Tag Archives: Just

Update Samba Servers Immediately to Patch Password Reset and DoS Vulnerabilities

Samba maintainers have just released new versions of their networking software to patch two critical vulnerabilities that could allow unprivileged remote attackers to launch DoS attacks against servers and change any other users’ passwords, including admin’s.

Samba is open-source software (re-implementation of SMB networking protocol) that runs on the majority of operating systems available

Apple iPhone X’s Face ID Hacked (Unlocked) Using 3D-Printed Mask


Just a week after Apple released its brand new iPhone X on November 3, a team of hackers has claimed to successfully hack Apple’s Face ID facial recognition technology with a mask that costs less than $150.

Yes, Apple’s “ultra-secure” Face ID security for the iPhone X is not as secure as the company claimed during its launch event in September this year.

“Apple engineering teams have even gone and worked with professional mask makers and makeup artists in Hollywood to protect against these attempts to beat Face ID,” Apple’s senior VP of worldwide marketing Phil Schiller said about Face ID system during the event.

“These are actual masks used by the engineering team to train the neural network to protect against them in Face ID.”

However, the bad news is that researchers from Vietnamese cybersecurity firm Bkav were able to unlock the iPhone X using a mask.

Yes, Bkav researchers have a better option than holding it up to your face while you sleep.

Bkav researchers re-created the owner’s face through a combination of 3D printed mask, makeup, and 2D images with some “special processing done on the cheeks and around the face, where there are large skin areas” and the nose is created from silicone.

The researchers have also published a proof-of-concept video, showing the brand-new iPhone X first being unlocked using the specially constructed mask, and then using the Bkav researcher’s face, in just one go.

“Many people in the world have tried different kinds of masks but all failed. It is because we understand how AI of Face ID works and how to bypass it,” an FAQ on the Bkav website said.

“You can try it out with your own iPhone X, the phone shall recognize you even when you cover a half of your face. It means the recognition mechanism is not as strict as you think, Apple seems to rely too much on Face ID’s AI. We just need a half face to create the mask. It was even simpler than we ourselves had thought.”

Researchers explain that their “proof-of-concept” demo took about five days after they got iPhone X on November 5th. They also said the demo was performed against one of their team member’s face without training iPhone X to recognize any components of the mask.

“We used a popular 3D printer. The nose was made by a handmade artist. We use 2D printing for other parts (similar to how we tricked Face Recognition 9 years ago). The skin was also hand-made to trick Apple’s AI,” the firm said.

The security firm said it cost the company around $150 for parts (which did not include a 3D printer), though it did not specify how many attempts its researchers took them to bypass the security of Apple’s Face ID.

It should be noted that creating such a mask to unlock someone’s iPhone is a time-consuming process and it is not possible to hack into a random person’s iPhone.

However, if you prefer privacy and security over convenience, we highly recommend you to use a passcode instead of fingerprint or Face ID to unlock your phone.

New Rapidly-Growing IoT Botnet Threatens to Take Down the Internet

Just a year after Mirai—biggest IoT-based malware that caused vast Internet outages by launching massive DDoS attacks—completed its first anniversary, security researchers are now warning of a brand new rapidly growing IoT botnet.

Dubbed ‘IoT_reaper,’ first spotted in September by researchers at firm Qihoo 360, the new malware no longer depends on cracking weak passwords; instead, it exploits vulnerabilities in various IoT devices and enslaves them into a botnet network.

IoT_reaper malware currently includes exploits for nine previously disclosed vulnerabilities in IoT devices from following manufactures:

  • Dlink (routers)
  • Netgear (routers)
  • Linksys (routers)
  • Goahead (cameras)
  • JAWS (cameras)
  • AVTECH (cameras)
  • Vacron (NVR)

Researchers believe IoT_reaper malware has already infected nearly two million devices and growing continuously at an extraordinary rate of 10,000 new devices per day.

