Mar 022015
 

The story of another conviction for a card sharer appeared today in the Daily Mail.

 

A computer expert tampered with Sky TV boxes to sell pirated packages through eBay, costing the company almost £250,000.

Aron Lees, of Urmston near Manchester, used his coding expertise to hack into boxes and make one account work again and again in a technique called ‘card sharing’ so he could sell cut prices boxes to customers for £110 a time.

He listed the items on his brother Sean’s eBay account and sold more than 300 boxes in less than a year, netting almost £30,000.

The fraud was uncovered after BSkyB investigators posed as a customer to buy a fake box and then tracked down Lees’ IP address from his computer.

Sky calculated that they would have charged around £700 for each box with subscription for a year – meaning they lost around £590 on each eBay sale. Over 338 transactions were completed between March and December 2013, with a total of £28,176 deposited into qualified mechanic Sean Lees’ bank account.

The company received no money from the sale of the boxes, and would have lost around £236,000 over the course of the fraud.

Aron Lees, who made around £3,000 a month from the enterprise, admitted hacking into the boxes and selling them online, contravening the copyright and patents act.

Sentencing him to a 12 month prison sentence, suspended for 18 months, Judge Timothy Mort said he had used his university education in a ‘good way and bad way.’

Minshull Street Crown Court heard that the frauds took place between March 2013 and December 2013 when police raided Aron Lees’ home.

Jennifer Birch, prosecuting, told Minshull Street Crown Court: ‘From March 2013 an eBay username under slees2012 had made 338 transactions through the sale of decoder boxes, a user name registered to Sean Lees’ home address.

‘In August 2013 BskyB became aware that the username slees2012 was selling satellite equipment that gave access to Sky premium packages without subscription – known as card sharing.

‘This is when a legitimate Sky user has the encryption key stolen which is then shared with decoder boxes over the internet which are then added to the network.’

On December 4 2013, police raided Aron Lees’ home and found dozens of decoder boxes. He admitted the fraud and his computers were seized, which even showed emails between him and customers when they complained that their boxes were malfunctioning.

Ms Birch added: ‘This was a fully-functioning business. Aron Lees was interviewed and made full admissions, he accepted buying the boxes, programming them and selling them on eBay using his brother’s account. He denied he would be charging customers for a renewal as they were sold on the basis of a 12-month package.’

Aron Lees, 29, admitted offering unauthorised decoders for sale contrary to the Copyright, Designs and Patent Act. He was sentenced to 12 months in prison suspended for 18 months and ordered to carry out 100 hours of unpaid work.

Aron Lees used the eBay account belonging to his younger brother Sean to list the hacked Sky boxes and sold more than 300 in less than a year, making around £3,000 a month from the sophisticated fraud

A separate hearing will take place to determine how much money he must pay back from his criminal enterprise.

 

source: dailymail.co.uk/news/article-2975401/Computer-expert-cost-Sky-TV-30-000-selling-hundreds-hacked-decoder-boxes-brother-s-eBay-account.html

Oct 172014
 

The BBC Satback service, operated by Arqiva on the Intelsat 907 satellite at 27.5 west is there for back up to the UK Freeview service.
BBC Satback operates a limited amount of UK TV channels, BCB1, BBC2, BBC3, BBC4, ITV1 and C4.
The BBC Satback service is encrypted and is not for public use.

But since the change of the main UK TV channels to the new Astra 2E and Astra 2F satellites, meaning a loss of these channels in some areas of southern Spain and Portugal, some installers have been installing systems to enable reception of these channels on BBC Satback. Access to BBC Satback involves hacking into the system, using code keys from the internet, to access the BISS encrypted channels.

Apparently Arqiva are aware of this and they, and the broadcasters, are not thought to be pleased about their encrypted service being hacked and used for watching UK TV in areas that the broadcasters are not intended.

There have always been rumours that the BBC Satback service would either change their encryption to a more secure encryption or cease operations altogether.

Well the current rumour, supposedly form someone at Arqiva, suggests that changes may happen before Christmas.

So we shall have to wait and see….

Jun 052014
 

Today the BISS Keys for the BBC SATBACK service on Intelsat 907 at 27.5 west changed.

This meant the loss of UK TV channels for expats in Portugal and South of Spain using this systems, until the new codes are known and input into their receiver.

