Tag Archives: NSA

Another Bloomberg report, another supply-chain issue

In a story from 9th October, Bloomberg tells us of New Evidence of Hacked Supermicro Hardware Found in U.S. Telecom.

“A major U.S. telecommunications company discovered manipulated hardware from Super Micro Computer Inc. in its network and removed it in August, fresh evidence of tampering in China of critical technology components bound for the U.S., according to a security expert working for the telecom company.”

The tampering described differs from that in Bloomberg’s previous report. This one describes an ‘implant’ in a server’s Ethernet connector. The communications company has not been named, but the report is based on information from Yossi Appleboum, described as “co-chief executive officer of Sepio Systems”, who suggests that this approach to snooping has been seen in other equipment supplied by China, while Bloomberg compares it to manipulations used by the NSA.

Commentary from The Verge: Tampered Chinese Ethernet port used to hack ‘major US telecom,’ says Bloomberg report.

Whatever the truth is of this story, it seems to go far beyond Apple. Nevertheless, also published on the Mac Virus blog. as it develops a story previously published there.

David Harley

Advertisements

Cryptocurrency/cryptojacking updates

Steve Kaaru for Null TX: Hackers Mining Cryptos Using Leaked NSA Surveillance Tools, New Report Reveals – “The report revealed that cryptojacking incidences have spiked by over 450 percent in 2018, attributing the increased incidences to an NSA tool that was leaked in late 2017 which has been used by North Korean and Russian hackers in the past to infiltrate strategic targets. ”

The article is based on a report from the Cyber Threat Alliance THEY’RE DRINKING YOUR MILKSHAKE: CTA’S JOINT ANALYSIS ON ILLICIT CRYPTOCURRENCY MINING

Alyza Sebenius for Bloomberg: Hackers Are Targeting Bitcoin With a Leaked NSA Software Tip, Report Says


Lukas Stefanko for ESET: Fake finance apps on Google Play target users from around the world – “Cybercrooks use bogus apps to phish six online banks and a cryptocurrency exchange…the apps have impersonated six banks from New Zealand, Australia, the United Kingdom, Switzerland and Poland, and the Austrian cryptocurrency exchange Bitpanda. Using bogus forms, the malicious fakes phish for credit card details and/or login credentials to the impersonated legitimate services.”

David Harley