Tag Archives: Hackers

Business

Former WSJ reporter says law firm used Indian hackers to sabotage his career

Leave a comment

WASHINGTON, Oct 15 (Reuters) – A former Wall Street Journal reporter is accusing a major U.S. law firm of having used mercenary hackers to oust him from his job and ruin his reputation.

In a lawsuit filed late Friday, Jay Solomon, the Journal’s former chief foreign correspondent, said Philadelphia-based Dechert LLP worked with hackers from India to steal emails between him and one of his key sources, Iranian American aviation executive Farhad Azima.

Solomon said the messages, which showed Azima floating the idea of the two of them going into business together, were put into a dossier and circulated in a successful effort to get him fired.

Register now for FREE unlimited access to Reuters.com

The lawsuit, filed in federal court in Washington, said Dechert “wrongfully disclosed this dossier first to Mr. Solomon’s employer, the Wall Street Journal, at its Washington DC bureau, and then to other media outlets in an attempt to malign and discredit him.” It said the campaign “effectively caused Mr. Solomon to be blackballed by the journalistic and publishing community.”

Dechert did not immediately return a message seeking comment. Azima – who filed his own lawsuit against Dechert on Thursday in New York – did not immediately return a message. read more

Solomon’s suit is the latest in a series of legal actions that follows Reuters’ reporting about hired hackers operating out of India. In June, Reuters reported on the activities of several hack-for-hire shops, including Delhi area-companies BellTroX and CyberRoot, that were involved in a decade-long series of espionage campaigns targeting thousands of people, including more than 1,000 lawyers at 108 different law firms.

At the time, Reuters reported that people who had become hacking targets while involved in at least seven different lawsuits had each launched their own inquiries into the cyberespionage campaign.

That number has since grown.

Azima, Solomon’s former source, is among those who have gone to court over the alleged hacking. His lawyers, like Solomon’s, allege that Dechert worked with BellTroX, CyberRoot and a slew of private investigators to steal his emails and publish them to the web.

BellTroX and CyberRoot are not parties to the suit and could not immediately be reached. Executives at both firms have previously denied wrongdoing.

Solomon and Azima allege that Dechert undertook the hack-and-leak operation in the interest of its client, Sheikh Saud bin Saqr al-Qasimi, ruler of the Middle Eastern emirate of Ras Al Khaimah. Reuters has reported that lawyers for Ras Al Khaimah’s investment agency – RAKIA – used the emails to help win a fraud lawsuit filed against Azima in London in 2016.

Azima, who denies RAKIA’s fraud allegations, is trying to have the judgment thrown out.

In addition to being deployed in court, the leaked emails also made their way to The Associated Press, which published two articles about Azima in June of 2017, including one that revealed the airline mogul had offered reporter Solomon a minority stake in a company he was setting up. The Journal fired Solomon shortly before the AP’s story was published, citing ethical violations.

Solomon says he never took Azima up on his proposal or benefited financially from their relationship. In a first-person account of the scandal published in the Columbia Journalism Review in 2018, the ex-journalist said he never pushed back on Azima’s talk of business opportunities because he was trying to humor a man who had been crucial to his reporting on the Middle East. Solomon acknowledged “serious mistakes in managing my source relationship with Azima” but said he had been the target of an “incredibly effective” information operation.

The Journal, which is not a party to suit, declined comment. The AP did not immediately return a message.

Solomon won several awards for his work as a foreign correspondent before his firing. He declined to provide an on-the-record comment about the lawsuit, but in his 2018 account he called the episode a warning for journalists.

“Leaks and hacks of emails and correspondences can blow up intricate reporting and derail months, if not years, of work,” he said.

Register now for FREE unlimited access to Reuters.com

Reporting by Raphael Satter; Editing by David Gregorio

Our Standards: The Thomson Reuters Trust Principles.

Read original article here

US

Russian-speaking hackers knock multiple US airport websites offline. No impact on operations reported

Leave a comment



CNN
 — 

More than a dozen public-facing airport websites, including those for some of the nation’s largest airports, appeared inaccessible Monday morning, and Russian-speaking hackers claimed responsibility.

