The Hacker News - December 20 2013

1. *+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*
2. Acoustic Cryptanalysis: Extracting RSA Key From GnuPG by Capturing Computer Sound
3. *+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*
4.  
5.  
6. 'RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis', is an interesting paper recently published by Three Israeli Security Researchers at Tel Aviv University. They claimed that, they have successfully broken one of the most secure encryption algorithms, 4096-bit RSA, just by capturing Computer's CPU Sound while it runs decryption routines. Daniel Genkin, Adi Shamir (who co-invented RSA), and Eran Tromer, uses a side channel attack and through a process called “acoustic cryptanalysis”, they successfully extracted 4096-bit RSA key From GnuPG. "We experimentally demonstrate that such attacks can be carried out, using either a plain mobile phone placed next to the computer, or a more sensitive microphone placed 4 meters away,”
7.  
8. The paper specifies some possible implementations of this attack. Some email-client softwares i.e. Enigmail can automatically decrypt incoming e-mail (for notification purposes) using GnuPG. An attacker can e-mail suitably-crafted messages to the victims, wait until they reach the target computer, and observe the acoustic signature of their decryption, thereby closing the adaptive attack loop. "The acoustic signal of interest is generated by vibration of electronic components (capacitors and coils) in the voltage regulation circuit, as it struggles to maintain a constant voltage to the CPU despite the large fluctuations in power consumption caused by different patterns of CPU operations," "The relevant signal is not caused by mechanical components such as the fan or hard disk, nor by the laptop's internal speaker."
9.  
10. The security researchers listen to the high-pitched (10 to 150 KHz) sounds produced by your computer as it decrypts data and warned that a variety of other applications are also susceptible to the same acoustic cryptanalysis attack. "We observe that GnuPG’s RSA signing (or decryption) operations are readily identified by their acoustic frequency spectrum. Moreover, the spectrum is often key-dependent, so that secret keys can be distinguished by the sound made when they are used. The same applies to ElGamal decryption."
11.  
12. Here in the above picture (see link below!), a mobile phone (Samsung Note II) is placed 30 cm (nearly 12 inches) from a target laptop. The phone’s internal microphone points toward the laptop’s fan vents. Full key extraction is possible in this configuration and distance. They have notified GnuPG about the vulnerability and If you want to keep your data secure, please follow recommended countermeasures: "One obvious countermeasure is to use sound dampening equipment, such as "sound-proof" boxes, designed to sufficiently attenuate all relevant frequencies. Conversely, a sufficiently strong wide-band noise source can mask the informative signals, though ergonomic concerns may render this unattractive. Careful circuit design and high-quality electronic components can probably reduce the emanations." GnuPG team has developed a patch for the vulnerability to defend against key extraction attacks and released GnuPG 1.4.16.
13.  
14. Read more: http://thehackernews.com/2013/12/acoustic-cryptanalysis-extracting-rsa.html
15.  
16.  
17.  
18. *+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*
19. World’s Largest BitCoin Poker Website Hacked, 42000 User Passwords Leaked
20. *+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*
21.  
22.  
23. World’s largest Bitcoin poker website 'SealsWithClubs' has been compromised and around 42,000 users' credentials are at risk. Seals With Club has issued a Mandatory Password Reset warning to their users, according to a statement published on the website. The service admitted their database had been compromised and revealed that the data center used until November was breached, resulting 42,020 hashed password theft. "Passwords were salted and hashed per user, but to be safe every user MUST change their password when they next log in. Please do so at your earliest opportunity. If your Seals password was used for any other purpose you should reset those passwords too as a precaution." and "Transfers may be disabled for a short period of time.".
24.  
25. Seals With Clubs used SHA1 hash functions to encrypt the passwords, but SHA1 is outdated and easy to crack if not salted. 'StacyM', a user then posted the hashed passwords on a web forum operated by commercial password cracking software 'InsidePro' and asked for them to be cracked for $20 in bitcoins per 1000 unique passwords. 2/3rd on the list were cracked by the next day and some cracked passwords are “bitcoin1000000”, “sealswithclubs”, “88seals88” and “pokerseals”. The site also mentioned that they are working to improve security of the website and would implement additional security measures, including two-factor authentication and login from a limited number of IP addresses.
26.  
27. Read more: http://thehackernews.com/2013/12/SealsWithClubs-bitcoin-poker-hacked-password-dump_20.html
28.  
29.  
30.  
31. *+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*
32. 'The Washington Post' Compromised 3rd Time in The Last 3 Years
33. *+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*+/+\+*+*
34.  
35.  
36. Security experts at Mandiant intelligence firm have discovered a new intrusion into the network of The Washington Post, it is the third time in the last three years. In time I'm writing it is still not clear the extension of the attack neither an estimation of the losses. Mandiant reported the incident to The Washington Post this week, confirming that exposed data include employees' credentials hash. "Hackers broke into The Washington Post’s servers and gained access to employee user names and passwords, marking at least the third intrusion over the past three years, company officials said Wednesday." a post of the news agency said.
37.  
38. Early 2013 the New York Times has announced that during the previous months it was a victim of cyber espionage coordinated by Chinese hackers, similar attacks was conducted against principal Americans news agencies. The hackers have tried to compromise the email account of journalists to steal sensitive information, they tried to infiltrate the network of news agencies using several dozen instances of malware, as revealed by forensics analysis conducted by the Mandiant security firm. The attackers obtained password data for all of the Washington Post reporters and other employees.
39.  
40. Regarding this last attack there is no evidence that subscriber information such as credit card data or home addresses was stolen neither the information of which offices of the popular media agency were impacted (e.g. Publishing system, employee e-mail databases, HR database). The hackers in many cases targeted server used by the paper's foreign staff to extend their operation to the entire company infrastructure. Investigators believe the intrusion lasted at most a few days, but the news is very worrying considering that large international news organizations have become a privileged target for hacking campaigns.
41.  
42. The Washington Post, NYT and Associated Press were subject to numerous attacks conducted by state-sponsored hackers including the popular group of hackers Syrian Electronic Army. Waiting for more detailed results of investigation officials planned to ask all employees to change their user names and passwords on the assumption that a large number of them may have been compromised.
43.  
44. Read more: http://thehackernews.com/2013/12/the-washington-post-compromised-3rd.html