In association with heise online

26 October 2012, 17:06

Lost+Found: Hacking keyloggers, honeypots and the return of TDL4

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Lost and Found icon Too short for news, too good to lose; Lost+Found is a roundup of useful security news. This time: Hacking a hardware keylogger, setting up a free cloud-based honeypot with Amazon EC2, a GUI for ping.exe, the supposed return of TDL4 and a hotel master key disguised as a dry erase marker.

  • How do you crack the access code for a hardware keylogger discovered between a keyboard and a computer? By using a Teensy USB development board which identifies itself as a USB keyboard and runs through every possible key combination.

  • Amazon's E2C cloud computing instances can be used for all sorts of things, including setting up a honeypot on which cyber-fraudsters can get up to as much mischief as they want. And the cost? £0.00.

  • We're not sure which is worse: the fact that a GUI for ping.exe even exists or that it's been written in Visual Basic. But then it was created by experts in forensics...

  • Based on analysis of network traffic, security company Damballa claims to have identified a new version of the TDL4 rootkit, which it has christened Damballa DGAv14. It was, however, unable to find the actual malware, even though it has allegedly already infected 46 of the Fortune Global 500 companies. DGA stands for domain generation algorithm, by which infected bots determine the domain name for the current command and control server.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit