hackers | Business Upturn

Wireless chargers exposed to cyberattacks, raising concerns about device damage and fires

Eesha Chakraborty — Sun, 25 Feb 2024 03:35:15 +0000

A recent study published by researchers from Florida University and cybersecurity firm CertiK has sent shockwaves through the tech world, revealing a novel cyberattack method targeting wireless chargers. This “VoltSchemer” attack, as it’s been dubbed, exploits vulnerabilities in these seemingly innocuous devices, posing a significant risk to smartphones and potentially other nearby electronics.

The research delves into the intricate workings of wireless chargers, uncovering security weaknesses that hackers could leverage to wreak havoc. By manipulating the charger’s input voltage, attackers can trigger a series of alarming consequences. In the worst-case scenario, this manipulation can lead to overheating and potential fires within smartphones placed on the charging pad. Additionally, the attack can damage nearby devices due to excessive electromagnetic interference or even trigger unauthorized voice commands through voice assistants integrated into the targeted device.

The study’s findings are particularly concerning as they highlight the vulnerability of popular brands like Anker and Phillips, and even major smartphone manufacturers like Apple and Google. This widespread susceptibility underscores the potential scale of the threat, raising significant concerns for users who rely heavily on wireless charging technology.

The researchers emphasize the gravity of this discovery, describing the attack as scary and akin to black magic due to its ability to manipulate electromagnetic frequencies and inject inaudible voice commands. This emphasizes the sophistication and potential harm associated with VoltSchemer.

The researchers recommend staying informed about the latest developments regarding the attack and familiarizing oneself with the detailed findings outlined in their paper. Additionally, exploring alternative charging methods or implementing security measures specific to wireless chargers may offer some level of protection.

In conclusion, the discovery of the VoltSchemer attack serves as a stark reminder of the ever-evolving cybersecurity landscape. As wireless charging technology becomes increasingly integrated into our daily lives, it’s crucial to acknowledge the potential risks associated with it and take necessary precautions to safeguard our devices and personal information.

Hackers exploit generative AI, raising concerns about malicious use

Eesha Chakraborty — Thu, 15 Feb 2024 15:40:36 +0000

A recent report by Microsoft has shed light on a concerning trend: state-backed hackers from China, North Korea, Iran, and Russia are leveraging generative artificial intelligence (AI) tools for malicious purposes. This development underscores the potential dangers of AI misuse and the need for responsible development and deployment of this powerful technology.

The report, based on Microsoft’s tracking of hacking groups affiliated with various governments, details how these actors have been utilizing OpenAI’s large language models (LLMs) for various activities. Chinese hackers, for instance, employed LLMs to gather intelligence on rival intelligence agencies, prominent individuals, and cybersecurity matters. They even used the technology to develop potentially malicious code and translate technical documents, suggesting an intent to weaponize AI capabilities.

Meanwhile, Russian hackers focused on researching satellite and radar technologies relevant to their operations in Ukraine, while North Korean groups used LLMs to generate content for targeted phishing campaigns aimed at regional experts. Iranian hackers, known for their sophisticated cyber operations, leveraged the technology to craft more convincing phishing emails and even develop code for evading detection, highlighting their efforts to refine their tactics.

These findings come amidst growing concerns about the potential misuse of AI by malicious actors. While AI offers immense benefits across various sectors, its power can be easily turned destructive if exploited. The ability to manipulate information, automate tasks, and even generate code for malicious purposes poses a significant threat to national security, personal privacy, and the overall stability of the digital landscape.

Microsoft’s response to this alarming trend has been decisive. The tech giant has implemented a blanket ban on state-backed hacking groups using its AI products, including the popular ChatGPT language model. However, the issue of AI misuse extends beyond individual companies. As LLMs continue to evolve and become more sophisticated, the possibility of their exploitation by malicious actors cannot be ignored. In conclusion, the use of LLMs by state-backed hackers highlights the critical need for responsible AI development and deployment.

Zomato increases bug bounty, to pay $4,000 for detection of a critical vulnerability

Bhomik Mathur — Fri, 09 Jul 2021 13:46:10 +0000

Food delivery company Zomato on Thursday announced an increase in bounties paid to those who can find bugs on its mobile and web platform. Anyone who finds a bug of a critical severity can get a maximum bounty of $4000(around INR 2.98 lakh).

Zomato has set four tiers of bounty ranges to be awarded depending upon the severity of the vulnerability which gets exposed. Detection of a low severity threat would entitle a person to an amount in the range of $100 to $300. Meanwhile, those who find bugs of the medium and high category would be awarded in the ranges of $300-$1000 and $1,000 to $2,000 respectively. The maximum bounty range of $2000 to $4000 will be awarded for the detection of a bug of critical severity.

