Bugs Linux.Wifatch: Vigilante Hacker Infects Routers with Malware to Fight Bad Malware Published 3 years ago on October 2, 2015 By Samburaj Das A newly discovered malware, called Linux.Wifatch by security firm Symantec, has been found to compromise at least 10,000 Linux-routers. Unlike other malware, however, Wifatch protects the router from other infections, protecting victims instead. Security giant Symantec has discovered a new vigilante malware that behaves like most other malware by infecting a vulnerable device, remaining undetected while operating and actively updating itself over a peer-to-peer (P2P) network. The malware dubbed Linux.Wifatch comes with a strikingly different set of capabilities. Instead of harming the compromised router and the computers on its network, Wifatch secures it by safeguarding it from other malware. Quite simply, Wifatch is protecting over 10,000 routers running Linux by infecting them. The complete report detailing the discovery of Wifatch by Symantec can be found here. White-hat Malware Linux.Wifatch was first discovered last year by an independent researcher. The malware now infects more than 10,000 routers predominantly in China and Brazil. Over time, Wifatch has been found to stay updated in its virus definitions through its P2P network, block other channels typically used by malware to infect routers and even delete the traces of malware that do get through. Wifatch even has a module that is constantly updated and exists to remove “well-known families of malware targeting embedded devices.” Mario Ballano, a Symantec researcher who wrote about the findings, points to the likelihood of a mysterious vigilante hacker being the brains behind Wifatch due to comments left in the code. Specifically, the comments include an email signature used by Richard Stallman, an advocate of free software that says: To any NSA and FBI agents reading my email: please consider whether defending the US Constitution against all enemies, foreign or domestic, requires you to follow Snowden’s example. While internet vigilantes are usually loud and boisterous in their aggressive way of operating through means such as DDoS attacks or breaches involving corporate databases, Wifatch appears far more subtle in the way it works. Ballano added: For all intents and purposes it appeared like the author was trying to secure infected devices instead of using them for malicious activities. Additionally, Wifatch even reminds users to update the router’s firmware when there is an action triggered to access the Telnet feature, the port that controls functions on the device and routinely used other malware to infect the router. Symantec notes that resetting the router to its default setting will remove the Wifatch malware during reboot. However, the same device may be infected by Wifatch again over time. The security firm is advising users to update the router’s software and keep its firmware up to date. “There is no doubt that Linux.Wifatch is an interesting piece of code. Whether the author’s intentions were to use their creation for the good of other IoT users—vigilante style—or whether their intentions were more malicious remains to be seen,” notes Ballano. What we do know is that it pays to be suspicious and, with this in mind, Symantec will be keeping a close eye on Linux.Wifatch and the activities of its mysterious creator. Images from Shutterstock, Flickr & Pixabay Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink. Rate this post: Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way. (0 votes, average: 0.00 out of 5)You need to be a registered member to rate this. Loading... Samburaj Das 4 stars on average, based on 1 rated postsSamburaj is the contributing editor at Hacked and keeps tabs on science, technology and cyber security. Follow @HackedCom Feedback or Requests? Related Topics:brazilLinuxLinux.Wifatchmalwarerouter Up Next The CIA Pulled Spies from Beijing after OPM Breach Don't Miss Apps approved by NHS Leaking Personal Data You may like Crypto-Security Testnet Surpasses Key Milestones Monero Price Analysis: XMR/USD Well Supported in Attempt to Clear Stubborn 15-week Range Pre-Market: Emerging Markets Under Pressure Again Pre-Market: Stocks Under Pressure as Dollar Jumps, Emerging Market Currencies Slump Stock Markets Mixed as Turkey Hikes Interest Rate Again Microsoft Joins Linux Foundation, Bets on Open Cloud Computing 11 Comments 11 Comments DigitalGalaxy October 2, 2015 at 9:14 pm Very cool! Inspiring! 