University of Hackers: security

Showing posts with label security. Show all posts

21/11/2014

How To Detect And Remove WireLurker Malware From iPhone, iPad

What is WireLurker?

The WireLurker malware, known to infect OS X powered Macs and iOS devices has stirred up the Apple community. Malware that successfully infects Apple products is rare. On the Mac that was because criminals tended to go after the much bigger Windows market, while on the iPhone and iPad, Apple's App Store security has been exemplary. Known to exist as a threat in China

How do I detect WireLurker?

The WireLurker malware installs a number of files on your OS X system, which set it up to detect any iOS systems you attach by a USB cable, and then install malware into that iOS device. If you have any of these files on your Mac, then you likely have the malware installed. These have been outlined by Palo Alto Networks, the company that discovered the malware, and for the current variant of the malware include the following files:
1. A file called run.sh in the Macintosh HD > Users > Shared folder
2. Any of the following files in the Mac into sh HD > Library > Launch Daemons folder

com.apple.machook_damon.plist

com.apple.globalupdate.plist

3. Any of the following files in the Macintosh HD > System > Library > Launch Daemons folder

com.apple.appstore.plughelper.plist

com.apple.MailServiceAgentHelper.plist

com.apple.systemkeychain-helper.plist

4. In addition, the following files and folders will be in the hidden usr/bin directory, which can be opened by pressing Shift-Command-G in the Finder and then then entering “/usr/bin” in the path field that shows up:

globalupdate/usr/local/machook/WatchProcitunesupdate
com.apple.MailServiceAgentHelper

If you see any or all of these files in your Mac’s hard drive, then your Mac has likely been compromised.

How to protect against WireLurker?

The first step Mac users can take to protect themselves is to not download or run any applications that come from third-party app stores. Go to OS X's System Preferences, click "Security and Privacy," and then select "Allow apps downloaded from Mac App Store (or Mac App Store and identified developers)." This will prevent the Mac from installing any software unauthorized by Apple. Next, install a decent OS X antivirus application. Some of the best ones are free, so you have nothing to lose. Be sure to keep all the software on all your iOS and OS X devices up-to-date. Apple is quite responsive about patching vulnerabilities. Never connect your iPhone to an unknown or untrusted computer, whether it's a Mac or a PC, or even an untrusted charger, chargers can actually be mini-computers.

How do I remove WireLurker?

Fortunately, WireLurker appears to be easy to remove. All you have to do is delete the related files from the affected Macs or iOS devices.
For Jailbroken Users
Step 1: Install a File manager such as iFile or Filza. You could also use SSH capabilities to gain access to your iDevice from your Mac or PC.
Step 2: Navigate to > Library > MobileSubstrate > DynamicLibraries.
Step 3: Here, look for a file named sfbase.dylib and if found, you know your device is infected. However, if no such file exists, breathe a sigh of relief. Normally one would perceive deleting this file as a removal of the threat that WireLurker is, but it is recommended that you do a complete restore of your iOS device from iTunes.
For Non-Jailbroken Users
Although there’s no way you can be infected by WireLurker at this point, considering Apple has placed in appropriate security measures, but, there’s a possibility that you conceived the malware a while back before the Cupertino giant took action. And if you believe that you’re infected, and don’t happen to be jailbroken, then read on.
Step 1: Open the Settings app and go to General > Profile.
Step 2: Check for any anomalous profile and if you find one delete it.
Step 3: Check all installed apps for strange behavior, and delete all strange or suspicious ones that you find installed. Again, it is highly recommended that you do a complete restore of your iOS device from iTunes till a more effective and sure fire solution comes up.

Webcam Safety Tips: Are You Being Watched Through Your Webcam?

Webcam Safety Tips

A few clicks of the mouse, and your webcam is activated and ready to be used. But have you considered the possibility that someone else could be watching you through your own webcam?

Read Also:- How to use your phone as a wireless keyboard and mouse for your PC

Well, strictly speaking, if your computer is secure and uninfected, can’t be accessed remotely, and has strong password, locked case, tied up with string to prevent people from accessing it when unattended, then no worries, you’re good.

How Webcams Get Hacked

Hackers utilize a type of software called Remote access tool (RAT) that allows them to remotely access a computer as if they were physically there. Though RATs were designed for legal purposes, like allowing a technician to remotely access a user’s computer to troubleshoot problems without having to physically be there, hackers exploit this software for their own benefit.
Typically, a hacker lures an unsuspecting user into clicking on a link, opening a picture or email attachment, visiting a specific website, or downloading some software. After the user falls for one of these, the RAT software is secretly installed onto the user’s computer. The hacker now has remote access to the user’s computer.