No immediate signs of impact to actual air travel were reported, suggesting the issue may be an inconvenience for people seeking travel information.

The 14 websites include the one for Atlanta’s Hartsfield-Jackson International Airport. An employee there told CNN there were no operational impacts.

The Los Angeles International Airport website was offline earlier but appeared to be restored shortly before 9 a.m. Eastern. A spokesman did not immediately return a request for comment.

The hacking group known as Killnet listed multiple US airports as targets. It stepped up activity to target organizations in NATO countries after Russia’s February invasion of Ukraine. The loosely organized “hacktivists” are politically motivated to support the Kremlin but ties to Moscow are unknown.

The group claimed responsibility last week for knocking offline US state governments websites. Killnet is blamed for briefly downing a US Congress website in July and for cyberattacks on organizations in Lithuania after the country blocked shipment of goods to the Russian enclave of Kaliningrad in June.

The type of cyberattack used by Killnet is known as “distributed denial of service” (DDoS), in which hackers flood computer servers with phony web traffic to knock them offline.

“DDoS attacks are favored by actors of varying sophistication because they have visible results, but these incidents are usually superficial and short lived,” John Hultquist, a vice president at Google-owned cybersecurity firm Mandiant, told CNN.

A Transportation Security Administration spokesperson said the agency is monitoring the issue and working with airport partners.

Read original article here

Technology

Hackers reportedly take down Killer Instinct’s main online mode

Leave a comment

Xbox and Windows players cannot currently use ranked mode

Those attempting to go back and play some good ol’ Killer Instinct the past few days have run into an unexpected situation — they can’t play the main online mode at all.

The Killer Instinct community is currently reporting a hacker has allegedly broken the game’s online ranked modes, rendering them completely unusable.

If you try queuing up for a match right now on Xbox or the Windows version of KI, the game will simply hang attempting to sync ladder information with the server before failing, and there’s no way around it.

This does not currently impact the Steam version of the game, which has a separate leaderboard, but the majority of active players use Xbox Live.

PAR|NickyFGC was among the first to sound the alarm that something is seriously wrong in a video to help spread awareness, and he’s understandably worried about the community he’s been a part of since KI launched in 2013.

“This is a huge problem for our community because ranked is a big reason why people play the game,” NickyFGC told EventHubs. “Despite what people think, we have a VERY active community with weekly tournaments and prize pools, and ranked was a great way to warm up for those events. Players can’t just hop on and find matches anymore.”

The alleged hacker(s) in this situation has reportedly been causing issues for years in KI by adding a multitude of fake users to the top of the ranked leaderboards while impersonating another player.

It appears the leaderboards have likely reached their breaking point, however, and now no one can play.

“This person has singlehandedly not only removed our main reason to grind ranked, but has taken the entire mode away,” said NickyFGC.

Whether the individual(s) involved were trying to actively take down the online service or not, we don’t know, but this is the present result either way.

Luckily, other online modes like Exhibition and lobbies are still functional, so players can fight each other using those although some are reporting their player ranks have been reset and connection times to servers can be longer.

This is still a big problem for the game because even though Killer Instinct first released almost a decade ago, there continues to be an active and dedicated playerbase who are directly impacted by this hack.

Killer Instinct fans are also justifiably worried that this may not get fixed, and ranked mode will remain permanently broken.

The game hasn’t received an update (aside from adding Xbox backwards compatibility) since March of 2018, and KI’s previous developer Iron Galaxy is no longer working on the series.

After 5 and a half years of being a legacy title, Microsoft may not see the KI hack as a large enough priority to fix (since they didn’t before), and that’s even if they’d know how to fix it at this point too.

There is at least one big glimmer of hope that Xbox will get around to it because unlike other older hacked games like Call of Duty or Titanfall, there is no newer entry for players to go to.

This Killer Instinct is the newest, and it’s currently broken on its main platforms.

