Data is assessed by our team members

Investigations can reveal some very sensitive & personal data. This intel is assessed by us & closely guarded used only for the purpose of fullfilling the needs of our clients to achieve the results we are commissioned to undertake More »

Team leader heads a group of professional investigators on the ready

We are proud to have access to the finest team members & discreet qualified persons who pride themselves in obtaining results for our clients where others fail. More »

The latest technology & equipment allow us to keep our finger on the intel pulse

Scientific apparatus & technical staff allow us to get sensitive & usefull information by utilizing the latest technology in getting information for our clients.The storage, use & availability of this data is done with great care More »

Communications between team members & networks is critical

In these days of world wide communications being at a peak of efficiency, the task of passing on & receiving information in the blink of an eye becomes possible between our team members & the network we have access to More »

Team leader & CEO of the intel agencies group is Donna-Lee Sapiecha Eyers

Donna-Lee is here at her graduation law degree ceremony proudly supported by her mother Karen, her sister Sharah-Lee & father Henry More »

 

Census: The ABS has been quietly holding on to our names for years

The Bureau of Statistics has been quietly hanging on to the names it collects with the census to conduct studies, despite a public commitment to destroy them.

Census changes

Find out why no one will be knocking at your door with census forms this year.

Australian statistician David Kalisch told Fairfax Media the Bureau had been keeping the names it collected for up to 18 months.

“They’ve done it under the guise of: ‘this is while we are processing the data’,” he said.

Australian statistician David Kalisch image www.intelagencies.com

David Kalisch says: ‘We are now being more transparent about it’. Photo: Rohan Thomson

“They’ve done linkages, they’ve done other things. What’s happening now is we are being more transparent about it.”

The studies have been conducted despite a commitment on the ABS website that “name and address information will be destroyed once statistical processing has been completed“.

They used the names and addresses on census forms to link the census answers to department of immigration records, to school enrolment records and to the Australian Early Development Index.

The names were destroyed only after the records were linked.

Separately, and without asking for consent, the Bureau has been tracking five per cent of the population (more than one million people) through what it calls the Australian Census Longitudinal Dataset.

It has been using the names on the forms to create “linkage keys”, which enable it to follow respondents over time. Each census, the same name produces the same linkage key, enabling movements to be tracked. Once each key has been created, the name itself has been destroyed. It is impossible to reverse-engineer a key to derive the name.

“In 2016, I have decided to keep names and addresses for longer,” Mr Kalisch writes in today’s Sydney Morning Herald and Age. “This will enable the ABS to produce statistics on important economic and social areas such as educational outcomes, and measuring outcomes for migrants.”

Labelled by former Australian Statistician Bill McLennan “the most significant invasion of privacy ever perpetrated on Australians by the ABS,” the decision will formalise what was happening informally before Mr Kalisch joined the ABS in 2014. It will extend the period for research using names from 18 months to four years. All names collected will be deleted by August 2020 or when studies have been completed, whichever is the soonest.

What’s happening now is we are being more transparent about it.

Australian Statistician David Kalisch

The decision is a retreat on a announcement in December that names and addresses on census forms would be retained indefinitely.

“There are extremely robust safeguards in place to protect the privacy and confidentiality of the information collected in the census, including names and addresses,” Mr Kalisch writes in today’s Fairfax Media publications. “The ABS never has and never will release identifiable census data.”

Kat Lane, vice-chair of the Australian Privacy Foundation, said the real issue wasn’t the ABS security system. It was that there was no justification for tracking or personally identifying Australians.

1dft

Henry Sapiecha

Hidden ‘backdoor’ in Dell security software gives hackers full access

The critical flaw gives an attacker ‘full control’ of all connected devices

backdoor-black-white i9mage www.intelagencies.com

Security researchers are warning Dell security management software admins to patch their systems after finding six high-risk vulnerabilities.

One of the highest-rated “critical” flaws involves a hidden default account with an easily-guessable password in Dell’s Sonicwall Global Management System (GMS), a widely-used software used to centrally monitor and manage an enterprise’s array of networked security devices.

The vulnerability could allow an attacker “full control” of the software and all connected appliances, such as virtual private networking (VPN) appliances and firewalls.

The flaws were detailed in an advisory posted by researchers at Digital Defense, a Texas-based firm that has a commercial stake in the vulnerability scanning business.

However, there’s no evidence to suggest the flaws have been actively exploited by attackers, the researchers said.

