Lenas wrote:
RangerDave wrote:
(that ****'ll be hacked in no time)
I don't see why the Kinect would be any more hackable than anything else on your network. When is the last time you legitimately heard of a single person being hacked? I'm not talking about email password phishing, I mean someone literally broke into their network/devices. I don't know that I can say I've ever seen it happen.
Well, the Sony PSN breach a year or two ago comes to mind. Link that kind of risk to a camera in my house, and I get the heebie-jeebies. To be honest, I've recently developed a slightly paranoid view of this kind of "peeping tom" **** after reading this article on arsTechnica:
"See! That **** keeps popping up on my **** computer!" says a blond woman as she leans back on a couch, bottle-feeding a baby on her lap.
The woman is visible from thousands of miles away on a hacker's computer. The hacker has infected her machine with a remote administration tool (RAT) that gives him access to the woman's screen, to her webcam, to her files, to her microphone. He watches her and the baby through a small control window open on his Windows PC, then he decides to have a little fun. He enters a series of shock and pornographic websites and watches them appear on the woman's computer.
..."I think someone hacked into our computer," says a young man.
Far away, the hacker opens his "Fun Manager" control panel, which provides a host of tools for messing with his RAT victims. He can hide their Windows "Start" button or the taskbar or the clock or the desktop, badly confusing many casual Windows users. He can have their computer speak to them. Instead, he settles for popping open the remote computer's optical drive.
..."Whoa!... the DVD thing just opened," says the young man.
The hacker sends the pair a message that reads "achoo!" and the young man laughs in astonishment. "Disconnect from the Internet," he says. "Your laptop's going to go kaboom next."
The video freezes, the mayhem lasting for slightly more than one minute. Copies of the incident aren't hard to find. They're on YouTube, along with thousands of other videos showing RAT controller (or "ratters," as they will be called here) taunting, pranking, or toying with victims.
...
Welcome to the weird world of the ratters....RAT tools aren't new; the hacker group Cult of the Dead Cow famously released an early one called BackOrifice at the Defcon hacker convention in 1998. The lead author, who went by the alias Sir Dystic, called BackOrifice a tool designed for "remote tech support aid and employee monitoring and administering [of a Windows network]." But the Cult of the Dead Cow press release made clear that BackOrifice was meant to expose "Microsoft's Swiss cheese approach to security." Compared to today's tools, BackOrifice was primitive. It could handle the basics, though: logging keystrokes, restarting the target machine, transferring files between computers, and snapping screenshots of the target computer.
Today, a cottage industry exists to build sophisticated RAT tools with names like DarkComet and BlackShades and to install and administer them on dozens or even hundreds of remote computers. When anti-malware vendors began to detect and clean these programs from infected computers, the RAT community built "crypters" to disguise the target code further. Today, serious ratters seek software that is currently "FUD"—fully undetectable.
Building an army of slaves isn't particularly complicated; ratters simply need to trick their targets into running a file. This is commonly done by seeding file-sharing networks with infected files and naming them after popular songs or movies, or through even more creative methods. "I seem to get a lot of female slaves by spreading Sims 3 with a [RAT] server on torrent sites," wrote one poster. Another turned to social media, where "I've been able to message random hot girls on facebook (0 mutual friends) and infect (usually become friends with them too); with the right words anything is possible."
...Calling most of these guys "hackers" does a real disservice to hackers everywhere; only minimal technical skill is now required to deploy a RAT and acquire slaves. Once infected, all the common RAT software provides a control panel view in which one can see all current slaves, their locations, and the status of their machines. With a few clicks, the operator can start watching the screen or webcam of any slave currently online.
Login
Register
FAQ
Search
