At a glance.
- Cellular handover vulnerable to man-in-the-middle compromise.
- Where's the stolen UK police data?
- Ubisoft discloses JustDance data breach.
- More Pegasus sightings.
New attack could force users to handover their cell data.
Researchers at New York University Abu Dhabi have identified vulnerabilities in the handover mechanism of mobile phones. The Hacker News explains that handover, or handoff, is essentially the process by which a call or a data session is transferred from one cell site to another cell tower in order to preserve mobile service when the user is going from one place to another. In order to accomplish this, the device and tower must send signal readings to each other, and while these readings are cryptographically protected, the content is not verified, which could allow a hacker to command the device to move to a cell site controlled by the attacker. This gives the adversary the ability to listen in on the user’s communications and even drop, change, or forward messages sent between the device and the network. With just basic equipment, the vulnerability could be exploited by attackers to launch denial-of-service or man-in-the-middle attacks.
Allegedly stolen UK law enforcement data disappears from dark web.
As we noted yesterday, sensitive data stored by Britain’s law enforcement agencies were exfiltrated by the Cl0p threat group after a successful supply chain attack on Dacoll, an IT firm with access to the police national computer (PNC). Despite reports that some of the stolen data, which included footage of motorists, was published on Cl0p’s leak site, a Home Office spokesperson told The Register: "We are aware of a data breach involving Dacoll. No records from the Police National Computer have been accessed." Now, TechMonitor reports, the data has mysteriously disappeared from the dark web. Some experts might suspect the removal of the data means the victim decided to meet the threat group’s ransom demands, but Brett Callow of Emsisoft is not jumping to that conclusion. "In the past I'd have said the removal was an indicator that Dacoll paid, but now I wouldn't read anything into it,” Callow stated. “The gangs seem to be becoming more circumspect when it comes to releasing data…I suspect they believe that not publishing data may lessen the likelihood of them being 'REviled' by law enforcement/military cyber operations.”
Hackers dance away with game user data.
Game developer Ubisoft has confirmed a data breach impacting a game called Just Dance, Stevivor reports. Ubisoft notified the users impacted, explaining that “the data in question is limited to ‘technical identifiers’, which include your GamerTag, Profile ID and Device ID, as well as Just Dance videos that you recorded and uploaded to be shared publicly with the in-game community and/or on your social media profiles.” Though passwords were not compromised, Ubisoft has advised users to change passwords and set up 2-step verification just in case.
Pegasus spyware claims additional victims.
Details regarding misuse of NSO’s controversial Pegasus spyware continue to surface. The Washington Post reports that, despite NSO’s claims to the contrary, there is evidence that a UAE government agency placed the spyware on the phone of Hanan Elatr, wife of Saudi Arabian journalist Jamal Khashoggi, in the months before his murder. Bill Marczak of Citizen Lab, who made the discovery, said that although it was unclear whether her phone had been successfully infected, he could see the phone attempting to install the spyware. Also from the Washington Post, evidence shows that two Polish opposition figures were hacked by Pegasus, the first is an elite lawyer known for representing individuals in the Polish opposition, and the other a prosecutor fighting the right-wing Polish government’s attempts to purge the judiciary. Though researchers at Citizen Lab could not identify who was behind the hacks, insiders believe the Polish government could be to blame. Meanwhile, the Jerusalem Post reports that on Friday Pegasus was detected on the phone of Rona Wilson, an indigenous rights activist and known critic of Indian Prime Minister Narendra Modi. Wilson is currently being detained for terror-related charges.