🙂 Log in to Reply Slashthedragon October 2, 2015 at 11:55 pm vaccineware? Log in to Reply Jim Brown October 3, 2015 at 1:39 am Call me old school, but every “stand-alone” “router” that I ever played with required a very precarious procedure for updating the firmware that usually involves “bricking” your device if you don’t follow the instructions to the letter. This article must be referring to some of the small computers supplied by your local cable company, that also just happen to contain a wireless router and a cable modem, and a cable TV decoder, and maybe even a hard drive, all in one box. I call that a cable TV box. But, since I don’t want to subject myself to continuous propaganda, I don’t have one of these anymore. I would tend to lean towards the idea that this software is not related to anything benevolent, and also that this has nothing to do with the “mysterious vigilante hacker” mentioned. I think this is to draw attention away from government censorship, and this software is being “test-driven” to prove it’s effectiveness. There is absolutely NO WAY that a cable company would allow something like this to be out of their control. They pay huge money for these custom computers. The computer manufacturers have some extremely competent people setting up these computers. These computers can only be accessed by codes that ARE CHANGED DAILY. I know because I used to have to call by phone to get the latest access codes just for minor router tweaks on my cable box, and that was 4 years ago!! Therefore, I have to call BS on this article. . …..Jim . . . Log in to Reply ramv36 October 3, 2015 at 8:47 pm “and that was 4 years ago” Which is why most would call BS on your BS. In this arena of technology, 4 years might as well be 4 decades. Log in to Reply Jim Brown October 3, 2015 at 11:41 pm And your point is ???? I mean, aside from being PAID to be a troll/hater. Let’s see you create ANY KIND of a legitimate observation. YOU CAN’T, If you could, you would have. Basically, if you open your mouth again, I’m quite sure that you will prove beyond any shadow of a doubt, that you are just a useless waste of oxygen. Here’s your challenge, without using any generalities or name calling, or “everybody knows that” type statements explain exactly how it might be possible to hack into a modern cable box designed by highly paid software and hardware engineers whos’ job it is to make it completely bulletproof. We’ll wait patiently. (Theme from the Jeopardy game show plays in the background) https://m.youtube.com/watch?v=0Wi8Fv0AJA4 . ………Jim . . . Log in to Reply Himi Gilbert October 4, 2015 at 1:31 am > Call me old school, but every “stand-alone” “router” that I everplayed with required a very precarious procedure for updating the firmware that usually involves “bricking” your device if you don’t follow the instructions to the letter. This is easier than it sounds. It can check the model, use a hook to attach itself to the image and then re flash it. Advanced kits maintain redundancy by infecting as much firmwares and machines as possible. Stuff like USB controllers are ridiculously easy to reprogram and they also can infect other USB controllers that are plugged in (mobiles, headsets, etc). Controllers from devices, such as certain hard drives are vulnerable too. Such kits have been encountered already. Good luck finding an antivirus solution for that. Some kind of white hat variant would at least be plausible here. Log in to Reply Phyl O Butoyi October 4, 2015 at 6:53 am Come one man, if the pentagon can be hacked what are you trying to say about a cable box? Log in to Reply Jim Brown October 4, 2015 at 9:24 pm Thank You All for some at least pertinent viewpoints. First let me say that I am not a programmer or hacker, but I am a genius and have a really broad education. I believe that there is much more going on here than most people would realize. First, to address a couple of comments…… —>Linux routers are usually high-end….. I would be inclined to believe this, although I really don’t know. However, in theory, the more chopped-down the OS is the more difficult it becomes to use it in an unusual manner. And yes, I would agree that your typical cable box is “cheap”, but this is like comparing a Formula 1 race car to “the family sedan”, yeah, moms grocery getter is nothing more than a glorified “major household appliance”, but at the same time certain aspects of it can be quite sophisticated, for instance, many late model cars can now be shut down or unlocked by satellite. The feature is built right into the fuel injection computer. By the same token, cable boxes have been the target of thousands of hackers for at least 30 years and many very sophisticated schemes have been developed to prevent unauthorized access. It’s not like they just came out with them last year. Now here’s the other half of the story, the part that I believe is most important. It’s the psychological mind-f*ck part of the equation. It is my contention that most, if not all, hacking that you read about in the “news” never actually happened. It’s a FUD story to keep you in fear and therefore make you much more susceptible to believing a lie. Or, it’s a trumped-up charge to bring against someone they don’t like. How many times have you heard that….. Russia, China, or the terrorist group of the day, has been hacking into government files (or whatever). This means WAR, or sanctions against some other country, or, we need you to give up more of your rights and tax dollars so we can maintain “national security” and protect you from