Category Archives: EviCypher NFC HSM

image_pdfimage_print

Telegram and the Information War in Ukraine

Telegram and the information war in Ukraine
Telegram and the Information War in Ukraine written by Jacques Gascuel, inventor of sensitive data safety and security systems, for Freemindtronic. This article may be updated on this subject.

How Telegram Shapes the Information War in Ukraine

In this article, we explore how Telegram and Ukraine’s information warfare are intertwined. We look at how the messaging app is influencing the Russia-Ukraine conflict, and how it can be used for good or evil. We also discuss the benefits and risks of using Telegram, as well as how security and freedom of expression can be enhanced with EviCypher NFC HSM technology.

2024 Digital Security

Google Sheets Malware: The Voldemort Threat

2024 Articles Digital Security News

Russian Espionage Hacking Tools Revealed

2024 Digital Security Spying Technical News

Side-Channel Attacks via HDMI and AI: An Emerging Threat

2024 Cyberculture Digital Security

Russian Cyberattack Microsoft: An Unprecedented Threat

How Telegram Influences the Conflict between Russia and Ukraine

Telegram and the information war in Ukraine are closely related. Telegram is a messaging app that offers users a secure and confidential way to communicate, thanks to its end-to-end encryption system. It has a large user base around the world, especially in Eastern Europe, where it plays a vital role in the information war between Russia and Ukraine.

Telegram’s Usage in Ukraine: Updated Statistics

Popularity and Download Trends

According to the report of the research company SimilarWeb, Telegram is the second most downloaded messaging app in Ukraine, after Viber, with 3.8 million downloads in 2021. It is also the fourth most used app in terms of time spent, with an average of 16 minutes per day. Telegram has about 10 million active users in Ukraine, which is almost a quarter of the country’s population.

Telegram’s Role in Ukrainian Media Landscape

Telegram is particularly appreciated by Ukrainians for its channel functionality, which allows to broadcast messages to a large audience. Some of these channels have become influential but controversial sources of information, as their owners and sources are often unknown. Among the most popular channels in Ukraine, we can mention:

  • @Zelenskyi, the official channel of President Volodymyr Zelensky, which has more than 2 million subscribers. It publishes announcements, speeches, interviews and videos of the head of state. It was created in 2019, during Zelensky’s election campaign, who was then an actor and a comedian.
  • @NashyGroshi, the channel of the journalistic project “Our Money”, which has more than 1.5 million subscribers. It publishes investigations, reports and analyses on corruption, abuse of power, political scandals and judicial cases in Ukraine. It was created in 2008, by journalist Denys Bihus, who received several awards for his work.
  • @Resident, the channel of blogger and activist Anatoliy Shariy, which has more than 1.3 million subscribers. It publishes comments, criticisms and sarcasms on the political and social news in Ukraine. He is known for his pro-Russian, anti-European and anti-government positions. He is currently in exile in Spain, where he is wanted by the Ukrainian justice for high treason and incitement to hatred.

These channels illustrate the diversity and complexity of the Ukrainian media landscape, which is marked by the conflict with Russia, the democratic transition, the fight against corruption and the polarization of society. They are also a reflection of the issues and challenges related to the use of Telegram, which can be both a tool of communication, information and manipulation.

Oleksiy Danilov’s Stance on Telegram’s Usage in Ukraine

Concerns Over National Security

Oleksiy Danilov is the secretary of the National Security and Defense Council of Ukraine, the body responsible for coordinating and controlling the activities of the executive bodies in the fields of national security and defense. He is also the head of cybersecurity of the country, and in this capacity, he expressed his reservations about the use of Telegram by Ukrainians. In February 2022, he stated that some anonymous and manipulative Telegram channels represented a threat to national security, and that they should be de-anonymized and regulated. He particularly targeted the channel @Resident, which broadcasts pro-Russian and anti-Ukrainian comments, and which is suspected of being linked to the Russian intelligence services. He also criticized the channel @Zelenskyi, which according to him, is not controlled by the Ukrainian president, but by advisers who seek to influence his policy.

Debating Telegram’s Influence in Ukraine

These statements provoked mixed reactions in Ukraine. Some supported Danilov’s position, believing that it was necessary to fight against misinformation and propaganda that undermine the sovereignty and democracy of the country. Others denounced an attempt at censorship and an attack on freedom of expression, recalling that Telegram was one of the few spaces where Ukrainians could access independent and diverse information.

How Telegram Influences the Information War in Ukraine

The Benefits and Risks of End-to-End Encryption

Telegram is a messaging app that lets you send messages, photos, videos, documents, and make voice and video calls. Its privacy policy is based on data encryption and non-cooperation with authorities. You can also create groups and channels that can reach thousands or millions of users.

End-to-end encryption is a technology that makes sure only the people in a conversation can read the messages, not even the service provider. Telegram has this option, but it is not on by default. You have to choose it for each chat, by switching to the “secret chat” mode. However, Telegram’s encryption is not based on standard protocols, and security experts have found some flaws.

Anonymous Channels and Their Impact on the Ukrainian Conflict

The channels are spaces where an administrator can send messages to a large audience. They can be public or private, and they can have millions of followers. Some channels are influential but controversial sources of information, as their owners and sources are often unknown. The channels can spread misinformation, propaganda, fake news, or violence.

Telegram and Russian propaganda have a strong connection, as many pro-Russian channels use the app to influence the public opinion in Ukraine and other countries. Telegram and the Ukrainian resistance also use the app to communicate and organize their actions against the Russian aggression.

Bots, Payment Services and Unique Usernames: A Double-Edged Sword

Bots are programs that interact with users. They offer services, information, or entertainment. Anyone can create them. They can be part of chats or channels. Bots can be helpful or harmful. They can collect personal data, send spam, or spread viruses.

Payment Services: Handy or Dishonest?

You can also use payment services via Telegram. These features use third-party platforms, such as Stripe or Apple Pay. They need bank or credit card information. Payment services can be handy or dishonest. They can steal sensitive data, scam users, or fund illegal activities.

Unique Usernames: Fun or Troublesome?

Another feature of Telegram is the unique usernames. They let users contact each other easily, without sharing their phone number. Users can create and change them at any time. Unique usernames can be fun or troublesome. They can enable harassment, identity theft, or account sale.

These features of Telegram raise issues of cybersecurity, privacy, end-to-end encryption, and application security. They can be used by bad actors, who want to harm Ukraine or its people. They can also be regulated by the authorities, who want to control the information or access the data of the users.

Telegram and the Information War in Ukraine: A Challenge

One of the main challenges of Telegram and the information war in Ukraine is to balance the freedom of expression and the protection of national security. Telegram and the Ukrainian conflict are closely intertwined. The app is used by both sides to communicate, inform, and influence. Telegram and Russian propaganda have a strong connection. Many pro-Russian channels use the app to sway the public opinion in Ukraine and other countries. Telegram and the Ukrainian resistance also use the app to coordinate and organize their actions against the Russian aggression. Telegram and cybersecurity in Ukraine are also crucial. The app can be a source of threats or a tool of defense.

Telegram VS Other Messaging Apps: A Comparative Analysis

WhatsApp: Popular but Questionable Confidentiality

WhatsApp is the most popular messaging app in the world, with more than 2 billion users. It offers end-to-end encryption by default for all conversations, which guarantees the protection of data. However, it belongs to Facebook, which has a dubious reputation in terms of respect for privacy, and which has raised fears about the sharing of data with other applications of the group. WhatsApp is also subject to the requests of the authorities, who can demand access to the metadata, such as the phone number, the IP address or the location of the users.

Signal: High Security but Limited User Base

Signal is a messaging app that claims to be the most secure and confidential on the market. It also offers end-to-end encryption by default for all conversations, and it does not collect any personal data. It is developed by a non-profit organization, which does not depend on advertising or investors. It is recommended by personalities such as Edward Snowden or Elon Musk. Signal is however less popular than WhatsApp or Telegram, with about 50 million users. It also offers fewer features, such as file sharing, information channels, bots or payment services.

Telegram: Innovative but Security Concerns

Telegram is between these two apps, offering more features than Signal, but less security than WhatsApp. Telegram allows users to choose the level of encryption and privacy they want, by opting for the “secret chat” mode or the “normal chat” mode. Telegram also allows users to enjoy innovative services, such as channels, bots, payments or unique usernames. However, Telegram also presents risks, such as fakes news, inappropriate content, privacy breaches or cyberattacks. Telegram is therefore an app that offers advantages and disadvantages, and that requires vigilance and discernment from users.

Telegram’s Global Perception and Regulation

Russia: Origin and Opposition

Russia is the country of origin of Telegram, but also its main adversary. The Kremlin tried to block the app in 2018, invoking reasons of national security and fight against terrorism. It demanded that Telegram provide it with the encryption keys to access the messages of the users, which Pavel Durov refused. It then ordered the telecom operators to block access to Telegram, but this measure proved ineffective, as Telegram used cloud servers to bypass the blocking. Many Russian users also use VPNs or proxies to access the app. In 2020, the Kremlin finally lifted the ban on Telegram, acknowledging its failure and stating that the app had cooperated with the authorities to remove extremist content. However, some observers suspect that Telegram made concessions to the Kremlin to lift the blocking, such as collaborating with the Russian services or censoring some channels.

France: Striving for Digital Regulation

France is a country that wants to be at the forefront of the regulation of digital platforms, especially in terms of fighting online hate. It adopted in 2020 a law that obliges the platforms to remove illegal content, such as incitement to violence, discrimination or terrorism, within 24 hours, under penalty of financial sanctions. This law also applies to messaging apps, such as Telegram, which must set up reporting and moderation mechanisms for content. France recognizes the right of users to privacy and end-to-end encryption, but it also asks the service providers to cooperate with the law enforcement to access the encrypted data when needed. France is also a country where Telegram is used by radical groups, such as jihadists or yellow vests, who take advantage of the app to organize, mobilize or defend themselves.

Ukraine: Balancing Utility and Risks

Ukraine is a country that has an ambivalent attitude towards Telegram, recognizing its usefulness, but also its dangers. On the one hand, Telegram is a source of information and a tool of resistance for many Ukrainians, who face the threat of Russian aggression and the challenges of democratic transition. On the other hand, Telegram is also a vector of misinformation and propaganda, which can undermine the sovereignty and stability of the country. Ukraine does not have a specific law to regulate Telegram, but it has some legal provisions to protect national security and public order, which can be used to restrict or block the app if necessary. Ukraine also cooperates with international organizations, such as the EU or NATO, to counter the cyber threats and the hybrid warfare that target the country.

EviCypher NFC HSM: Enhancing Telegram’s Security

The Role of Contactless Encryption Technology

One of the main challenges of using Telegram is to ensure the security and confidentiality of the data exchanged, especially in a context of information war. To meet this challenge, a possible solution consists of using EviCypher NFC HSM technology, which is a contactless encryption technology developed by Freemindtronic, an Andorran company specializing in the design of counter-espionage solutions implementing in particular contactless security with NFC technology. EviCypher NFC HSM uses two types of encryption algorithms for data:

  • Symmetric encryption in AES-256 for data such as texts (messages), thanks to its sub-technology EviCrypt. It uses a unique key, which is randomly generated and segmented into several parts. This key is used to encrypt and decrypt messages with the AES 256-bit algorithm.
  • Asymmetric encryption in RSA-4096 for symmetric encryption keys. It uses a pair of keys, which is generated and used from the NFC HSM device and which is based on the RSA 4096-bit algorithm. This pair of keys is used to share the symmetric key of at least 256 bits between the NFC HSM devices remotely, by encrypting the symmetric key with the public key of the recipient and decrypting the symmetric key with the private key of the recipient. The symmetric key is then stored and re-encrypted in the NFC HSM device of the recipient, with the trust criteria imposed by the sender if he has encapsulated them in the shared encryption key.

Practical Applications of EviCypher NFC HSM

EviCypher NFC HSM is a technology that uses hardware security modules (HSM) to store and use encrypted secrets. It allows contactless encryption with the NFC communication protocol. You can integrate the NFC HSM into various media, such as a card, a sticker, or a key ring. Then, you can pair it with an NFC phone, tablet, or computer. This way, you can encrypt everything before using any messaging service, including Telegram. EviCypher NFC HSM also has anti-cloning, anti-replay, and counterfeit detection mechanisms. It is part of the DataShielder product range, which offers serverless and databaseless encryption solutions.

Telegram and the Ukrainian conflict

EviCypher NFC HSM is compatible with Telegram, a messaging app that influences the information war between Russia and Ukraine. It offers more security and confidentiality than Telegram’s end-to-end encryption, which is not based on recognized standards. It also gives you more flexibility and control than Telegram’s secret chat mode, as you can choose the trust criteria for the encryption keys. Moreover, it is more convenient and simple than Telegram’s normal chat mode, as you can encrypt and decrypt messages with a simple gesture.

Telegram and cybersecurity in Ukraine

EviCypher NFC HSM is a useful technology with Telegram, as it enhances the security and confidentiality of the data exchanged, especially in a context of information war. It is also a universal technology, as you can use it with any other messaging app, such as WhatsApp, Signal, Messenger, etc. It is also an innovative technology, as it uses the NFC communication protocol to perform contactless encryption, without requiring any connection or installation.

Concluding Insights on Telegram’s Role in Ukraine

In this article, we have seen how Telegram plays a vital role in the information war between Russia and Ukraine, and what issues and challenges there are in using this messaging app. We have also seen how the technology EviCypher NFC HSM can be a useful solution to enhance the security and confidentiality of the data exchanged with Telegram. We hope that this article has been informative and interesting for you, and that it has helped you to better understand the situation of Telegram in Ukraine and in other countries. Thank you for reading.

Overview of Cited Sources

Here are the sources of the article, which are valid, reliable, relevant and if possible official links that allow to justify and verify the statements made in this article:

  • [Liga.net]: the news site that published the interview of Oleksiy Danilov on November 2, 2023, in which he expresses his concerns about Telegram.
  • [NV.ua]: the news site that reported the statement of Oleksiy Danilov, who alerted the nation to the critical vulnerabilities of Telegram, on November 2, 2023.
  • [RT – Pravda]: the Ukrainian news site that related the remarks of Oleksiy Danilov, who answered the questions of journalists during a press conference on November 3, 2023.
  • [Number of Telegram Users in 2023? 55 Telegram Stats (backlinko.com)]: an article that gives figures on the use of Telegram in the world and in Ukraine.
  • [NV.ua -NSDC]: the official website of the National Security and Defense Council of Ukraine, which published the press release of Oleksiy Danilov, who clarified his recent comments on Telegram, on November 15, 2023
  • [Ukrainians turn to encrypted messengers, offline maps and Twitter amid Russian invasion]: an article that describes how Ukrainians use Telegram and other digital tools to protect themselves and get informed in the face of the Russian aggression.
  • [Pravda – France 24]: the French news site that contains a video of the interview of Oleksiy Danilov with the journalist Gulliver Cragg, dated January 23, 2023.
  • [NFC HSM Technology – Freemindtronic]: an article that explains the NFC HSM technologies and how they work.
  • [EviCypher NFC HSM technology – Freemindtronic]: a page that contains articles and videos on the NFC HSM technologies.
  • [FAQ for the Technically Inclined – Telegram APIs]: a page that provides technical information about the Telegram APIs and the MTProto protocol.

FormBook Malware: How to Protect Your Gmail and Other Data

FormBook Malware: how to protect your gmail and other data
Protect your Gmail Account FormBook malware – Jacques Gascuel: This article will be updated with any new information on the topic.

Secure Your Gmail from FormBook Attacks

FormBook is a malware that can steal your Gmail credentials, messages, and attachments. Learn how to use the Freemindtronic devices to encrypt your Gmail data and use passwordless and 2FA.