Xbox’s Phil Spencer has also spoken multiple times in the past about wanting to make another Killer Instinct, and there are rumors of something being in the works.

It wouldn’t exactly be the greatest look for Microsoft if they’re going to market a new KI in the near-ish future when the last one was left in a broken state.

If all else fails, the community will likely be forced to switch to the Steam version of Killer Instinct, but that’s also not a happy solution for players either who’d lose years of work and progress.

Fans and players can help make Microsoft aware of the issue and show there’s demand for it to be fixed by messaging Xbox Support on Twitter and submitting reports to the Xbox Support website.



Read original article here

US

LAUSD hack: Criminal group releases sensitive data after district refuses to pay ransom

Leave a comment

LOS ANGELES (KABC) — Hackers have released data stolen in a cyberattack against the Los Angeles Unified School District, Superintendent Alberto Carvalho confirmed Sunday.

“Unfortunately, as expected, data was recently released by a criminal organization,” Carvalho said in a statement. “In partnership with law enforcement, our experts are analyzing the full extent of this data release.”

The data was released Saturday — two days before a deadline previously given by the hackers — after Carvalho’s stated refusal to pay ransom to an international hacking syndicate.

The group claiming responsibility for the cyberattack had previously set a Monday deadline for the district pay a ransom to the organization.

In a dark web post detected and reprinted by Brett Callow of the cybersecurity firm Emsisoft, the hacking syndicate Vice Society listed the LAUSD as one of “our partners,” and stated, “The papers will be published by London time on October 4, 2022 at 12:00 a.m.”

The post did not give any indication about what information had been obtained or what would be published.

Carvalho previously acknowledged that the district received a ransom demand from the group responsible for the Labor Day weekend hack — which he declined to name.

“We can acknowledge … that there has been communication from this actor (hacker) and we have been responsive without engaging in any type of negotiations,” he told reporters. “With that said, we can acknowledge at this point … that a financial demand has been made by this entity. We have not responded to that demand.”

He did not provide specifics about the demand.

Carvalho told the Los Angeles Times on Friday that the district would not pay the ransom demand or negotiate with the hackers.

“What I can tell you is that the demand — any demand — would be absurd,” he told the Times. “But this level of demand was, quite frankly, insulting. And we’re not about to enter into negotiations with that type of entity.”

A hotline will be available starting Monday at 6:00 a.m.

“This hotline will assist those from our school communities who may have questions or need additional support,” Carvalho said.

The telephone number for the incident response hotline is (855) 926-1129. Hours of operation will be 6:00 a.m. to 3:30 p.m., Monday through Friday, excluding major U.S. holidays.

City News Service contributed to this report.

Copyright © 2022 KABC Television, LLC. All rights reserved.



Read original article here

US

Los Angeles Unified School District hackers release data after ransom demand denied

Leave a comment

Hackers behind a ransomware attacker on the Los Angeles Unified School District (LAUSD) in early September have released confidential data online after the district refused to give in to the hackers’ demands. 

The district said on Sunday the “criminal organization” had released the illegally obtained data. The hackers had given the district until Monday to meet their demands but released the data early after LAUSD Superintendent Alberto Carvalho refused to pay the ransom, the Los Angeles Times reported. 

FILE:  Los Angeles Unified School District (LAUSD) Superintendent Alberto Carvalho shown with LAUSD Board members. 
(Gary Coronado / Los Angeles Times via Getty Images)

“What I can tell you is that the demand – any demand – would be absurd,” Carvalho told The Times. “But this level of demand was, quite frankly, insulting. And we’re not about to enter into negotiations with that type of entity.” 

The district on Friday reiterated its pledge that dollars “must be used to fund students and education” and not “capitulating to a nefarious and illicit crime syndicate.” 

REPUBLICANS PUSH DOJ TO INVESTIGATE CYBERATTACKS AGAINST CHRISTIAN, PRO-LIFE WEBSITES

LAUSD detected the ransomware attack in early September, describing it as a “significant disruption to our system’s infrastructure.” 

The full extent of the release remains unclear. The district said Friday it is working with local and federal law enforcement. 

