What has Science done? Wi-Fi-travelling virus is possible, say scientists

Researchers at the University of Liverpool have shown that WiFi networks can be infected with viruses much like airborne illnesses spread between humans.

As reported by ScienceBlog, the team designed and carried out an attack by a virus named “Chameleon”. The virus did not just spread quickly between homes and businesses, but avoided detection and targeted weakened points specifically.

The attack was a simulated one on Belfast and London, and revealed that the Chameleon virus behaved similarly to a natural virus like the common cold. It travelled through WiFi networks via access points (APs) and infected hosts fastest in densely populated areas, where multiple APs are clustered together.

Silent but dangerous

Since Chameleon is only present in the WiFi network, virus detection systems failed to pick it up at all. If the virus discovered an AP that was encrypted and password protected, it moved on to another that wasn’t. Frequent victims were open networks like those in coffee shops and airports.

It had been assumed previously that it was not possible to create a virus that could attack WiFi networks. Chameleon has proven that it is not only possible, but that it can be incredibly effective.

The researchers at the university hope that their test will help the development of detection technology to prevent any real-world example from being released on the world’s WiFi networks.

Via: ScienceBlog

Target mass hack attack might have started with just one email

(First published in Tech Radar Pro on 13/02/14)

Target’s data breach last December was the second largest in U.S. history, with more than 100 million people affected. Now it is reported that the huge hacking attack may have started with just one email.

KrebsOnSecurity has published a report that the hackers accessed Target’s network by using authentication gained from a heating and ventilation subcontractor.

The contractor, once infected by malware spread by the attackers, left the virus undetected due to its anti-malware protection being a scan-only program with no preventative firewall.

Shotgun blast

When an order was placed by Target, the vendor had to log into a Target portal to confirm, connecting the two systems and spreading the infection.

Krebs states that the hackers may not have initially made Target its primary goal, but sent malicious emails out ‘like a shotgun blast’ to see who would be infected. Once the contractor had been infected and then spread the malware to Target, the hackers went to work.

Target made the job no harder, too, according the report, with easy to glean domain names and user info posted onto its dedicated websites. Investigations into the breach continue.

Via ArsTechnica