USB Thief Infects ‘Air-gapped’ Computers And Leaves No Trace

Malware (short for malicious software) is a type of program that is intended to cause harm to a system, be it in the form of ransomware, like that which has hit several hospitals in the US, or just you generic popup creating malware. A new malware named USB Thief, looks to break the chain of common threats by hiding itself and infecting systems even when they aren’t connected to the internet.

The internet is a wonderful thing but the problem with everyone being able to share and talk to one another is that sending something nasty is as easy as clicking a button (or in some cases, the software even does this for you). USB Thief avoids this by working on USB sticks, the very same ones you use to send information to and from your computer to your parents or even your friends.

The software hides by only executing under a certain set of rules, that is using a key created from the original USB drive it was created for. Even when it does spread it uses a unique key created using the ID of the USB stick and the time, meaning that traditional attempts to copy and discover the malware fail when suddenly it has unknown hardware in the mix.

Not only does it mean it won’t always execute, breaking the common rule of repeated behaviour is traceable behaviour, but it doesn’t leave any evidence on the infected computer, meaning your data could be stolen and you wouldn’t even know it. USB Thief lives up to the second part of its name, with it at the moment only working to steal data, but Tomáš Gardoň, a malware analyst with antivirus provider Ese says that “it would not be difficult to redesign the malware to change from a data-stealing payload to any other malicious payload”.

By avoiding the internet and focusing on the more traditional method of using USB drives, the virus is able to infect systems similar to how Stuxnet worked, enabling it to infect ‘air-gapped’ system (those which aren’t connected to the internet). With the USB lock in place, only the original USB created by its designers can infect systems, meaning if you didn’t create the original you won’t be able to use it.

If that wasn’t enough the USB Thief’s developer seems to have done its homework as it only runs as part of a command from portable versions of legitimate applications like Notepad++ and Firefox. If you’re running Kaspersky Lab or G Data though you should be okay as the malware won’t install itself on your system, a feature that was no doubt down to results from some initial testing.

New Mortal Kombat Secrets Revealed After 20-Years!

There are many types of gamers, you have the speed runners who have to rush to complete every level improving their time with every breath they take. You have the fighters, the ones who will play online for hours and hours, finding more and more worthy foes as they topple countries and players alike. Then you get the completionist, they are driven to find every secret and every unlockable. From flushing a toy down a toilet in a horror game to games hidden in the latest hardware, they are able to find miracles and jokes alike. A series you might not expect to contain many secrets is Mortal Kombat.

Hidden within the first three games of the brutal fighting game, you can access the secret “ed boon” menu’s. The reason for this title is quite simply in that Ed Boon actually programmed in the secret menus, which were only discovered within the last few days. If this wasn’t enough, the menu’s show you options that include everything from changing names on leaderboards (best not use that in competitions), the characters different endings and in Ultimate Mortal Kombat 3 you can even unlock the hidden characters, see the fatalities available and even a secret “Galaga” like game.

In order to get to the menu you need to be pretty quick on the buttons and we recommend you check out the video below to find those secrets.

https://www.youtube.com/watch?v=0WK1Ec-KVVQ

Dentist Tried to out YouTube Critic but Will Instead Pay Legal Fees

We all judge people, and some of us dislike people for something as simple as their job. A popular profession to be hated for being is a dentist, a profession sometimes accredited with just being there for you to inflict pain on your patients. Well in a legal case in Georgia, America a dentist has gone to court to try out a YouTuber who uploaded an investigation into the dentist that was aired by an Atlanta-area television station.

The original indictment was published in 2009 which stated, among other things, that Austin beat several patients. The assault charges, whose victims included children, was dropped as part of a plea deal after pleading guilty to six counts of Medicare fraud. The assault charges relate to when a patient would cry out or moan during a procedure (something we’ve all done when that sharp metal tool stabs into your gums), Gordan Trent Austin would tell the patient to stop making noise, only to reinforce the message if they didn’t obey with a quick strike from a dental instrument.

