: Wyss Institute at Harvard University] Via: Wired , New Scientist Source: Harvard’s Wyss Institute
Last May, Ars reported that a critical vulnerability in a widely used image-processing application left a huge number of websites open to attacks that allowed hackers to execute malicious code on the underlying servers. More than five months later, Facebook paid a $40,000 bounty after discovering it was among those at risk. On Tuesday, researcher Andrey Leonov, said he was able to exploit the vulnerability in the ImageMagick application by using a tunneling technique based on the domain name system that bypassed Facebook firewalls. The firewalls had successfully protected against his earlier exploit attempts. Large numbers of websites use ImageMagick to quickly resize images uploaded by users. “I am glad to be the one of those who broke the Facebook,” Leonov wrote in a blog post that gave a blow-by-blow account of how he exploited the ImageMagick vulnerability. Two days after the researcher privately shared the exploit with Facebook security personnel, they patched their systems. Ten days after that, they paid Leonov $40,000, one of the biggest bounties Facebook has ever paid. Read 4 remaining paragraphs | Comments
iOS users will have to wait longer for Nintendo’s next major smartphone game release. Nintendo’s push towards smartphone gaming will continue on February 2 with the launch of Fire Emblem Heroes , a touch-only take on the company’s longtime tactical RPG series—and possibly the company’s most micro-transaction driven game yet. Like Super Mario Run before it, Fire Emblem Heroes will have a period of platform exclusivity—but in a surprise twist, that exclusivity is reversed. Android users will get first crack at Heroes on that release date, while iOS users have been told their version is coming “soon.” (For an estimate of how long the left-behind platform might have to wait, remember: Super Mario Run has yet to launch on Android over a month after its iOS release.) During this announcement, Nintendo did not mention Animal Crossing , the other series set to receive a smartphone port in the near future. Read 5 remaining paragraphs | Comments
wiredmikey writes: Security researchers have a uncovered a Mac OS based espionage malware they have named “Quimitchin.” The malware is what they consider to be “the first Mac malware of 2017, ” which appears to be a classic espionage tool. While it has some old code and appears to have existed undetected for some time, it works. It was discovered when an IT admin noticed unusual traffic coming from a particular Mac, and has been seen infecting Macs at biomedical facilities. From SecurityWeek.com: “Quimitchin comprises just two files: a .plist file that simply keeps the .client running at all times, and the .client file containing the payload. The latter is a ‘minified and obfuscated’ perl script that is more novel in design. It combines three components, Thomas Reed, director of Mac offerings at Malwarebytes and author of the blog post told SecurityWeek: ‘a Mac binary, another perl script and a Java class tacked on at the end in the __DATA__ section of the main perl script. The script extracts these, writes them to /tmp/ and executes them.’ Its primary purpose seems to be screen captures and webcam access, making it a classic espionage tool. Somewhat surprisingly the code uses antique system calls. ‘These are some truly ancient functions, as far as the tech world is concerned, dating back to pre-OS X days, ‘ he wrote in the blog post. ‘In addition, the binary also includes the open source libjpeg code, which was last updated in 1998.’ The script also contains Linux shell commands. Running the malware on a Linux machine, Malwarebytes ‘found that — with the exception of the Mach-O binary — everything ran just fine.’ It is possible that there is a specific Linux variant of the malware in existence — but the researchers have not been able to find one. It did find two Windows executable files, courtesy of VirusTotal, that communicated with the same CC server. One of them even used the same libjpeg library, which hasn’t been updated since 1998, as that used by Quimitchin.” Read more of this story at Slashdot.