Dell acknowledged the flaws affect the most recent versions of the GMS software — versions 8.0 and 8.1 — and issued patches. In a security advisory, the company said it “highly recommends” that admins install the hotfix, available from its support pages.

A Dell spokesperson was unavailable for comment.

XCC

Henry Sapiecha

 

171 million VK.com [Europe’s largest social network site] accounts stolen by hackers

It’s the latest of a string in historical hacks targeting large social networking sites.

vk-hero-screen-shot image www.intelagencies.com

A hacker has obtained 171 million user accounts associated with social networking giant, VK.com.

The stolen database contains full names, email addresses and plain-text passwords, and in many cases locations and phone numbers.

The St. Petersburg, Russia-headquartered social network — formerly known as VKontakte — is said to be the largest in Europe, with over 350 million users at the last count. The hack is thought to have been carried out in late-2012 or early 2013, but the hacker who is selling the data could not be more precise.

Given the timing, the entire store of VK’s data — which at the time had just under 190 million users — is likely to have been taken in the hack.

The hacker is now selling a smaller portion of the database — 100 million accounts, which is a little over 17 gigabytes in size — on a dark web marketplace for 1 bitcoin, or about $580 at the time of writing.

That same for-sale database was provided ZDNet for verification.

vk-com-screen-shot-2 image www.intelagencies.com

We examined the database that was provided by searching a selection of names in VK’s public search engine — many of which turned up valid results. We reached out to many of these via email (which were listed in the breach) for confirmation, but didn’t immediately hear back — we will update the story if that changes. A handful of queries returned nothing, indicating a user was no longer a member or had deactivated their account.

LeakedSource.com, a search engine that records breaches and allows users to search their details, also obtained a portion of the database — albeit a smaller data set of about 100 million records.

Given the social network’s predominance in Russia, the most common password was “123456,” in line with other breaches. LeakedSource.com also found that the most common email address came from mail.ru, which may not be a coincidence, since VK.com was bought by the Mail.ru group in 2014. That led to the ousting of the company’s founder, Pavel Durov, who later fled Russia amid a shake-up of the country’s media laws. Durov later founded encrypted chat app Telegram.

For its part, VK.com said in an email on Monday that it “hasn’t been hacked.”

“We are talking about old logins / passwords that had been collected by fraudsters in 2011-2012. All users’ data mentioned in this database was changed compulsorily,” said a spokesperson. “Please remember that installing unreliable software on your devices may cause your data loss. For security reasons, we recommend enabling 2-step verification in profile settings and using a strong password.”

An email to Durov on Sunday went unreturned.

Correction: an earlier version of this story had a headline which suggested that 171 million user accounts are up for sale, when in fact a smaller 100 million database was put up for sale. We regret the error.

BBB

Henry Sapiecha

 

Hacker places over 50 million file sharing accounts for sale on dark web

The recently-defunct IT company was once the third-largest music and video file sharing service in the US.

SAMSUNG CSC

SAMSUNG CSC

User accounts for iMesh, a now defunct file sharing service, are for sale on the dark web.

The New York-based music and video sharing company was a peer-to-peer service, which rose to fame in the file sharing era of the early-2000s, riding the waves of the aftermath of the “dotcom” boom. After the Recording Industry Association of America (RIAA) sued the company in 2003 for encouraging copyright infringement, the company was given status as the first “approved” peer-to-peer service.

At its peak in 2009, the service became the third-largest service in the US. But last month, iMesh unexpectedly shut down after more than a decade in business.

LeakedSource, a breach notification site that allows users to see if their details have been leaked, has obtained the database.

The group’s analysis of the database shows it contains a little over 51 million accounts.

The database, of which a portion was shared with ZDNet for verification, contains user information that dates back to late-2005 when the site launched, including email addresses, passwords (which were hashed and salted with MD5, an algorithm that nowadays is easy to crack), usernames, a user’s location and IP address, registration date, and other information — such as if the account is disabled, or if the account has inbox messages.

LeakedSource said in a blog post that iMesh was likely breached in September 2013, based on the most recent records in the database.

imesh-screen-shot image www.intelagencies.com

In a message on Saturday, one of the group members said that “someone obviously hacked” the site, but did not speculate on who was responsible. “Who knows who really did it,” the person said.

For its part, the company’s chief operating officer Roi Zemmer said in an email that the company “is not aware of any hacks” and “is currently using state of the art technology to protect users’ info.”

