Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43441
  • Total Topics: 16533
  • Online today: 3202
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 1
Guests: 3195
Total: 3196









Author Topic: Next Blu-ray disc will infect your PC with malware ?!  (Read 3464 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7529
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
Next Blu-ray disc will infect your PC with malware ?!
« on: 02. March 2015., 09:56:50 »


A pair of vulnerabilities found in hardware and software for playing Blu-ray discs might come in handy for secret snooping by the U.S. National Security Agency.

Stephen Tomkinson of NCC Group, a U.K.-based security consultancy, engineered a Blu-ray disc which detects the type of player the disc is running on and then picks one of two exploits to land malware on a computer. He presented the research at the Securi-Tay conference at Abertay University in Scotland on Friday: http://securi-tay.co.uk/

One of the problems is in PowerDVD, an application made by Taiwanese company CyberLink for playing DVDs on Windows computers. The company’s applications are often preinstalled on computers from manufacturers including HP, Dell, Acer, Lenovo, Toshiba and ASUS, according to its website.

Blu-ray discs can support rich content like dynamic menus and embedded games, which are built using Blu-ray Disc Java (BD-J), a variation of Java for embedded systems. BD-J uses “xlets,” or small applications, for things such as user interfaces.

Xlets are prohibited from accessing a computer’s operating system and file system for obvious reasons. But Tomkinson found a flaw in PowerDVD that allowed him to get around the sandbox that xlets can run in and launch a malicious executable.

The second vulnerability lies in some Blu-ray disc player hardware. Tomkinson wrote that he analyzed a “fairly minimal’ embedded system running Linux with a command-line BusyBox interface although he did not identify the make or model: http://www.busybox.net/about.html

His second attack uses an exploit written by Malcolm Stagg to be able to get root access on a Blu-ray player: http://www.malcolmstagg.com/bdp-s390.html
From there, he wanted to see if it was possible to trick the system into running a command that would install malware.

He found it was possible to write an xlet that fooled a small client application called “ipcc” running within the localhost into launching a malicious file from the Blu-ray disc.

To refine the attack, Tomkinson figured out a way to detect what kind of system the Blu-ray disc is running on in order to know which exploit to launch. To mask the strange activity, the Blu-ray disc is coded to start playing its content after one of the exploits has run.

Disc attacks have been tried before

Distributing a batch of malicious media has been used in the past to attack specific targets. Last month, Kaspersky Lab wrote about the Equation group, a highly advanced group of attackers suspected to be the NSA that used ingenious ways to deliver malware.

Kaspersky described how some participants of a scientific conference held in Houston later received a CD-ROM of material. The CD contained two zero-day exploits and a rarely-seen malware backdoor nicknamed Doublefantasy.

Tomkinson wrote that NCC Group has contacted “the vendors to resolve these issues with varying degrees of success.” CyberLink officials could not immediately be reached for comment.

There are a few defensive precautions users can take. Tomkinson wrote that people can avoid Blu-ray discs that come from unknown sources and also stop discs from running automatically.

If it is possible, users should also turn off the capability that allows Blu-ray players to connect to the Internet or block it from connecting to a network, he wrote.

(PCW)

Samker's Computer Forum - SCforum.info

Next Blu-ray disc will infect your PC with malware ?!
« on: 02. March 2015., 09:56:50 »

devnullius

  • SCF VIP Member
  • *****
  • Posts: 3614
  • KARMA: 157
  • Gender: Female
    • SCForum.info
Re: Next Blu-ray disc will infect your PC with malware ?!
« Reply #1 on: 02. March 2015., 12:51:22 »
This will be true for *any* hardware with micro-Java embedded... That's what Java does!

Sigh

Devvie
More information about bitcoin, altcoin & crypto in general? GO TO  j.gs/7385484/btc

Cuisvis hominis est errare, nullius nisi insipientis in errore persevare... So why not get the real SCForum employees to help YOUR troubled computer!!! SCF Remote PC Assist http://goo.gl/n1ONa9

Samker's Computer Forum - SCforum.info

Re: Next Blu-ray disc will infect your PC with malware ?!
« Reply #1 on: 02. March 2015., 12:51:22 »

 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023