When K-State’s IT security team investigated a compromised system detected by its Intrusion Detection System last week, they were surprised to discover that the infected device was a television! Yes, a TV. Of course it’s not just any ol’ TV — it’s a special Samsung TV that also has a computer and operating system in it, so it can be used for multiple functions. In this case, it was used as an information kiosk in the lobby of a building to provide touch-screen access to information about the building and the department housed therein.
This device is running a special “embedded” version of Windows XP that had unpatched vulnerabilities. Since it was connected to the campus network, it was exposed to hackers — who exploited the vulnerabilities, took over control of the computer portion of the device, connected it to an IRC botnet, and used it to transfer pirated movies and who-knows-what-else.
Continue reading “A hacked TV at K-State = a "sign" of things to come?”
While Santa was busy spreading holiday cheer and most K-Staters were enjoying a welcomed break, evil grinch hackers were busy trying to rob people of their digital happiness:
On Oct. 14, 10 K-State computers had their network access blocked because they were compromised and all talking to the same botnet controller. Most if not all the computers had some relationship to one particular department and they were communicating with the botnet controller using the instant messaging (IM) protocol used by Windows Live Messenger (also known as Windows Messenger or MSN Messenger).
It appears that one computer was compromised and had malicious software installed on it that automatically sent instant messages to everyone in that person’s MSN Messenger contact/buddy list. These malicious instant messages consisted of “he he :)” and a link to a website. Since the recipients thought the instant message was from a colleague, they trusted it and clicked on the link, which in turn infected their computer.
Continue reading “K-State computers hacked via instant messaging”