After repeated requests, Zemmer did not confirm whether or not a sample of the database we sent him, which was provided by LeakedSource, was valid. Zemmer did not outright deny that the company had been hacked.

Attempts to follow up with Zemmer over the weekend went unanswered.

Given that the service is no longer operational, it’s difficult to verify the data. We reached out by email to a number of those who most recently to joined the service (which were listed in the breach) for confirmation, but we didn’t immediately hear back over the weekend. (We will update the story if that changes.)

What made the verification process more challenging is what appeared to be a considerable drop in user numbers in the site’s later years, based on LeakedSource’s analysis of the data. The service reached a peak of 9.4 million new users in 2009, but its growth had slowed to just 2.5 million new users by 2013 when the hack is said to have been carried out.

As many as 13 million accounts are from the US, with millions more from the UK and Europe.

The data is now up for sale on the dark web.

The hacker and seller who goes by the name “Peace,” who made a name for himself selling stolen data from Fling, LinkedIn, Badoo, and VK.com, also obtained a copy of the database — now thought to be in wide circulation among the hacker community.

In an encrypted chat, Peace confirmed that he is now selling the database on a dark web marketplace for 1 bitcoin, or about $590 at the time of writing.

SSW

Henry Sapiecha

 

Hacker claims to be selling millions of Twitter account details

The hacker has links to the MySpace, LinkedIn, & Tumblr “mega breaches.”

twitter-offices-signage image www.intelagencies.com

A hacker, who has links to the recent MySpace, LinkedIn, and Tumblr data breaches, is claiming another major tech scalp — this time, it’s said to be millions of Twitter accounts.

A Russian seller, who goes by the name Tessa88, claimed in an encrypted chat on Tuesday to have obtained the database, which includes email addresses (and sometimes two per person), usernames, and plain-text passwords.

Tessa88 is selling the cache for 10 bitcoins, or about $5,820 at the time of writing.

The seller said they obtained 379 million accounts as early as 2015. That would be far more than its 310 million monthly active users, but could account for cumulative accounts, such as inactive users.

An analysis of the database by LeakedSource, a breach notification site which received the database from the seller on Wednesday, showed there are in fact over 32 million purported accounts in the database, after duplicates were removed.

LeakedSource said in a blog post that it was unlikely that Twitter was breached, and pointed to malware as the culprit.

“The explanation for this is that tens of millions of people have become infected by malware, and the malware sent every saved username and password from browsers like Chrome and Firefox back to the hackers from all websites including Twitter,” the blog post said.

The group said it was able to verify the passwords associated with 15 users. LeakedSource shared a portion of the database with me. Two colleagues whose email addresses were in the database were able to verify their password. A third colleague said they had not used the email address found in the database to join Twitter.

LeakedSource said that the passwords were likely “stolen directly from consumers, therefore they are in plaintext with no encryption or hashing.” The groups said it did not believe that Twitter stored data in plain-text at the time the data was taken, thought to be around 2014.

“These credentials however are real and valid,” said the group. “The lesson here? It’s not just companies that can be hacked, users need to be careful too.”

As we’ve seen in recent data breaches, the most common password was “123456,” with the third and fourth password being “qwerty” and “password” respectively.

A Twitter spokesperson said in prepared statement: “We are confident that these usernames and credentials were not obtained by a Twitter data breach — our systems have not been breached. In fact, we’ve been working to help keep accounts protected by checking our data against what’s been shared from recent other password leaks.”

In a recent tweet, the company also said that it periodically checks its data against recent password leaks to ensure that accounts stay secure.

Given the high-profile Twitter account takeovers in recent days — which included Facebook co-founder Mark Zuckerberg — it would be an easy assumption to make that Twitter had been hacked.

But Zuckerberg’s account was not in the database obtained by LeakedSource, the blog post said.

The hackers who took over Zuckerberg’s account said at the time they acquired his “dadada” password from the LinkedIn breach.

When asked, a LinkedIn spokesperson declined to comment, pointed to a recently-updated company blog post, but ruled out any new breach, and advised users to change any re-used passwords on other sites.

f6

Henry Sapiecha

MySpace hackers place another 427 million passwords up for sale

Password theft should make victims change credentials they have re-used for other sites.

security-lock-abstract-thumb image www.intelagencies.com

In another haunting hack from the past, Time Inc. has confirmed the theft of 427 million passwords from MySpace, the aging social networking site the media company acquired just three months ago.

