Skip to main content

Pro-ethical hacking group hacked, used as malware front

The administrators of the Certified Ethical Hacker (CEH) program, which looks to spread knowledge and know-how about measures to prevent being hacked, has come under fire from security organizations for its own lax security and its late response to related warnings. Despite being provided with ample notice, the CEH ignored warnings that it was distributing malware to some of its visitors.

Admittedly, the hack in question was an elusive one. According to a FOX IT report, the Angler toolkit which had infected the site would further infect those who visited the site from a major search engine and were using Internet Explorer — likely suggesting a less than stellar knowledge of Internet security.

Recommended Videos

What’s heartbreaking is that the visitors were themselves clearly trying to learn — they were, after all, looking up courses on improving security.

But unfortunately the very site they visited was the one making the visitors vulnerable. So now a security firm has gone public (via Ars) with the information, in the hopes that it encourages action and discourages people from visiting the site until it’s safe again.

Related: Update: Mac ransomware may have flaws that allow file recovery

The notice states visitors who meet the criteria for infection may find themselves redirected  to the Angler toolkit landing page, which then uses Flash or Silverlight plugins to infect the victim’s local machine with more malware.

Most worrisome is that the malware it then dumps on the user’s system is TeslaCrypt, a ransomware that immediately encrypts the user’s files and demands a 1.5 bitcoin ransom (equal to around $624) to decrypt them — potentially meaning that visitors to the CEH site could lose all of their important and personal files and images.

The malware program is very traditional too, offering just the payment option — unlike others, there is no offer to sign on as an affiliate.

Jon Martindale
Jon Martindale is a freelance evergreen writer and occasional section coordinator, covering how to guides, best-of lists, and…
Wimbledon’s robot line judges caught napping on Centre Court
wimbledon

Following in the footsteps of the U.S. Open and the Australian Open, Wimbledon finally did away with human line judges in favor of Hawk-Eye technology at this year's Championships.

All 18 courts have incorporated the system, which uses multiple high‑speed cameras and real‑time computer vision algorithms, with loudspeakers emitting an audible “out” to confirm a missed shot.

Read more
This Dyson doesn’t suck … it grows
Dyson's Hybrid Vertical Growing System.

While it's best known for vacuums and other household appliances, Dyson has also established itself in the world of farming, with a team of engineers coming up with tech-based solutions to improve efficiency and boost production.

A video (top) shared recently by the British company features a remarkable -- and remarkably huge -- Hybrid Vertical Growing System, located inside a greenhouse.

Read more
Watch how NASA is using VR to prep for upcoming moon missions
NASA using VR for training.

NASA is aiming to put astronauts back on the lunar surface in the Artemis III mission, currently scheduled for 2027. While the date could slip, the space agency will continue with training and other preparation for the highly anticipated mission, so that when the day for launch does finally come, the crew will be ready.

NASA's Johnson Space Center in Houston, Texas, has just dropped a video (top) showing how it’s utilizing virtual reality (VR) technology to prepare astronauts for spacewalks -- also known as extravehicular activities (EVAs) -- on the moon’s surface. 

Read more