Walmart router, others on Amazon, eBay have hidden backdoors to control devices
Article, Comments

#router #walmart #backdoor #china

Backdoor found in 2G mobile data encryption standard

Cryptanalysis of GPRS Encryption Algorithms GEA-1 suggest intentional weakness

GPRS is the mobile data standard for GSM mobile phones. It's from the 2G era, and is old and slow. GEA-1 is an encryption algorithm used with GPRS.

Excerpt from the abstract:
"This paper presents the first publicly available cryptanalytic attacks on the GEA-1 and GEA-2 algorithms."

[..]

"This unusual pattern indicates that the weakness is intentionally hidden to limit the security level to 40 bit by design."

So in other words: GPRS was intentionally backdoored.

https://eprint.iacr.org/2021/819

Comments
https://news.ycombinator.com/item?id=27686422

https://apnews.com/article/europe-technology-business-3bddc473856a9af259feb511f58a51d3

https://link.springer.com/chapter/10.1007%2F978-3-030-77886-6_6

https://www.sueddeutsche.de/wirtschaft/handy-gprs-verschluesselung-1.5323228

#backdoor #2g #gprs #encryption

Bombshell Report Finds Phone Network Encryption Was Deliberately Weakened

Comments
https://news.ycombinator.com/item?id=27686422

via www.vice.com

#backdoor #2g #gprs #encryption

#SysJoker #Backdoor for Windows, macOS, and Linux went undetected until now

https://arstechnica.com/information-technology/2022/01/backdoor-for-windows-macos-and-linux-went-undetected-until-now/

The Bvp47 - a Top-tier #Linux #Backdoor of US #NSA Equation Group hidden for 10 years

https://www.pangulab.cn/en/post/the_bvp47_a_top-tier_backdoor_of_us_nsa_equation_group/

Stealth Soldier Backdoor Used in Targeted Espionage Attacks in North Africa - Check Point Research – June 2023

Check Point Research observed a wave of highly-targeted espionage attacks in Libya that utilize a new custom modular backdoor.
Stealth Soldier malware is an undocumented backdoor that primarily operates surveillance functions such as file exfiltration, screen and microphone recording, keystroke logging and stealing browser information.

The Stealth Soldier infrastructure has some overlaps with infrastructure the The Eye on the Nile which operated against Egyptian civilian society in 2019. This is the first possible re-appearance of this threat actor since then.

Phishing attacks using third-party applications against Egyptian civil society organizations - Amnesty International – 2019

#StealthSoldier #EyeOnTheNile
#Backdoor #espionage #malware #Egypt #Libya

China identifies the culprits behind cyberattack on Wuhan Earthquake Monitoring Center; a secretive US global reconnaissance system to be exposed - Global Times –

Investigation into a cyberattack incident targeting the Wuhan Earthquake Monitoring Center affiliated to the city's Emergency Management Bureau, after a joint investigation team formed by the National Computer Virus Emergency Response Center (CVERC) and Chinese cybersecurity company 360 discovered malicious backdoor software that exhibits characteristics of US intelligence agencies, the Global Times learned on Monday. Chinese authorities will publicly disclose a highly secretive global reconnaissance system of the US government, which poses a serious security threat to China's national security and world peace.

#China #Wuhan #NSA #USA #Spyware #backdoor

Sponsor with batch-filed whiskers: Ballistic Bobcat’s scan and strike backdoor | welivesecurity

ESET Research uncovers the Sponsoring Access campaign, which utilizes an undocumented Ballistic Bobcat backdoor we have named Sponsor

ESET researchers discovered a Ballistic Bobcat campaign targeting various entities in Brazil, Israel, and the United Arab Emirates, using a novel backdoor we have named Sponsor.

We discovered Sponsor after we analyzed an interesting sample we detected on a victim’s system in Israel in May 2022 and scoped the victim-set by country. Upon examination, it became evident to us that the sample was a novel backdoor deployed by the Ballistic Bobcat APT group

#APT #BallisticBobcat #backdoor #Israel #Iran #UAE

4-year campaign backdoored iPhones using possibly the most advanced exploit ever

"Triangulation" infected dozens of iPhones belonging to employees of Moscow-based Kaspersky.

Researchers on Wednesday presented intriguing new findings surrounding an attack that over four years backdoored dozens if not thousands of iPhones, many of which belonged to employees of Moscow-based security firm Kaspersky. Chief among the discoveries: the unknown attackers were able to achieve an unprecedented level of access by exploiting a vulnerability in an undocumented hardware feature that few if anyone outside of Apple and chip suppliers such as ARM Holdings knew of.
“The exploit's sophistication and the feature's obscurity suggest the attackers had advanced technical capabilities,” Kaspersky researcher Boris Larin wrote in an email. “Our analysis hasn't revealed how they became aware of this feature, but we're exploring all possibilities, including accidental disclosure in past firmware or source code releases. They may also have stumbled upon it through hardware reverse engineering.”
Four zero-days exploited for years
...

https://arstechnica.com/security/2023/12/exploit-used-in-mass-iphone-infection-campaign-targeted-secret-hardware-feature/

#iphone #apple #backdoor

This is big: The US Govt has created a hardware #backdoor in the CPUs of #Apple devices. This cannot be patched with a software update. Every owner of an Apple device is affected. You have no security. US spy agencies will have done the same with other CPUs.
https://twitter.com/KimDotcom/status/1772694668582453465