| Online: | |
| Visits: | |
| Stories: |
Watch This Cat Video (Or Anything on YouTube) and Get Hacked
On an Internet where large flows of traffic and information remain unencrypted, seemingly harmless activities like watching YouTube videos can allow security and intelligence agencies and well-funded private parties total access to a person’s computer.
Senior Researcher and Technical Advisor at the Citizen Lab at the University of Toronto’s Munk School of Global Affairs, Morgan Marquis-Bore, who published a new study on the topic, describes in an article published at The Intercept on Friday, Aug. 15, how such hacking can happen:
Companies such as Hacking Team and FinFisher sell devices called “network injection appliances.” These are racks of physical machines deployed inside internet service providers around the world, which allow for the simple exploitation of targets. In order to do this, they inject malicious content into people’s everyday internet browsing traffic. One way that Hacking Team accomplishes this is by taking advantage of unencrypted YouTube video streams to compromise users. The Hacking Team device targets a user, waits for that user to watch a YouTube clip like the one above, and intercepts that traffic and replaces it with malicious code that gives the operator total control over the target’s computer without his or her knowledge. The machine also exploits Microsoft’s login.live.com web site in the same manner.
Read more here.
Forget Your Sadness:
—Posted by Alexander Reed Kelly.
Related Entries
- August 7, 2014 Hijacking Cellphones Isn’t Nearly As Hard as It Should Be
- June 18, 2014 ‘Knocking Off YouTube’s Populist Halo’
Source: http://www.truthdig.com/eartotheground/item/watch_this_cat_video_or_anything_on_youtube_and_get_hacked_20140817/
