While Amazon, Xiaomi, Samsung, Sony and TP-Link were attacked for money by white hat hackers in an exciting Pwn2own contest, North Korean black hat hackers are suspected to have attacked Indian Space Research Organisation (ISRO) and affected India’s Chandrayaan-2 mission.
Let’s talk about ISRO first.
Why North Korea is after India
Recently North Korean Lazarus group had targeted India’s largest nuclear power plant with a critical malware and now in less than four weeks, it is being said that North Korean hackers had also launched a cyber attack on India’s space agency which could have led to the failed Chandrayaan-2 moon landing.
The news is that users at ISRO were targeted via phishing emails that dropped malware on their systems while the space agency has commented that none of their systems were affected. It is highly possible that that the same Lazarus group is behind this attack with one of the aims of gaining intelligence regarding Thorium based nuclear power for North Korea.
Who got hacked at Pwn2Own Tokyo 2019
Coming to the other news.
Pwn2own is a bi-annual hacking contest organised on an international scale that invites white hat hackers from all over the world to try their hands on certain devices in exchange for lucrative prizes. The competition is the best hacking event in the world and is supported by many technology giants as their devices get tested by some of the best hackers in the world.
Hackers pick their targets from a prepared list, that they think they can take down, and if successful, earn reward money and points. This year Facebook Portal, Google Home, Google Nest Hub, Apple watch and iPhone, among a few others were able to save themselves from being targeted.
Televisions and smart home devices exploited
- NETGEAR Nighthawk Smart WiFi Router R6700 was found vulnerable to authentication bypass and buffer overflow attack. Hackers were able to modify its permanent software and obtain a shell. What’s more? The payload they dropped on the router did not vanish even after factor resetting the device!
- TP-Link AC1750 Smart WiFi Router was successfully attacked taking advantage of bugs that allowed for command injection and enabled remote code execution.
Another team hacked the same router to get remote code execution using a stack overflow and a logic bug.
Uh…uh..it isn’t over. Yet another team was able to exploit the command injection vulnerability and get remote code execution through the WAN interface card that the router uses to transmit data.
Mobile Phones exploited
- Xiaomi Mi9 was also successfully targeted by contestants using an attack called Cross Site Scripting (XSS). Apparently, an attacker could simply touch the NFC tag to exfiltrate data from the phone. Recently NFC feature was found to possess a fatal flaw that could pave a way for malware to enter the device.
Two-time reigning champions Richard Zhu and Amat Cama from Team Fluoroacetate bagged their title once again this year with 18.5 points and $195,000.
Overall, over $315,000 was distributed as prize money to various teams who successfully addressed bugs in devices. The bug reports were send to companies who will be working on fixes to strengthen the security of their machines.
We suggest that if you own any of these devices, you should keep an eye out for security updates and install them as soon as they are rolled out. Comment your thoughts and views below and share this mysterious dual hacking news with your circle.
Stay tuned, stay safe.