Author: Dan Goodin

Less than a month after Juniper Network officials disclosed an unauthorized backdoor in the company's NetScreen line of firewalls, researchers have uncovered highly suspicious code in older software from Juniper competitor Fortinet.

The suspicious code contains a challenge-and-response authentication routine for logging into servers with the secure shell (SSH) protocol. Researchers were able to unearth a hard-coded password of "FGTAbc11*xy+Qqz27" (not including the quotation marks) after reviewing this exploit code posted online on Saturday. On Tuesday, a researcher posted this screenshot purporting to show someone using the exploit to gain remote access to a server running Fortinet's FortiOS software.

Ralf-Philipp Weinmann, a security researcher who helped uncover the innerworkings of the Juniper backdoor, took to Twitter on Tuesday and repeatedly referred to the custom SSH authentication as a "backdoor." In one specific post, he confirmed he was able to make it work as reported on older versions of Fortinet's FortiOS.

Antivirus provider TrendMicro has released an emergency product update that fixes critical defects that allow attackers to execute malicious code and to view contents of a password manager built in to the malware protection program. The release came after a Google security researcher publicly castigated a TrendMicro official for the threat.

Details of the flaws became public last week after Tavis Ormandy, a researcher with Google's Project Zero vulnerability research team, published a scathing critique disclosing the shortcomings. While the code execution vulnerabilities were contained in the password manager included with the antivirus package, they could be maliciously exploited even if end users never make use of the password feature. Those who did use it were also susceptible to hacks that allowed attackers to view hashed passwords and the plaintext Internet domains they belonged to.

"I don't even know what to say—how could you enable this thing *by default* on all your customer machines without getting an audit from a competent security consultant?" Ormandy wrote in an exchange with a TrendMicro official. "You need to come up with a plan for fixing this right now. Frankly, it also looks like you're exposing all the stored passwords to the internet, but let's worry about that screw up after you get the remote code execution under control."

The people who carried out last month's first known hacker-caused power outage used highly destructive malware to gain a foothold into multiple regional distribution power companies in Ukraine and to delay restoration efforts once electricity had been shut off, a newly published analysis confirms.

The malware known as BlackEnergy allowed the attackers to gain a foothold on the power-company systems, said the report, which was published by a member of the SANS industrial control systems team. The still-unknown attackers then used that access to open circuit breakers that cut power. After that, they likely used a wiper utility called KillDisk to thwart recovery efforts and then waged denial-of-service attacks to prevent power-company personnel from receiving customer reports of outages. In Saturday's report, SANS ICS Director Michael J. Assante wrote:

The attackers demonstrated planning, coordination, and the ability to use malware and possible direct remote access to blind system dispatchers, cause undesirable state changes to the distribution electricity infrastructure, and attempt to delay the restoration by wiping SCADA servers after they caused the outage. This attack consisted of at least three components: the malware, a denial of service to the phone systems, and the missing piece of evidence of the final cause of the impact. Current evidence and analysis indicates that the missing component was direct interaction from the adversary and not the work of malware. Or in other words, the attack was enabled via malware but consisted of at least three distinct efforts.

The report stresses there's no evidence BlackEnergy or its recently developed KillDisk component was the direct cause of the outage, which so far has been shown to affect about 80,000 customers. The analysis also cautioned that evidence showing some past BlackEnergy infections relied on booby-trapped Microsoft Office documents to spread are no indication such a vector was used in the recent Ukrainian power-grid attacks. Still, this weekend's report leaves little doubt the blackout was the result of a highly coordinated hacker attack that relied on BlackEnergy as a key ingredient.

Juniper Networks, which last month made the startling announcement its NetScreen line of firewalls contained unauthorized code that can surreptitiously decrypt traffic sent through virtual private networks, said it will remove a National Security Agency-developed function widely suspected of also containing a backdoor for eavesdropping.

The networking company said in a blog post published Friday that it will ship product releases in the next six months that remove the Dual_EC_DRBG random number generator from NetScreen firewalls. Security researchers have known since 2007 that it contains a weakness that gives knowledgeable adversaries the ability to decrypt encrypted communications that rely on the function. Documents provided by former NSA subcontractor Edward Snowden showed the weakness could be exploited by the US spy agency, The New York Times reported in 2013.

A month after the NYT report was published, Juniper officials wrote in a knowledge base article that NetScreen encryption couldn't be subverted by the weakness because Dual_EC_DRBG wasn't the sole source for generating the random numbers needed to ensure strong cryptography. The Juniper post said NetScreen also relied on a separate random number generator known as ANSI X.9.31 that made it infeasible to exploit the Dual_EC_DRBG weaknesses. Random number generators are a crucial ingredient in strong cryptography. Their role is similar to the shaking of dice at a craps table and ensure that keys contain enough entropy to make them infeasible to guess or predict.

Google has banished 13 Android apps from its Play marketplace after security researchers found the apps made unauthorized downloads and attempted to gain root privileges that allowed them to survive factory resets.

One of the 13 apps, which was known as Honeycomb, had as many as one million downloads before it was removed, according to researchers from Lookout, the mobile security provider that spotted the malicious entries. The apps boasted a large number of downloads and highly favorable user ratings, presumably thanks to the ability of one app to automatically download other apps and then leave rave user reviews for them. In a blog post, Lookout researcher Chris Dehghanpoor wrote:

The explanation for the apps’ high ratings and hundreds-of-thousands of downloads is the malware itself. First off, some of the apps are fully-functioning games. Some are highly rated because they are fun to play. Mischievously, though, the apps are capable of using compromised devices to download and positively review other malicious apps in the Play store by the same authors. This helps increase the download figures in the Play Store. Specifically, it attempts to detect if a device is rooted, and if so, copies several files to the /system partition in an effort to ensure persistence, even after a complete factory reset. This behavior is very similar to several other malware families we’ve seen recently, specifically Shedun, ShiftyBug, and Shuanet.

