Cybercriminals are increasingly becoming innovative with the techniques they use to launch attacks. So far, the year has seen quite a new attack techniques that could be/were used to steal data or spread malware.
Here’s a quick look at some of the significant discoveries in attack methods that pose potential risks for organizations and individuals worldwide.
Discovered by a group of academics, the attack can be used to mimic a user’s identity through their keystrokes. The Malboard attack leverages the keystroke characteristics of users and has been successfully exploited on keyboards developed by Microsoft, Lenovo, and Dell. During the experiment, the researchers could evade detection by security solutions by fooling risk-based behavioral authentication systems KeyTrac, TypingDNA and DuckHunt.
Warshipping is a new form of existing hacking methods such as wardialing and wardriving. The attack technique can allow threat actors to disrupt business operations and steal sensitive data. Under this attack, the attacker needs to tuck their 3G-enabled device at the bottom of a packing box to gain access to a victim’s network.
Spearphone is a new type of attack that can enable threat actors to eavesdrop on people’s mobile phone calls. The attack makes use of Android devices’ onboard accelerometers to infer speech from the devices’ speakers. The attack was successfully tested on several Android models - LG G3, Samsung Galaxy Note 4 and Samsung Galaxy S6.
A research team came up with a new technique called CTRL-ALT-LED that leveraged secure air-gapped systems to pilfer sensitive data. The technique makes use of the Caps Lock, Num Lock, and Scroll Lock LEDs on a keyboard. It can be used against various optical devices such as smartphone cameras, a smartwatch’s camera, a security camera, extreme sports cameras, and even high-grade optical/light sensors.
Minerva is a lattice-based cryptography attack that can recover private keys from cryptographic libraries. It is based on the timing leakage of the bit-length of nonces used in ECDSA and other similar signature algorithms. Older Athena IDProtect smart cards along with WolfSSL, MatrixSSL, Crypto++, Oracle SunEC, and Libgcrypt crypto libraries are vulnerable to the attack.
German academics discovered a new attack named PDFex that could be used to steal data from encrypted PDF files. The attack was successfully tested against 27 desktop and web PDF viewers. This includes popular software such as Adobe Acrobat, Foxit Reader, Evince, Nitro, and Chrome and Firefox's built-in PDF viewers.
WIBattack is a new SIM card attack that is similar to the Simjacking attack. The attack leverages vulnerabilities in Wireless Internet Browser (WIB) apps to track users’ devices. In order to exploit WIB apps, attackers need to send a specially formatted binary SMS (called an OTA SMS) that will execute STK (SIM Toolkit) instructions on SIM cards.
WSD attackThis is a new DDoS vector that leverages a UDP Amplification technique known as WS-Discovery (WSD). WSD operates over TCP and UDP port 3702 and is found in many internet-connected devices. It can be spoofed by sending a UDP packet with a forged return IP address. The response will be sent to the forged IP address and this allows hackers to aim the traffic to DDoS targets.