these “evil forces” !!!! I’ve been studying this type of thing since before the internet. The word “government” literally means “mind control”. Think I’m kidding??? then why are there over 20 places on the internet that are trying to convince people that that’s just not true and you must be crazy or stupid if you believe that??? There are literally thousands of people starting to wake up to the fact that they are actually brainwashed slaves and the government wants control over your every thought. So, the internet is a big problem for the government. If they can censor it, and then place the blame on “hackers”, no one will suspect that they ran the whole operation. Of course the rabbit hole goes much, much deeper than this. If any one here is interested in pursuing this further I’d be happy to provide you with a list of links to get your real education started. . …….Jim . . . Log in to Reply Laurie Baker January 25, 2016 at 4:52 pm I met Danny in 2013 , he is a professional security analyst and certified hacker. the time I met him he already was certified since 2009 and he is very good at testing securities. They hack email passwords, Social networks , Whats’app conversations, Cellphones, Any os .Clear criminal records, Change university grades, Improve credit rating , Bank transfers. You can contact him by sending a mail to email@example.com, I bet he is competent and savvy enough to solve your problem whatever it might be!!!!!!!!!!!!!!!!!!!!! Log in to Reply Shehrin Khan June 3, 2016 at 7:16 am What can you hack ? Log in to Reply Curtis Madison August 18, 2016 at 12:32 am Inbox maddyhacks28@gmail or text +12282223023 for the services of a certified and ethical hacker to change college grades,clear criminal records etc…hit me up and it’s done Log in to Reply You must be logged in to post a comment Login Leave a Reply Cancel replyYou must be logged in to post a comment. Altcoins Monero Price Analysis: XMR/USD Slips Below Crucial Daily Support Ahead of System Update Published 1 week ago on October 10, 2018 By Ken Chigbo Monero’s navitve token XMR is forced to breach a key area of support by the market bears. XMR/USD was being support by an ascending trend line, running from 14th August. The Monero foundation is scheduled for a routine network upgrade. Monero Network Update The Monero foundation is scheduled to update its network on 18th October, as a result this will be bringing a new hard fork to its token. They have been making it a routine process now, hard forking every six months. Their focus being on the likes of increased ring-size for more privacy, with large transactions and tweaking their proof of work algorithm. In terms of this upgrade, the goal is to enhance efficiency and make some adjustments to the current proof of work algorithm. Ultimately, to make it resistant and curb the threat of ASIC mining. Developers at Monero will be implementing the new Bulletproofs protocol. This will see greater privacy, lower fees and faster verification. It will reduce transaction size by an estimated 80%. Technical Review – Daily Chart XMR/USD daily chart XMR/USD slipped out to the downside from an ascending trend line. As a result, the market bears managed to push for a breach and daily close below on 7th October. The support had been running since 14th August, where the price hit a low of $76.739. A retest has been seen and pressure is now gradually mounting on Monero’s XMR. In terms of support, the 50DMA has provided some initial comfort for now. Furthermore, the next major downside support is observed in a chunky demand area. This is seen tracking from $86 down to $76. Resistance will now be eyed at $116.550 area, underneath the breached ascending trend line. In proximity to the 100DMA, which may cause some difficulty for the bulls. Elsewhere, further to the north, resistance can be seen within the $125.000 territory. Finally, heavy supply is tracking from $140 up to $150. Technical Review – 4-hour Chart XMR/USD 4-hour chart Despite the above-mentioned daily breakout from the supporting trend line, there is still some hope for XMR/USD in the near-term, because from looking at the 4-hour chart view, the price has been moving within a range-bound block. This narrowing area has been running since 26th September. Fortunately for the price, a fresh wave of selling pressure has been prevented for now. The lower part of the mentioned range has proven to see some near-term support. Therefore, the protection has been observed from around $112 to the high $111 territory. Although, a breach of this area could see a fast fall back down to sub $100, last traded below here on 12th September. While further downside pressure could force a retreat back down to a firm demand zone. Eyes would be on $86-77 range for buying. Disclaimer: The author owns bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading. Featured image courtesy of Shutterstock. Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink. Rate this post: Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way. (2 votes, average: 3.50 out of 5)You need to be a registered member to rate this. Loading... Ken Chigbo 4.5 stars on average, based on 31 rated postsKen has over 8 years exposure to the financial markets. During a large part of his career, he worked as an analyst, covering a variety of asset classes; forex, fixed income, commodities, equities and cryptocurrencies. Ken has gone on to become a regular contributor across several large news and analysis outlets. Follow @HackedCom Feedback or Requests? Continue Reading Altcoins Monero Price Analysis: XMR/USD Bulls Cooking Up Big Potential Moves Published 2 weeks ago on October 5, 2018 By Ken Chigbo XMR/USD price action surprisingly this week has been generally muted. Current price behavior looks more favorable to see upside surprises, rather than any heavy selling pressure. The Monero price this trading week has been somewhat muted. This comes as quite a surprise given the recent updates from the foundation. The foundation introduced the Maleware Workgroup, a huge step in efforts to protect the Monero community. Elsewhere, the foundation was also finally able to patch the ongoing ‘burning bug’ issue, which was proving to be a big problem. Full details of both developments posted in previous Monero article. Near-term Analysis (60-Minute Chart) XMR/USD 60-minute chart Looking at the 60-minute chart for XMR/USD, it is very much clear to see how tight the trading range is. The vast majority of price action, aside from a couple of spikes here and there, has been swinging between $117 down to $111. This behavior has been observed since the bull run seen on 19th September, which was then paired after 23rd September fall. Daily Chart View XMR/USD daily chart Price action is being supported by an ascending trend line on the daily chart. This has been running from 13th August, proving its strength. XMR/USD is currently stuck in between the 100DMA ($116.795), which is seen above, and the 50DMA ($110.877) below. The price has seen a bounce on several occasions in September, off the trend line. Next Move for Monero The above-mentioned tracking ascending trend line is going to be vital in Monero’s recovery. Market bulls will need comfort, in case of another failed break down of above chunky supply area. This is seen tracking from $140-$150. There were several occasions in July and one in September, where the bulls failed to break this down. On each time the price has come into contact with this territory, it has been hit pretty hard by the sellers. XMR/USD daily view A breakout to the upside from the mentioned supply, could see a fast move towards $170, where some resistance can be seen. The price most recently found difficulty within this area at the early part of June. Enough bullish momentum should see it clear this territory, with $200 being reclaimed to the upside. XMR/USD was last trading above $200 back on 21st May. Looking to the downside, a breach in the ascending trend line to the downside, could be catastrophic. Sellers would likely pile in with a high amount of volatility, sending the price down to sub-$100. The next chunky demand area is seen down within the $90-75 range. XMR/USD traded within this zone on 14th August, where the market managed receive a firm bounce. Disclaimer: The author owns bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading. Featured image courtesy of Shutterstock. Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink. Rate this post: Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way. (0 votes, average: 0.00 out of 5)You need to be a registered member to rate this. Loading... Ken Chigbo 4.5 stars on average, based on 31 rated postsKen has over 8 years exposure to the financial markets. During a large part of his career, he worked as an analyst, covering a variety of asset classes; forex, fixed income, commodities, equities and cryptocurrencies. Ken has gone on to become a regular contributor across several large news and analysis outlets. Follow @HackedCom Feedback or Requests? Continue Reading Bitcoin Bitcoin Network Faced One-Two Punch of Inflation and DoS Threats Published 4 weeks ago on September 23, 2018 By Gerelyn Terzo Bitcoin Core has emerged seemingly unscathed from a major vulnerability that threatened to shut down parts of the network in a denial-of-service (DoS) attack. But apparently, the bug was even worse than originally thought. According to a Bitcoin Core Full Disclosure Report, the issue included an “inflation vulnerability,” one in which if seized upon could have bolstered the supply of bitcoin beyond the famous 21 million coin ceiling. By pouring more coins into the supply, the hackers would have diminished the value of the circulating bitcoins. The decision to expose only the lesser extreme part of the bug to the public was deliberate. According to the report: “In order to encourage rapid upgrades, the decision was made to immediately patch and disclose the less serious Denial of Service vulnerability, concurrently with reaching out to miners, businesses, and