As Ars reported in November, members of the Shedun, Shuanet, and ShiftyBug families expose phones to potentially dangerous root exploits that can make app removal extremely hard for many users. That's because the apps are often able to root the infected device and install themselves as system applications. That can make them hard to remove using conventional methods, such as the uninstall button or factory reset in the Android options menu.

Time Warner Cable is warning that login credentials for 320,000 customers may have been stolen. The TV cable and Internet service provider told Reuters that e-mail passwords may have been harvested by malware installed on customers' computers or that the potentially compromised passcodes may have been the result of data breaches of other companies that stored Time Warner Cable customer information. The company is still investigating how the data was obtained, but so far has found no indications that its systems were breached.

A Time Warner spokesman told the news agency that the company issued the warning after receiving notification from the FBI that some customer e-mail addresses and passwords "may have been compromised." As a precaution, company officials are sending e-mails and direct mail correspondence advising customers to update their passwords.

The Time Warner advisory comes a day after Web host provider Linode said it was resetting user passwords following signs of a breach. The reset came after an investigation of "the unauthorized login of three accounts [that] has led us to the discovery of two Linode.com user credentials on an external machine. This implies user credentials could have been read from our database, either offline or on, at some point." The database contains usernames, e-mail addresses, "securely hashed" passwords, and encrypted two-factor seeds.

Tech-support scams, in which fraudsters pose as computer technicians who charge hefty fees to fix non-existent malware infections, have been a nuisance for years. A relatively new one targeting Dell computer owners is notable because the criminals behind it use private customer details to trick their marks into thinking the calls come from authorized Dell personnel.

"What made the calls interesting was that they had all the information about my computer; model number, serial number, and notably the last item I had called Dell technical support about (my optical drive)," Ars reader Joseph B. wrote in an e-mail. "That they knew about my optical drive call from several months prior made me think there was some sort of information breach versus just my computer being compromised."

He isn't the only Dell customer reporting such an experience. A blog post published Tuesday reported scammers knew of every problem the author had ever called Dell about. None of those problems were ever discussed in public forums, leading the author to share the suspicion that proprietary Dell data had somehow been breached.

If you thought MD5 was banished from HTTPS encryption, you'd be wrong. It turns out the fatally weak cryptographic hash function, along with its only slightly stronger SHA1 cousin, are still widely used in the transport layer security protocol that underpins HTTPS. Now, researchers have devised a series of attacks that exploit the weaknesses to break or degrade key protections provided not only by HTTPS but also other encryption protocols, including Internet Protocol Security and secure shell.

The attacks have been dubbed SLOTH—short for security losses from obsolete and truncated transcript hashes. The name is also a not-so-subtle rebuke of the collective laziness of the community that maintains crucial security regimens forming a cornerstone of Internet security. And if the criticism seems harsh, consider this: MD5-based signatures weren't introduced in TLS until version 1.2, which was released in 2008. That was the same year researchers exploited cryptographic weaknesses in MD5 that allowed them to spoof valid HTTPS certificates for any domain they wanted. Although SHA1 is considerably more resistant to so-called cryptographic collision attacks, it too is considered to be at least theoretically broken. (MD5 signatures were subsequently banned in TLS certificates but not other key aspects of the protocol.)

"Notably, we have found a number of unsafe uses of MD5 in various Internet protocols, yielding exploitable chosen-prefix and generic collision attacks," the researchers wrote in a technical paper scheduled to be discussed Wednesday at the Real World Cryptography Conference 2016 in Stanford, California. "We also found several unsafe uses of SHA1 that will become dangerous when more efficient collision-finding algorithms for SHA1 are discovered."

Highly destructive malware that infected at least three regional power authorities in Ukraine led to a power failure that left hundreds of thousands of homes without electricity last week, researchers said.

The outage left about half of the homes in the Ivano-Frankivsk region of Ukraine without electricity, Ukrainian news service TSN reported in an article posted a day after the December 23 failure. The report went on to say that the outage was the result of malware that disconnected electrical substations. On Monday, researchers from security firm iSIGHT Partners said they had obtained samples of the malicious code that infected at least three regional operators. They said the malware led to "destructive events" that in turn caused the blackout. If confirmed it would be the first known instance of someone using malware to generate a power outage.

"It's a milestone because we've definitely seen targeted destructive events against energy before—oil firms, for instance—but never the event which causes the blackout," John Hultquist, head of iSIGHT's cyber espionage intelligence practice, told Ars. "It's the major scenario we've all been concerned about for so long."

An operating system used to manage firewalls sold by Juniper Networks contains unauthorized code that surreptitiously decrypts traffic sent through network virtual private networks, officials from the company warned Thursday.

It's not clear how the code got there or how long it has been there. An advisory published by the company said that NetScreen firewalls using ScreenOS 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20 are affected and require immediate patching. Release notes published by Juniper suggest the earliest vulnerable versions date back to at least 2012 and possibly earlier. There's no evidence right now that the backdoor was put in other Juniper OSes or devices.

"During a recent internal code review, Juniper discovered unauthorized code in ScreenOS that could allow a knowledgeable attacker to gain administrative access to NetScreen devices and to decrypt VPN connections," Juniper Chief Information officer Bob Warrall wrote. "Once we identified these vulnerabilities, we launched an investigation into the matter, and worked to develop and issue patched releases for the latest versions of ScreenOS."