This is extremely worrying because it took only 100,000 infected devices for Mirai to took down DNS provider Dyn last year using a massive DDoS attack.

Besides this, researchers noted that the malware also includes more than 100 DNS open resolvers, enabling it to launch DNS amplification attacks.

Currently, this botnet is still in its early stages of expansion. But the author is actively modifying the code, which deserves our vigilance.” Qihoo 360 researchers say.

Meanwhile, researchers at CheckPoint are also warning of probably same IoT botnet, named “IoTroop,” that has already infected hundreds of thousands of organisations.

“It is too early to guess the intentions of the threat actors behind it, but with previous Botnet DDoS attacks essentially taking down the Internet, it is vital that organisations make proper preparations and defence mechanisms are put in place before attack strikes.” researchers said.

According to CheckPoint, IoTroop malware also exploits vulnerabilities in Wireless IP Camera devices from GoAhead, D-Link, TP-Link, AVTECH, Linksys, Synology and others.

At this time it is not known who created this and why, but the DDoS threat landscape is skyrocketing and could reach tens of terabits-per-second in size.

“Our research suggests we are now experiencing the calm before an even more powerful storm. The next cyber hurricane is about to come.” CheckPoint researchers warned.

You need to be more vigilant about the security of your smart devices. In our previous article, we have provided some essential, somewhat practical, solutions to protect your IoT devices.

Also Read: How Drones Can Find and Hack Internet-of-Things Devices From the Sky.

Microsoft Kept Secret That Its Bug-Tracking Database Was Hacked In 2013

It was not just Yahoo among “Fortune 500” companies who tried to keep a major data breach incident secret.

Reportedly, Microsoft had also suffered a data breach four and a half years ago (in 2013), when a “highly sophisticated hacking group” breached its bug-reporting and patch-tracking database, but the hack was never made public until today.

According to five former employees of the company, interviewed separately by Reuters, revealed that the breached database had been “poorly protected with access possible via little more than a password.

This incident is believed to be the second known breach of such a corporate database after a critical zero-day vulnerability was discovered in Mozilla’s Bugzilla bug-tracking software in 2014.

As its name suggests, the bug-reporting and patch-tracking database for Windows contained information on critical and unpatched vulnerabilities in some of the most widely used software in the world, including Microsoft’s own Windows operating system.

The hack was believed to be carried out by a highly-skilled corporate espionage hacking group known by various names, including Morpho, Butterfly and Wild Neutron, who exploited a JAVA zero-day vulnerability to hack into Apple Mac computers of the Microsoft employees, “and then move to company networks.

With such a database in hands, the so-called highly sophisticated hacking group could have developed zero-day exploits and other hacking tools to target systems worldwide.

There’s no better example than WannaCry ransomware attack to explain what a single zero-day vulnerability can do.

Bad guys with inside access to that information would literally have a ‘skeleton key’ for hundreds of millions of computers around the world,” said Eric Rosenbach, who was American deputy assistant secretary of defence for cyber at the time of the breach.

When Microsoft discovered the compromised database in earlier 2013, an alarm spread inside the company.

Following the concerns that hackers were using stolen vulnerabilities to conduct new attacks, the tech giant conducted a study to compare the timing of breaches with when the bugs had entered the database and when they were patched.

Although the study found that the flaws in the stolen database were used in cyber attacks, Microsoft argued the hackers could have obtained the information elsewhere, and that there’s “no evidence that the stolen information had been used in those breaches.”

Former employees also confirmed that the tech giant tightened up its security after the 2013 hacking incident and added multiple authentication layers to protect its bug-reporting system.

However, three of the employees believes the study conducted by Microsoft did not rule out stolen vulnerabilities being used in future cyber attacks, and neither the tech giant conducted a thorough investigation into the incident.

On being contacted, Microsoft declined to speak about the incident, beyond saying: “Our security teams actively monitor cyber threats to help us prioritise and take appropriate action to keep customers protected.”

