Security News

Firmware can be hacked like software

Avast Security News Team, 2 October 2020

Plus, the environmental benefits of remote working and 17 apps removed from the Google Play Store for hiding a malicious “Joker”

In an experiment to prove it was possible, Avast senior researcher Martin Hron successfully hacked into the firmware of an IoT device, hijacking it completely and infecting it with ransomware. Martin said he wanted to test his theory that “firmware is the new software,” meaning the right kind of attack could compromise the hardwired system components built into the device.

Suspecting that weak routers and internet exposure were not the only threats facing IoT security, Martin chose a smart coffee maker as the target of the attack. Infecting its firmware through the device’s own local Wi-Fi signal, Martin and his team were able to take full command of the coffee maker’s features, make it beep incessantly, and infect it with ransomware so that it locked its owner out. Read the full story in Martin’s detailed blog post

Remote working may help the planet

As part of a coronavirus special report, ZDNet wrote about an interactive roundtable on remote working that recently occurred among cybersecurity experts and leaders from around the world. The panel discussed remote working, or virtual working, as not only environmentally harmless but actually beneficial. Cleaner air due to less rush hour traffic is just one of the ways remote work promotes sustainability, according to the roundtable. ZDNet reported that the United Nations believes that 14 of its 17 sustainability goals can be solved or advanced through the practice of remote working.

Cyberattack knocks major U.S. hospital system offline

Over the weekend, Universal Health Services (UHS), a hospital chain with over 400 locations, primarily in the U.S., suffered a cyberattack that knocked its U.S. system offline. UHS issued a statement that cited “a security incident caused by malware” for leading the company to shut down all networks across its U.S. operations. The company’s U.K. operations have not been impacted. A source close to UHS told NBC News that the attack seems to be ransomware. Nurses reported that hospital staffs have reverted to pen and paper for the time being. 

FBI/CISA issue warning about election disinformation

The U.S. Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) issued a public service announcement this week about disinformation campaigns that aim to generate doubt and mistrust in the U.S. election process. The PSA states, “During the 2020 election season, foreign actors and cyber criminals are spreading false and inconsistent information through various online platforms in an attempt to manipulate public opinion, sow discord, discredit the electoral process, and undermine confidence in U.S. democratic institutions.” The PSA offers recommendations to clear up confusion and assuage skepticism, including the advice to “Seek out information from trustworthy sources, verify who produced the content, and consider their intent.”

Joker malware found in 17 new apps on Google Play

A sneaky strain of malware known as “Joker” has been discovered in various apps offered on the Google Play Store for over a year, and 17 have just been removed for being infected with the malware. Forbes published a list of the tainted applications, which include scanner, photo editor, and messenger apps. Joker hides in an app until it identifies certain criteria about the device’s system, then it springs into action downloading more malware, stealing sensitive information, and spying on the device. If users currently have any of the apps listed in Forbes, they are advised to delete them from their device immediately. 

This week’s ‘must-read’ on The Avast Blog

As the school year is now well underway, we've rounded up some valuable teacher-to-teacher advice on adjusting to the new normal of distance learning and using tech with students.