CLICK HERE TO GET THE FOX NEWS APP

LAUSD said it will have a hotline available starting Monday to assist those from its school communities who have questions or need additional support. 

Fox News’ Greg Norman contributed to this report. 

Read original article here

Business

KeyBank customer info taken by hackers of third-party provider

Leave a comment

Check out what’s clicking on FoxBusiness.com

KeyBank mortgage customers had their personal data stolen in a hack of the bank’s third-party provider.

The data stolen included Social Security numbers, addresses and account numbers of home mortgage holders at KeyBank in the breach of a third-party vendor that serves multiple corporate clients.

The hack took place on July 5 after breaking into computers at the insurance services provider Overby-Seawell Company, according to a letter that Cleveland-based KeyBank sent to affected residential mortgage customers.

KeyBank operates in 15 states and has close to $200 billion in assets.

IRS ADMITS IT EXPOSED CONFIDENTIAL INFORMATION OF 120,000 TAXPAYERS ONLINE

In this photo illustration of the TradingView stock market chart of KeyCorp displayed on a smartphone with the logo in the background.  ((Photo Illustration by Igor Golovniov/SOPA Images/LightRocket via Getty Images) / Getty Images)

The bank did not reveal how many customers were affected.

Overby-Seawell did not respond to phone messages and emails sent to executives by Associated Press seeking comment.

The bank did not reveal how many customers were affected. (iStock / iStock)

APPLE SECURITY ISSUE: HOW TO UPDATE YOUR IPHONE, IPAD, MAC

 In the statement sent Friday to The Associated Press, KeyBank said Kennesaw, Georgia-based Overby-Seawell “suffered a cybersecurity incident that compromised data of its corporate clients.” It did not elaborate.

In this photo illustration the KeyBank logo of an US retail banking company is seen on a smartphone and a pc screen.  ((Photo Illustration by Pavlo Gonchar/SOPA Images/LightRocket via Getty Images) / Getty Images)

Overby-Seawell is a subsidiary of the Breckenridge Group.

CLICK HERE TO READ MORE ON FOX BUSINESS

“We take this matter very seriously and have notified all affected individuals,” KeyBank said in a letter.

The Associated Press contributed to this report.

Read original article here

Business

Twitter misled U.S. regulators on hackers, spam, whistleblower says

Leave a comment

Aug 23 (Reuters) – Twitter Inc (TWTR.N) misled federal regulators about its defenses against hackers and spam accounts, the social media company’s former security chief Peiter Zatko said in a whistleblower complaint.

In an 84-page complaint, Zatko, a famed hacker widely known as “Mudge,” alleged Twitter falsely claimed it had a solid security plan, according to documents relayed by congressional investigators. Twitter’s shares fell 7.3% to close at $39.86.

The document alleges Twitter prioritized user growth over reducing spam, with executives eligible to win individual bonuses of as much as $10 million tied to increases in daily users, and nothing explicitly for cutting spam.

Register now for FREE unlimited access to Reuters.com

Register

Twitter labeled the complaint a “false narrative.” The social media company has been battling Elon Musk in court after the world’s richest person attempted to pull out of a $44-billion deal to buy Twitter. Musk said it failed to provide details about the prevalence of bot and spam accounts.

Tesla Inc (TSLA.O) Chief Executive Musk had offered to buy Twitter for $54.20 per share, saying he believed it could be a global platform for free speech.

Twitter and Musk have sued each other, with Twitter asking a judge on the Delaware Court of Chancery to order Musk to close the deal. A trial is scheduled for Oct. 17.

Zatko filed the complaint last month with the U.S. Securities and Exchange Commission and the Department of Justice, as well as the Federal Trade Commission (FTC). The complaint was also sent to congressional committees.

“We are reviewing the redacted claims that have been published but what we have seen so far is a false narrative that is riddled with inconsistencies and inaccuracies,” Twitter Chief Executive Parag Agrawal told employees in a memo.

