#ABSOLUTE LOJACK AMT SOFTWARE#
Our software is no longer vulnerable to this type of attack and we are unaware of any incidents based on this research. “After evaluating, we promptly patched the vulnerability and have been closely monitoring the issue ever since.
“We downloaded samples and can confirm they are all modified binaries of the 2008 version of our agent, which is vulnerable to the type of hijacking discussed by the research blog,” an Absolute spokesperson said. Researchers who spoke to CyberScoop said they had not yet reverse-engineered the latest versions of LoJack, so it was not possible to confirm whether it is more secure today. But these fixes have never been publicized or cataloged by the MITRE Corporation, which maintains a running list of vulnerabilities. It also shows that even when big companies choose to make security improvements in their supply chains, distributing a fix can be extremely difficult.Ībsolute Software says it has taken concrete steps to fix related flaws in newer versions of LoJack. The incident reveals the deep-rooted impact felt when hackers target the supply chain behind a product, making a computer uniquely vulnerable even before it’s purchased or turned on.
#ABSOLUTE LOJACK AMT ANDROID#
The finding is significant because LoJack comes preinstalled on a lot of computers made by various different vendors and it has expanded in recent years to also cover Android devices. Kaspersky doesn’t know for sure if its network was ever breached through LoJack years ago, but it has since flagged the program as malicious on its own anti-virus engine, which is used around the world. The fresh report suggested that an infamous group of Russian government-linked hackers were able to exploit a lingering flaw in LoJack to conduct espionage operations. Absolute Software was warned about the issue as early as 2009.
Last week, Kamluk’s discovery again received attention because of new research from Arbor Networks, another cybersecurity firm. They explained that those Computrace agents were never registered in their database and therefore they couldn’t help deactivate them.”
#ABSOLUTE LOJACK AMT SERIAL#
“There was no explanation how those new private computers had Computrace activated … We contacted Absolute technical support and provided hardware serial numbers, as requested. “It was very alarming to find unauthorized instances of Computrace,” Kamluk told CyberScoop. Computrace - now known as LoJack For Laptops via a licensing agreement with the famous vehicle-tracking company - has been publicly documented as having security problems, based on multiple reports, which worried Kamluk because he knew someone could leverage the underlying program in an attack to gain remote access. Instead, Kamluk had uncovered a flawed but legitimate tracking software program developed by a Canadian company, named Absolute Software, which had been apparently installed at the manufacturer level. When Vitaly Kamluk, a security researcher with Kaspersky Lab, discovered a mysterious program named “Computrace” deeply burrowed into his colleagues’ computers, he expected to find an elite hacking group at the other end - something the Moscow-based cybersecurity firm is keenly familiar with.
0 kommentar(er)