2024 Digital Security

Google Sheets Malware: The Voldemort Threat

2024 Articles Digital Security News

Russian Espionage Hacking Tools Revealed

2024 Digital Security Spying Technical News

Side-Channel Attacks via HDMI and AI: An Emerging Threat

2024 Cyberculture Digital Security

Russian Cyberattack Microsoft: An Unprecedented Threat

How to Protect Your Gmail Account from FormBook Malware

Introduction

Imagine that you receive an email from your bank, asking you to confirm your identity by clicking on a link. You open the link, and you find yourself on a page that looks like your bank’s website, but it is actually a fake. You enter your credentials, and you think you are done. But in reality, you have just given access to your bank account to hackers, who will use it to steal your money, or worse. This is what FormBook can do, a malware that can steal your sensitive data, and that Google cannot stop. In this article, we will explain what FormBook is, how it works, and how to protect yourself from this malware.

What is FormBook and why is it a threat?

FormBook is a malware that can record your keystrokes, take screenshots, and steal your passwords, cookies, and clipboard data. It can also download and execute other malicious files on your device.

FormBook is distributed through phishing emails that contain malicious attachments. These attachments are usually disguised as invoices, receipts, or shipping confirmations. When you open them, they ask you to enable macros or content. If you do, the malware will be installed on your device.

FormBook can target any web browser, but it has a special feature for Chrome. It can inject a fake Gmail login page into your browser, and trick you into entering your credentials. The malware will then send your Gmail username and password to a remote server controlled by the hackers.

FormBook is a threat because it can compromise your Gmail account and access your personal and professional information. It can also use your Gmail account to send spam or phishing emails to your contacts, or to access other online services that are linked to your Gmail account, such as Google Drive, Google Photos, or Google Pay.

How to protect yourself from FormBook?

Google has not yet found a way to detect and block FormBook. Therefore, you need to be extra careful when you use Gmail and other online services. Here are some tips to protect yourself from FormBook and other malware:

  • Do not open or download attachments from unknown or suspicious senders. If you are not sure about the legitimacy of an email, contact the sender directly or check the official website of the company or organization.
  • Do not enable macros or content in any document unless you trust the source. Macros are small programs that can run malicious code on your device.
  • Use a strong and unique password for your Gmail account and other online accounts. Do not reuse the same password for different services. Change your password regularly and use a password manager to store and generate your passwords.
  • Enable two-factor authentication (2FA) for your Gmail account and other online accounts. 2FA adds an extra layer of security by requiring a code or a device confirmation in addition to your password.
  • Use a reputable antivirus software and keep it updated. Antivirus software can scan your device for malware and remove it. You can also use a browser extension that can block malicious websites and pop-ups.

How to encrypt your Gmail messages and attachments with DataShielder NFC HSM

DataShielder NFC HSM is a device that allows you to encrypt and decrypt your Gmail messages and attachments with your own encryption keys that you create and store offline. It uses the EviCypher NFC HSM technology, which is a contactless hardware security module (NFC HSM) that won the Gold Medal for International Inventions in Geneva on March 2021.

With DataShielder NFC HSM, you can encrypt and decrypt your data with AES-256 keys that are randomly generated and stored in the NFC HSM. You can store up to 100 keys and one pair of RSA-4096 keys in the NFC HSM. You can also use different keys for the message and the attachment.

To encrypt your Gmail message and attachment, you need to use the EviCrypt and EviFile applications that are embedded in the DataShielder NFC HSM. These applications allow you to encrypt and decrypt your data with a simple tap of your NFC phone on the DataShielder NFC HSM. You can also share your encrypted data with other users who have the same device and the same key.

By using DataShielder NFC HSM, you can protect your Gmail messages and attachments from FormBook or any other malware that can access your Gmail account. Even if your Gmail account is hacked, your encrypted data will remain encrypted and unreadable by the hackers. Only you and the authorized recipients can decrypt your data with the DataShielder NFC HSM.

How to protect your web Gmail account with passwordless and 2FA using PassCypher NFC HSM

Do you want to manage your web accounts with complicated and complex passwords that you do not need to know, remember, or type? If yes, then you should try PassCypher NFC HSM. This device uses the EviPass NFC HSM technology, which is a contactless hardware password manager that won the Silver Medal for International Inventions in Geneva on March 2021.

With PassCypher NFC HSM, you can create and store your usernames and passwords of more than 256-bit in the NFC HSM. Moreover, you can store your OTP TOTP or HOTP secret keys in the NFC HSM to generate the 2FA code for your web accounts. The NFC HSM can store up to 100 web accounts and one pair of RSA-4096 keys.

To use PassCypher NFC HSM, you need to install the Freemindtronic extension for your web browser based on Chromium or Firefox. This extension uses the EviCore NFC HSM Browser technology, which allows you to communicate with the NFC HSM via your NFC phone. You also need to use the EviPass and EviOTP applications that are embedded in the PassCypher NFC HSM. These applications allow you to create, edit, and delete your web accounts and OTP secret keys with a simple tap of your NFC phone on the PassCypher NFC HSM.

By using PassCypher NFC HSM, you can secure your web accounts with passwordless and 2FA. You do not need to display, know, or type your username and password. You just need to tap your NFC phone on the PassCypher NFC HSM and the extension will autofill and auto login your web account. You also do not need to check for a typosquatting attack, since the extension will verify the URL of the website before logging in. And you do not need to use another device or application to generate the 2FA code, since the PassCypher NFC HSM will do it for you.

How to protect your Gmail account from FormBook with PassCypher NFC HSM

FormBook is a dangerous malware that can access your Gmail account and other sensitive data. Google has not yet found a solution to stop it. Therefore, you need to be vigilant and follow the best practices to protect yourself from cyberattacks. One of them is to use PassCypher NFC HSM to secure your Gmail account with passwordless and 2FA.

By using PassCypher NFC HSM, you can protect your Gmail account from FormBook or any other malware that can access your web browser. Even if your web browser is hacked, your usernames and passwords will remain encrypted and inaccessible by the hackers. Only you can decrypt your Gmail account with the PassCypher NFC HSM. And even if the hackers manage to steal your session cookies, they will not be able to log in to your Gmail account without the 2FA code that is generated by the PassCypher NFC HSM.

To use PassCypher NFC HSM with your Gmail account, you need to follow these steps:

  • Create a Gmail account in the EviPass application on the PassCypher NFC HSM. You can use the default username and password, or you can generate a random and complex password with the EviPass application.
  • Enable 2FA for your Gmail account on the Google website.
  • Choose the option to use an authenticator app, and scan the QR code with the EviOTP application on the PassCypher NFC HSM. This will store your OTP secret key in the NFC HSM.
  • Log in to your Gmail account with the Freemindtronic extension on your web browser. Tap your NFC phone on the PassCypher NFC HSM and the extension will autofill and auto login your Gmail account. You will also see a pop-up window with the 2FA code that you need to enter on the Google website.

By following these steps, you can use PassCypher NFC HSM to secure your Gmail account with passwordless and 2FA. You can also use PassCypher NFC HSM with other web accounts that support 2FA, such as Facebook, Twitter, or Amazon. This way, you can protect yourself from FormBook and other malware that can access your web browser.

Recent statistics on FormBook

FormBook is a malware that was first discovered in 2016, but it remains very active and dangerous. According to the Check Point report on cybersecurity in 2022, FormBook was the third most widespread malware in 2021, attacking 5% of enterprise networks. It was also the most prolific infostealer malware, accounting for 16% of attacks worldwide.

FormBook spreads mainly through phishing emails that contain malicious attachments. These attachments are often RAR self-extracting archives, which are compressed files that can run malicious code when opened. The RAR files contain a legitimate document, such as a PDF or a Word file, and a hidden executable file, which is the FormBook malware. When the user opens the RAR file, the document is displayed, but the malware is also installed in the background.

FormBook can also spread through other methods, such as drive-by downloads, malicious links, or removable media. The malware can infect any Windows device, from Windows XP to Windows 10. The malware can also evade detection and removal by using various techniques, such as encryption, obfuscation, or anti-analysis.

