Repurposing – How Smart Hackers Leverage Existing Assets

Source: Slides from RSAC 2020 presentation

Let’s say you want to pull off a seriously significant hacking caper against targets that are more than just a little bit sophisticated. As an accomplished hacker you have two choices. You can either crack open that case of Red Bull and toil away for weeks or months developing your own code or, you can hi-jack and repurpose someone else’s killer code and spend your free time however you like. It’s this lazy-man’s  (smart man?) approach that former NSA hacker Patrick Wardle  shared with the audience at this year’s RSA security conference.

Why Toil When Stealing is So Easy?

Wardle, who now specializes in macOS and iOS security at Jamf made the case for “borrowing” the code of others, especially well funded government sponsored hackers.

Wardle supported his premise by sharing with the audience how he altered 4 different Mac malwares that have successfully been used by others in recent years.  With just a little effort he was able to alter the potent and proven code of others to report to his own command servers. Once hi-jacked he could install his own payloads to accomplish whatever goals he was interested in.

So Many Benefits, So Little Time

Repurposing the code of others is nothing new. WannaCry and its cousin NotPetya that rode roughshod across the globe a few years back were aided in their virality by incorporating EternalBlue, the NSA Window’s exploit that was stolen and later released by Shadow Brokers.

Recycling the great work of others brings many benefits:

  1. Quicker development time
  2. Proven effectiveness
  3. Let’s you use other’s code in hi-risk environments
  4. Masks your identity
  5. Implicates others if detected.

The CIA Has a Repurpose Library

According to an article on theintercept.com from 2017 which cites a tranche of Wikileaks documents, the CIA hacking resource known as UMBRAGE has created a repository of other group’s “techniques” that “can not only increase its total number of attack types, but also misdirect attribution by leaving behind the ‘fingerprints’ of the groups that the attack techniques were stolen from.” “The goal of this repository is to provide functional code snippets that can be rapidly combined into custom solutions.”

Purposeful Protection

At Konsultek we create custom security solutions designed to keep your organization safe from even the most sophisticated attacks. For many organizations, perhaps yours, the biggest value contained in your network may not be personal information at all but rather commercial data such as specifications and trade secrets. We help organizations of all types protect their valuable information by developing and deploying custom solutions using the best technologies available on the planet.  If you have concerns, we have solutions and the good news is we are just a phone call away!

Did the First Hack From Space Just Occur?

As cool as that would be, I’m not sure someone using a willingly shared password actually counts as a hack even if that shared password was indeed used from space to access a now estranged person’s account.

Astronaut vs. Former Air Force Intelligence

Anne McClain, a former U. S. Army pilot who flew more than 800 combat hours during Operation Iraqi Freedom before joining NASA in 2013 has been accused of “hacking” her estranged spouse Summer Worden’s bank account by the former Air Force intelligence officer. Worden used her spy skills to track down the offending IP address to NASA. Since Ms. McClain happened to be on the International Space Station at the time we have the possibility that this is the first cybercrime committed from space!

Who Is Deputy Dawg in Space?

When it comes to enforcing the law in space you might think it could be tricky. Turns out that legal framework was laid out long ago.  According to BBC News the law dictates any crime committed in space falls under the jurisdiction of the offending astronaut’s country of origin. Surprisingly simple and straight forward – must have been developed by scientists, not politicians or lawyers!

Terrestrial or Extraterrestrial Konsultek has you Covered

Whether your next attack comes from the ISS, the moon or next door our custom security solutions will keep your network safe and your data secure.

If you are unclear as to whether or not your security is up to the challenges of today’s hackers, we can help you find out.

Our team of experts is happy to provide an outside, independent and unbiased analysis of your network’s security. Simply give us a call or click here: https://konsultek.com/executive-risk-assessment/.

You’ll receive a complimentary Executive Risk Assessment. This assessment will not only show you the risk and impact to your most critical digital assets but demonstrate the likelihood of a breach happening.

Hack an iPhone and Apple will give you $1Million

That was the announcement made at last week’s Black Hat conference by Ivan Krstić, Apple’s head of security.

Keep in mind that the $1,000,000 is not for just any hack but for gaining full control of the device remotely without the user having to touch or handle the device. And, by the way, that device can be any Apple device running iOS or macOS, not just an iPhone.

Bug Bounties on the Rise

Apple launched its bug bounty program in 2016. At that time they were offering up to $200,000 for vulnerabilities that allowed the hacker to gain full control of a device running iOS without user involvement.

So why the rapid rise in Apple paid bounties? Well as it turns out they are simply trying to be more competitive in the bug bounty market. Even at $1,000,000  though, Apple is still far behind Zerodium who will pay up to $2,000,000 for the same exploit. And who knows how much governments would pay for the ability to hack iPhones at will! It seems that if you are good enough to pull it off, there are plenty of other organizations you could sell your wares to besides Apple and for a lot more money.

How Vulnerable are Your Systems?

Konsultek is happy to test the vulnerability of your systems for FREE! Our experienced team of engineers will, at your request, quickly and efficiently determine the vulnerability of your network and offer solutions for any weaknesses found.

If you are interested in getting an outside, independent and unbiased analysis of your network’s security, simply give us a call or click here: https://konsultek.com/executive-risk-assessment/.

The first 20 respondents will receive a complimentary Executive Risk Assessment. This assessment will not only show you the risk and impact to your most critical digital assets but demonstrate the likelihood of a breach happening.

© Copyright 2018 Konsultek