Powered by WPeMatico

Israel Hacked Kaspersky, Caught Russian Spies Hacking American Spies, But…


The cold cyber war has just turned hot.

According to a story published today by the New York Times, Israeli government hackers hacked into Kaspersky’s network in 2015 and caught Russian government hackers red-handed hacking US government hackers with the help of Kaspersky.

In other words — Russia spying on America, Israel spying on Russia and America spying on everyone.

What the F^#% is going around?

It is like one is blaming another for doing exactly the same thing it is doing against someone else. Wow!

Well, the fact that everyone is spying on everyone is neither new nor any secret. However, somehow now Kaspersky Labs is at the centre of this international espionage tale for its alleged devil role.

Just last week, the Wall Street Journal, an American media agency, published a story against the Kaspersky, a Russian antivirus provider, claiming that the Russian government hackers stole highly classified NSA documents and hacking tools in 2015 from a staffer’s home PC with the help of Kaspersky Antivirus.

Even if the incident is real, quoting multiple anonymous sources from US intelligence community, Wall Street Journal article failed to provide any substantial evidence to prove if Kaspersky was intentionally involved with the Russian spies or some hackers simply exploited any zero-day vulnerability in the Antivirus product.

Now, the latest NYT story, again quoting an anonymous source from Israeli Intelligence Agency, seems another attempt to justify the claims made by WSJ article about Russians hacking NSA secrets.

“The role of Israeli intelligence in uncovering [the Kaspersky Labs] breach and the Russian hackers’ use of Kaspersky software in the broader search for American secrets have not previously been disclosed,” the NYT reported.

According to the report, United States officials began an immediate investigation in 2015 after Israel officials notified the U.S. National Security Agency (NSA) about the possible breach.

Indeed, in mid-2015, Moscow-based Kaspersky Lab detected sophisticated cyber-espionage backdoor within its corporate network and released a detailed report about the intrusion, although the company did not blame Israel for the attack.

At the time, Kaspersky said that some of the attack code the company detected shared digital fingerprints first found in the infamous Stuxnet worm, same malware which was developed by America and Israel to sabotage Iran’s nuclear program in 2010.

This suspicion of malicious Kaspersky’s behaviour eventually leads the U.S. Department of Homeland Security (DHS) to ban and remove Kaspersky antivirus software from all of its government computers.

Moreover, just last month, the U.S. National Intelligence Council shared a classified report with NATO allies concluding that the Russian FSB intelligence agency had access to Kaspersky’s databases and as well as the source code.

However, Kaspersky Lab has always denied any knowledge of, or involvement in, any cyber espionage operations.

“Kaspersky Lab has never helped, nor will help, any government in the world with its cyberespionage efforts,” Kaspersky’s founder Eugene Kaspersky said in a statement.

Eugene today also announced that he has just launched an internal investigation to cross-check if United States LEA has relevant facts.

Eugene previously admitted there’s a possibility that NSA hacking tools could have been picked up as malware by their Anti-malware scanner because antivirus products are designed to work in that way.

“We absolutely and aggressively detect and clean malware infections no matter the source,” the antivirus company said.

Until now it is quite tough to judge if Kaspersky was involved in any wrongdoing, but the ball is in America’s court, who has to provide the actual evidence to the world about the highly classified Israeli counter-intelligence operation.

Powered by WPeMatico

It’s 3 Billion! Yes, Every Single Yahoo Account Was Hacked In 2013 Data Breach


The largest known hack of user data in the history just got tripled in size.

Yahoo, the internet company that’s acquired by Verizon this year, now believes the total number of accounts compromised in the August 2013 data breach, which was disclosed in December last year, was not 1 billion—it’s 3 Billion.

Yes, the record-breaking Yahoo data breach affected every user on its service at the time.

Late last year, Yahoo revealed the company had suffered a massive data breach in August 2013, which affected 1 billion user accounts.

The 2013 hack exposed user account information, including names, email addresses, telephone numbers, dates of births, hashed passwords (using MD5), and, in some cases, “encrypted or unencrypted security questions and answers,” Yahoo said in 2016.