Preventing Your Webcam from Being Hacked

Many articles recommend covering the lens of the webcam with a piece of paper to prevent hackers from spying on you. But doing that alone is brushing the real problem under a rug. Having your webcam hacked means your PC has been compromised by some malware, and you need to take immediate action to get rid of it. Here are some easy things you can do that can prevent your computer from being compromised in the first place.

Don’t Click on Unknown Links

Hackers lure victims into installing RAT software onto their PC by disguising links, pictures, or email attachments as something desirable, such as free music, movies, or desktop wallpapers. Be wary of suspicious websites that offer similar items. Also be cautious about clicking on shortened links you may find on social media sites.

Equip your computer with an antivirus and two-way firewall

Having an antivirus and two-way firewallis minimum security any PC should be equipped with. An up-to-date and active antivirus helps to detect and remove malware from infecting your computer. A two-way firewall monitors inbound and outbound traffic to-and-from your computer.

Be cautious of tech support offering remote assistance

Hackers may physically contact you by claiming there are problems with your computer. They’ll try to persuade you to install a program that allows them remote access to your computer, so that they can fix the problem. Simply ignore calls from those who claim they are tech support.

Secure your wireless connection

A hacker can easily hack into unsecure Wi-Fi networks with a laptop, antenna, and widely available software. Don’t make it easy for them. Secure your wireless connection with a strong and complex password.

Disable Windows Remote Access

Though most RATs deployed by malware are custom tools, disabling Windows Remote Assistance and Remote Desktop is one thing you can do to prevent hackers from remotely accessing your computer.

Love this article?

Share it with your friends on Facebook

20/11/2014

How Hackers Hack Bank Accounts and Personal Information

Most people learning hacking always have a keen interest in knowing that how they can hack bank accounts of other people. But most of them find it pity much difficult such that now they have made a perception that bank account information like credit cards or debit cards or net banking passwords cannot be hacked. Its truth to an extent that hacking Banking account information and credit or debit cards passwords is most difficult and almost impossible part. Today i will discuss with you why hacking bank account information is tough and always considered as impossible task. We will also discuss the different methods that hackers use to hack bank account information nowadays.

Recommend Post What Is Keylogger And How To Be Safe From Keyloggers

I am quite sure that almost everybody using internet nowadays uses that internet to pay online bills, book reservation tickets, purchase online things or simply transfer money i.e. involved in at least some kind of online transaction that is related to money i.e. banking information, credit or debit card payments or simply Net banking. Most of banks uses SSL (Secured Sockets Layer) connection and at least 128 or 256 bit encryption for online banking and transaction purposes. Also now an extra layer of security is introduced that is called transaction PIN layer means for each and every online transaction you have to enter your passwords and during transaction you have to enter PIN (a type of password that varies 4 to 8 chars in length). Thus bank do alot of work to protect your secret information and credentials from the eyes of the world that may wish to gain access to your such a vital information.
Below example will illustrate you how powerful the encryption method is:
* . 40 bit encryption, means there are 2^40 possible keys that could fit into the lock that holds your account information. That means there are many billions of possible keys that means brute forcing such thing is imposable. Only thing now left is dictionary and rainbow attack. But its not only the security measure that banks used to secure there information. Also its only 40 bit encryption.
* . 128 bit encryption means there are 2^88 times as many as key combinations that are being possible for 40 bit encryption. That means a computer would require exponentially more processing power and time than for 40-bit encryption to find the correct key. That's a very powerful method of encrypting data sent from your machine to bank machine. But unfortunately it's all is useless to you once your system has been compromised or hacked. Now How these all security Encryption can be bypassed and your system can be compromised online. There are several methods for exploiting and bypassing such account information Some of them are:

1. Phishing

2. Trojans

3. Session Hijacking

Warning: This blog contains materials that can be potentially damaging or dangerous. If you are looking to comment a crime, you must leave this site now! Refer to the laws in your province/country before accessing, using, or in any other way utilizing these materials. These materials are for educational, public awareness and research purposes only. Do not attempt to violate the law with anything contained here. If this is your intention, then LEAVE NOW! Neither administration of this blog nor the author(s) of this material, or anyone else affiliated in any way, is going to accept responsibility for your actions.
We http://deadlyuniversityspy.blogspot.com/ are providing a lot of hacking tutorials, methods to crack passwords and other similar stuffs in order to develop hackers attitude to learn self defence from Computer Criminals attack and to detect the ways in which hackers can infiltrate your system.

Love this article?

