Network Monitoring News – Oct 2016

Video Camera Hijack

As we progress down the road to the internet of things, businesses and home users need to be concerned with how to secure these “things”. Televisions, Refrigerators, Thermostats, DVR and many more items are now accessible via the internet. A major concern with these devices is they are never updated, leaving them vulnerable to attack.

Last week an estimated 1 million hacked security cameras took part in a distributed denial of service attack which reached a whopping 700 gigabits per second. This equates to 140,000 HD movies being streamed at the same time. When a web site receives this much traffic it is basically taken offline. This is the equivalent of trying to take a drink of water from a fire hose.

Cyber Security Month

October is cyber security month. The Department of Homeland Security website has lots of information available to help with end user awareness.

In their words: “October is National Cyber Security Awareness Month which is an annual campaign to raise awareness about cybersecurity. We live in a world that is more connected than ever before. The Internet touches almost all aspects of everyone’s daily life, whether we realize it or not.”

National Cyber Security Awareness Month (NCSAM) is designed to engage and educate public and private sector partners through events and initiatives to raise awareness about cybersecurity, provide them with tools and resources needed to stay safe online, and increase the resiliency of the Nation in the event of a cyber incident: https://www.dhs.gov/national-cyber-security-awareness-month

Google Play

It was recently found that 400 apps in the Google apps store are actually malware. This malware turns unsuspecting users phones into listening posts that could steal data out of the networks they are connected to. The malware disguises itself as a legitimate application.

The report states: “The malware installs a SOCKS proxy on the device, building a general purpose tunnel that can control and give commands to the device. It can be used to turn devices into bots and build a botnet, which is essentially a network of slave devices that can be used for a variety of schemes like distributed denial-of-service (DDoS) attacks—which have become an increasingly severe problem for organizations worldwide—or spam email campaigns. The botnet can use the proxied IP addresses also generated by the malware to create fake traffic, disguise ad clicks, and generate revenue for the attackers.”

Here is a partial list of infected apps:

• com.dark.kazy.goddess.lp
• com.whispering.kazy.spirits.pih
• com.shelter.kazy.ghost.jkv
• com.forsaken.kazy.game.house
• com.dress.up.Musa.Winx.Stella.Tecna.Bloom.Flora
• com.dress.up.princess.Apple.White.Raven.Queen.Ashlynn.Ella.Ever.After.High
• com.monster.high.Dracubecca.freaky.Fusion.draculaura
• com.dress.up.Cerise.Hood.Raven.Queen.Apple.White.Ever.After.Monster.High
• com.ever.after.high.Swan.Duchess.barbie.game
• com.cute.dressup.anime.waitress
• com.rapunzel.naughty.or.nice
• guide.slither.skins
• clash.royale.guide
• guide.lenses.snapchat
• com.minecraft.skins.superhero
• com.catalogstalkerskinforminecraft_.ncyc
• com.applike.robotsskinsforminecraft
• com.temalebedew.modgtavformcpe
• com.manasoft.skinsforminecraftunique
• com.romanseverny.militaryskinsforminecraft
• com.temalebedew.animalskinsforminecraft
• com.temalebedew.skinsoncartoonsforminecraft
• com.str.carmodsforminecraft
• com.hairstyles.stepbystep.yyhb
• com.str.mapsfnafforminecraft
• com.weave.braids.steps.txkw
• mech.mod.mcpe
• com.applike.animeskinsforminecraftjcxw
• com.str.furnituremodforminecraft
• com.vladgamerapp.skin.editor.for_.minecraft
• ru.sgejko.horror.mv
• com.vladgamerapp.skins.for_.minecraft.girls
• com.zaharzorkin.cleomodsforgtasailht
• com.temalebedew.ponyskins
• com.my.first.date.stories
• com.gta.mod.minecraft.raccoon
• com.applike.hotskinsforminecraft
• com.applike.serversforminecraftpe
• com.zaharzorkin.pistonsmod
• wiki.clash.guide
• mobile.strike.guide
• prank.calling.app
• sonic.dash.guide