The Apple/FBI fallout continues this week, as the FBI revealed it would not be sharing details of the vulnerability...
they used to unlock the San Bernardino, Calif., shooter's work iPhone 5c, The Wall Street Journal reported this week. Unnamed sources said the FBI will recommend against sharing the iPhone vulnerability, because the agency does not know enough about how the tool -- which FBI director James Comey hinted last week had cost at least $1.3 million -- actually works.
Meanwhile, the FBI did reveal it had shared a vulnerability with Apple earlier this month under the Vulnerability Equities Process (VEP), but Apple stated the vulnerability in question had been patched with the release of iOS 9 and OS X El Capitan, Reuters reported this week. First revealed in 2014 after the Electronic Frontier Foundation, or EFF, filed a Freedom of Information Act lawsuit against the National Security Agency, the VEP defines policies to be followed for disclosure to vendors when a government agency discovers vulnerabilities in their products. Critics, like the EFF, claim the process allows government agencies to hoard zero-day vulnerabilities for government hacking.
Finally, the FBI this week announced, quietly, it would drop its suit to force Apple to assist in unlocking an iPhone under the All Writs Act in a Brooklyn, N.Y., case. According to the statement issued to the court, U.S. attorney Robert Capers wrote that "an individual provided the passcode to the iPhone at issue in this case." The Jurist reported the individual in question was the defendant, Jun Feng, who had pleaded guilty last year. Feng initially told authorities he had forgotten the passcode, but when asked again this month, he was able to provide the passcode.
In other news
- Researchers at Cisco Talos reported this week they had discovered backdoors installed on approximately 12 million PCs, courtesy of a French tutorial website, called Tuto4PC. According to Talos' blog post, researchers detected a recent increase in generic Trojans, and, after analyzing roughly 7,000 samples, found these samples could download and install other software programs, and collect users' personal information. In addition, the samples had antivirus detection and antisandbox capabilities. The researchers traced the samples to Tuto4PC's adware program, which users install to get ad-supported free tutorials. "Based on the overall research, we feel that there is an obvious case for this software to be classified as a backdoor. At minimum, it is a potentially unwanted program," the Talos blog post stated. "There is a very good argument that it meets and exceeds the definition of a backdoor. As such, we are blocking the software for all corporate customers." Tuto4PC has reportedly denied the allegations.
- Conficker and W32.Ramnit were among the viruses found in a German nuclear plant, Reuters reported this week. RWE, the German utility company that runs the plant, said the viruses did not pose a threat, because the plant is not connected to the Internet. Viruses were found in a system that, in 2008, had software installed related to controlling nuclear fuel rods; other malware was found on 18 removable storage devices in office systems. Conficker, which first came to light in 2008 and has infected millions of computers running Windows, is a worm that can spread by copying itself to shared network directories, as well as to removable storage media, such as memory sticks. The W32.Ramnit worm, first reported in 2010, infects Windows executable files and can also spread through network shared drives or removable media.
- Hackers who got away with about $81 million and nearly stole almost $1 billion earlier this year from Bangalore Bank, "probably" hacked into client software implementing the SWIFT financial platform. SWIFT -- the Society for the Worldwide Interbank Financial Telecommunication -- is aware the platform had been attacked and has released software updates, as well as a warning to financial institutions, Reuters reported this week. When the Bangladesh central bank was attacked earlier this year, the attackers faced minimal cybersecurity hurdles to overcome, as Reuters reported last week the bank used secondhand switches, which cost only $10, and there were no firewalls in place.
Additional reporting by Rob Wright.