ict.ken.be

Story of a security breach that recently happened on large scale in the wild.

• Company sends invoices by email.
• Some hackers intercept the smtp and replace bankaccount numbers from invoices that are at least 15K.
• Customers pay on this wrong bank account.
• Company decides that because the invoices are from their 'bigger' clients to wait before complaining that they didn't receive the payment.
• They finally do and notice that their customers have been paying to the wrong accounts.
• Digital thiefs gone with the wind.

Lessons learned

• Always check if you are paying to the correct bank account.
• We should always encrypt smtp.
• Social engineering tricks are to easy to implement. (they did use a copy of the online accounting tool to make it look more real)

Conclusion

It's 2016 and a lot of the online payments are still using the smtp protocol. How are we going to teach people that this is not a good thing. And what will companies do to spy on those mails once we all start using encrypted mails.

Https comes to mind... we finally got people looking at the green icon and now we are inserting 'invisible' proxies. I guess... I will be member of the last generation that knew privacy and digital security.

Ok, maybe not completely correct. Fun anyway.

Don't know xkcd, time to waste some precious development time

• A : Alpha
• B : Bravo
• C : Charlie
• D : Delta
• E : Echo
• F : Foxtrot
• G : Golf
• H : Hotel
• I : India
• J : Juliett
• K : Kilo
• L : Lima
• M : Mike
• N : November
• O : Oscar
• P : Papa
• Q : Quebec
• R : Romeo
• S : Sierra
• T : Tango
• U : Uniform
• V : Victor
• W : Whiskey
• X : X-ray
• Y : Yankee
• Z : Zulu
• - : Dash
• _ : Underscore

*#06# Shows IMEI (International Mobile Equipment Identity) number
*#0*# LCD Test Menu
*#8999*523# LCD Brightness
*#1234# To check Software and Hardware information, PDA, CSC, MODEM (Firmware Version)
*#2222# H/W Version
*#*#4636#*#* user statistics and Phone Info
*#0011# Displays status information for the GSM
*#7780# Factory Reset
*2767*3855# Full factory reset (Don’t dial unless you have problem, it does not ask you to confirm )
*#12580*369# SW & HW Info
#*#8377466# S/W Version & H/W Version
#*2562# Restarts Phone
#*3849# Restarts Phone
#*3851# Restarts Phone
#*3876# Restarts Phone
#*5376# DELETE ALL SMS!!!!
*#197328640# Service Mode
*#0228# Battery status (ADC, RSSI reading)
*#32489# Service mode (Ciphering Info)
*#2255# Call List
#*3888# BLUETOOTH Test mode
#*7828# Task screen
*#5282837# Java Version
*#232337# Bluetooth MAC Adress
*#232331# Bluetooth Test Mode
*#232338# WLAN MAC Address
*#232339# WLAN Test Mode
*#8999*8378# Test Menu
*#0842# Vibra Motor Test Mode
*#0782# Real Time Clock Test
*#0673# Audio Test Mode
*#0*# General Test Mode
*#2263# RF Band Selection / Network modes select
*#9090# Diagnostic ConfiguratioN
*#7284# USB I2C Mode Control
*#872564# USB Logging Control
*#4238378# GCF Configuration
*#0283# Audio Loopback Control
*#1575# GPS Control Menu
*#3214789650# LBS Test Mode
*#745# RIL Dump Menu
*#746# Debug Dump Menu
*#9900# Takes you to System Dump, where Disabling Fast Dormancy gives a boost to your network speed on some networks (both wifi and Gprs), same code to re-enable it
*#44336# Sofware Version Info
*#0289# Melody Test Mode
*#2663# TSP / TSK firmware update
*#03# NAND Flash S/N
*#0589# Light Sensor Test Mode
*#0588# Proximity Sensor Test Mode
*#273283*255*3282*# Data Create Menu
*#273283*255*663282*# Data Create SD Card
*#3282*727336*# Data Usage Status
*#7594# Remap Shutdown to End Call TSK
*#34971539# Camera Firmware Update
*#526# WLAN Engineering Mode
*#528# WLAN Engineering Mode
*#7412365# Camera Firmware Menu
*#07# Test History
*#3214789# GCF Mode Status
*#272886# Auto Answer Selection
*#8736364# OTA Update Menu
*#301279# HSDPA/HSUPA Control Menu
*#7353# Quick Test Menu
*2767*4387264636# Sellout SMS / PCODE view
*#7465625# View Phone Lock Status
*7465625*638*# Configure Network Lock MCC/MNC
#7465625*638*# Insert Network Lock Keycode
*7465625*782*# Configure Network Lock NSP
#7465625*782*# Insert Partitial Network Lock Keycode
*7465625*77*# Insert Network Lock Keycode SP
#7465625*77*# Insert Operator Lock Keycode
*7465625*27*# Insert Network Lock Keycode NSP/CP
#7465625*27*# Insert Content Provider Keycode
*#272*IMEI# then we will get buyer code (For samsung galaxy sIII csc code)
*#*#7780#*#* Factory data reset - Clears Google-account data, system and program settings and installed programs. system will not be deleted, and OEM programs, as well as My Documents (pictures, music, videos)