Here are some recent statistics on FormBook, based on the data from Check Point and ANY.RUN:

  • FormBook was the most popular malware in August 2021, affecting 4.5% of organizations worldwide, followed by Trickbot and Agent Tesla, affecting respectively 4% and 3% of organizations worldwide.
  • FormBook was the fourth most common malware in 2020, according to the ranking of malware families by ANY.RUN. It accounted for 8% of the samples analyzed by the online sandboxing service.
  • FormBook was used in many phishing campaigns targeting various industries, such as defense, aerospace, health, education, finance, retail, etc. It was also used to attack Ukrainian targets during the war between Russia and Ukraine in 2022.
  • FormBook has a successor called XLoader, which appeared in 2020 and which is able to infect macOS users. XLoader is sold on the dark web for $59 for a Windows license and $49 for a macOS license.

Danger level of FormBook compared to other malware

FormBook is a very dangerous malware, because it can steal sensitive information, such as credentials, passwords, credit card numbers, 2FA codes, etc. It can also download and execute other malware, such as ransomware, banking trojans, spyware, etc. It can also remotely control the infected device and perform various malicious actions, such as deleting browser cookies, taking screenshots, restarting or shutting down the system, etc.

FormBook is also hard to detect and remove, because it uses advanced evasion techniques, such as code injection, string obfuscation, data encryption, anti-analysis, etc. It also changes frequently its name, path, and file extension, and uses random Windows registry keys to maintain its persistence.

To compare the danger level of FormBook with other known malware in its category, we can use the following criteria:

  • The number of organizations affected worldwide
  • The type and amount of information stolen
  • The ability to download and execute other malware
  • The ability to remotely control the infected device
  • The evasion techniques used
  • The ease of detection and removal

Here is a table that compares FormBook with other popular infostealer malware, such as Trickbot, Agent Tesla, LokiBot, and Raccoon:

Malware Number of organizations affected Type and amount of information stolen Ability to download and execute other malware Ability to remotely control the infected device Evasion techniques used Ease of detection and removal
FormBook 4.5% in August 2021 Credentials, passwords, credit card numbers, 2FA codes, screenshots, keystrokes, etc. Yes Yes Code injection, string obfuscation, data encryption, anti-analysis, etc. Hard
Trickbot 4% in August 2021 Credentials, passwords, banking information, personal data, etc. Yes Yes Code injection, string obfuscation, data encryption, anti-analysis, etc. Hard
Agent Tesla 3% in August 2021 Credentials, passwords, banking information, personal data, screenshots, keystrokes, etc. No Yes String obfuscation, data encryption, anti-analysis, etc. Medium
LokiBot 1.5% in August 2021 Credentials, passwords, banking information, personal data, etc. No Yes String obfuscation, data encryption, anti-analysis, etc. Medium
Raccoon 0.8% in August 2021 Credentials, passwords, banking information, personal data, etc. No Yes String obfuscation, data encryption, anti-analysis, etc. Medium

From this table, we can see that FormBook is the most dangerous infostealer malware, because it affects the most organizations, steals the most types of information, and can download and execute other malware. It is also the hardest to detect and remove, because it uses more evasion techniques than the other malware.

Forms of attacks of FormBook

FormBook can be delivered through different forms of attacks, depending on the delivery mechanism chosen by the malicious actor. Here are some forms of attacks of FormBook:

  • Phishing: FormBook can be sent by email as a malicious attachment, such as a Word, Excel, PDF, or ZIP or RAR file. The email can have a misleading subject, such as an invoice, a receipt, a contract, a job offer, etc. When the user opens the attachment, the malware runs and infects the device.
  • Exploitation of vulnerabilities: FormBook can exploit vulnerabilities in popular software, such as Microsoft Office, Windows, Adobe Reader, etc. For example, FormBook used the vulnerability CVE-2017-8570 in Microsoft Office to run malicious code from a RTF file. FormBook also used the vulnerability CVE-2021-40444 in Microsoft MSHTML to run malicious code from a CAB file.
  • Drive-by downloads: FormBook can be downloaded without the user’s knowledge when they visit a compromised or malicious website. The website can use a script or an exploit kit to trigger the download and execution of the malware on the user’s device.
  • Removable media: FormBook can be copied to removable media, such as USB drives, external hard drives, memory cards, etc. When the user connects the removable media to their device, the malware runs automatically and infects the device.
  • Social media: FormBook can be spread by messages or posts on social media, such as Facebook, Twitter, Instagram, etc. These messages or posts can contain links or images that redirect to malicious websites or infected files. When the user clicks on the link or image, the malware is downloaded and executed on their device.

Here is a type of formbook malware attacks image:

Type of Formbook MalwareAttacks

How PassCypher NFC HSM and DataShielder NFC HSM can protect you from FormBook attacks

PassCypher NFC HSM and DataShielder NFC HSM are two devices that use the EviPass NFC HSM technology from Freemindtronic, which is a contactless hardware password manager that won the Silver Medal for International Inventions in Geneva on March 2021. These devices can help you protect your web accounts and your Gmail messages and attachments from FormBook attacks, by using passwordless, 2FA, and encryption.

PassCypher NFC HSM can create and store your usernames and passwords of more than 256-bit in the NFC HSM. It can also store your OTP TOTP or HOTP secret keys in the NFC HSM to generate the 2FA code for your web accounts. The NFC HSM can store up to 100 web accounts and one pair of RSA-4096 keys.

DataShielder NFC HSM can encrypt and decrypt your Gmail messages and attachments with your own encryption keys that you create and store offline. It uses the EviCypher NFC HSM technology, which is a contactless hardware security module (NFC HSM) that won the Gold Medal for International Inventions in Geneva on March 2021. It can store up to 100 keys and one pair of RSA-4096 keys in the NFC HSM.

To use PassCypher NFC HSM and DataShielder NFC HSM, you need to install the Freemindtronic extension for your web browser based on Chromium or Firefox. This extension uses the EviCore NFC HSM Browser technology, which allows you to communicate with the NFC HSM via your NFC phone. You also need to use the EviPass, EviOTP, EviCrypt, and EviFile applications that are embedded in the PassCypher NFC HSM and DataShielder NFC HSM. These applications allow you to create, edit, delete, encrypt, and decrypt your web accounts, OTP secret keys, messages, and attachments with a simple tap of your NFC phone on the PassCypher NFC HSM or DataShielder NFC HSM.

By using PassCypher NFC HSM and DataShielder NFC HSM, you can secure your web accounts and your Gmail messages and attachments with passwordless, 2FA, and encryption. You do not need to display, know, or type your username, password, or encryption key. You just need to tap your NFC phone on the PassCypher NFC HSM or DataShielder NFC HSM and the extension will autofill, auto login, encrypt, or decrypt your web account, message, or attachment. You also do not need to use another device or application to generate the 2FA code, since the PassCypher NFC HSM will do it for you.

Here is a table that shows how PassCypher NFC HSM and DataShielder NFC HSM can protect you from different FormBook attack vectors, such as keylogger, password stealer, file transfer, screenshot, etc. I used a check mark or a cross mark to show visually what PassCypher NFC HSM and DataShielder NFC HSM protect.

 

FormBook PassCypher DataShielder
Keylogger ✔️ ✔️
Password stealer ✔️ ✔️
File transfer ✔️
Screenshot ✔️ ✔️
Remote control
Phishing ✔️ ✔️
Exploit kit
Drive-by download
Removable media ✔️
Social media

This table shows that PassCypher NFC HSM and DataShielder NFC HSM can protect your web accounts from FormBook’s keylogger, password stealer, and phishing, by using passwordless and 2FA. They can also protect your Gmail messages and attachments from FormBook’s file transfer and screenshot, by using encryption and decryption. DataShielder NFC HSM can also protect your data stored in computers or removable media, by using encryption and decryption. However, neither device can protect your device from FormBook’s remote control, exploit kit, drive-by download, or unsecured social media, which can compromise your system and your data. Therefore, you should also use an antivirus software and a firewall to prevent FormBook from accessing your device.

Communication Vulnerabilities 2023: Avoiding Cyber Threats

Person working on a laptop within a protective dome, surrounded by falling hexadecimal ASCII characters, highlighting communication vulnerabilities
The hidden dangers of communication vulnerabilities in 2023  by Jacques Gascuel: This article will be updated with any new information on the topic.

