Category: hacked

Posted on in hacked

Hacking Radio RDS messages

It’s always refreshing when hacking is just funny and not new threatening APT attacks or huge data breaches.

Lately I stumbled upon this tweet:

After a nice laugh, I was curious to understand how this works.
And most importantly if it can happen.

First of all, it’s important to understand how this information is broadcasted to then know what are the possible vulnerabilities.

The protocol responsible for broadcast such information is called RDS

RDS is a method to transmit information such as station name, song title, alternative frequencies, etc. from the radio station to the listener.

Jonti (Jonathan Olds) from Wellington New Zealand wrote an informative and elegant article that will explain to you how this works. Also he created JMPX a software-based FM stereo encoder with RDS support.

Once you understand how RDS works, then it’s time to know how it can be hacked.  And I couldn’t find more fun and engaging presentation than Injecting RDS-TMC Traffic Information Signals by two guys Andrea Barisani Chief Security Engineer and Daniele Bianco Hardware Hacker.

The video is both hilarious and informative, it’s a must watch.

Also, you can check the full presentation.

Just some examples of their sense of humor and fun Hack.

Fake radios are nothing new as during WWII they were vital in disseminating disinformation between enemy lines.

A transcript from the fake radio German Freedom Station.
You can find more here.

Now add to fake radios, RDS to havea new dimension of disinformation.

This is a valid reminder that It’s always good to question two times the information that we receive.

Stay vigilant!

Posted on in hacked

A good hacker

For most people, hackers are known as bad actors.
They are portrayed as those sneaky people that can harm you, steal your data or just do something terrible. 

The truth is that is so much more than that and that there are so many good hackers or sometimes referred to as white hats, or security reasearchers that help our society to improve security in so many different ways.

This case is an excellent example of how a hacker, found a vulnerability in the Nest camera software.

The Hacker entered someone’s camera and microphone and was able to connect and contact the owner to inform him that his set up was unsecured.

For that person for sure, this was a great wake up call, and the security researcher was really accommodating, friendly and helpful. But it’s not always the case as those security cameras are very often exploited.

So if you are the owner of for such a camera maybe after that video, you will also think of improving the security of your set up.

The most simple and useful tips are:

1.  Add additional authentication with 2FA
2. Change any default login and password of your device
3. Make sure that you know what data you are sending over the internet
4. Update your device as soon as the update is available as it usually will contain security patches that would solve known issues.

Posted on in hacked

Mega bad day.

Extensions for your browser are cool.
Such cool gadgets are in reality programs that run autonomously.
So if you have tons of not updated extensions, you risk getting hacked.

MEGA is a cloud storage service with a focus on Privacy. They have all sort of apps, and of course, handy Chrome extensions.

A Hacker managed to hack into MEGA's Google Chrome web store account and upload a malicious version. Upon installation or auto-update, the malicious extension asked for elevated permissions to access personal information, allowing it to steal login/register credentials from ANY websites like Amazon, Github, and Google, along with online wallets such as MyEtherWallet and MyMonero, and Idex.market cryptocurrency trading platform.

The Hacker received all this info on his website megaopac[.]host and cashed in all stolen cryptocurrencies.

Remember always make sure that you need an extension, and if it is asking for more information than usual, be suspicious!

You can read the details of how this was discovered here.
great cath /u/gattacus and  @serhack_ 

Photo by Kari Shea on Unsplash.
The rest we beautified ⚡️❤️🌈💩.

[zombify_post]