Xakep No. 295.October 2023
Xakep #295.Fishing techniques
Most malware infections occur because the user himself launched a malicious file. This is precisely the main task of attackers using social engineering. In this issue we will look at what technical tricks and tricks they use when phishing.
Content:
🟢 Let’s learn the intricacies of installing hardware breakpoints in Windows
🟢 We write our own reverse shell for ARM devices in assembler
🟢 Extracting information from Windows for forensic analysis
🟢Making our own traffic mirroring system
🟢 Assembling Pwnagotchi – a hacker “Tamagotchi” that is powered by Wi-Fi networks
🟢 We pass 4 cars with Hack The Box
Breaking descriptors! How to abuse handles in Windows
https://xakep.ru/2023/12/21/windows-handle-hacks/
Kazakh authorities extradite Nikita Kislitsin to Russia
https://xakep.ru/2023/12/21/nikitoz-extradition/
Terrapin attack weakens SSH connection security
https://xakep.ru/2023/12/21/terrapin/
Lapsus$ teenager deemed dangerous and placed in secure hospital indefinitely
https://xakep.ru/2023/12/22/arion-kurtaj-lapsuss/
One of the key members of the hacker group Lapsus$ , 18-year-old Arion Kurtaj, was sentenced by a British court to an indefinite stay in a guarded hospital. The court found that Kurtaj’s autistic skills and open desire to continue committing cybercrimes made him a danger to society.
According to the BBC , Kurtage was one of the main members of Lapsus$, and it was he who leaked excerpts from the upcoming Grand Theft Auto VI online by hacking Rockstar Games. According to the judge, Kurtaj still poses a threat to society, since he directly stated that he intended to continue to engage in hacking. As a result, he will be kept in a secure hospital until doctors decide he is no longer a danger.
It is noted that in addition to participating in cyber attacks, while already in custody, Kurtazh behaved extremely aggressively, which led to “dozens of reports of injuries and property damage.” Because of his autism, medical professionals deemed Courtage unfit to stand trial and left it to a jury to decide whether his actions contained criminal intent.
The prosecution told the jury that while on bail after hacking Nvidia and BT/EE, while under police guard at the Travelodge, Kurtage continued hacking and carried out his most famous hack. Despite having his laptop confiscated, the teenager managed to hack Rockstar Games using an Amazon Fire Stick, a hotel room TV and a mobile phone. After this, Kurtazh was arrested again and was detained pending trial.
The BBC reports that a psychiatric assessment carried out during the hearing found that the former Lapsus$ member had a serious interest in “returning to cybercrime as soon as possible.”
Although the defense argued that the success of the recent Grand Theft Auto VI trailer showed that the Courtage attack did not cause serious harm to Rockstar Games, the company told the court that the recovery from the hack cost it $5 million, not counting thousands of hours of labor time. , spent by personnel.
During the same trial, which lasted six weeks, another 17-year-old member of Lapsus$ (whose name has not been revealed for legal reasons) was found guilty. The unnamed teenager collaborated with Kurtaj and other members of the group and took part in hacking Nvidia and telecommunications companies, including BT/EE, and then tried to demand a ransom of $4 million from them.
The group member was sentenced to 18 months of forced participation in a youth rehabilitation program and “banned from using a VPN on the internet.”
You must be logged in to post a comment.