Share it with your friends on Facebook

16/11/2014

How to Encrypt Your Wireless Network

If you have Cable, DSL, or some other form of high-speed Internet, chances are, you've purchased a wireless-capable router so that you can connect to the Internet via your notebook PC, smartphone, or any other wireless-enabled device you have in your home. Many of you out there may be using a wireless router that is 5 years old or more. These devices tend to be set up and forgotten for the most part. Once it's set up, it just sort of does its thing, save for the occasional glitch that requires you to reboot it. When you first set up your wireless router did you turn on encryption so that a password was required to access your wireless network? Maybe you did, maybe you didn't.
Here's a quick way to find out if your wireless network is using encryption:
1. Open your smartphone's wireless network settings (check your smartphone's help manual for details).
2. Look for your wireless network's SSID (network name) in the list of available networks.
3. Check to see if your wireless network has a padlock icon next to it, if it does, then you are using at least basic encryption. Although you may have encryption turned on, you may be using an out dated and easily hacked form of wireless encryption so keep reading.
4. Check to see if your wireless network configuration tells you what type of wireless security is being used to protect your network. You will likely see either WEP, WPA, WPA2, or something similar. If you see anything besides WPA2, you will need to change the encryption settings on your wireless router or possibly upgrade its firmware, or buy a new wireless router if your current one is too old to support an upgrade to WPA2.

Read Also How to Hack Ethernet ADSL Router

Why You Need Encryption and Why WEP Encryption is Weak

If your wireless network is wide open with no encryption enabled, you are practically inviting neighbors and other free loaders to steal the bandwidth that you're paying good money for. Maybe you're the generous type, but if you are experiencing slow Internet speeds, it might be because you have a bunch of folks leeching off your wireless network. Just a few years ago, Wired Equivalent Privacy (WEP) was the standard for securing wireless networks. WEP was eventually cracked and is now easily bypassed by even the most novice hacker thanks to cracking tools available on the Internet. After WEP came Wi-Fi Protected Access (WPA). WPA too had flaws and was replaced by WPA2. WPA2 isn't perfect, but it is currently the best available offering for protecting home-based wireless networks. If you set up your Wi-Fi router many years ago then you could be using one of the old hackable encryption schemes such as WEP. You should consider changing to WPA2.

How To Enable WPA2 Encryption on Wireless Router

1. Log into your wireless router's administrator console. This is usually done by opening a browser window and typing in the address of your wireless router (usually http://192.168.0.1, http://192.168.1.1, http://10.0.0.1, or something similar). You will then be prompted for the admin name and password.
2. Locate the "Wireless Security" or "Wireless Network" settings page.
3. Look for the Wireless Encryption Type setting and change it to WPA2-PSK (you may see a WPA2-Enterprise settings. The enterprise version of WPA2 is intended more for corporate-type environments and requires a much more complicated set up process). If you don't see WPA2 as an option, then you may have to either upgrade your wireless router's firmware to add the capability (check your router manufacturer's website for details) or, if your router is too old to be upgraded via firmware, you may have to purchase a new wireless router that supports WPA2.
4. Create a strong wireless network name (SSID) coupled with a strong wireless network password (Pre-shared Key).
5. Click "Save" and "Apply". The wireless router may have to reboot for the settings to take effect.
6. Reconnect all your wireless devices by selecting the wireless network name and entering in the new password on each device. You should periodically check your router manufacturer's website for firmware updates that they might release to fix security vulnerabilities associated with your router. The updated firmware may also contain new security features as well.

Love this article?

Share it with your friends on Facebook

15/11/2014

How to Prevent Browser Hijacking

What is Browser Hijacking?

Having your browser hijacked is basically just what it sounds like. Browser hijacking is when a software program created by either a malicious hacker, an unscrupulous advertiser, or other person interested in making money from an affiliate program, forcibly redirects your browser to a location that will likely produce some kind of monetary gain for the perpetrator (through increased traffic), while you receive no relevant results and are prevented from getting to your intended destination. The software usually makes it on to your computer in one of two ways: Either a hacker tricks you into installing it via an email or a malicious link, or it's bundled with some legitimate software by a software developer who uses it as a additional source of revenue. If you've ever had your web browser hijacked, then you know what a pain it can be to deal with the aftermath of removing the browser hijacking software and resetting your browser so that it doesn't go back to the sites that the hijacking software pointed to. So How Can You Prevent Your Browser From Getting Hijacked:
1. Update Your OS and Your Browser Software Ensuring that you have the latest and greatest version of your browserwith all of the latest security patches applied, will help prevent many internet borne attacks, especially the kind that exploit commonly unpatched vulnerabilities. Hackers are counting on you to be lazy and not patch your system. Simply running a quick software update can help shut down these points of entry. Browser makers are aware of the hijacking problem and may add new anti-hijacking features which is another reason to keep this software up to date.