“The Zomato Bug Bounty Program is a crucial part of our security efforts and we hope that this improvement will further motivate the hacker community. Thank you for your contribution to our program so far and we look forward to your reports!” it said in a statement on hackerone.com.

The severity of the bug detected would be determined by the Zomato security team on the basis of the Common Vulnerability Scoring System(CVSS) score which would determine the amount of bounty to be granted. A bug of a critical severity with a CVSS score of 10.0 will be rewarded with $4000 while a score of 9.5 in the same category will entitle the person to $3,000. Two-factor authentication is mandatory for any user who wishes to participate in the bug bounty programme.

The information was also tweeted by Yash Sodha, a security engineer at Zomato.

Starting today, we’re increasing the rewards for @zomato's bug bounty program: $4,000 for critical, $2000 for high, and so on. We welcome your participation and look forward to your reports! Happy Hacking 🙂 Find more details here: https://t.co/OSvNH1q6Mm

— Yash Sodha (@y_sodha) July 8, 2021

Meanwhile, Zomato’s much-awaited IPO worth Rs 9,375 crore will hit Dalal Street on July 14 at a price band of Rs 72-Rs 76.

Elon Musk tweets Hannah Montana meme for hackers, Check out

Govindraj Muttepawar — Tue, 15 Jun 2021 11:43:51 +0000

Tesla CEO Elon Musk, known for his love for memes, has a hilarious one as a response to a video targeting him by hacker group ‘Anonymous’. This time, his chosen weapon is fictional pop singer Hannah Montana.

Sharing a screenshot of the hacker group’s video, whose subtitle was altered to say, “Hannah Montana is actually Miley Cyrus”, the billionaire’s tweet just read “!!”

!! pic.twitter.com/3H9gMEmSLF

— Elon Musk (@elonmusk) June 14, 2021

The meme mocks Anonymous’ video about Mr Musk’s ability to move cryptocurrency markets — as it is public knowledge — just like everyone knows Hannah Montana, a teen singer in a hugely popular sitcom of the same name, was played by musician-actor Miley Cyrus. Ms Cyrus was quick to reply to the billionaire.

“I told you that in confidence! You can build a rocket but can’t keep a damn secret?!?!,” she tweeted. Mr Musk, 49, had earlier mocked the video threat as well – again with a meme. Last week, the international hacking collective ‘Anonymous’ saying they are planning to target the SpaceX CEO for influencing the cryptocurrency market far too often through just his tweets.

pic.twitter.com/mGmRXu0gKy

— Elon Musk (@elonmusk) June 10, 2021

Two ‘Anonymous’ Twitter handles were prompt to distance themselves from the video that racked up millions of views in days. However, the third handle with 5.9 million followers, then shared the video. “It appears that your quest to save the world is more rooted in a superiority & saviour complex than it is in actual concern for humanity,” the group captioned the video and added “cc: Elon Musk”. In the video message, ‘Anonymous’ appeared extremely miffed with Mr Musk due to the power he wields over the cryptocurrency market.

Hackers’ group claims to have breached Airtel server; leaked personnel data

Arnav Dogra — Sat, 06 Feb 2021 08:20:47 +0000

A hackers’ group that goes by the name ‘Red Rabbit Team’ today claimed to have breached some official Indian websites posted the supposedly private data on Twitter. The group is said to have done this using a Bharti Airtel network in Jammu and Kashmir, although the company has denied any breach.

The hackers posted some links which direct the pursuer to the web pages containing the leaked data pages on Twitter. Both the Army and Bharti Airtel, when contacted, denied this cyber infiltration.

A Bharti Airtel spokesperson said that the group has been making false claims for a while and that the threat isn’t serious – “We can confirm there is no hack or breach of any Airtel system as claimed by this group. Multiple stakeholders outside of Airtel have access to some data as per regulatory requirements. We have apprised all the relevant authorities of the matter to, therefore, investigate this and take appropriate action.”

“This group has been in touch with our security team for over 15 months now and has made varying claims in addition to posting inaccurate data from one specific region,” he added.

Red Rabbit Team also messaged the PTI and claimed that it had access to complete data of Bharti Airtel which it had obtained through a shell uploaded on the company’s server and threatened to leak more information soon.

Indian Army officials also confirmed this saying, “We are not aware of any such information but it appears to be malicious intent of some inimical elements.”

Instagram’s new feature ‘Recently Deleted’ to prevent hackers from permanently deleting content

Sanah Shah — Wed, 03 Feb 2021 07:54:30 +0000

Instagram is introducing a new feature that allows users to restore deleted content on the app.