The records were offered for sale on the dark web by the same hacker who posted for sale a trove of 117 million stolen LinkedIn passwords nearly two weeks ago. The posted price for MySpace credentials is 6 bit coins or about $3,200 at today’s rate.

The MySpace incident is tied to a June 11, 2013 hack, according to LeakedSource, while the LinkedIn episode dated back to 2012. LeakedSource is the same web site that confirmed the LinkedIn theft.

The important similarity of these dated incidents lies in the fact that hackers could use these recently posted stolen passwords to break into current accounts of victims who re-use passwords across many sites, including banking and health services.

The recent 2016 Verizon Data Breach Investigation Report showed that 63% of confirmed data breaches involved weak, default or stolen passwords.

Social media users made light of the aging passwords, including Paul Hosford, a reporter with the Irish media site thejournal, “If MySpace hackers have managed to get hold of my password, can they tell me what it is?”

But even past its prime, MySpace reports today 50 million visitors per month. On its blog, MySpace said the stolen passwords have been inactivated on its site, and it encouraged users to set new passwords on accounts where they used the same or similar password from their MySpace account.

LeakedSource reported that the MySpace passwords were stored in SHA1 with no salting, a process that makes decrypting passwords exponentially harder. MySpace confirmed the stolen data included user login data “from a portion of accounts that were created prior to June 11, 2013.”

Time Inc., which own titles such as Fortune and Sports Illustrated, acquired MySpace when it bought parent company Viant Technology in February. Terms of the deal were not disclosed, but at the time Time Inc. chairman and CEO Joe Ripp, said, “This acquisition is game changing for us.” Today, the change seems to be dealing with a major hack of private account data.

Since its heyday early in this century as the world’s largest social media site, MySpace was acquired in 2005 by News Corp. for $580 million and again in 2011 for $35 million by Justin Timberlake and Specific Media Group.

www.socialselect.net

7745

www.scamsfakes.com

Henry Sapiecha

Nearly all companies still can’t spot incoming cyber attacks

Almost all organisations are vulnerable to hackers due to lack of cyber security staff or tools, report states.

cybersecurity-with-lock symbol image www.intelagencies.com

Businesses know of cyberthreats – but lack the resources to adequately monitor them

Four out of five businesses lack the required infrastructure or security professionals with relevant skills to spot and defend against incoming cyberattacks.

According to a new report by US cybersecurity and privacy think tank Ponemon Institute on behalf of cybersecurity firm BrandProtect, 79 percent of cybersecurity professionals say that their organisations are struggling to monitor the internet for the external threats posed by hackers and cybercriminals.

Just 17 percent of respondents say that they have any sort of formal process in place for intelligence gathering which is applied across the whole company.

The report found that 38 percent of organisations don’t have any policy on threat intelligence gathering at all, while 23 percent have an approach that is ‘ad hoc’ at best. A further 18 percent say they do have a formal process in place, but it isn’t applied across the entire enterprise.

The Ponemon Institute claimed that businesses are on average experiencing more than one external cyberattack a month, with these repeated security breaches resulting in an annual average cost of around $3.5m.

But while many companies are failing to properly monitor external threats, the majority do recognise that they should be carrying out activities such as monitoring mobile apps, looking out for social engineering and phishing attempts, and keeping an eye on cyber threats – around 60 percent of respondents listed these activities as essential or very important to their business.

So why aren’t more organisations actively pursuing these leads in the interests of protecting themselves against hacks and data breaches? The study reported that there’s an insufficient awareness of risk across whole organisation.

Half of respondents suggested that this was one of the main barriers to achieving effective cybersecurity, while almost as many described a lack of knowledgeable staff and a lack of tools as barriers to this goal – echoing previous reports of a severe lack of cybersecurity professionals and understanding of the risks caused by poor defences.

f4y

Henry Sapiecha

Ubuntu Forums hack exposes 2 million site users

An anonymous hacker grabbed usernames, email addresses, then salted and hashed passwords.

ubuntu-forum-form image www.intelagencies.com

The company that builds Ubuntu, a popular Linux distribution, has said its forums were hacked Thursday.

Canonical, which develops the operating system, said in a statement on Friday that two million usernames, email addresses, and IP addresses associated with the Ubuntu Forums were taken by an unnamed attacker

The attacker was able to exploit an SQL injection vulnerability in an add-on used by older vBulletin forum software.

That gave the attacker access to the forum’s databases, but the company said that only limited user data was accessed and downloaded.