At that time, Yahoo did confirm that hackers did not obtain bank account details or credit card information tied to the Yahoo accounts.

The data breach was attributed to state-sponsored hackers. Since the disclosure of the breach last year, there have been many developments in the incident.

However, the recent announcement by Yahoo makes it clear that if you had an email account on Yahoo, you were part of the infamous data breach.

Oath, the Verizon subsidiary into which Yahoo was merged, made the announcement in a filing with the SEC on Tuesday, which reads:

“Subsequent to Yahoo’s acquisition by Verizon, and during integration, the company recently obtained new intelligence and now believes, following an investigation with the assistance of outside forensic experts, that all Yahoo user accounts were affected by the August 2013 theft.”

The statement clearly suggests that if you had an account on Yahoo in 2013, you were affected by the data breach.

So for whatever reason you did not change your password last year after the disclosure of this massive breach, you should now change your passwords immediately and enable two-factor authentication (2FA).

Also, if you are using the same password and answers to security questions somewhere else, change them too.

Deleting Yahoo account may not be a good option to opt for, as Yahoo recycles deleted accounts after 30 days, which would allow anyone to hijack it. So, even if you don’t want to use your Yahoo account, just enable 2FA and leave it.

Yahoo has also started notifying the affected account holders, requiring them to change their passwords immediately, and assuring them that the stolen data “did not include passwords in clear text, payment card data, or bank account information.”

One should note that this breach is separate from the 2014 breach disclosed by Yahoo in September last year, affecting as many as 500 Million user accounts.

Yahoo attributed the 2014 breach to a state-sponsored hacking group. In March 2016, US federal prosecutors charged two Russian intelligence officers and two criminal hackers in connection with the breach.

Recently, credit reporting service Equifax also announced that an additional 2.5 million American consumers were also impacted by the massive breach the company disclosed last month, bringing the total possible victims to 145.5 million from 143 million.

Powered by WPeMatico

WireX DDoS Botnet: An Army of Thousands of Hacked Android SmartPhones


Do you believe that just because you have downloaded an app from the official app store, you’re safe from malware?

Think twice before believing it.

A team of security researchers from several security firms have uncovered a new, widespread botnet that consists of tens of thousands of hacked Android smartphones.

Dubbed WireX, detected as “Android Clicker,” the botnet network primarily includes infected Android devices running one of the hundreds of malicious apps installed from Google Play Store and is designed to conduct massive application layer DDoS attacks.

Researchers from different Internet technology and security companies—which includes Akamai, CloudFlare, Flashpoint, Google, Oracle Dyn, RiskIQ, Team Cymru—spotted a series of cyber attacks earlier this month, and they collaborated to combat it.

Although Android malware campaigns are quite common these days and this newly discovered campaign is also not that much sophisticated, I am quite impressed with the way multiple security firms—where half of them are competitors—came together and shared information to take down a botnet.


WireX botnet was used to launch minor DDoS attacks earlier this month, but after mid-August, the attacks began to escalate.

The “WireX” botnet had already infected over 120,000 Android smartphones at its peak earlier this month, and on 17th August, researchers noticed a massive DDoS attack (primarily HTTP GET requests) originated from more than 70,000 infected mobile devices from over 100 countries.

If your website has been DDoSed, look for the following pattern of User-Agent strings to check if it was WireX botnet:


After further investigation, security researchers identified more than 300 malicious apps on Google’s official Play Store, many of which purported to be media, video players, ringtones, or tools for storage managers and app stores, which include the malicious WireX code.

Just like many malicious apps, WireX apps do not act maliciously immediately after the installation in order to evade detection and make their ways to Google Play Store.

Instead, WireX apps wait patiently for commands from its command and control servers located at multiple subdomains of “axclick.store.”

Google has identified and already blocked most of 300 WireX apps, which were mostly downloaded by users in Russia, China, and other Asian countries, although the WireX botnet is still active on a small scale.