“We’re rolling out Recently Deleted, a feature to help you manage your content. We know this is something people have been asking for and now, for the first time, you can review and restore deleted content in the Instagram app,” Instagram said in a blog post.

The company added, “We also added protection to help prevent hackers from compromising your account and deleting posts you’ve shared.”

Hackers often delete user content on the app when they gain access to an account with users having no way of easily getting their photos and videos back. The Facebook-owned platform said that this feature will help prevent hackers from erasing content.

The photo-sharing app will now ask users to confirm that they are the original account holders when permanently deleting or restoring content from Recently Deleted.

Instagram is also testing a new feature where that will limit users from sharing posts to stories. Due to “Sharing to Stories” update users won’t be able to share feed posts on Stories that many upcoming creators do to expand their reachability as Instagram’s algorithm is lenient towards friends and family. It should be noted that Instagram is only testing this feature, and it is likely that the company may not enforce the update.

In addition to this, the platform may soon allow users to hide Like-counts on their personal feeds, according to a social media expert who pointed out the development in a tweet.

A ‘Recently Deleted’ folder will be created where content ranging from photos, videos, reels, IGTV videos to stories that a user chooses to delete will be stored. The ‘Recently Deleted’ folder can be accessed from the Account option within Settings – following the procedure of Settings > Account > Recently Deleted on the latest version of the Instagram app.

Deleted stories that are reserved in a user’s archive will stay in the folder for up to 24 hours. All other content will be automatically deleted from the folder after 30 days.

“During those 30 days, you can access your deleted content by going to on the latest version of the Instagram app. From there you can either restore or permanently delete it,” Instagram said.

The update is rolling out in stages. Only a restricted number of users will be receiving it today.

Top 5 Indian Hackers ensuring cyber security

Sanket Kate — Mon, 31 Aug 2020 15:42:03 +0000

Hacking is always linked with something illegal with a breach of privacy. But ethical hacker or white hat hackers direct their skills for some good cause like finding security bugs. It requires expertise, concentration and indeed the most brilliant of minds to breach into systems silently overruling all their top-notch salient manifestations. Hacking is supposed to be the toughest and coolest task among those who understands technology. The best hackers indeed are the ones who build up this acumen to breach security again and again, so that they can guard the interest of millions of users to which these cyber systems cater.

Here are some of such top 5 hackers in India who are sought after by people even around the world.

1. Vivek Ramachandran

Vivek Ramachandran has already made a name for himself. He has won accolades and awards for his work from both Cisco and Microsoft. Vivek specializes in several systems including e-governance, embedded systems security, computer forensics, and wireless security.
One of the 2006 winners of the Microsoft Security Shootout Contest, Ramachandran is the founder of SecurityTube.net, a free video-based computer security educational portal. Cisco Systems also awarded Vivek the Team Achievement Award for his contribution to the Port security modules in a certain model.

2. Ankit Fadia

Ankit Fadia is an Indian author, speaker, television host, and self-proclaimed “BLACK HAT hacker” of computer systems, whose skills and ethics have been debated. His work mostly involves OS and networking-based tips and tricks, proxy websites, and making people think that he is a hacker. Ankit Fadia’s range of skills that grant him easy access to the critical domains of computers and the like have very often been debated and scrutinised.

3. Rahul Tyagi

Rahul Tyagi is a talented hacker who has proved himself several times by entering and breaking into secure computer systems. You will also want to know that he is an actor and also an author. He had provided more than several hundred training sessions on hacking. He completed his education from LPU, Punjab. An expert in cyber security training, Tyagi is one of the leading ethical hacking trainers of the country with a decade of expertise backing him up. His hacking forte has led him to emerge as a skilled dealer of vulnerabilities on websites that are reputed and harbour immense confidentiality.

4. Trishneet Arora

Arora is an entrepreneur who found a Cyber Security company that provides protection to corporations against data theft and network vulnerabilities. Few of his clients are Central Bureau of Investigation, Reliance Industries, Gujrat Police and Punjab Police. Arora has written books on cybersecurity, ethical hacking, and web defence. He was named in Forbes 30 Under 30 2018 Asia list and Fortune 40 Under 40 2019 List of India’s Brightest.

5. Sai Satish

Sai Satish is an young entrepreneur, founder & CEO of Indian Servers. Administrator of Andhrahackers (Top hacking awareness forum in INDIA). An Author, A renewed Ethical Hacker & Cyber Security Expert, Microsoft Security Researcher, International Cyber Security trainer. Satish was rewarded by IAS Officer for pentesting on government sites, which gave him huge exposure and helped them to improve security, Forensics Investigator and safe transaction.