See Also: Help! My Browser Has Been Hijacked

2. Use an Security Conscious Alternate DNS Resolution Provider Simply pointing your router's or computers DNS resolver to a non-ISP-provided server such as those mentioned in our article Improve Your Security By Using Alternative DNS Providers, may prevent the hijacking software from getting to its intended destination and it may also possibly prevent you from acquiring the hijacking malware in the first place. Check out the link above and learn the other many benefits of using Alternative DNS.
3. Use Your Antivirus Software's "Realtime Protection" Feature Some antivirus software offers a realtime protection feature that watches for attempts to change key configuration files, such as those associated with your browser. The software may alert you if something you're installing attempts to modify your browser settings. It may also offer you the opportunity to prevent the changing of these settings You should also make sure that your antimalware definition files are up to date, and you might want to consider adding a Second Opinion Scanner to add a second line of defense to your anti-malware protection detail.
4. Read The Fine Print Before You Install Any Software You Downloaded From The Internet and Opt Out of Bundled Extras (if allowed) As mentioned earlier, some browser hijacking software may come bundled with legitimate software. That's why it's important to read all the fine print about what you might be installing with the software you are downloading. Some companies will allow you to opt out of installing the bundled utilities that aren't needed for the software you are downloading to function. Some of the nicer makers of software that hijacks your browser will allow you to remove the software after it has been installed, but it has been my experience that most hijacking software does not want to leave your system quietly, even after you uninstall it, it may not undo the changes it made to your browser settings, which basically leaves your browser hijacked until you manually intervene by resetting your browser to it's pre-hijacked default settings.

Love this article?

Share it with your friends on Facebook

Help! My Browser Has Been Hijacked

You just tried to Google something but instead of getting a Google results page, your browser takes you to some sketchy-looking search engine that you've never heard of. The results it brings back are completely irrelevant and of no use. Clicking any of the links seems to take you to more useless sites cluttered with pop-ups, and endless redirects to other sites. What the heck is happening here? Your browser has just been hijacked. Malware and/or Ad-ware has taken control of your browser and is making it almost completely useless. Browser hijacking software may also work its way onto your system as a "bundled utility" that is often installed with freeware or shareware. Some companies will pay software developers to bundle their hijacking software in with other applications as a way to generate additional revenue for the software developer. This is a form of affiliate marketing. In addition to traditional affiliate marketing programs there are also elicit underground malware affiliate marketing programs that pay unscrupulous entrepreneurs money to infect systems with these hijacking tools and other assorted malware apps.
Read Also HTTP Session Hijacking Tutorial

Why Doesn't Antivirus Catch This Stuff

One reason your antivirus might not catch browser hijacking software is that hijacking apps are sometimes part of legitimate applications that you install, another reason is that not all hijacking tools are considered malware. They are annoying for sure, but they don't necessarily do harm to your PC, so anti malware software might overlook them.
What Should You do After You've Tried Traditional Antivirus And Your Browser Still Appears to be Getting Hijacked?

Get a Second Opinion Scanner

If your current anti malware didn't catch the hijacking software that made it onto your computer, consider installing a Second Opinion Scanner. A Second Opinion Malware scanner is exactly as the name implies. It provides a second line of defense to help catch malware that may have evaded your primary scanner.

Uninstall Suspicious Software

Some browser hijacking software applications may have been bundled into other legitimate apps that you have consciously installed which is one reason that made it by your anti malware scanner. The hijacking software may call itself a tool bar , search assistant or something else innocuous. It may even let you uninstall it without further trouble, but traditionally this software doesn't want to leave your system quietly and may leave traces of itself that attempt to re-establish control of your browser. Look in your list of installed applications and check for things that might be hijacking software. If something looks suspicious, Google it (on another device if yours is hijacked) and find out if it's a known hijacking app, you will likely find removal instructions in the search results as well.

Reset Your Browser

After your computer has been cleared of whatever malware infection is causing your browser to be hijacked or otherwise redirected, you'll likely need to reset your browser settings in order to return them to the home page and search engines that you prefer. This may require several visits to various configuration pages within your browser.
Check out the following official links for post hijacked browser reset procedures:

Google Chrome Hijacking Clean  Up Procedures [Official]

Internet Explorer Browser Reset Procedures [Official]

Firefox Browser Reset Procedures [Official]

Love this article?

Share it with your friends on Facebook

Subscribe to: Posts ( Atom )