 

 

Interestingly this code change comes only 4 months after the last key change. In the past code changes have been around 6 months. It may be these code changes start to happen on a more regular basis as the service owners become more aware of people hacking into their systems.

 

 

http://www.satandpcguy.com/Site/intelsat_907_uk_tv_channels.php

Dec 172012
 

Samsung’s Smart TV : hackers claim they can access its hard drive and seize control of built-in cameras

Samsung’s Smart TV could used by hackers to watch everything that happens in your living room by gaining access to the device’s built-in camera and microphones, it has been claimed.

Malta-based security firm ReVuln posted a video showing how its researchers had learned to crack the television to access its settings – including any personal information stored on it.

‘We can install malicious software to gain complete root access to the TV,’ they claim in the video.   With such malware installed, hackers could use the Smart TV’s built-in microphones and camera to hear and see everything in front of it.

Samsung’s Smart TV can be used to browse the internet, use social networks, watch net-based commercial film streaming services and play online games, among other things, from the comfort of your sofa.

The devices can also be controlled by voice commands and gestures, using their microphones and cameras to detect what is happening in front of them.   However, while the Smart TV’s are connected to the internet they are vulnerable to hackers who can access the device and access files stored on them.   Luigi Auriemma, co-founder of ReVuln, says he has found a way to track down the IP address of the device and gain access to seize control and scour any drives connected to it.   The video appears to show he is able to access remote files and information like the viewing history, as well as siphon data from USB drives attached to a compromised set.   Mr Auriemma told Ars Technica: ‘At this point the attacker has complete control over the device.   ‘So we are talking about applying custom firmwares, spying on the victim if camera and microphone are available, stealing any credential and account stored… on the device, using his own certificates when accessing https websites, and tracking any activity of the victim (movies, photos, music, and websites seen) and so on.

‘You become the TV.’   The research raises the possibility that owners of consumer devices connected to the Internet are exposing themselves to similar kinds of security threats that faced by users of personal computers, Ars Technica notes.

Devices from lighting systems to air conditioners to computer games consoles now rely on online functionality, but their operating systems often do not have the same kinds of security measures now commonly deployed on Microsoft and Apple powered devices.   At the moment, ReVuln’s exploit only works once hackers have managed to breach the network which the television is connected to. As such, Mr Auriemma told NBC News, he expects the main danger is of hackers targeting specific companies or individuals.   ‘In our opinion, it’s more interesting and realistic to think about attacks [against] specific targets reached via open/weak/hacked Wi-Fi or compromised computers of a network, instead of mass-exploiting via the Internet,’ he said.   ‘That’s interesting due to the effects of the vulnerability (retrieving information and the possibility of monitoring) which are perfect for targeted attacks, from a specific person with a TV at home to a company with TVs in its offices.’   Revuln plans to sell information on the vulnerabilities to the highest bidder, the Register reported, claiming this will ‘speed up’ fixes faster than merely reporting them to the manufacturer.   The company would not go into details about the flaws it has discovered.

The possibilities of such vulnerabilities are worrying with increasing numbers of consumer electronics devices being equipped with sensors, cameras and microphones to detect what is happening around them.   Earlier this month it emerged that U.S. cable provider Verizon has applied to patent a set-top box technology that can observe what’s going on in the room and show viewers adverts based on what it detects.   In U.S. Patent Application 20120304206 the company suggests it could detect when people are ‘cuddling’ then show ‘a commercial for a romantic getaway vacation, a commercial for a contraceptive, a commercial for flowers […] etc.’.   Nick Pickles, director of privacy campaign group Big Brother Watch, said of that device: ‘Smart TVs with in-built cameras and microphones are a privacy nightmare waiting around the corner.   ‘It is only a matter of time before technology using facial recognition, audio analysis and monitoring what you watch is common place.   ‘What is essential is that consumers know exactly what they are buying and where the data is going.’   A spokesman for Samsung said: ‘We have discovered that only in extremely unusual circumstances a connectivity issue arises between Samsung Smart TV’s released in 2011 and other connected devices. We assure our customers that our Smart TVs are safe to use.   ‘We will release a previously scheduled software patch in January 2013 to further strengthen Smart TV security. We recommend our customers to use encrypted wireless access points, when using connected devices.’

 

source: dailymail.co.uk/sciencetech/article-2249303/Hackers-penetrate-home-Crack-Samsungs-Smart-TV-allows-attacker-seize-control-microphone-cameras.html