The statement stressed that no code or repository data was accessed, and the attacker couldn’t write data to the database or gain shell access. The attacker also didn’t gain access to any other Canonical or Ubuntu service.

Since the breach, the servers were wiped, rebuilt, and hardened, passwords were changed, and the forum software was fully patched.

The statement added that although the forums relied on Ubuntu’s single sign-on service, the passwords were hashed and salted, turning them into randomized strings of data. But the statement did not say which hashing algorithm was used — some algorithms, like MD5, are still in use but are deprecated, as they can be easily cracked.

A spokesperson for the company did not immediately respond to a question about the hashing algorithm.

fg56

Henry Sapiecha

Top secret 9/11 report released into Saudis involvement in September 11 terrorist attacks

UNDER wraps for 13 years, the US has released once-top secret pages from a congressional report into 9/11 that questioned whether Saudis who were in contact with the hijackers after they arrived in the US knew what they were planning.

The newly declassified document, with light redactions, names people the hijackers associated with before they carried out the attacks, killing nearly 3000 people in New York, Washington and on a plane that crashed in Pennsylvania. It identifies individuals who helped the hijackers get apartments, open bank accounts, attend local mosques and get flight lessons. Fifteen of the 19 hijackers were Saudi nationals and several were not fluent in English and had little experience living in the West.

Later investigations found no evidence that the Saudi government or senior Saudi officials knowingly supported those who orchestrated the attacks. But politicians and relatives of victims, who don’t think all Saudi links to the attackers were thoroughly investigated, campaigned for more than 13 years to get the final chapter of the 2002 congressional inquiry released.

top secret pages from a congressional report into 911 image www.intelagencies.com

A section of one of the 28 pages from the once-top secret pages from a congressional report into 9/11 that questioned whether Saudis who were in contact with the hijackers after they arrived in the U.S. Picture: AP

Saudi Arabia has called for the release of the chapter since 2002 so the kingdom could respond to any allegations and punish any Saudis who may have been involved in the attacks.

“Since 2002, the 9/11 Commission and several government agencies, including the CIA and the FBI, have investigated the contents of the ‘28 pages’ and have confirmed that neither the Saudi government, nor senior Saudi officials, nor any person acting on behalf of the Saudi government provided any support or encouragement for these attacks,” Abdullah Al-Saud, Saudi Arabia’s ambassador to the United States, said in a statement. “We hope the release of these pages will clear up, once and for all, any lingering questions or suspicions about Saudi Arabia’s actions, intentions, or long-term friendship with the United States.”

“Saudi Arabia is working closely with the United States and other allies to eradicate terrorism and destroy terrorist organisations,” he said.

Flight 175 closes in on World Trade Center Tower 2 in New York, just before impact image www.intelagencies.com

FAmerican Airlines Flight 175 closes in on World Trade Center Tower 2 in New York, just before impact. Picture: AP

House intelligence committee Chairman Devin Nunes said that while he supported the release, “it’s important to note that this section does not put forward vetted conclusions, but rather unverified leads that were later fully investigated by the intelligence community.”

However, others — including Former Florida Senator Bob Graham, the co-chairman of the congressional inquiry — believe the hijackers had an extensive Saudi support system while they were in the United States.

Mr Graham has said that the pages “point a very strong finger at Saudi Arabia as being the principle financier.”

Former US President George W. Bush classified the chapter to protect intelligence sources and methods, although he also probably did not want to upset US relations with Saudi Arabia, a close US ally.

Two years ago, under pressure from the families of those killed or injured on September 11, and others, US President Barack Obama ordered a declassification review of the chapter.

Director of National Intelligence James Clapper conducted that declassification review and transmitted the document to Congress, which released the pages online a day after Congress recessed ahead of the national political conventions.

Several investigations into 9/11 followed the congressional inquiry, which released its report — minus the secret chapter — in December 2002. The most well-known investigation was done by the 9/11 Commission, led by Republican. Tom Kean and Democrat Lee Hamilton.

Smoke billows from World Trade Center Tower 1 and flames explode from Tower 2 as it is struck by American Airlines Flight 175, in New York image www.intelagencies.com

Smoke billows from World Trade Center Tower 1 and flames explode from Tower 2 as it is struck by American Airlines Flight 175, in New York. Picture: AP

Mr Kean and Mr Hamilton said the 28 pages were based almost entirely on raw, unvetted material that came to the FBI. They said the material was then written up in FBI files as possible leads for further investigation.