Beware of communication vulnerabilities in 2023

Communication is essential for our personal and professional lives, but it also exposes us to cyber threats. In 2023, hackers will exploit the hidden dangers of communication vulnerabilities to steal data, disrupt services, and spy on users. This article will explain the main types of communication vulnerabilities, their impact, and how to protect yourself from them.

2024 Digital Security

Google Sheets Malware: The Voldemort Threat

2024 Articles Digital Security News

Russian Espionage Hacking Tools Revealed

2024 Digital Security Spying Technical News

Side-Channel Attacks via HDMI and AI: An Emerging Threat

2024 Cyberculture Digital Security

Russian Cyberattack Microsoft: An Unprecedented Threat

Communication Vulnerabilities in 2023: Unveiling the Hidden Dangers and Strategies to Evade Cyber Threats

2023 Security Vulnerabilities in Means of Communication

Communication is essential for individuals and professionals, but it is also exposed to many cyber threats. In 2023, several security breaches affected emails and messages, compromising the security of data, services, and users. These breaches showed the vulnerability of communication systems, which are exposed to increasingly sophisticated and targeted attacks. To protect themselves, users need to encrypt their data and communications with their own keys that they created and stored offline. One of the solutions that can help them achieve this is EviCypher NFC HSM technology by Freemindtronic.

The Reality of Security Breaches in Communication Systems

However, we wanted to highlight a disconcerting reality: users often found themselves defenseless against the hidden dangers of communication vulnerabilities in 2023 that festered beneath the surface for long periods of time. Unaware of these current, imminent or future risks, they unwittingly provided gateways to espionage activities, whether motivated by legitimate or malicious intentions. These vulnerabilities enabled a relentless cycle of cyber victimization, perpetuating the very threats they aimed to mitigate.

For example, iCloud Email operated without end-to-end encryption from its launch in 2011 until December 2022 – a troubling reality that put users in a vulnerable position, their security at the mercy of external factors they could not control.

Another example, several reports by the Citizen Lab have revealed the existence and the use of Pegasus spyware developed by the Israeli company NSO Group, which sells its services to governments and private actors to spy on targets around the world. Moreover, several investigations by the consortium Forbidden Stories have revealed that more than 50,000 phone numbers have been selected as potential targets by NSO Group’s clients, including heads of state, journalists, human rights activists, etc.

Among the most recent examples of these vulnerabilities, we can mention the cyberattack against the US State Department, which was attributed to hackers linked to China.

Chinese hackers hacked 60,000 emails from the US State Department

In March 2023, Chinese hackers hacked 60,000 emails from the US State Department. Some of them were very sensitive to national security and foreign affairs. They used a Microsoft Exchange flaw named Log4Shell. This vulnerability allows hackers to remotely execute malicious code on servers that use this software. It affects millions of servers worldwide. Senator Mark Warner revealed the attack and criticized the lack of transparency and security of the State Department. He called for strengthening cooperation between government agencies and the private sector to cope with cyberthreats. This attack is part of a context of rising tensions between the US and China, who accuse each other of espionage and sabotage on cyberspace.

The other sensitive organs targeted by the attack

Besides the State Department emails, the attack also targeted other sensitive organs, such as:

  • The Bureau of the Coordinator for Cyber Issues, which is responsible for coordinating the State Department’s efforts to prevent and respond to cyberattacks.
  • The Bureau of Consular Affairs, which is in charge of issuing passports and visas, as well as protecting US citizens abroad.
  • The Bureau of Intelligence and Research, which provides analysis and assessments on foreign policy and national security issues.

These sensitive organs hold confidential or personal information that could be used by the Chinese hackers for espionage, blackmail or sabotage. For example, the hackers could access the biometric data of visa applicants, the reports of intelligence agents or the action plans in case of crisis.

The security flaw exploited by the Chinese hackers

The most serious thing is that some servers that were hacked by the Chinese had not been updated with the patch released by Microsoft on December 10, 2022. This shows that the updates are not automatic and that they have to be installed manually. This also shows the lack of responsiveness and vigilance of the IT security managers. They let the Chinese hackers exploit this flaw before it was fixed by Microsoft, who released security updates. Indeed, this cyberattack shows the vulnerability of communication systems and the need to protect them effectively.

A Case of Satellite Messaging Security Vulnerability

Satellite messaging is a means of communication that allows the transmission of electronic messages or calls via a network of artificial satellites. It is used by professionals and individuals in areas with no cellular coverage or those seeking discreet communication. However, satellite messaging is not immune to security vulnerabilities that can compromise data confidentiality and integrity.

In September 2023, a team of cybersecurity researchers uncovered a significant security vulnerability in the Bullitt satellite messaging service. This vulnerability allowed hackers to read and modify messages sent and received by users, as well as access their personal information, including GPS coordinates and phone numbers. Hackers could also impersonate users by sending messages on their behalf. The vulnerability was found in the PubNub-Kotlin API used by the Bullitt Messenger app to manage communication between devices and the service’s servers. Despite alerting Bullitt, the service provider, about this vulnerability, the researchers received no satisfactory response.

This security flaw poses a high risk to satellite messaging users, as their data can be exposed or manipulated by hackers.

Security Vulnerabilities in Communication Systems: A Closer Look

2023 Security Flaws in Communication Channels is a paramount concern for individuals and organizations across the globe. Hackers frequently exploit vulnerabilities within communication protocols and services to launch attacks that can compromise data confidentiality, integrity, and availability. To illustrate the magnitude and gravity of this issue, we have compiled statistics based on our web research:

Security Vulnerabilities in Emails

Emails serve as a central vector for cyberattacks, representing a significant portion of security incidents, with up to 91% of reported incidents, as per cybermalveillance.gouv.fr. Among these email-targeted threats, ransomware attacks are the most prevalent, comprising 25% of reported security incidents. Additionally, it’s striking to note that 48% of malicious files attached to emails are Microsoft Office documents. These statistics underscore the critical importance of implementing robust security measures for emails to guard against evolving threats.

Furthermore, an analysis conducted by the Verizon Data Breach Investigations Report for 20232 highlights that emails remain the primary variety of malicious actions in data breaches, underscoring their continued relevance as a vector for cyberattacks.

However, it is essential to note that email-specific vulnerabilities can vary based on factors such as email protocol vulnerabilities, server configuration errors, human mistakes, among others.

Security Vulnerabilities in Encrypted Messaging Services

Encrypted messaging services like Signal, Telegram, or WhatsApp are not immune to security vulnerabilities, which can compromise message and file confidentiality, integrity, and availability. In March 2023, Cellebrite, an Israeli data extraction company, claimed to have successfully decrypted messages and files sent via Signal. In June 2023, Google disclosed a vulnerability in its RCS service that allowed hackers to send fraudulent messages to Android users, containing malicious links redirecting victims to compromised websites.

Security Vulnerabilities in Communication Protocols

Communication protocols such as SMTP, RCS, or SMS are also susceptible to security vulnerabilities that can enable hackers to intercept, modify, or spoof messages and calls. SS7 vulnerabilities involve attacks exploiting the vulnerabilities of the SS7 protocol, used to establish and terminate telephone calls on digital signaling networks. These attacks can allow hackers to intercept, modify, or spoof voice and SMS communications on a cellular network. In January 2023, a hacking group named Ransomware.vc launched a data extortion campaign targeting organizations using the Progress MOVEit file transfer tool. The hackers exploited an SS7 vulnerability to intercept verification codes sent via SMS to MOVEit users, gaining access to sensitive data. In February 2023, the Ukrainian power grid was hit by a new malware called Industroyer2, attributed to Russian hackers. The malware used an SS7 vulnerability to take control of network operator phone calls, disrupting electricity distribution in the country. In March 2023, Samsung suffered a data breach that exposed the personal and financial information of millions of customers. The breach was caused by an SS7 vulnerability that allowed hackers to access SMS messages containing online transaction confirmation codes.

An Overview of Security Vulnerabilities in Communication Systems

Communication systems exhibit various vulnerabilities, with each element susceptible to exploitation by hackers. These weaknesses can have severe consequences, including financial losses, damage to reputation, or national security breaches.

