PDA

View Full Version : Malware for Xbox Kinect created by 15 years old



garyopa
11-07-2011, 06:57 PM
Kinect challenge for Malcon 2011 has been completed by Indian security researcher 'Shantanu Gawde'

http://www.maxconsole.com/maxconsole/contents/RKSID00000000000000000245/icon.jpg

Only 15 years old, but Indian researcher 'Gawde' for MalCon 2011 has created a malware that utlizes Microsoft Kinect controller to secretly capture pictures and upload to a picasa account.

Think its great what you can do when adding a kinect to your PC?

Well .....



With over 10 million devices sold till date, the kinect holds the Guiness book for world record for the fastest selling consumer electronics device - and is exactly the reason why the malware is a concern.

In recent months, there have been a number of innovative Kinect hacks that make use of the Kinect using both Open-Source drivers and the Kinect SDK. The malware, code-named 'gawde' after its creators name, works on Windows 7 to secretly capture pictures of the victim / surroundings from a connected Kinect device and uploads them to a picasa account.

Rajshekhar Murthy, Director at ISAC, (Information Sharing and Anaysis Center), a scientifc non-profit body that holds the International Malware Conference, MalCon said.

"We believe that in coming years, a lot of windows based applications will be developed for Kinect and the device will gain further immense popularity and acceptance- and from a perpective of an attacker, such a popular device can be an exciting target for visual and audio intelligence. At MalCon research labs, we promote proactive security research and the malware utilizing Kinect is only a proof of concept. "

The Kinect malware 'gawde' goes a step ahead and even uses voice recognition to execute a program based on keyword, without the knowledge of the victim.

The malware PoC will be demonstrated at the upcoming MalCon 2011 in Mumbai, India.



32985

All I know is I am never adding any Kinect to my PC, infact it should not even be used 'online' with your Xbox 360, as this little brat above, has just created the first 'hacker' version of 'big brother', welcome to 1984 in year 2011!

NEWS SOURCE: Malware For Kinect (via) TheHackerNews (http://thehackernews.com/2011/10/malware-for-xbox-kinect-created-by-15.html)

Again many thanks to 'billysastard' for submitting this news item!

goodall
11-07-2011, 07:50 PM
This doesn't sound much different from other webcam driver hacks, the voice recognition sounds like the only novel idea here.

billysastard
11-07-2011, 08:02 PM
This doesn't sound much different from other webcam driver hacks, the voice recognition sounds like the only novel idea here.

yes, but with its full body tracking it could easily lie in wait until it detected an "extra" limb before taking snapshots, so dont have kinect attached when browsing pr0n ;)

of course this couldnt be done on a real xbox other than by ms or another developer / publisher because to run a piece of malware you'd have to run unsigned code and you cant use a jtag 360 on live.

Xenogears V
11-08-2011, 04:03 AM
Who care?. I haven't Kinect and I don't think people connect it to Pc and need a place where get the malware.

wewii
11-08-2011, 08:34 AM
Wow.. I'm impressed?

Hmmm.. doesn't sound like anything special. Other than this MalCon conference sounds like a bunch of d**ks who want to screw you over ... "secretly" by selling their tech to spy agencies around the world.

MadonnaProject
11-08-2011, 12:01 PM
:Dlol I beeld a hack for kannakt, thank you bery bery much.

billysastard
11-08-2011, 02:42 PM
:Dlol I beeld a hack for kannakt, thank you bery bery much.

yes, but can you help if i have a real problem that isnt fixed by doing a power cycle and therefore isnt covered by your "expert" system? :cool:

WoIverine
11-08-2011, 04:25 PM
yes, but with its full body tracking it could easily lie in wait until it detected an "extra" limb before taking snapshots, so dont have kinect attached when browsing pr0n ;)

of course this couldnt be done on a real xbox other than by ms or another developer / publisher because to run a piece of malware you'd have to run unsigned code and you cant use a jtag 360 on live.

ROFL!!! Serious blackmailing via LIVE would occur.

billysastard
11-08-2011, 04:31 PM
ROFL!!! Serious blackmailing via LIVE would occur.

yes, i could see the murdoch press providing a free pc kinect unit to celebs so they could do a video chat interview but including malware in the software package for their future "news scoops", it would save having to hire someone to hack their phones if they could be watched 24/7 big brother style, who knows maybe they'd get another video like the recent judges one.