Evidence Shows the Capability to Hack Via Sound Waves

Standard

Computer security researchers from the University of Michigan and the University of South Carolina proved, yesterday, they have discovered a way to hack into a device using sound ways. This newly found weakness allows them to control or influence devices through tiny accelerometers. Accelerometers are instruments that measure acceleration and are manufactured as dynamic silicon chip-based devices used to sense movement or vibrations known as microelectromechanical systems, or MEMS. They are used for navigating, determining the orientation of a tablet and calculating distance in fitness monitors. Accelerometers are standard in consumer products such as smartphones, Fitbits and automobiles.

In the paper highlighting the research, they demonstrate how they were able to add additional steps to a Fitbit monitor, as well as, play a “malicious” music file from a smartphone, demonstrating they can control the phone’s accelerometer. Kevin Fu, one author of the paper, stated, “It’s like the opera singer who hits the note to break a wine glass, only in our case, we can spell out words.” He went on to say, “You can think of it as a musical virus.”

In addition, research from the paper shows that with the toy car, they did not infiltrate the car’s microprocessor, but rather controlled the car by forcing the accelerometer to generate fake readings.

Vinny Troia, CEO of NightLion Security commented, “as we see a heightened push to develop self-driving vehicles from numerous companies, undetected vulnerabilities, such as this one, that could allow an attacker to remotely control a self-driving vehicle is disturbing, but a reality that should be seriously considered.”

Computer security researchers remarked that this is new insight into cybersecurity challenges in complex systems, which show how analog and digital components can interact in unpredictable ways.

The computer security researchers will be presenting their findings at the IEEE European Symposium on Security and Privacy in Paris next month.

Rise in WordPress hacks

Standard

An increasingly vast number of WordPress sites are being hacked to deliver ransomware and other horrible software to unsuspecting users. It is not yet clear how this is happening but it is being looked into considerably. Anyone who visits WordPress sites using out-of-date versions of Adobe Flash Player, Adobe Reader, Microsoft Silverlight, or Internet Explorer can find their computers infected with the ransomware package, which puts a hold on your computer system until you pay a hefty ransom.

This malware is set up to infect only first-time visitors to avoid detection by researchers visiting the site. To disguise the attack moreover, the code redirects users through a series of sites before delivering the malware. It is a possibility that hackers are consistently refreshing when old ones get flagged.

Once a system gets infected, the malware installs a variety of backdoors on the web server; this causes many hacked sites to repeatedly get infected. To prevent reinfection, you need to isolate every site or update and protect all of them at the same time.

This goes to show that malware can exist on sites that people trust. The best way to prevent hacks is to be up-to-date on security updates when they become available.

Malware and ransomware detection removal