Home > News content

Hacker Godfather Gong Wei speech: Fishing WiFi can also be used without mistake

via:博客园     time:2017/3/9 18:30:56     readed:1485

Long long ago, network security is not so complicated. The mobile Internet era comes suddenly, like a thunder, mobile security threats like wild storms generally followed, people did not react had been soaked to the skin. All this in the eyes of Gong wei. The security industry veteran witnessed the development of China network security, mobile security has also experienced from wild times to diverse threats change, for mobile security, he has his own way of thinking and safety.

黑客教父龚蔚演讲:钓鱼黑客教父龚蔚演讲:钓鱼 WiFi 也能照用不误

As chief security officer WiFi manneungyulsoi, Goodwell Gong Wei in road safety line March 7th WiFi manneungyulsoi held the salon, and the audience talked about mobile security changes he saw, as well as their efforts for the. The following is the content of the speech, Lei Feng network finishing release (which was edited by the editor of the Lei Feng network):

Early mobile security threats are mainly from the system level. When the system is not perfect in the design, there are a variety of potential system security vulnerabilities, these vulnerabilities may lead to being raised, remote memory overflow and other issues.

Root is the highest authority for opening Pandora's box, once the malicious software to obtain root privileges, is to get control of the device, do a lot of things beyond the user, such as mobile phone shutdown after tapping the surrounding environment.

After the phone can also be tapped? Here (reporter) may not believe it, but it is common knowledge in the security sector. For example, when I have the highest authority when you press the off button, I will give you a play off the screen, mobile phone screen, but no real shutdown, vibration and shutdown state, then the mobile phone will automatically answer you my number, and open up hands, so I you can eavesdrop.

It is because of this root supreme power, become the commanding heights for malicious software, security vendors in order to prevent these malicious software to get root privileges, it is original in the application layer is not against these malicious software, so it must be achieved and it at the same level or even higher than its authority. Therefore, when the system is the security authority and malicious attackers to attack the commanding heights.

From the system layer to the application layer

With the development of the times, vulnerability release repair system is becoming more and more perfect, no longer as early as a few months before the release of a high-risk vulnerabilities. Malicious software wants to get the most difficult system is more and more difficult, mobile phone jailbreak, root is also more and more difficult.

Thus, the original production of malicious software will shift the focus of the attack to the application layer, previously access to root privileges is to steal the user's bank account or money transfer or other information to profit. Later, more and more means of profit, do not need root permissions, the application layer can be realized. Application layer to become the main entrance to the attack, in these areas is very obvious:

Abuse of authority statement

Now most of the software will be a large number of applications for a variety of system permissions, GPS location, location, call records, etc., too many permissions on the statement caused the abuse of authority. To call records, contacts, a plug-in software; a calculator to your GPS position. In the right to apply for this, there is no clear laws and regulations or industry standards to limit, so the problem has yet to be standardized.

Code implantation

X-code is the most typical events in recent years, Apple software developers will use a new Xcode development tool, a malicious attacker on the original Xcode code adapted into a back door, released on the Internet, so that all of the tool developed by Apple's APP will be the corresponding backdoor, eventually resulting in a large range APP infection.

malicious software

According to CNSeart data, the number of malware infected users in 2013 is 6 million 90 thousand, 2014 22 million 920 thousand, 2015 1 billion, the number of malicious software from 2011 more than 6 thousand to 2015 160 thousand.

黑客教父龚蔚演讲:钓鱼黑客教父龚蔚演讲:钓鱼 WiFi 也能照用不误

Cottage software

In order to obtain money and interests, a large number of copycat copycat software, but the software has not malicious programs, it is difficult to define it as illegal procedure, it is a software LOGO skin, or the name and legitimate genuine look alike, not with obvious malicious attack behavior. The copycat software killing efforts is not strict, caused by the prevailing market this phenomenon.

Last year WiFi manneungyulsoi is a joint major application market and mobile phone manufacturers do against copycat activities, found 1387 WiFi master key copycat applications, through our efforts finally there are 1305 copycat offline, but also like a copycat software as a cut bamboo shoots after a spring rain, and out of many, we have a large number of fake copycat software out.

Here I made a screenshot in a mobile application market search WiFi master key, the emergence of a large number of long and we LOGO as like as two peas application software, a total of 19 pages, when turning to the fifteenth page you can also see that there are similar to the LOGO.

