Leaderboard

In what's an ingenious side-channel attack, a group of academics has found that it's possible to recover secret keys from a device by analyzing video footage of its power LED. "Cryptographic computations performed by the CPU change the power consumption of the device which affects the brightness of the device's power LED," researchers from the Ben-Gurion University of the Negev and Cornell University said in a study. By taking advantage of this observation, it's possible for threat actors to leverage video camera devices such as an iPhone 13 or an internet-connected surveillance camera to extract the cryptographic keys from a smart card reader­. Specifically, video-based cryptanalysis is accomplished by obtaining video footage of rapid changes in an LED's brightness and exploiting the video camera's rolling shutter effect to capture the physical emanations. "This is caused by the fact that the power LED is connected directly to the power line of the electrical circuit which lacks effective means (e.g., filters, voltage stabilizers) of decoupling the correlation with the power consumption," the researchers said. In a simulated test, it was found that the method allowed for the recovery of a 256-bit ECDSA key from a smart card by analyzing video footage of the power LED flickers via a hijacked internet-connected security camera. A second experiment allowed for the extraction of a 378-bit SIKE key from a Samsung Galaxy S8 handset by training the camera of an iPhone 13 on the power LED of Logitech Z120 speakers connected to a USB hub that's also used to charge the phone. What makes the attack notable is that the modus operandi is non-intrusive, either banking on physical proximity or over the internet, to steal the cryptographic keys. That said, there are a few limitations to reliably pull off the scheme. It requires the camera to be placed 16 meters away from the smart card reader and in a manner such that it has a direct line of sight view of the power LED. Then there's the condition that the signatures are recorded for a duration of 65 minutes. It also presupposes that there exists a side-channel based on power consumption that leaks sensitive information which could be used for cryptanalysis, making such attacks an exception rather than a norm. To counter such attacks, it's recommended that LED manufacturers integrate a capacitor to reduce fluctuations in power consumption or, alternatively, cover the power LED with black tape on the consumer side to prevent leakage. Ben Nassi, the lead researcher behind the attack technique, has previously devised similar approaches in the past – Lamphone and Glowworm – that employ overhead hanging bulbs and a device's power indicator LED to eavesdrop on conversations. Then last year, the researchers demonstrated what's called the "little seal bug" attack that utilizes an optical side-channel associated with lightweight reflective objects to recover the content of a conversation. Source: https://thehackernews.com/2023/06/researchers-find-way-to-recover.html

Da, asa e. Or sa prezinte asta la Defcon si la Black Hat USA (BHUSA). Reactia mea cand am vazut si eu acest articol.

Socant, imi plac lucrurile astea, nu stiu cat de practice sunt dar se incadreaza bine in ce inteleg eu prin "hacking".

Europol on Tuesday announced that the takedown of EncroChat in July 2020 led to 6,558 arrests worldwide and the seizure of €900 million in illicit criminal proceeds. The law enforcement agency said that a subsequent joint investigation initiated by French and Dutch authorities intercepted and analyzed over 115 million conversations that took place over the encrypted messaging platform between no less than 60,000 users. Now almost three years later, the information obtained from digital correspondence has resulted in - Arrests of 6,558 suspects, including 197 high-value targets 7,134 years of imprisonment of convicted criminals Confiscation of €739.7 million in cash Freeze of €154.1 million frozen in assets or bank accounts Seizure of 30.5 million pills of chemical drugs Seizure of 103.5 tonnes of cocaine, 163.4 tonnes of cannabis, and 3.3 tonnes of heroin Seizure of 971 vehicles, 83 boats, and 40 planes Seizure of 271 estates or homes, and Seizure of 923 weapons, as well as 21,750 rounds of ammunition and 68 explosives EncroChat was an encrypted phone network that was used by organized crime groups to plot drug deals, money laundering, extortion, and even murders. "User hotspots were particularly present in source and destination countries for cocaine and cannabis trade, as well as in money laundering centers," Europol said at the time. The mobile devices were marketed as offering "perfect anonymity" to users, allowing them to operate with impunity through features like automatic deletion of messages and options to automatically erase them from a distance by the reseller. "EncroChat sold crypto telephones for around EUR 1,000 each, on an international scale," Europol said. "It also offered subscriptions with worldwide coverage, at a cost of EUR 1,500 for a six-month period, with 24/7 support." Unbeknownst to the users, the platform was infiltrated by French and Dutch law enforcement in early 2020, offering valuable insight into the groups and their modus operandi. The company's servers, which were operating from France, were taken down. The illegal use of encrypted communications has since led to the dismantling of another service called Sky ECC in March 2021. In June 2021, U.S. and Australian officials disclosed that they ran an encrypted chat service called ANoM (aka AN0M) for nearly three years to intercept 27 million messages exchanged between criminal gang members globally. Source: https://thehackernews.com/2023/06/encrochat-bust-leads-to-6558-criminals.html