other affected systems while delaying publication of the full issue to give times for systems to upgrade. On September 20th a post in a public forum reported the full impact and although it was quickly retracted the claim was further circulated.” Double-Edged Sword The strategy was a success and the bug is no longer a threat, as evidenced by more than 50% of the bitcoin mining hashrate having been upgraded to the patched nodes with no known attempts to “exploit this vulnerability.” Here’s what we know, according to the report – “A developer by the title earlz independently discovered and reported the vulnerability to the Bitcoin Core security contact email.” Meanwhile, on social media, a contributor identified as a Bitcoin Cash developer who goes by the handle “Awemany” was cheered on Reddit for discovering and reporting the bug and cementing their place in “bitcoin’s history book.” Awemany in a blog post pointed to bitcoin developer Matt Corallo, whose 2016 pull request in an attempt to accelerate validation times led to what Awemany characterized as “one of the most catastrophic bugs in Bitcoin ever.” The bottom line is that the bug was discovered and the threat has been lifted. It’s both a reminder of the risks associated with the consensus mechanism and a demonstration of good faith among the decision makers. While it’s mostly the future of ETH that has been contemplated of late, given the plummeting of the No. 2 cryptocurrency’s value this year along with the confidence of investors, bitcoin has its own issues. In an exclusive interview with CCN, Sheffield Clark, who is at the helm of bitcoin ATM maker Coinsource, pointed to potentially “stagnant” mainstream adoption of bitcoin amid a lack of regulatory framework to help resolve issues like extreme volatility. Featured image courtesy of Shutterstock. Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink. Rate this post: Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way. (1 votes, average: 5.00 out of 5)You need to be a registered member to rate this. Loading... Gerelyn Terzo 4.6 stars on average, based on 69 rated postsGerelyn has been covering ICOs and the cryptocurrency market since mid-2017. She's also reported on fintech more broadly in addition to asset management, having previously specialized in institutional investing. She owns some BTC and ETH. Follow @HackedCom Feedback or Requests? Continue Reading Recent CommentsChris G on Crypto Update: Altcoin Market Cap on the Verge of Trend Reversaldavidstewartkim on “The Core of Any Blockchain Project is Decentralization” – Jack Zhang, Lightning BitcoinDaniel Won on ICO Analysis: Dusk NetworkSholaO on ICO Analysis: Dusk NetworkDaniel Won on ICO Analysis: Dusk Network Tron (TRX) Progressing Faster Than Anyone Predicte... Breakout Imminent Ripple Price Analysis: XRP/USD Subject to Pullback... EOS Price Forecast: EOS/USD Heading for Another 30... Trade Recommendation: Stellar Pantera Capital’s CIO Predicts 10x Growth in... Qtum Announced as Amazon’s Partner in China; Coin... Recent Posts Gemini Dollar Approaches Parity with USD After Rocketing Higher Earlier in Week October 18, 2018 Pre-Market Analysis And Chartbook: Stocks Turn Lower as Treasury Yields Eye Multi-Year Highs Again October 18, 2018 Monero Price Analysis: XMR/USD is Stable and Gunning for Potential Gains on “Bulletproofs” Technology Update Day October 18, 2018 NEO Price Leapfrogs Market as Technical Article Competition Underway October 18, 2018 Tron (TRX) Progressing Faster Than Anyone Predicted – Including Justin Sun October 18, 2018 Trade Recommendation: Stellar October 18, 2018 Trade Recommendation: WAX October 18, 2018 Breakout Imminent October 18, 2018 Ripple Price Analysis: XRP/USD Subject to Pullback Before Another Surge; More Partners Added to xRapid and RippleNet October 18, 2018 Bitcoin Price Resumes Holding Pattern as Futures Trading Soars October 18, 2018 A part of CCN Hacked.com is Neutral and Unbiased Hacked.com and its team members have pledged to reject any form of advertisement or sponsorships from 3rd parties. We will always be neutral and we strive towards a fully unbiased view on all topics. Whenever an author has a conflicting interest, that should be clearly stated in the post itself with a disclaimer. If you suspect that one of our team members are biased, please notify me immediately at jonas.borchgrevink(at)hacked.com. Trending Cryptocurrencies1 week ago Monero vs. ZCash: Privacy Coins Compared Analysis6 days ago Bitcoin Update: 2018 and 2014 Bear Market Comparison Altcoins5 days ago Electroneum’s Benchmark Month Sends ETN Coin Price Up 333% Altcoins1 week ago Bribery on Binance? DigiByte’s Jared Tate Blasts CZ Over DGB Listing Demands Altcoins6 days ago Digitex Futures (DGTX) Cements Top 100 Position with 194% Two-Week Growth Analysis1 week ago Crypto Update: Trade Setups for Bitcoin Cash and 0x Altcoins1 week ago Ripple Price Analysis: XRP/USD at Risk of September Bull Run Being Completely Deflated Bitcoin1 week ago Could Bitcoin Challenge Ethereum?