They said the commission and its staff spent 18 months investigating “all the leads contained in the 28 pages, and many more.”

The commission’s 567-page report, released in July 2004, stated that it found “no evidence that the Saudi government as an institution or senior Saudi officials individually funded” al-Qaeda. “This conclusion does not exclude the likelihood that charities with significant Saudi government sponsorship diverted funds to al-Qaeda.”

Some critics of the commission’s work say the commission failed to run down every Saudi lead and say various agencies obstructed its work. Mr Kean and Mr Hamilton also complained that various government agencies withheld relevant information.

Saudi minister says 9/11 report exonerates kingdom

RTJYT

Henry Sapiecha

How to crack Android encryption on millions of smartphones

Qualcomm is working on a fix, but it might not be possible

hacker-in-golden-tech images www.intelagencies.com

Android’s full disk encryption can be broken with brute force and some patience — and there might not be a full fix available for today’s handsets.

This week, Security researcher Gal Beniamini revealed in a detailed step-by-step guide how it is possible to strip away the encryption protections on smartphones powered by Qualcomm Snapdragon processors, which means millions of mobile devices could be vulnerable to attack.

Android’s Full Disk Encryption (FDE), first implemented in Android 5.0, randomly generates a 128-bit master key and 128-bit salt to protect user data. The master key, also known as the Device Encryption Key (DEK), is protected by encryption based on the user’s credentials, whether this is a PIN, password, or touchscreen pattern.

The now-encrypted DEK is then stored on the device.

In order to prevent successful brute-force attacks against this process, Android introduced delays between decryption attempts and data wipes after a number of failed attempts (in the same way as Apple). To prevent off-device, brute-force attacks, the key is bound to the device’s hardware — and this is where a security flaw in Qualcomm systems has caused a problem.

The binding is performed through Android’s Hardware-Backed Keystore, called KeyMaster. The module runs in a Trusted Execution Environment (TEE), which is considered the “secure world”, while the Android OS is considered the “non-secure world”.

The reasoning behind that is KeyMaster can be used to generate encryption keys and perform cryptographic functions without revealing this information in the main operating system

android-keymaster-sketch image www.intelagencies.com

Once keys are generated, they are encrypted and returned to the main OS, and when operations require these keys, an encrypted block of data — the “key blob” — must be provided to KeyMaster. The key blob contains a 2,048-bit RSA key that runs inside a secure portion of the device’s processor and is required for cryptographic processes.

“Since this is all done without ever revealing the cryptographic keys used to protect the key blobs to the non-secure world, this means that all cryptographic operations performed using key blobs must be handled by the KeyMaster module, directly on the device itself,” the researcher says.

However, KeyMaster’s implementation is down to the hardware vendor. Qualcomm’s version runs in the Snapdragon TrustZone, which is meant to protect sensitive functions, such as biometric scanning and encryption, but Beniamini found it is possible to exploit an Android security hole to extract the keys from TrustZone.

Qualcomm provides a Trusted Execution Environment, called QSEE (Qualcomm Secure ExecutionEnvironment), which allows small apps, known as “Trustlets”, to run inside of this secure environment and away from the main Android OS. And one of these QSEE apps running is KeyMaster.

But you can exploit an Android vulnerability to load your own QSEE app inside TrustZone, which can lead to privilege escalation and hijacking of the full space, as well as the theft of the unencrypted blob containing the keys generated for full-disk encryption.

The only thing Android has to fear is Android itself

Once this step is complete, a brute-force attack is all you need to grab the user password, PIN, or lock, and you have both parts of the puzzle needed to strip away Android’s FDE.

A deeper look into the decryption process can be found here. The full source of the exploit is located on Github.

As noted by The Register, the researcher has been in touch with the developer of hashcat, used to crack hashes, to implement the function being brute-forced, which would speed up the cracking process.

“As we’ve seen, the current encryption scheme is far from bullet-proof, and can be hacked by an adversary or even broken by the OEMs themselves (if they are coerced to comply with law enforcement),” the researcher noted. “[… ] However, I believe a concentrated effort on both sides can help the next generation of Android devices be truly “uncrackable”.

Beniamini has also contacted Qualcomm concerning this issue but says that “fixing the issue is not simple” and might even require hardware changes. So, until handsets are upgraded or switched to newer models, the problem will remain.

www.freephonelink.net

www.scamsfakes.com

www.crimefiles.net

www.ispysite.com

BBB

Henry Sapiecha