If your device is running a newer version of the Android operating system that includes Google’s Play Protect feature, the company will automatically remove WireX apps from your device, if you have one installed.

Play Protect is Google’s newly launched security feature that uses machine learning and app usage analysis to remove (uninstall) malicious apps from users Android smartphones to prevent further harm.

Also, it is highly recommended to install apps from reputed and verified developers, even when downloading from Google official Play Store and avoid installing unnecessary apps.

Additionally, you are strongly advised to always keep a good antivirus app on your mobile device that can detect and block malicious apps before they can infect your device, and always keep your device and apps up-to-date.

Android malware continues to evolve with more sophisticated and never-seen-before attack vectors and capabilities with every passing day.

Just at the beginning of this week, Google removed over 500 Android apps utilising the rogue SDK—that secretly distribute spyware to users—from its Play Store marketplace.

Last month, we also saw first Android malware with code injecting capabilities making rounds on Google Play Store.

A few days after that, researchers discovered another malicious Android SDK ads library, dubbed “Xavier,” found installed on more than 800 different apps that had been downloaded millions of times from Google Play Store.

Powered by WPeMatico

Here’s How CIA Spies On Its Intelligence Liaison Partners Around the World

Wikileaks Exposes How CIA Spies On Its Intelligence Liaison Partners Around the World

WikiLeaks has just published another Vault 7 leak, revealing how the CIA spies on their intelligence partners around the world, including FBI, DHS and the NSA, to covertly collect data from their systems.

The CIA offers a biometric collection system—with predefined hardware, operating system, and software—to its intelligence liaison partners around the world that helps them voluntary share collected biometric data on their systems with each other.

But since no agency share all of its collected biometric data with others, the Office of Technical Services (OTS) within CIA developed a tool to secretly exfiltrate data collections from their systems.

Dubbed ExpressLane, the newly revealed CIA project details about the spying software that the CIA agents manually installs as part of a routine upgrade to the Biometric system.

The leaked CIA documents reveal that the OTS officers, who maintain biometric collection systems installed at liaison services, visit their premises and secretly install ExpressLane Trojan while displaying an “upgrade Installation screen with a progress bar that appears to be upgrading the biometric software.”

“It will overtly appear to be just another part of this system. It’s called: MOBSLangSvc.exe and is stored in WindowsSystem32,” leaked CIA documents read. 

“Covertly it will collect the data files of interest from the liaison system and store them encrypted in the covert partition on a specially watermarked thumb drive when it is inserted into the system.”

ExpressLane includes two components:

  • Create Partition — This utility allows agents to create a covert partition on the target system where the collected information (in compressed and encrypted form) will be stored.
cia hacking tool
  • Exit Ramp — This utility lets the agents steal the collected data stored in the hidden partition using a thumb drive when they revisit.
cia hacking tools

The latest version ExpressLane 3.1.1 by default removes itself after six months of the installation in an attempt to erase its footprints, though the OTA officers can change this date.

The biometric software system that CIA offers is based on a product from Cross Match, a US company specialized in biometric software for law enforcement and the intelligence community, which was also used to “identify Osama bin Laden during the assassination operation in Pakistan.”

Previous Vault 7 CIA Leaks

Last week, WikiLeaks published another CIA project, dubbed CouchPotato, which revealed the CIA’s ability to spy on video streams remotely in real-time.

