Latest articles in ‘Blackhat’

  1. Mr. Robot (TV show by Sam Esmail, 2015)

    Published: Wed 22 November 2017 in Library.
    A review on 'Mr. Robot' TV series, which started with a very engaging first season but sadly seems to wither away.

    Mr. Robot is an interesting project trying to create a television series featuring accurate “hacking” techniques and real-life events, as opposed to most “hacker” movies and series which just project the general public phantasms on the screen.

    I used to redirect people asking me for some “hacking trick” to this series, and several websites and blogs use it as a illustration to provide fundamental knowledge in IT security and help people take conscience of various risks.

    As I write this post, we have now reached the middle of the third season, and while I was and still am very enthusiastic regarding the first season my feeling are now more than mitigated about its sequel.


    For those who haven’t seen this series yet, I won’t get into any storyline details here, except a bit when listing some season 3 issues. Most of this post should be spoiler-free, however …

  2. How are attacks and APTs attributed

    Published: Sun 01 October 2017 in Opinions.
    How to put the name of a country or an individual behind a security event.

    Computer-based attack attribution works like the attribution of any other illegal activity: it requires a significant amount of investigation, gathering clues, corroborating information, attempting to eliminate false leads and recognize right ones, etc.

    On the attackers’ side

    The attacker may cover his tracks using two main techniques: plausible deniability and false flag.

    Plausible deniability

    Plausible deniability aims non-attribution by making the attacker’s identity unclear. It relies notably on using off-the-shelf and widely available tools and techniques, and carefully removing all metadata or potential clue.

    CIA’s Development Tradecraft DOs and DON’Ts from the “Vault 7” leak is a perfect example on how to implement plausible deniability in malicious software.

    False flag

    False flag (in the case of a government entity we can also talk of a black ops) aims misattribution by voluntarily and actively forging clues designed to deceive investigators (or simply the targets) into attributing the attack …

  3. Carbanak APT, the great bank robbery

    Published: Mon 31 July 2017 in Library.
    The 3rd millennium version of the postal train robbery, readable as a good detective novel.

    In 2015, several surveillance cameras filmed people presenting themselves in front of an ATM, and while no interaction occurred between them and the machine the ATM suddenly started to dispense cash.

    Strange enough, this was actually only the tip of iceberg as the investigation unveils an operation ongoing for around two years, infecting and stealthily altering bank operations from the inside, to achieve what may be one of the biggest bank robbery estimated up to one billion dollars.

    Kaspersky report tells this investigation. While this document provides technical details for interested people, they are not necessary to understand it and can be easily skipped. In fact, this report is quite well written and can be read as a good detective novel and provides a good description on how a high-end attack may look-like nowadays

    Actually, this report looks so much like a detective novel that Wikipedia notices there was some …

  4. 23, Karl Koch and Cliff Stoll

    Published: Sun 23 July 2017 in Library.
    The best depiction of the hacking world in the early days of the Chaos Computer Club.

    23 - Nichts ist so wie es scheint (1998)

    The best depiction I’ve seen so far of the state of the hackers’ world in western Germany in the 80’s. You name it: this the place and time which gave birth to the Chaos Computer Club.

    This film is an independent production (by Hans-Christian Schmid), and due to this is not very widely known which I think is a real shame. This film follows Karl Koch, a German hacker stealing information from US military systems to sell them to the KGB. But, IMHO, this is merely an excuse to provide us an overview of the hackers’ world of that time, both at the cultural and technical level, where idealism faces conspiracy theories, the desire to free the access to information meets individual and national craving for power, and Usenet groups were creating new kinds of links between people.

    Screenshot of "23 - Nichts ist so wie es scheint"

    Some people …

  5. Wannacry: a full scale war game?

    Published: Tue 16 May 2017 in Opinions.
    With the shadowbroked announcing WWIII, the ransomware may actually convey a different message than the advertised one.

    An unidentified group, the Shadow Brokers, stole NSA’s secret cyber-weapons and decided to publish (some of) them. A mafia group took this opportunity to develop a ransomware which will make the headlines as “WannaCry” or “Wcry”.

    Fortunately, the damages were far from what they could have been:

    • Microsoft published a fix for the exact issue exploited by the ransomware just a month before these tools became public.
    • The malware embedded a trivial kill switch allowing anyone in the world to easily stop the propagation: it worked so well it was accidentally trigerred stopping malware propagation just a few hours after its release.

    Without this “luck” the attack could have been damaging in a way out of proportion with what we currently encountered. The current estimation of 230,000 infected computers may seem a high and impressive number, but this is nothing like one could expect with such a piece …

  6. Are EMV credit cards clonable? How?

    Published: Tue 15 September 2015 in Opinions.
    Why a system regularly presented as unbreakable actually isn't.

    From a theoretical perspective, a smart card can be compared to a networked computer: it’s content cannot be accessed directly like a disk or a USB stick, you must send requests to the chip (either to access some data or to execute some operation) and the chip answers following a given protocol (authentication may be needed for some requests, etc.).

    Therefore, still from a theoretical perspective, while a smart card itself can be considered as secure, this led to a wrong marketing discourse claiming that systems based on it were “unbreakable” or that such cards were “unclonable”. However, a complex system like a complete payment system cannot be shrinked to the sole EMV card security. The payment card is only the tip of the iceberg, every element composing this system and their mutual interaction must be taken into account, from the various involved devices to the protocols and the …

Popular tags see all