黑客教父龚蔚演讲:钓鱼黑客教父龚蔚演讲:钓鱼 WiFi 也能照用不误

In addition, we will find that the security situation from the beginning of a single form of a variety of new forms of threat, such as:

Black make use of big data analysis

Now each company said to do big data, through the collection of data, accurate portrait of the user, but the data collection also allows users to privacy issues more prominent. In particular, here I want to say, do the user portrait in big data, go to the road in front of the underworld.

We know that companies like BAT are in big data, but have never heard of BAT before the data sharing, you buy at Taobao, and you search in Baidu's data, there is no interaction to depict the portrait of your identity. But in the black industry chain, all your information is interoperable. The person who has your ID information, will exchange with the person you have the phone number of the resources, and will have your bank card people they resource exchange, the powerful data integration, will outline the portrait of the whole of your internet. Underground black production are very strong sense of cooperation, which is in front of us.

Cyber blackmail is like a ghost

2016 cyber extortion is defined as a threat to network security over malware. In the case of extortion software, and the movie "Chainsaw Massacre" in the plot is similar:

I'm going to play a game with you now, and the files on your computer are being deleted by bit by bit. If you restart the computer, I will delete one thousand files at once, if you delete me, you will never find all your documents.

Network extortion quotes generally cheap $25, usually expensive $150. And according to the length of time you pay increments, do not pay the first day of 100, second days of 150, do not accept the transfer of only bitcoin.

In addition to data blackmail, extortion or It is often seen. smart devices is the most typical Apple mobile phone, blackmail, extortion by many lost lock function through the apple mobile phone, steal the victim's iCloud account to lock the user's mobile phone, there are a lot of people caught. Now the smart car is very advanced, the future of your car may also become a network blackmail and impose exactions on target.

Intelligent devices trigger the suffering of intelligence

Last year the Internet such a thing happened, the United States electric power equipment suffered massive denial of service attacks, later found not to attack the main source of traceability from the server, not PC, not a mobile phone, but a bunch of smart devices. What concept? May be a doorbell, may be a sweeping robot, may be intelligent patchboard. Malicious attackers control a large number of smart devices launched attacks on the internet. This form in the future may be more and more, more and more intelligent devices to use, and is connected to the network, to protect the safety of some equipment is very poor, and even some manufacturers to develop their own left the back door, is used by malicious attackers, become the source of the attack. These things may be more and more, the future attacks may no longer be the server, PC, mobile computer, may be a bell can launch an attack, you can do all kinds of attack behavior, this is what we should see in the next few years.

WiFi security Tanhusebian

WiFi security in recent years has become the focus of people, after the 315 security risks of WiFi exposure, we talked about a public WiFi connection -- everyone said that not even the public WiFi, will result in loss of privacy. But the public WiFi is completely useless? To this end, WiFi manneungyulsoi also has its security solutions, we are divided into before and after three aspects to do:

First of all, in advance, we will all of the WiFi hot spots, including the history of the data portrait, the user has not connected to the WiFi of the moment, I can tell you whether the node is safe.

When a coin is thrown into the air that moment, in fact, the results have been determined, but we do not know. If you can capture all the parameters related to the coin toss, angle, height and so on, I can accurately predict its results. Similarly, WiFi security is not random, as long as I can capture all of its data can be calculated.

Based on this concept, we sampled all the WiFi nodes, and analyzed the historical data, such as whether a WiFi node location has been moved? Does it survive longer than a day or a year ago? Who has connected it? What is the hardware manufacturer of this WiFi hot spot? Has there ever been a ARP attack in history? Through these data modeling, analysis can achieve a very accurate safety judgment.

When you connect to the WiFi, we will help you detect the presence of the current connection environment is an attack. At the same time, it provides a data encryption function called secure tunnel. Our original design is: even if it is a fishing node, even if this is a malicious attacker to steal user privacy information deployment of nodes, I still want to use it, but do not focus, information disclosure, we have now encrypted tunnel can be done completely. After this, we provide a WiFi security risks, assumptions you use WiFi manneungyulsoi WiFi connection suffered related attacks, caused by sleep loss of property, can we claim, but the insurance was launched more than a year, no claim event.

In short, mobile security from a single form beginning to form the development of today's complex, security threats become more and more, WiFi as a universal key to share the economic help users connect free public WiFi Internet tools, also hope to make some contribution to public security WiFi, to help enhance the overall level of public security network.

China IT News APP

Download China IT News APP

Please rate this news

The average score will be displayed after you score.

Post comment

Do not see clearly? Click for a new code.

User comments