Since March, WikiLeaks has published 21 batches of “Vault 7” series, which includes the latest and last week leaks, along with the following batches:

  • Dumbo — A CIA project that disclosed the CIA’s ability to hijack and manipulate webcams and microphones to corrupt or delete recordings.
  • Imperial — A CIA project that revealed details of at least 3 CIA-developed hacking tools and implants designed to target computers running Apple Mac OSX and different flavours of Linux OS.
  • UCL/Raytheon — An alleged CIA contractor, who analysed in-the-wild malware and hacking tools and submitted at least five reports to the spying agency for help it developed its malware.
  • Highrise — An alleged CIA project that allows the spying agency to stealthy collect and forward stolen information from compromised phones to its server via SMS messages.
  • BothanSpy and Gyrfalcon — Two alleged CIA implants that allowed the US agency to intercept and exfiltrate SSH credentials from target Windows and Linux computers.
  • OutlawCountry – An alleged CIA project that let the agency hack and remotely spy on computers running Linux OS.
  • ELSA – Alleged CIA malware that tracks the location of targeted laptops and PCs running the Microsoft Windows operating system.
  • Brutal Kangaroo – A Microsoft Windows tool suite used by the agents to target closed networks or air-gap PCs within an organisation or enterprise without requiring any direct access.
  • Cherry Blossom – A CIA framework employed by its agents to monitor the Internet activity of the target systems by exploiting bugs in Wi-Fi devices.
  • Pandemic – A CIA project that let the spying agency turn Windows file servers into covert attack machines that can silently infect other systems of interest inside the same network.
  • Athena – A spyware framework that the US secretive agency uses to take full control of the infected Windows machines remotely and works against every version of Windows operating system–from Windows XP to Windows 10.
  • AfterMidnight and Assassin – Two alleged CIA malware frameworks for the Windows platform that’s designed to monitor and report back actions on the infected remote host system and execute malicious actions.
  • Archimedes – Man-in-the-middle attack tool allegedly developed by the US agency to target systems inside a Local Area Network (LAN).
  • Scribbles – Software allegedly designed to embed ‘web beacons’ into confidential documents, allowing the agents to track insiders and whistleblowers.
  • Grasshopper – A framework that let the spying agency easily create its custom malware for breaking into Microsoft Windows and bypassing antiviruses.
  • Marble – Source code of a secret anti-forensic tool used by the US agency to hide the actual source of its malicious payload.
  • Dark Matter – Hacking exploits the US spying agency designed and used to target iPhones and Macs.
  • Weeping Angel – A spying tool used by the CIA agents to infiltrate smart TV’s and transform them into covert microphones.
  • Year Zero – CIA hacking exploits for popular hardware and software.

Powered by WPeMatico

Game of Thrones (Season 7) Episode 5 Script Leaked — Hacker Demands Millions in Ransom


The hacking group that recently hacked HBO has just dropped its third trove of documents, including a month emails of one of the company’s executives, and a detailed script of the upcoming fifth episode of “Game of Thrones” Season 7, set to be aired on August 13.

The latest release is the second leak from the hackers who claimed to have obtained around 1.5 terabytes of information from HBO, following the release of upcoming episodes of “Ballers” and “Room 104,” and a script of the fourth episode of “Game of Thrones.”

With the release of another half-gigabyte sample of its stolen HBO data, the hacking group has finally demanded a ransom worth millions of dollars from the entertainment giant in order to prevent further leaks.

The latest HBO data dump includes company’s several internal documents, including emails, employment agreements, financial balance sheets, and marketing-strategy PDFs, along with the script of the yet-to-air 5th episode of Game of Thrones, all watermarked with “HBO is Falling.”

The hackers reportedly sent a video message to HBO President and CEO Richard Plepler and demanded his “six-month salary in Bitcoin” — which is almost $6 Million — as a ransom for the stolen data otherwise they’ll continue to leak.


In the video letter, written by “Mr. Smith” posing as the group of hackers behind the leak, the hackers demanded an unspecified amount of money from Plepler.

“We successfully breached into your huge network. HBO was one of our difficult targets to deal with, but we succeeded (it took about 6 months),” the letter reads as quoted by Wired. 

“Our demand is clear and Non-Negotiable: We want XXXX dollars to stop leaking your Data. HBO spends 12 million for Market Research and 5 million for GOT7 advertisements. So consider us another budget for your advertisements!”