The Senate Judiciary Committee’s top Republican, Chuck Grassley, said the complaint raised serious national security concerns and privacy issues and needed to be investigated.

“Take a tech platform that collects massive amounts of user data, combine it with what appears to be an incredibly weak security infrastructure, and infuse it with foreign state actors with an agenda, and you’ve got a recipe for disaster,” he said.

The FTC declined to comment. A spokesperson for the Senate Intelligence Committee said it had received the complaint and was setting up a meeting to discuss the allegation.

A Twitter logo is seen outside the company’s headquarters in San Francisco, California, U.S., April 25, 2022. REUTERS/Carlos Barria/File Photo

Read More

Twitter’s real regulatory risk lies in whether the documentary evidence shows “knowing or reckless misleading” of investors or regulators, said Howard Fischer, a partner at Moses & Singer and a former SEC attorney.

‘GIVE A LITTLE WHISTLE’

Musk could not be reached for comment but reacted on Twitter with memes and emoji of a robot. Musk’s legal team has subpoenaed Zatko, CNN reported after the whistleblower disclosure was made public.

American hackers have admired Zatko since the 1990s, when he was credited with inventing a tool to crack passwords. He later used his hacking chops to become a sought-after security consultant and with other rebellious techies of the era, transitioned to top government and boardroom positions.

The whistleblower document says that after the Jan. 6 riots, the incoming Biden administration offered him “a day-one appointed position as Chief Information Security Officer for the United States,” which he turned down.

Cybersecurity leaders expressed widespread support for Zatko, and many deplored Twitter’s reaction to his revelations.

Robert Lee, founder of industrial cybersecurity company Dragos, said it was “one of the very rare times based on who it is I don’t even need to know a detail to form an opinion,” he said on Twitter. “If Mudge is making this type of claim, it deserves the investigation.”

In January, Twitter said Zatko was no longer its head of security, two years after his appointment to the role.

On Tuesday, a Twitter spokesperson said Zatko was fired for “ineffective leadership and poor performance,” adding his allegations appeared designed to capture attention and inflict harm on Twitter, its customers and its shareholders.

Debra Katz and Alexis Ronickher, attorneys for Zatko, said in a statement that throughout his tenure at Twitter, he repeatedly raised concerns about inadequate information security systems to the company’s executive committee, CEO and board. Twitter did not respond to a request for comment on that statement.

(This story corrects closing price and removes extraneous percentage symbol in paragraph two)

Register now for FREE unlimited access to Reuters.com

Register

Reporting by Chavi Mehta, Ankur Banerjee and Tiyashi Datta in Bengaluru, Peter Henderson in Oakland and Raphael Satter in Washington; Additional reporting by Rick Cowan in Washington; Writing by Ankur Banerjee; Editing by Kenneth Li, Saumyadeb Chakrabarty, Sriraj Kalluvila and David Gregorio

Our Standards: The Thomson Reuters Trust Principles.

Read original article here

Technology

Apple security flaw ‘actively exploited’ by hackers to fully control devices | Apple

Leave a comment

Apple has disclosed serious security vulnerabilities for iPhones, iPads and Macs that could potentially allow attackers to take complete control of these devices.

On Wednesday the company said it was “aware of a report that this issue may have been actively exploited”.

Apple released two security reports about the issue on Wednesday, although they didn’t receive wide attention outside of tech publications.

Security experts have advised users to update affected devices – the iPhones 6S and later models; several models of the iPad, including the fifth generation and later, all iPad Pro models and the iPad Air 2; and Mac computers running MacOS Monterey. It also affects some iPod models.

Apple’s explanation of the vulnerability means a hacker could get “full admin access to the device” so that they can “execute any code as if they are you, the user,” said Rachel Tobac, CEO of SocialProof Security.

Those who should be particularly attentive to updating their software are “people who are in the public eye” such as activists or journalists who might be the targets of sophisticated nation-state spying, Tobac said.

The company did not give specifics on how many users were affected by the vulnerability. In all cases, it cited an anonymous researcher.

