Difference between revisions of "Malware"

From Wikispooks
Jump to navigation Jump to search
m (cleaning)
(moving section to backdoor)
Line 15: Line 15:
 
After a vulnerability was found in the Lenovo Solution Centre, [[Lenovo]] left it unfixed, but changed the software's end-of-life date to make it seem less important.<ref>https://www.theregister.co.uk/2019/08/23/lenovo_solution_centre_cve_2019_6177/</ref>
 
After a vulnerability was found in the Lenovo Solution Centre, [[Lenovo]] left it unfixed, but changed the software's end-of-life date to make it seem less important.<ref>https://www.theregister.co.uk/2019/08/23/lenovo_solution_centre_cve_2019_6177/</ref>
  
===Hardware backdoors by intelligence agencies===
+
==Hardware backdoors==
In 2014 it was revealed via [[Edward Snowden]] that the [[NSA]] routinely [[backdoor]]s networking hardware exported from the USA.<ref>http://www.theguardian.com/books/2014/may/12/glenn-greenwald-nsa-tampers-us-internet-routers-snowden</ref> Further, it stands to reason that some "[https://www.wired.com/story/its-not-a-bug-its-a-feature/ bugs]" in commercially available hardware are deliberate design flaws<ref>https://www.theverge.com/2017/9/12/16294904/bluetooth-hack-exploit-android-linux-blueborne saved at [https://web.archive.org/web/20170912155804/https://www.theverge.com/2017/9/12/16294904/bluetooth-hack-exploit-android-linux-blueborne Archive.org] and [http://archive.is/tRSh8 Archive.is]</ref> or planned features<ref>https://www.synacktiv.com/ressources/TCP32764_backdoor_again.pdf saved at [https://web.archive.org/web/20140420023502/http://www.synacktiv.com/ressources/TCP32764_backdoor_again.pdf Archive.org]</ref> to give state actors speedy access to any system. The peculiar destruction of Laptops from [[The Guardian]] that held part of the [[Edward Snowden affair|Snowden]] archive, which was reported about by [[Privacy International]] in 2014,<ref>http://archive.today/2014.05.22-200639/https://www.privacyinternational.org/blog/what-does-gchq-know-about-our-devices-that-we-dont</ref> showed that [[GCHQ]] targeted specific chips on the mainboard and related components, while it could have chosen to instead/or in addition shred the whole hardware to conceal this very specific action. Intelligence agencies, when they get initial access to a system through a browser,<ref>https://medium.com/@nweaver/how-the-nsa-could-hack-almost-any-browser-1b5ab05ac74e saved at [http://archive.is/RMUps Archive.is]</ref> may choose, depending on the capability and value of a target, to not write the data for their surveillance tools on the hard drive where it could more or less easily be found, but on these very chips whose firmware can likely be rewritten, as it is known to be the case with all USB components.<ref>https://www.wired.com/2014/07/usb-security/ saved at [http://web.archive.org/web/20140731080052/http://www.wired.com/2014/07/usb-security/ Archive.org] saved at [http://archive.is/1jWax Archive.is]</ref> This would make it possible to bypass all security monitoring and measures initiated on the level of the [[operating system]] running on the device. It is not clear if the restitution by GCHQ, the way it was done, was deliberate to communicate this very fact, or by mistake.
+
{{FA|Backdoor}}
 +
Backdoors into the hardware of consumer PC's are possible and even likely to be used on a wide scale by [[intelligence agencies]], bypassing security monitoring on the level of the operating system.
  
 
==Spyware==
 
==Spyware==

Revision as of 01:52, 4 December 2020

Concept.png Malware
(software)Rdf-entity.pngRdf-icon.png
Exodus 1.png
One of many apps from the Google Play Store which secretly installed the Exodus spyware on its victims' phone.
Interest of• HBGary
• Dragos Ruiu
• Security Without Borders
Bad software, such as spyware or viruses

Malware is an umbrella term for bad computer software. Colloquially, this may include software which just unwanted, or annoying ("scumware", "nagware", "bloatware", "shovelware" etc.) but the primary meaning is software which by design presents a threat to the user, such as computer viruses or spyware. Malware in general is more associated with extortion of money and fraud, but it can be used by anyone with the technical capability for any purpose.

Pre-installed malware

In August 2019, Google warned that tens of millions Of Android smartphones come preloaded with malware, and that "if malware or security issues come as preinstalled apps, then the damage it can do is greater".[1] The problem with the presence of malware in the firmware dates back to early 2014.[2][3]

After a vulnerability was found in the Lenovo Solution Centre, Lenovo left it unfixed, but changed the software's end-of-life date to make it seem less important.[4]

Hardware backdoors

Full article: Backdoor

Backdoors into the hardware of consumer PC's are possible and even likely to be used on a wide scale by intelligence agencies, bypassing security monitoring on the level of the operating system.

Spyware

Full article: Spyware

Spyware is created to exfiltrate users' data or facilitate surveillance of users. Its origins include criminal gangs, individuals, private companies[5] and intelligence agencies.

Viruses

Full article: Stub class article Computer virus

Computer viruses may go beyond spying to have a payload intended to destroy data and/or hardware (for example, Stuxnet, intended to damage the Iranian centrifuges used to refine uranium).

Installation

"AT&T employees took bribes to unlock millions of smartphones, and to install malware and unauthorized hardware".[6]


 

Examples

Page nameDescription
BackdoorA covert means of gaining unauthorised and/or unmonitored access to a computing system.
Computer virus
FysbisA simple yet effective Linux Trojan.
Ransomware
Spyware

 

Related Quotation

PageQuoteAuthorDate
Backdoor“Every year, we learn about some issue in WhatsApp that puts everything on their users' devices at risk. Which means it's almost certain that a new security flaw already exists there. Such issues are hardly incidental – they are planted backdoors. If one backdoor is discovered and has to be removed, another one is added”Pavel Durov5 October 2022

 

Related Document

TitleTypePublication dateAuthor(s)Description
File:Operation-shady-rat.pdfreport2 August 2011Dmitri Alperovitch
Many thanks to our Patrons who cover ~2/3 of our hosting bill. Please join them if you can.



References

  1. https://www.forbes.com/sites/zakdoffman/2019/08/10/google-warning-tens-of-millions-of-android-phones-come-preloaded-with-dangerous-malware/
  2. https://securelist.com/caution-malware-pre-installed/59356/ saved at Archive.org saved at Archive.is
  3. https://public.gdatasoftware.com/Presse/Publikationen/Malware_Reports/G_DATA_MobileMWR_Q2_2015_EN.pdf saved at Archive.org
  4. https://www.theregister.co.uk/2019/08/23/lenovo_solution_centre_cve_2019_6177/
  5. For example, eSurv which created the Exodus spyware
  6. https://archive.fo/djFGd
Retrieved from "https://wikispooks.com/w/index.php?title=Malware&oldid=198619"