Хакер спас мир и сел в тюрьму: Невероятная история Маркуса Хатчинса и червя WannaCry

12 мая 2017 года мир столкнулся с беспрецедентной киберкатастрофой. Больницы разворачивали машины скорой помощи прямо на ходу, вставали конвейеры автозаводов, парализовало серверы банков и министерств в 150 странах. На экранах сотен тысяч компьютеров загорелось агрессивное красное окно шифровальщика WannaCry с тикающим таймером. Но самое поразительное в этой истории — не масштаб ущерба, оцениваемый в миллиарды долларов. Самое поразительное то, что этот цифровой «франкенштейн» был собран из утекшего в сеть секретного кибероружия АНБ США, а остановил его 22-летний аналитик-самоучка с темным прошлым, просто зарегистрировав бессмысленный домен за 10 баксов.

https://habr.com/ru/articles/1037618/

#wannacry #eternalblue #smb #уязвимости_нулевого_дня #marcus_hutchins #malwaretech #шифровальщик #ransomware #ahб #кибербезопасность

This is one of my major projects I have been preparing for.. more than 1 and a half year.

I will begin reversing some HDD/SSD's, to see if I can replicate #spritesmods hdd hack (https://spritesmods.com/?art=hddhack )

(and, part 2, 3 , etc)

And, reading up on it this is another great article

#malwaretech

( https://malwaretech.com/2015/04/hard-disk-firmware-hacking-part-1.html )

(and, part 2, 3 , etc)

When I say "I will post the progress" or something along those lines, I will post it on my GitHub.

I will, of course, NOT post the reversed firmware or stuff like that, cuz.. that would'nt be any good for obvious reasons. Instead I will just show what I can achieve, like at least one but probably more than the below:

- backdoor the firmware (persistence)

- make hidden sectors (possibly using encryption and or obfuscation with some steganography)

- kleptography(detect CRYPTO operations to gather the priv keys and store it either a) in the chip(like the firmware), b)in the hidden sector or c) in another way, possibly transmitting it to elsewhere)

- Run Linux on it. Yes. The Linux Kernel if possible.

I will try some stuff I believe will be the first things one tries before, breaking the HDD/SSD open and try for JTAG, cuz, what about if there's no jtag? Or, "better" (worse) if there may be jtag but it's obfuscated? I mean there's no real good thing for companies to label "here we got jtag! so you can hook it up to a machine if you want to debug it!" no no, quietness is what it is. Heh. (By the way that's the same with datasheets, it's not something just 'given out') <- At least.. Not with my experience.

- JTAG (of course)

- Serial (even if some of these might not achieve anything we want, we should just begin small)

- See some pinouts

- other known "ports"

- datasheets

- schematics

This will not only be "a project" on its own, it's a major part (the first part, actually) for something much bigger.

Alright! have a great day people! Wishes from Sweden!

#loneicewolf #fimware #hacking #reverseengineering #project #hdd #ssd #majorproject

"The Confessions Of Marcus Hutchins, The Hacker Who Saved The Internet", Wired (https://www.wired.com/story/confessions-marcus-hutchins-hacker-who-saved-the-internet/).

#Malware #MalwareTech #BotNet #Internet #WannaCry #Kronos #Security #Cracking #ComputerSecurity #DarkNet #FBI #Phishing #DefCon

Le hacker salué pour avoir stoppé le virus WannaCry arrêté aux Etats-Unis (https://frama.link/EmvgHk2C)

Sur le même sujet:
* https://frama.link/PdMuFTQA
* https://frama.link/Wj_sK8Vx
* https://frama.link/meUpaz67

#sécurité #sécurité-informatique #wannacry #virus #troyan #kronos #malwaretech #arrestation #usa #hacker #expert

Some are saying it's weird for someone to ask for a sample of their own malware, like #MalwareTech did for #Kronos.

During Watergate, Deep Throat (W. Mark Felt) was the deputy director of the FBI. He ordered an internal FBI investigation into who Deep Throat was.

#infosec