  • Protocols: Communication protocols, like Internet Protocol (IP), Simple Mail Transfer Protocol (SMTP), Signaling System 7 (SS7), and Rich Communication Services (RCS), can contain security vulnerabilities. These vulnerabilities enable hackers to intercept, modify, or spoof communications on the network. For instance, an SS7 vulnerability allows hackers to eavesdrop on phone calls or read SMS messages on a cellular network.
  • Services: Network services, such as messaging, cloud, streaming, or payment services, possess their own vulnerabilities. These vulnerabilities may permit hackers to access, modify, or delete data within the service. For instance, a vulnerability in an encrypted messaging service enables hackers to decrypt messages or files sent via the service.
  • Applications: Software applications, including web, mobile, desktop, or IoT applications, are prone to security vulnerabilities. These vulnerabilities empower hackers to execute malicious code on a user’s device or gain control of the device itself. For example, a vulnerability in a web application allows hackers to inject malicious code into the displayed web page.
  • Devices: Physical devices, such as computers, smartphones, tablets, or IoT devices, feature their own set of security vulnerabilities. These vulnerabilities can enable hackers to access the device’s data or functionalities. For instance, a vulnerability in a smartphone grants hackers access to the device’s camera, microphone, or GPS.

In conclusion, the multitude of security vulnerabilities in communication systems presents a significant challenge to all stakeholders. Protecting against these vulnerabilities and enhancing cybersecurity is essential to safeguard sensitive data and infrastructure.

How communication vulnerabilities exposed millions of users to cyberattacks in the past years

Communication is essential for our personal and professional lives, but it also exposes us to cyber threats. In the past years, hackers exploited the hidden dangers of communication vulnerabilities to steal data, disrupt services, and spy on users. These vulnerabilities affected software and services widely used, such as Log4j, Microsoft Exchange, Exim, Signal, Telegram, or WhatsApp. Some of these vulnerabilities have been fixed, while others remain active or in progress. The following table summarizes the main communication vulnerabilities in the past years, their impact, and their status.

Name of the breach Type of breach Impact Status Date of discovery Date of patch
Log4j Command injection Control of servers and Java applications Fixed November 24, 2021 December 18, 2021
Microsoft Exchange Remote code execution Data theft and backdoor installation Fixed March 2, 2021
Exim Multiple vulnerabilities Control of email servers June 5, 2020
Signal Denial of service Blocking of messages and calls Fixed May 11, 2020 May 15, 2020
Telegram Deserialization Access to messages and files Fixed January 23, 2021
WhatsApp QR code spoofing Account hacking Fixed October 10, 2019
File-based XSS Code injection Execution of malicious code in the browser Not fixed December 17, 2020 N/A
RCS QR code spoofing Interception, modification or spoofing of messages and calls Not fixed June 17, 2020 N/A
SMS SIM swap fraud Account takeover and identity theft Active or in progress
MMS Stagefright vulnerability Remote code execution and data theft Fixed July 27, 2015 August-September 2015
SolarWinds Orion Supply chain compromise Data theft and backdoor installation Fixed December 8, 2020 February 25, 2023
API PubNub-Kotlin Privilege escalation by deserialization of untrusted data Arbitrary command execution on SolarWinds Platform website Fixed February 8, 2022 April 19, 2023
SS7 Multiple vulnerabilities Data theft, interception, modification or blocking of communications, location tracking or spoofing, fraud Active or in progress 2014 N/A

This table provides a concise overview of the hidden dangers of communication vulnerabilities in 2023, their types, impacts, and current statuses.

EviCypher NFC HSM: The technology that makes your communications invulnerable to security breaches

Security vulnerabilities in the means of communication pose a high risk to users, including satellite messaging, as their data can be exposed or manipulated by hackers. Therefore, effective protection against this threat is essential. This is precisely where the EviCypher NFC HSM technologies mentioned in this article come in as an innovative and secure solution.

EviCypher NFC HSM Technology for Messaging Protection

EviCypher NFC HSM technology is a solution that enables contactless encryption and decryption of data using an NFC card. It employs a hardware security module (HSM) that securely stores encryption keys. It is compatible with various communication services, including emails, SMS, MMS, satellite messaging, and chats.

To use EviCypher NFC HSM technology, simply pair the NFC Card, to an NFC-enabled Android phone and activate it with your fingerprint. Messages sent and received through messaging services are encrypted and decrypted using the NFC card. Only the card owner can access their messages and files. No one can intercept or alter them, even if the  service is compromised by a security vulnerability.

EviCypher NFC HSM technology offers optimal protection for commincation, ensuring data confidentiality and integrity. It also safeguards against other types of security vulnerabilities that may affect communication methods, such as Log4Shell or SolarWinds. It is a simple, effective solution that requires no change in user habits.

What is EviCypher NFC HSM technology?

EviCypher NFC HSM technology is a contactless encryption technology that uses hardware security modules (HSM) devices that communicate via NFC (Near Field Communication) protocols. These devices are EviTag and Evicard, which are small and portable devices that can be attached to a keychain or a card holder. They allow users to store and manage their keys and secrets securely, without relying on third-party services or cloud storage.

How does EviCypher NFC HSM technology work?

EviCypher NFC HSM technology works by encrypting and decrypting data and communications with the user’s own keys that they created and stored offline. The user can use the devices for various applications, such as encrypting emails, messages or files.

To use NFC HSMs, the user must first pair it with their phone. He chooses the option of encryption or decryption on his phone, writes or reads his messages on his phone. Encryption and decryption operations are performed from the NFC HSM itself, without exposing keys or secrets to the phone. The same operation is available on computer via a phone-paired web extension and using the NFC HSM.

Why is EviCypher NFC HSM technology secure and reliable?

EviCypher NFC HSM technology is integrated into a hardware security module that stores encrypted secrets, such as encryption keys, in the highly secure NFC eprom memory. It enables to encrypt contactless communications upstream, in post-quantum AES 256, before sending them. It is thus secure and reliable, because it encrypts the data before transmitting them without ever keeping the message in plain text.

How can EviCypher NFC HSM technology protect you from security breaches?

EviCypher NFC HSM technology can protect you from security breaches by encrypting your data and communications in advance in volatile memory before sending them encrypted without ever keeping the message in clear automatically destroyed and replaced by its encrypted version in AES 256 symmetry considered post quantum. Thus, even if there are security flaws the messages and emails and their attachments remain always encrypted. This can be done from an Android NFC phone and/or from the Freemindtronic extension.

This way, you can avoid being exposed to past, present or future security vulnerabilities, since the encryption is done on the device itself, without exposing the keys or secrets to the phone or computer. Even if your phone or computer is compromised by a hacker or a spyware, they cannot access your data or messages in clear text. Only you can decrypt them with your device and your PIN code.

EviCypher NFC HSM technology is an innovative solution that offers a high level of security and privacy for your communication systems. It is developed by Freemindtronic, an Andorran company specialized in NFC security. It is based on EviCore NFC HSM technology, which is a hardware security module that combines hardware encryption and NFC communication protocols.

In conclusion, the EviCypher NFC HSM technology is integrated into a hardware security module that stores encrypted secrets, such as encryption keys, in the highly secure NFC eprom memory. It allows to encrypt contactless communications upstream, in post-quantum AES 256, before sending them. It is thus secure and reliable, because it encrypts the data before transmitting them without ever keeping the message in plain text.

EviCypher Story

EviCypher Story video youtube 2016 Cyber Cercle Paris France Genesis of the EviCypher Technology World champion of inventions 2021

EviCypher by Freemindtronic Andorra

EviCypher is, above all, the invention of Jacques Gascuel founder of the Deep Tech Andorrane Freemindtronic SL.

Freemindtronic, isa research and development laboratory specializing in the design and design of Green Tech electronic systems in security and cyber security computing specialized in NFC technology, contactless.

EviCypher® is a brand designating Freemindtronic technology in the field of security and cyber security secrets and their management.
EviCypher’s research and development laboratory is an expert in multi-factor wireless authentication (MFA) access control, which it has several international patents. In addition, Deep Tech also designs electrical protections for computer systems with black box traceability, wireless access control systems, segmented encryption key security systems   and multi-criteria of trust authentication systems.