Last week when the hackers released the first batch of stolen data, HBO confirmed the cyber attack on its network but did not confirm how much data the hackers have stolen and whether it included upcoming episodes of the widely watched Game Of Thrones.

The ransom note adds that the deadline for that payment is only 3 days, but does not include a date. The video letter ends with an image of the “Night King” villain from Game of Thrones with his arms raised—the word “standing” in one hand and “falling” in the other.

Data Breaches also published some parts of the ransom demand the hackers, which call themselves white hats, sent to HBO.

In an internal email sent to to the HBO staff last week, Plepler said: “Many people have expressed particular concern about our e-mail system. At this time, we do not believe that our email system as a whole has been compromised, but the forensic review is ongoing.”

HBO spokesperson Jeff Cusson told the publication that the company had been expecting more data to emerge from its data breach, but that the company’s “forensic review is ongoing.”

“The review to date has not given us a reason to believe that our email system as a whole has been compromised,” Cusson says. “We continue to work around the clock with outside cyber security firms and law enforcement to resolve the incident.”

If hackers have indeed stolen 1.5 terabytes of data from HBO and the company refuse to pay the ransom, users should expect more leaks of upcoming episodes from their favourite shows.

At this moment, it is still unclear who is behind the hack. We will update the story with the latest information.

Powered by WPeMatico

Hackers Take Over US Voting Machines In Just 90 Minutes

Today, election hacking is not just about hacking voting machines, rather it now also includes hacking and leaking dirty secrets of the targeted political parties—and there won’t be a perfect example than the last year’s US presidential election.

But, in countries like America, even hacking electronic voting machines is possible—that too, in a matter of minutes.

Several hackers reportedly managed to hack into multiple United States voting machines in a relatively short period—in some cases within minutes, and in other within a few hours—at Def Con cybersecurity conference held in Las Vegas this week.

Citing the concern of people with the integrity and security of American elections, for the first time, Def Con hosted a “Voting Machine Village” event, where tech-savvy attendees tried to hack some systems and help catch vulnerabilities.

Voting Machine Village provided 30 different pieces of voting equipment used in American elections in a room, which included Sequoia AVC Edge, ES&S iVotronic, AccuVote TSX, WinVote, and Diebold Expresspoll 4000 voting machines.

And what’s horrible? The group of attendees reportedly took less than 90 minutes to compromise these voting machines.

Image Credit: @tjhorner

Members of the Def Con hacking community managed to take complete control of an e-poll book, an election equipment which is currently in use in dozens of states where voters sign in and receive their ballots.

Other hackers in attendance claimed to have found significant security flaws in the AccuVote TSX, which is currently in use in 19 states, and the Sequoia AVC Edge, used in 13 states.

Another hacker broke into the hardware and firmware of the Diebold TSX voting machine.

Hackers were also able to hack into the WinVote voting machine, which is available on eBay, and have long been removed from use in elections due to its vulnerabilities.

Hackers discovered a remote access vulnerability in WinVote’s operating system, which exposed real election data that was still stored in the machine.

Another hacker hacked into the Express-Pollbook system and exposed the internal data structure via a known OpenSSL vulnerability (CVE-2011-4109), allowing anyone to carry out remote attacks.

“Without question, our voting systems are weak and susceptible. Thanks to the contributors of the hacker community today, we’ve uncovered even more about exactly how,” said Jake Braun, a cybersecurity expert at the University of Chicago, told Reg media.

“The scary thing is we also know that our foreign adversaries — including Russia, North Korea, Iran — possess the capabilities to hack them too, in the process undermining the principles of democracy and threatening our national security.”

Election hacking became a major debate following the 2016 US presidential election, where it was reported that Russian hackers managed to access U.S. voting machines in at least 39 states in the run-up to the election.

However, there is no evidence yet to justify these claims.

Even, Hacking of voting machines is also a major concern in India these days, but the government and election commission has declined to host such event to test the integrity of EVMs (Electronic Voting Machines) used during the country’s General and State Elections.

Powered by WPeMatico