Commercial spyware companies such as Israel’s NSO Group are known for identifying and taking advantage of such flaws, exploiting them in malware that surreptitiously infects targets’ smartphones, siphons their contents and surveils the targets in real time.

NSO Group has been blacklisted by the US commerce department. Its spyware is known to have been used in Europe, the Middle East, Africa and Latin America against journalists, dissidents and human rights activists.

Security researcher Will Strafach said he had seen no technical analysis of the vulnerabilities that Apple has just patched. The company has previously acknowledged similarly serious flaws and, in what Strafach estimated to be perhaps a dozen occasions, has noted that it was aware of reports that such security holes had been exploited.

Read original article here

Business

Hackers might have figured out your secret Twitter accounts

Leave a comment

A security vulnerability on Twitter allowed a bad actor to find out the account names associated with certain email addresses and phone numbers (and yes, that could include your secret celebrity stan accounts), Twitter confirmed on Friday. Twitter initially patched the issue in January after receiving a report through its bug bounty program, but a hacker managed to exploit the flaw before Twitter even knew about it.

The vulnerability, which stemmed from an update the platform made to its code in June 2021, went unnoticed until earlier this year. This gave hackers several months to exploit the flaw, although Twitter said it “had no evidence to suggest someone had taken advantage of the vulnerability” at the time of its discovery.

Last month’s report from Bleeping Computer suggested otherwise, and revealed that a hacker managed to exploit the vulnerability while it flew under Twitter’s radar. The hacker reportedly amassed a database of over 5.4 million accounts by taking advantage of the flaw, and then tried to sell the information on a hacker forum for $30,000. After analyzing the data posted to the forum, Twitter confirmed that its user data had been compromised.

It’s still unclear how many users have actually been affected though, and Twitter doesn’t seem to know, either. While Twitter says it plans on notifying affected users, it isn’t “able to confirm every account that was potentially impacted.” Twitter advises anyone concerned about their secret accounts to enable two-factor authentication, as well as to attach an email address or phone number that isn’t publicly known to the account they don’t want to be associated with.



Read original article here

Science

Books You Should Read: The Hardware Hacker’s Handbook

Leave a comment

Here on Hackaday, we routinely cover wonderful informative writeups on different areas of hardware hacking, and we even have our own university with courses that delve into topics one by one. I’ve had my own fair share of materials I’ve learned theory and practical aspects from over the years I’ve been hacking – as it stands, for over thirteen years. When such materials weren’t available on any particular topic, I’d go through hundreds of forum pages trawling for details on a specific topic, or spend hours fighting with an intricacy that everyone else considered obvious.

Today, I’d like to highlight one of the most complete introductions to hardware hacking I’ve seen so far – from overall principles to technical details, spanning all levels of complexity, uniting theory and practice. This is The Hardware Hacking Handbook, by Jasper van Woudenberg and Colin O’Flynn. Across four hundred pages, you will find as complete of an introduction to subverting hardware as there is. None of the nuances are considered to be self-evident; instead, this book works to fill any gaps you might have, finding words to explain every relevant concept on levels from high to low.

Apart from the overall hardware hacking principles and examples, this book focuses on the areas of fault injection and power analysis – underappreciated areas of hardware security that you’d stand to learn, given that these two practices give you superpowers when it comes to taking control of hardware. It makes sense, since these areas are the focus of [Colin]’s and [Jasper]’s research, and they’re able to provide you something you wouldn’t learn elsewhere. You’d do well with a ChipWhisperer in hand if you wanted to repeat some of the things this book shows, but it’s not a requirement. For a start, the book’s theory of hardware hacking is something you would benefit from either way.

Having a solid theoretical basis for hardware hacking helps a lot. Don’t get me wrong, you’ll do pretty well reading our articles and learning from examples of your fellow hackers’ work – but there are going to be structural gaps when it comes to how hacks relate to each other and what else is out there.

