FOXTROT/ALFA: FBI iPhone Hacking Questions, Proof of Concept for NSA Vulnerability Available, Cyberpunk 2077 Delay

Welcome to issue 64 of FOXTROT/ALFA for Thursday, 16 January 2020! IT news aren’t particularly going crazy at the moment, but there are a few relevant stories. Here’s what you need to know today:

Proof of Concept for CVE-2020-0601 Now Available

If you haven’t installed the Patch Tuesday updates for Windows yet, you need to hurry up. Seriously. There’s now a proof of concept in the wild.

Security researchers have published earlier today proof-of-concept (PoC) code for exploiting a recently-patched vulnerability in the Windows operating system, a vulnerability that has been reported to Microsoft by the US National Security Agency (NSA). The bug, which some have started calling CurveBall, impacts CryptoAPI (Crypt32.dll), the component that handles cryptographic operations in the Windows OS.

The first public CurveBall exploit came from Kudelski Security, followed by a second one from a Danish security researcher going by the name of Ollypwn. In its official security advisory for CVE-2020-0601, Microsoft described the chance of threat actors exploit the bug as “more likely.” With public demo code available, the chances of exploitation are now also ensured.

The good news in all of this is that even if users haven’t had the time to schedule time to install the patches, Windows Defender has received updates to at least detect active exploitation attempts and warn users. According to Microsoft, this vulnerability impacts Windows 10, Windows Server 2019, and Windows Server 2016 OS versions.

German Police Stops Sophisticated Online Banking Hack

German police is indicting a group of suspected fraudsters who accessed bank accounts of 27 victims and proceeded to empty them off money. Police cottoned on to the scam an managed to prevent close to €200,000 from being stolen in this way.

Heise is reporting that the hackers pulled this off by first gaining access to the victims accounts at their mobile phone provider. They then issued themselves new eSIM codes and entered these in their own phones, effectively disabling the victim’s phone and pretending to be the victim with a new phone.

The relatively new eSIM technology makes such SIM swapping attacks easier, because the provider just sends a code that is then scanned into the new phone – either directly over their website or by email. With hardware SIM cards, a new card must be mailed to the victim’s mailing address which takes longer and also means the hacker must enter some kind of physical address, which is more complicated and risky for them.

Having control of the victim’s phones, they hacked their online banking accounts. Allegedly by getting the credentials off, as Heise says, “the darknet” – which probably means from some hacker forum or other. The hackers could then transfer the money as the TANs needed were sent right to their own phones. Apparently they also ordered €23,000 worth of stuff online and shipped it to hacked “Packstation” accounts – a Deutsche Post / DHL service that stores parcels in a storage facility and allows you to pick them up there.

Heise does not explain how the police caught the hackers.

The FBI Can Reportedly Break iPhone Passwords

Forbes is reporting that the FBI was able to unlock the password protection on an iPhone 11 Pro Max . They are speculating that the FBI used a hardware box called GrayKey to unlock them.

Last year, FBI investigators in Ohio used a hacking device called a GrayKey to draw data from the latest Apple model, the iPhone 11 Pro Max. The phone belonged to Baris Ali Koch, who was accused of helping his convicted brother flee the country by providing him with his own ID documents and lying to the police. He has now entered a plea agreement and is awaiting sentencing.

Forbes confirmed with Koch’s lawyer, Ameer Mabjish, that the device was locked. Mabjish also said he was unaware of any way the investigators could’ve acquired the passcode; Koch had not given it to them nor did they force the defendant to use his face to unlock the phone via Face ID, as far as the lawyer was aware. The search warrant document obtained by Forbes, dated October 16 2019, also showed the phone in a locked state, giving the strongest indication yet that the FBI has access to a device that can acquire data from the latest iPhone.

Forbes seems confused why the FBI hasn’t simply used this hardware to unlock the phones used in the shooting at the Pensacola US Navy base, that Trump was yelling about recently.

Given the models in the Pensacola shooting case are iPhone 5 and 7, it’s unclear why a GrayKey hasn’t proven useful in that investigation. Forbes has previously revealed a GrayKey brochure that showed it worked on older devices too. Senator Wyden’s office told Forbes it has asked the Department of Justice to explain why it is making public demands for backdoors if it has already used the tool to access the newest iPhones.

The article does not explain, how GrayKey works. That’s probably why Forbes is confused. Some research could have led them to this:

GrayKey is a gray box, four inches wide by four inches deep by two inches tall, with two lightning cables sticking out of the front. Two iPhones can be connected at one time, and are connected for about two minutes. After that, they are disconnected from the device, but are not yet cracked. Some time later, the phones will display a black screen with the passcode, among other information. The exact length of time varies, taking about two hours in the observations of our source. It can take up to three days or longer for six-digit passcodes, according to Grayshift documents, and the time needed for longer passphrases is not mentioned. Even disabled phones can be unlocked, according to Grayshift.

So it seems they install some software on the phone which then tries to brute-force the password. That would mean that the Pensacola shooter could simply have been using a very good password that’s not crackable in a feasible amount of time with the GrayKey device.

Cyberpunk 2077 Delayed

CD Projekt’s upcoming blockbuster Cyberpunk 2077 is delayed.

Cyberpunk 2077, which was slated to be out this April, isn’t going to make it. CD Projekt Red dropped the news today that its big ugly-future-RPG has been rescheduled to September 17.

This shouldn’t surprise anybody. The Polish developer’s Witcher games were famously fraught with all kinds of production issues and multiple delays. One game was completely cancelled. I wouldn’t be surprised if this isn’t the only delay affecting Cyberpunk 2077.

25 Years of Voyager

Today marks the 25th anniversary of the pilot of Star Trek: Voyager hitting the airwaves. Captain Janeway celebrated the occasion on Twitter by digging out her old uniform.

Voyager is close to my heart as it was the first Star Trek series that I was able to watch when it originally aired. Every Friday, I would sit down on the couch in my parents' living room, wearing my Starfleet uniform, to watch the latest episode. In honour of the occasion, here’s a picture of me in my new, adult-sized uniform that my mum made for me last year:

Also Noteworthy

Some other interesting stories I came across:

Oh, and this is pretty funny too… Wondering why Star Citizen is never going to be finished? Because they care about things like virtual toilets before they care about having actual gameplay that works and is engaging.

Also the Cutlass Black might have some changes to it’s rear section potentially at least at some point. That’s not confirmed BUT they have suggested a few times that the Black might get a toilet so we will have to see.

This is an archived issue of my daily newsletter FOXTROT/ALFA. You can find more information about it, including how to subscribe via email, on this page.