With the original video released in 2009, it was only back in 2015 that Austin filed a lawsuit in an attempt to sue the Youtuber for defamation, this lawsuit included a subpoena to google to identify the Youtubers identifier. Public Citizen didn’t like this though and filed a motion arguing that not only was there no case for defamation but that the statute of limitations had elapsed, so even if there was it was too late.

The hearing was scheduled to take place on Tuesday but a week before it went to court, Austin’s lawyers agreed to not only drop the case but pay $12,000 in attorneys’ fees to Public Citizen.

We’ve seen a lot of cases like this where someone seems to go to court on the off-chance that they could benefit, among them are a LARPing website being sued for “infringing patents” by importing products and the Onewheel creators who dropped their case against China-based rivals only weeks before it goes to court.

Skype Hides Your IP in Effort to Protect You

We’ve all heard or seen about Swatting, but for those who haven’t let me explain its principle. Normally it happens when you find someone online, usually in the process of streaming a video or even them record themselves playing a game. As they are online you use software to track down their IP, this information tells them where you are in the world. Using another piece of software, you ring the police and state that you are in danger at that address, wait a few minutes and you see police appear all over your screen and begin to laugh at your accomplishment.

Swatting is not a joke though and while it is also a waste of police time, it is also extremely dangerous. In an effort to help protect against online trolls (people who cause grief to others online), online services are acting to do just that, such as the latest update which allows Skype to hide your IP.

In the latest update to the global service, IP addresses will be hidden by default. This means that once you’ve updated, you can be sure that you protected that little bit more from those who would seek to cause you pain or have a laugh at the expense of your happiness.

I think this is a great update, protecting users from all kinds of problems. Online services have a duty to protect their users and Skype is doing just that with this update.

SOMA Players Unlock Games Secrets by Flushing a Toy Down a Toilet?

Some games secrets are easy to find, others are so far buried, it’s amazing anyone found them at all! The latter is especially true for players of SOMA, who have discovered that shoving a plastic toy into the toilet and flushing it, within the game of course, causes a set of numbers to appear on screen, but what does this mean?

If you find enough of these extremely obscurely hidden codes around the game, you can use them as the password for a file called _supersecrets.rar in the games installation directory. Unfortunately, these codes were so well hidden, that it was only through analysing the games files for strings of code that a user was able to uncover them all!

“Knowing two of the Code locations, I opened the laboratory map and checkted that ceiling. Voila, an Area-Trigger having a Collision Callback. It took me a while till I found out where those callbacks are handled. But once I found the place i was shocked. Only 1 line of code, no hint at the part of the password. Keeping that in mind I opened the Apartment map and looked at the toilet. Luckily again an Area-Trigger. Knowing it should be triggered by the Figure on the Table, I looked for the corresponding code in the script. Again no hint at the Password in there. But then it hit me. Both had an strangely named cLux_ command in there. So i removed the suspected command in the toilet script and tried draining the figure. Jackpot! The code went missing.”

The user managed to crack the code, and discovered just what lurks inside, a kind of in the making collection of files about the games development, some early screenshots and a few other goodies, nothing major, but credit to the developers for making it a bit of a wild adventure to discover them.

Redditer Discovered Hidden Feature in iOS 9 and Mac OS X El Capitan

We got a lot of information out of what to expect from iOS 9 and El Capitan this fall at Apple’s WWDC in June. Even so, developers are said to be good at discovering Apple’s ‘hidden’ new features, but this time around, it seems that one of them, who I think is actually useful, was actually discovered by someone else.

A redditer going by the name of homeboi808 seems to have stumbled upon a feature who went on unnoticed so far. On both iOS 9 and El Capitan, if you tap on a flight number in either the Mail, Messages or Notes app, the OS’ will work the flight out and give you a flight path overview, along with all information about that flight. This includes arrival, departure times, possible delays and even airport terminal details.

It seems that Apple has added a built-in feature that detects and reacts to gestures when it finds a flight number. However, that needs to adhere to the actual flight number style, so don’t expect it to do the same with just anything you type in. Even so, the flight number needs to be valid in order to get information about it.