EviCypher is a technical solution that at the same time guardian of secrets and respect for the environment.

EviCypher technology is one of the implementations of Jacques Gascuel’s invention, which was awarded numerous times for his inventions and innovations internationally in 2017, 2014 and worldwide in 2010 and 2021 at the international invention competition in Geneva, where he received the gold medal.

First, EviCypher’s function is to keep the secrets stored offline for life in its individually protected and secured non-volatile encrypted memory by various criteria of trust and physical access control.

And at the same time, EviCypher significantly reduces attack surfaces to make them impossible when using the secrets stored in connected computer systems and information systems.  

As a result, the second function is cyber deterrence. It has the effect of convincing the potential attacker not to attack EviCypher users. The secrets are kept outsourced connected computer systems involves. In fact, for the attacker, the costs that will result from his remote and/or proximity attack would outweigh the potential benefits he thinks he can derive from it.

Freemindtronic’s research and development laboratory has this expertise in implementing such a high level of security, which it dents the know-how protected by international patents.

EviCyper is mostly a user engineering. Make it extremely easy to use security and cyber security technologies that are becoming more and more complex to implement.

Freemindtronic uses energy recovery via the NFC signal to EviCypher to operate only on demand. In fact, it doesn’t need a battery to run for life.

In the end, EviCypher has through its application many decentralized and individualized cyber security systems. EviCypher do not use server on the internet (serverless) to operate. It can operate without physically isolated contact networks (Air Gap)

the inventor of EviCypher

Inventor Jacques Gascuel moved to the eastern Pyrenees in the Principality of Andorra in 2016. It is in this mountain environment source of inspiration, that he founded Freemindtronic in November 2016. This start-up benefits from know-how protected by international patents. Less than a year after its creation was born a technological innovation named EviAlpha which will be integrated into an NFC device called EviTag®. This is a password and credit card manager. In addition, this product is several times Winner in Innovation in 2017 in Cybersecurity and Embedded System.

Secure Card CES 2022

Secure Card de Bleujour CES 2022 by Freemindtronic Andorra contactless data encryption from an NFC HSM security hardware module




Secure Card innovation 2022

Secure Card is a preview at CES Las Vegas 2022 of the new product developed by Freemindtronic for our partner Bleujour. for its new Kubb Secure product range.
 
The Secure Card is an NFC HSM secret manager such as encryption keys and hardware passwords, which has received 10 international awards since 2021 including the Geneva Gold Medal for Inventions in security, cyber security and cyber defence of computer and information systems. The Secure Card is equipped with EviCypher technology, which manages contactless secrets such as encryption keys, passwords and tokens.

 


Learn more about Kubb Secure products click here
Learn more about our partner Bleujour click here






BLEUJOUR

CES 2022 Booth: 18789 for CES booth plan click is here

&

BLEUJOUR  INNOVATION

CES 2022 Eureka Park booth: 61045 for CES booth plan click is here

The company BLEU JOUR is based on five founding pillars: Quality, Aesthetics, Innovation, Practicality and Exclusivity. In a constantly changing universe, BLEU JOUR offers creations where aesthetics is combined with innovative technological solutions. The company favors French design and manufacture.

Category: Home Office Hardware and Accessories

Country: France

Contact: Click here








Other project the Kubb Secure

Discover another project presented at CES 2022 Las Vegas the Kubb Secure.

This Kubb Secure works without an NFC phone as it includes an NFC reader. The first computer developed by Freemindtronic has been realized on a Kubb Secure from our partner Bleujour.

The Kubb Secure embeds the Cyber Computer technology which includes several Freemindtronic’s technologies forming a safety and cyber security eco system. Technologies that have received more than 10 international awards since 2021 in the fields of safety, security, cybersecurity and cyber defence of computer and information systems.

To find out more about the cyber computer click here





Kubb Secure embeds Cyber ​​Computer technology from Freemindtronic winner Gold Globee Awards 2022 Cyber ​​Security Global Excellence Awards hardware security category


EviCypher A New Way to Keep Secrets and Pass Them On

EviCypher - EviToken Technology Technology A New Way to Keep Secrets and Pass Them On, multiple trust criteria, password, fingerprint, geolocation, BSSID, ID phone, Sharing Contactless Encryption, MFA, secret management by Freemindtronic Andorra

EviToken & EviCypher Technology a new way to keep secrets and pass them on.

EviToken & EviCypher technology to control information privacy is an absolute necessity today, as there are so many cyber malicious acts. We can cite among others acts such as phishing, stalking or ransomware. These so-called “cyber” threats alone represent approximately 75% of the infiltration techniques giving access to your confidential or personal data. All of these techniques have the same approach, which is identity theft. This mechanism allows an individual, or a machine, to impersonate someone or something else. The recipient thus deceived, lifts his natural mistrust to trust this ill-intentioned sender.

    Protection techniques for transmitting confidential or personal data have been around for a very long time, as have signature mechanisms. They are most often based on asymmetric key algorithms, with strong encryption (RSA of 2048 or 4096 bits or even ECDSA). Unfortunately, if the model on which these encryption techniques are based is proven and ensures flawless security, its IT implementation is, for its part, often undermined by man-in-the-middle attacks, or by elevations of law on information systems. These attacks, when identification or decryption relies only on one-factor authentication, allow the theft of encryption keys, and directly compromise the security of your data. To mitigate these threats, two-factor authentication (or 2FA) adds a layer of protection by either obtaining a unique code sent by SMS to your phone number, or by validating a request for it authentication (Google / Facebook), or through the use of authenticators which is increasingly recommended by security specialists.

Why use the EviToken & EviCypher Technology?

                 The purpose of EviToken & EviCypher technology is to secure secrets of different kinds, such as asymmetric keys (RSA), symmetric keys (AES) but also login information, PIN codes, account or bank card identifiers, cryptocurrency private keys, cryptocurrency wallet passphrases, cryptocurrency recovery phrases (SEED), etc. The EviToken & EviCypher secure safe is contained in a simple NFC card, not connected to a computer system. It communicates with the latter, on demand, via a near-field transmission protocol (NFC) which transmits data over an encrypted channel, built by EviToken & EviCypher. Secrets stored in the card are segmented and encrypted to make them physically inaccessible to cybercriminals. The EviToken & EviCypher secure safe is a real natural Air Gap component. Thus, apart from the case of data transmission, the architecture used has: no power supply; no security breach due to an increase in temperature (which makes it immune to malware such as “BitWhisper and Fansmitter”); no emission of sound signals, even those inaudible to the human ear and no emission of light or waves. Finally, to avoid a conflation with smart card-based systems, the support of EviToken & EviCypher technology does not require dedicated physical connection hardware with the digital system, nor does it have an operating system, which makes it insensitive to the introduction of malicious code as on a Java architecture. Like any electronic component, the EviToken & EviCypher secure safe can undergo invasive attacks which consist in using acids to expose the electronic circuit that will then have to be analyzed to try to understand the implementation of the secure secrets in multiple scrambled segments.

If EviToken & EviCypher technology provides security in a secure vault, what about the use of encryption keys to transport secrets over a secure channel?

In the context of two-factor authentication, we consider that you are the only one who can hold the second criterion of trust. This security measure traditionally allows, in case of failure, not to trigger the secure transport of your data. However, this function is not intended to secure the transport, it is the role of the encryption protocol to perform this operation. Thus, if the encryption keys are compromised, the data could be compromised during a listen. Faced with this problem, EviToken & EviCypher directly integrates metadata trust criteria into its encryption keys, in order to secure the encrypted messages during their transport. Thus, even in the event of a compromise of the keys, decryption remains blocked by the trust criteria. With this in mind, why stop at two criteria of trust? In its basic version, EviToken & EviCypher offers nine trust criteria based on the possession of a third-party object, technical components (phone ID, barcode, password, geolocation or BSSID) but also environmental and specific components to the sender, or recipient, to make data compromise even more difficult.

