Slash Boxes

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 17 submissions in the queue.
posted by azrael on Saturday July 12 2014, @08:49PM   Printer-friendly
from the tricorder-malfunction dept.

Handheld scanners are installed with sophisticated malware by China-based threat actors in order to target shipping and logistics organizations all over the world says the security firm TrapX (report 15 MB PDF).

The attack begins at a Chinese company that provides hardware and software for handheld scanners used by shipping and logistics firms worldwide to inventory items they handle. The manufacturer installs the malware on the embedded Microsoft Windows XP devices.

Experts determined that the threat group target servers that stores corporate financial data, customer data and other sensitive information. A second payload downloaded by the malware then establishes a sophisticated C&C on the company's finance servers, enabling the attackers to exfiltrate the information they're after.

The malware used by the Zombie Zero attackers is highly sophisticated and polymorphic, the researchers said. One observed attack revealed that 16 of the 48 scanners used by the victim were infected, and the malware managed to penetrate the targeted organization's defenses and gain access to servers on the corporate network.

Interestingly, the C&C is located at the Lanxiang Vocational School, an educational institution said to be involved in the Operation Aurora attacks against Google, and is physically located one block away from the scanner manufacturer, TrapX said. Another possible attack vector is of course the labels with printed binary data. Compartmentalized networks and a strict API enforcement gateway may be ways to combat threats like these.

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 1) by anubi on Monday July 14 2014, @02:01AM

    by anubi (2828) on Monday July 14 2014, @02:01AM (#68734) Journal

    I will throw in my two cent's worth and shill for Micrium [] again...

    ( No, I don't get paid to talk about their stuff on the net. I have some of their stuff and like the way they do business. )

    I absolutely love picking on them in forums like this because they actually publish their source code in a book for all to see.

    Sure, they license their code if you want to build it into your stuff. Or if you want, get NetBurner's modules and they come pre-loaded with licensed uCOS out of the box. I think of NetBurners like a really high powered Arduino, however the Raspberry PI is in the same league as far as I am concerned.

    For me, licensing is not the issue. I do not mind buying a good tool. Its ignorance, enforced by Copyright Law and our Clueless Congress, that forces me to make all sorts of poor decisions when I have no idea what's "under the hood" and I am supposed to make a decision based on "sales-talk", which we all know is more like playing poker than engineering. I feel extremely uncomfortable signing off on stuff under my name based on hear-say. I want to know for myself exactly what I am vouching for.

    From what I see, we are becoming a nation of ignoramuses being denied knowledge in depth of stuff in order to protect the business model of those privy to such information. This is the same thing that upset the "holy men" so much when Gutenberg printed the Bible. Once people could see for themselves, the great mystery of the man who throws lightning bolts at sinners is revealed, and a lot of men counting on conning a good life out of the superstition of others had to find a more productive line of work.

    I am far from being a "know-it-all", rather I am far more of a "seen-more-crap-than-I-want-to-see" sort. I have seen the kind of attack vectors and am very disgusted others don't get pissed off enough to put a stop to it. RIAA got pissed off enough to have Congress pass what they wanted, but so far we, as a public, haven't got pissed enough at all these "protections" put forth to demand that along with the "protections" come the responsibility to do it right, as well as full liability for anything kept secret. ( If there is radium in the "secret sauce", and radium has been found to kill people, then just because it is secret does not relieve the company from liability for the use of radium in the sauce. ) However a paid and lobbied Congressman may not see it that way.

    I am willing to go along with mistakes as long as they were all out in the open all along - but simply nobody saw the hole in the logic... but when all this secrecy and law are involved, then I have no counter to the concept that conspiracies are involved. Then I lose trust in both the vendors and the Congress that are in cahoots with them.

    "Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]