Traditionally, such gaps would be by universities and educational courses, taking a lot of information, structuring it and then gifting that structure for you to sort all further knowledge into. Sadly, we know that even if you can find a professor, it’s not a requirement that their lectures are engaging – or up to date with modern times. This book spends a hundred pages creating a structure for you, a categorized bookshelf to sort your books into. In order to have a complete picture of hardware and never run out of ways to approach it, it helps if you understand your device in the same way that a hardware security understand s it, and both of our authors worked tirelessly to convey their mental frameworks to you, with plentiful examples.

Whether it’s going through Intel CPU die shots and pointing out different areas, showing protocol signal traces to demystify what really happens with a signal, or explaining the potential hidden in different PCB features you might encounter on the board you’re tackling, you get a glimpse into an expert’s mind as you go through the examples they provide you with. It doesn’t shy away from topics like cryptography, either – something that a hacker might not know they could use, and might be compelled to treat as a black box. In fact, it’s arguably one of the most important topics such a book could go into – and go there, it does. Before you start RSA key extraction, they go through RSA calculations involved in cryptographic signatures – while some understanding of algebra is beneficial, it’s not required, and you can always supplement with something like the RSA calculator we covered recently.

Without a doubt, you’ll want examples, as that’s how we learn best. With these advanced techniques in hand, they take the Trezor One cryptowallet, a device sold online today, and bypass its security measures, extracting the private keys stored on the wallet. The focus on power analysis and glitching pays off handsomely here – in fact, almost literally. This demonstration is advanced and heavy enough that it deserves its own chapter, and even if you don’t follow the steps as you go through it, the attack ties the concepts you’ve seen together, helping you make the links between what you’ve read and what you will do when you need to extract secrets out of your own device.

The authors make sure to keep the theory firmly coupled to real-world hardware as the book progresses. As training grounds for the Trezor wallet foray, you’ll be taught you how to solder a FET to the underside of a Raspberry Pi 3B+ PCB in order to glitch the CPU power rail and try making the CPU skip instructions. This exercise assumes you have a ChipWhisperer, though just the Lite version will do, but if you want to get real results anyway without the precise timing that the ChipWhisperer brings, you can use an ATMega328P and a piezoelectric generator from a BBQ lighter – giving you insights without tying the book’s value to a piece of extra hardware.

Then, they go into power analysis – something that you can often do with an oscilloscope, and present you with the basics. It’s a chapter that I’m only going through myself still, with this book being as information-dense as it is. However, I have high hopes for it, as power analysis is simultaneously a relatively non-invasive way to extract information and also an attack vector that most of hardware out there in the wild is susceptible to, making this part of the book a priority of mine when facing a bit of free time in my schedule. In fact, about a third of this book is devoted to power analysis techniques, from simple to advanced, and goes through multiple test setups, with even an Arduino-based target to get your feet wet.

Of course, part of hardware hacker’s power is in the equipment, which is why it’s hard to write a book like that and not expect your reader to have a few specific tools. The authors are mindful of that, which is why there’s an entire chapter going into equipping your own lab – on budgets from high to very low. A lot of the tools, you’ll be able to makeshift or repurpose, or will be able to use thanks to a friendly nearby hackerspace. Of course, most of them, you’ll get by without in the beginning, but when you encounter a particular problem, it’s helpful to know that there’s a tool for your exact need.

Since this book’s release, we’ve seen Colin advance the frontier of side channel attacks once more. Just last year, he’s given a Remoticon talk about EM injection glitching, and provided us with an accessible method on doing that without any fancy hardware requirements. These side channel attacks are an advancing field that chips will remain vulnerable to in the foreseeable future, and this book will get you up to speed on applying these methods when unlocking your own

For newcomers, such a promising field of study is a great intro to getting hardware, as many other attack surfaces we’ve known for years are nowadays well-protected and often won’t work as well in the wild. For professionals, you’ll undoubtedly find a few blind spots in your knowledge that you’d do good eliminating. We don’t have technology for uploading information into our brain – yet; as it stands, books are the closest we can get to that, and The Hardware Hacking Handbook is a respectable attempt to teach you what hardware hackers like [Jasper] and [Colin] know.

Read original article here