What are the hacking tricks for desktops

The new tricks of the hackers

Arne Arnold

The security of Windows and Android is being attacked more severely than it has been for a long time. Here you can find out which attacks are technically possible today, which are already taking place and how you can protect your devices from them.

EnlargeIt's not just malware that wants to get hold of your data. These are the latest security flaws.
© Robert Kneschke - Fotolia

If a hacker gets your passwords, he can cause considerable damage - including financial damage. But at least most of the damage can be repaired sooner or later. And when you've changed your passwords, your data is yours again. It looks different with your fingerprint. If a hacker has stolen it, he has permanent access to all log-ins that are only protected by fingerprints. Because you cannot change your fingerprint. This attack isn't the only one that should worry you, however.

A killer USB stick destroys your PC and notebook

That's what it's about: A Russian security researcher nicknamed Dark Purple has built a USB stick that can be used to destroy a PC. There is mainly a capacitor on the stick, which should be charged with up to 220 volts.

When this voltage is reached, the stick applies the current to the data line of the USB port. As a result, so many components are obviously overloaded that the motherboard of the computer gives up its ghost. The inventor of the stick demonstrates this clearly on his own notebook.

EnlargeThese harmless-looking USB sticks can destroy a PC within seconds.

How to protect yourself: So far it has not been announced that a killer USB stick has also appeared outside the research laboratory. You do not have to fear a destructive stick. Nevertheless, great caution is always required with third-party USB sticks. Many PC viruses spread specifically through these data carriers. Your own stick can also catch a pest if, for example, you plug it into a photo development computer in the drugstore or on any other PC. So before you connect a USB stick to your PC, you should make sure that your antivirus program is up to date. A particularly ingenious USB malware camouflages the USB stick as a keyboard. The stick is not recognized as a data carrier and the anti-virus program remains inactive. This allows the pest to sneak onto the system from the stick. This can be prevented with the USB Keyboard Guard tool. It creates a filter list of all allowed keyboards and automatically blocks new ones.

See also:USB stick security - what you need to know

Security gaps in routers make home PCs vulnerable

That's what it's about: For a hacker, the DSL router in your home has two major advantages over your computer: It is directly connected to the Internet and it is usually permanently online. Hackers have easy access to the device. In addition, the routers are the gateway to the devices behind them. There have been a corresponding number of attacks in the past few months.

Fritzbox gap: The financially most painful attack on German DSL routers took place in early 2014 on Fritzbox users. Here, hackers succeeded in gaining access to a number of Fritz boxes from private users and setting up two virtual IP telephones on them. They then continuously dialed high-priced telephone numbers abroad, especially in Zambia, Guinea and Cuba. Some victims' phone bills ran into the thousands.

The vulnerability was in the remote access module. This is deactivated by default, so that the number of affected devices was not as high as the spread of the Fritzbox suggests. Remote access also opens the configuration menu of the Fritzbox towards the Internet.

EnlargeSince version 6.2 of Fritz OS, the operating system for the Fritzbox from AVM, updates can also be imported automatically.

The manufacturer AVM provided an update for the Fritzbox software relatively quickly. In 2014 it still had to be imported manually via the router's configuration menu. Since version 6.2 of Fritz OS, the router can also get updates automatically. Those affected should also change all passwords that are stored in the Fritzbox, as the attackers were able to read them out.

A gap in more than 40 router models: In 2015, researchers discovered a security gap in the routers from D-Link, Linksys, Netgear and Trendnet, which criminals can use to manipulate the router's DNS settings from the Internet. Patches against the gap were quickly available. But only a few users played this. At that time, the researchers estimated the number of manipulated routers at several thousand.

In fact, it is the DNS settings in home routers that are most commonly attacked. You always need a DNS server when you call up a website using its name. For example, if you enter the address www.postbank.de in your Internet browser, your browser asks a DNS server on the Internet for the associated IP address. Because technically, websites are only accessed via such IP addresses. For example, the DNS server returns the IP to the Postbank request. This is an address that your computer can now call. Which DNS server your computer uses can be specified either in Windows or in the DSL router. Most home PCs are configured to use the router's DNS server settings.

Hackers manipulated the DNS settings in such a way that their manipulated DNS server provides information. In this way, they determine that the real IP address is not sent to www.postbank.de, but the IP address of a fake website. The hackers then use this to steal the bank's log-in data.

Relevant:Dangerous loophole makes millions of routers vulnerable

Tens of thousands of Netgear routers compromised: In October 2015 it became known that the home routers from Netgear had a serious security vulnerability that was already being exploited in very large numbers. Apparently, the attackers were able to take over the routers from the Internet. Because the vulnerable devices did not require any password query if they were addressed via a special address. Compass Security discovered the vulnerability in the summer and reported it to Netgear. When the manufacturer still did not distribute an update three months later, Compass Security made the gap public. Updates for the affected devices are now available from www.netgear.de.

How to protect yourself: Unfortunately, there are no effective protection tools against router manipulation. Most DSL and cable routers run an adapted Linux system. As a rule, you cannot expand this, but have to use it as the manufacturer offers you. Regular updates are all the more important. Users of a Fritzbox from Fritz OS 6.2 are best off, as they can set under "System -> Update -> Autoupdate" that firmware updates are loaded automatically. But the other manufacturers have also learned something new. At least with current models, information about available updates appears after calling up the configuration menu. These can then be imported simply with a click.

You should therefore regularly look out for updates in the configuration of your router. You can also regularly check whether the router is still using a trustworthy DNS server. This can be done, for example, via the check at F-Secure.

Android devices boot in an infinite loop

That's what it's about: The security specialists at Zimperium Zlabs discovered a serious security vulnerability in Android in April 2015 and reported it to Google. The media server service from Android, called Stagefright, is affected. A simple MMS (Multimedia Message) is enough to smuggle malicious code into the system. On some systems, the victim doesn't even have to open the MMS to get infected with the virus. The MMS and thus the malicious code are downloaded fully automatically. As it turns out a little later, there are a total of seven serious gaps in the Android media server. The Android versions 2.2 to 5.1.1 and thus around 95 percent of all devices used are affected. The gap became public in summer 2015.