Even so, the feature is really helpful when you’re expecting to pick someone up from the airport or are planning a journey. Getting up-to-date information about your flights is a must from my point of view. What do you think?

Thank you BGR for providing us with this information

Tor Users Beware – You May Not Be As Hidden As You Thought

Tor claims to allow people to connect to the internet and through their network become invisible and untrackable, this has made it very popular in recent years in which privacy online has become a big issue for both companies and home users alike. Scientists from Massachusetts Institute of Technology and Qatar’s Computing Research institute have released a research paper which may change that.

By gathering the network information from a pre-determined list of hidden services in advance, they are able to analyse patterns between the hidden service and the entry guard which helps protect users and make the service “anonymous”. This means that they were able to create a unique fingerprint for each service they came across, and later able to use this to identify the service. It should be noted though that while this means you can be identified on the network, they could not decrypt the network data, that would be a task for a different service.

Quoting an “88 percent accuracy” in determining the services identity. The attacks however must come from an entry guard, which are randomly assigned amongst the many users that use the tor network and therefore reduces the chance that you would have access to the entry guard required to find a particular person. The algorithm used to identify services did so by matching the number of packets (bundles of information sent) in patterns, a technique which Tor’s project leader has openly said could be fooled by simply adding padding to the network communications.

With secrecy and online monitoring becoming publicly known, even when it’s done illegally, tools like Tor are becoming more popular amongst users who feel they might be targeted online (for good or bad reasons). In the modern world, nothing is 100% secret.

Thank you Ars Technica for the information.

Image courtesy of WonderHowto.

US Army Developing Invisibility Suit

Can you see me? Yes Jeeves, I can!

The US Army is in the process of developing an invisibility suit for its troops. It has requested firms developing “Stealth Fabrics” to get in touch and have stated that they want to get the first prototypes created within 18 months; they hope that the suit will be able to function in all terrains, from ice caps to desserts, and in all temperatures.

The companies that are selected will undergo a one-year phase will have to submit 10 suits for testing, and all suits must work in all terrains from all angles. They also said if the adaptive camouflage requires power then it must weigh less than 0.45KG and last for at least 8 hours of operation.

The Army have stated they want the following:

  • Has 360-degree coverage and ‘can actively respond to various land environments under changing light conditions.’
  • Can be integrated with soldier’s equipment.
  • Ideally, will not require a power supply. If it does require a power supply, it ‘should last a minimum of four hours and weigh no more than two pounds’ including batteries and connections.
  • Reflects infrared light the same way as other army uniforms
  • Works in a range of terrain, including desert, forest, urban areas, jungle, and mountains.
  • Works below freezing and at temperatures above 95 degrees Fahrenheit, in high wind, in stormy weather, and in smoke, dust, or fog

Guy Cramer may be one of the people who have their materials used to help the military. You can see a short video about his company – Hyper Stealth below. He says he demonstrated it to the Military last year and that the new project will allow him to move forward with it. Cramer won’t release details of how the technology works or photographs.

Thank you to The Daily Mail for providing us with this information

Images courtesy of The Daily Mail

State of Decay Contractors Hid ‘Ridiculous Amount of Genitalia’ in Games Background

Hiring outside help can be a necessary thing, but it’s also one that can backfire as State of Decay’s developer Undead Labs recently discovered. One of their contractors hid a ridiculous amount of genitalia in the games background, but luckily the low resolution prevented them from being visible.

In the recent work to optimize the graphics for 1080p resolution the studio discovered something that was as unexpected as it was crude. “Some of our contractors worked a ridiculous amount of genitalia into the background,” Undead Labs Senior Designer Geoffrey Card told XBLA Fans at PAX East this past weekend.

The Seattle-based company was a small indie studio with a big vision and it needed to turn to outside help in order to complete development of the original State of Decay. Unfortunately, some of those hired people secretly drew penises into the game’s backgrounds, but they were not visible in the original release due to its lower resolution and texture quality. When the enhanced resolution and texture quality brought the penises to Undead’s attention, the studio began working them out of the game and said that the genitalia isn’t visible in any publicly available version of the game.

Thanks to XBLAFans for providing us with this information