                A simple example, you want to send a confidential message containing your latest invention to a colleague in a hostile environment, with a high probability of compromise. You will therefore add non-digital trust criteria to your encryption key, to ensure its protection in the event of a compromise. The decryption of the message by the AES 256 symmetric key will only be accessible, by the digital tool, once the conditions related to the trust criteria have been met. If we base one of the trust criteria on a geolocation for example, the recipient must not only be in possession of an EviToken & EviCypher card, but also be physically located at the location of geolocation defined in the trust criteria to decrypt the message. This location may be known to the recipient like a convention, but may also not be known. The trust criterion will then be transmitted to him as one of the authentication multi-factors, by SMS / QR Code / Photo or any other means.

If EviToken & EviCypher technology provides security in a secure safe, encryption of messages with trust criteria based on environmental components, technical or not, what about the transmission of keys for use in a space digital connected?

                To secure end-to-end transmissions, several tools, used as gateways, such as smartphones or virtual keyboards, will be crossed.  EviToken & EviCypher then builds encrypted channels, from the first communications between the EviToken & EviCypher card and the first NFC communication gateway, using an AES 128 symmetric pairing key. The latter will be replaced by a 256-bit AES symmetric key, with different trust criteria depending on the user’s choice, when recording a secret. Communication with web browsers is achieved using 256-bit ECC ephemeral keys (X25519), to negotiate exchanges between the smartphone and the browser plugin, to insert website authentication, text decryption, etc. As for the transmission, from the smartphone, of texts, images or encrypted files, the encryption is carried out with a symmetric key AES 256 bits with trust criteria.

Why choose the EviToken & EviCypher technology?

Our goal is to better understand the feasibility of digital malicious acts through a human approach to attacks. Thus, if you do not physically have the EviToken & EviCypher card, or if you do not have access to it with a connection duration long enough to carry out an attack, it will be very difficult to compromise the safe, but it is quite obvious that «to the impossible no one is bound “. “However, this attack requires physical contact, it is no longer possible to hide behind anonymizers. Assuming that the encrypted message is sufficiently protected, with algorithms such as 2048- or 4096-bit RSA or even ECDSA, then it is necessary to look into the protection of the key. Indeed, this protection will remain true as long as the encryption and decryption keys remain secret. History of computer attacks shows certain difficulties in maintaining this assertion. It is therefore necessary to strengthen the protection of the keys, by accepting the compromise of the latter, while protecting the message during its transport. at best for this requirement, non-digital trust criteria, that is to say criteria known, held, observable or understandable by the recipient, are required for the decryption of the message and no longer of the key.

EviToken & EviCypher technology, by adding these trust criteria, changes the current paradigm of access to secrets. Thus, even if a secret, and more particularly a decryption key, were stolen, it could only be used if the trust criteria are met.

Based on the EviToken & EviCypher principle, the new EviCypher technology, which won the 2021 gold medal for international inventions from Geneva, brings new innovations in the creation, management, integration and augmented intelligence linked to the use of trust criteria. A new chapter on this internationally patented invention on segmented key authentication is opening.

About the author

fabrice crasnier cybersecurity university professor in france forensic expert of the court of appeal of toulouse in france and former forensic police officerFabrice Crasnier is the director of Research & Development departement of FREEMINDTRONIC. Freemindtronic, Andorran start-up designs and manufactures tailor-made solutions for its customers in the field of safety and cyber security of information systems and computer systems.

Fabrice is Associate Professor at Paul Sabatier University in Toulouse where he teaches cybercrime phenomena. He is at the origin of the creation of 3 forensic laboratories as head of forensic activities within the french police in Toulouse and within the SCASSI company. He has worked for 27 years in the judicial police, including 17 years following national and international cybercrime investigations. As a judicial expert since 2004 at the Court of Appeal of Toulouse, he has witnessed the delinquent transformation of cyberspace between 2000 and 2017. As a computer engineer, he has understood that the origin of cyberthreats is not always due to a defect in computer tools but more often to a misuse of these tools.

Fabrice can be reached online on LinkedIn: https://www.linkedin.com/in/fabricecrasnier/

For more information, visit the company website at www.freemindtronic.com


Freemindtronic Win Awards 2021 Next-Gen in Crypto Security with EviCypher & EviToken Technologies


Freemindtronic win awards 2021 Most Innovative in Hardware Password Manager with EviCypher & EviToken Technologies


Freemindtronic win awards 2021 Next-Gen in Secrets Management with EviCypher & EviToken Technologies


NEWS PROVIDED BY

Cyber Defense RSA Edition for 2021 
May 18, 2021
Related Link:
https://www.cyberdefensemagazine.com
Source Link:
https://www.cyberdefensemagazine.com/annual-editions/RSA-2021/Cyber-Defense-Magazine-RSA-Edition-for-2021.pdf


SHARE THIS ARTICLE



Contactless Secrets Keeper Multiple Trust Criteria

Contactless secrets keeper and data encryption the new invention 2021 from Jacques Gascuel 100 years after Mr Hugo Alexander Koch by freemindtronic Andorra

Contactless Secrets Keeper & Data Encryption the new invention 2021 from Jacques

100 years after Hugo Alexander Koch, Jacques Gascuel invented the the first secrets keeper & contactless encryption system that fits in your pocket.

Jacques Gascuel presents the latest implementation of his invention on segmented key encryption at the 2021 International Exhibition of Inventions Geneva.

The inventor, of French origin, is a resident of the Principality of Andorra. In fact, Andorra is one of the 25 countries participating in the international invention’s competition in Geneva.

Andorra, Spain and France have 9 participants in this competition.

France 5 participants in classes C, K, N and F

Espagne 3 participants in classes P and V

Andorre 1 participant in Class C (page 32)

There are a total of 352 participants, 77 in Class C, 68 in Class V, 21 in Class P, 18 in Class F, 16 in Class K and 5 in Class N. (meaning classes at the end of article)

The beginnings of a portable encryption machine

In October 1919 Hugo Alexander Koch filed a patent application for a portable electromechanical encryption machine that would be used by the German army during World War II. It will be developed and marketed by Arthur Schermie’s to the Enigma brand.

No alternative text for this image

100 years later, on August 31, 2018, the first segmented key authentication system for encryption was invented by Jacques Gascuel. The first tool of individual sovereignty was born.

No alternative text for this image

After 3 years of research and development to find an effective solution to combat cybercrime and corporate espionage, inventor Jacques Gascuel creates in 2021 the first contactless encryption device, retro compatible, which fits in a pocket.

Greentech technology

It is a the the first secrets keeper & contactless encryption system that respects the environment. It works for life without battery, maintenance and cloud. It can be reset, in “factory return” configuration for the second hand market. Compatible with almost all information systems, IT systems and cloud services. The system is designed to operate in an extreme environment, for  more than 40 years, without the need for electrical energy. Finally, the system uses the energy it recovers via the NFC signal from the phone’s antenna. Thus, the system uses energy only at the time of use. That’s as much electrical power saved for storing sensitive data such as passwords and encryption keys still connected to computer systems around the world.

Absolute Anonymity, a force of individual sovereignty

This unconnected system, which collects no data from the user or the type of NFC device used, makes its use completely anonymous.

A scalable and adaptable 360-degree encryption system

The user can encrypt almost everything: instant messaging services, SMS and MMS. It can also encrypt data stored on physical media such as USB sticks, SD card, SSD and internal or external hard drive, including online storage services.

The user can also encrypt his communication protocols.

The system also allows the conditions for the use of encryption to be enslaved to confidence criteria of physical origin, such as territorial areas of 1 m2 to 2,500 km2.

This technology is scalable. It can be advantageously used as, a Token security manager dongle, an IoT encryption system or as an authentication system with more than 12 configurable factors at the discretion of the user and/or administrator.

Users of this technology immediately acquire absolute individual sovereignty over their data via an unencrypted, end-to-end, unconnected NFC device.

A system designed for sensitive professional activities

EviCypher technology features a fully automated intelligent fleet manager. This gives RSSIs a simple solution for managing multi-station computing and NFC phones that interface with devices.

A solution that solves countless cyber security and security problems related to telecommuting, mobility and CYOD, BYOD, COPE and COBO.

EviCypher technology is based on an Air Gap system that significantly reduces attack surfaces, especially remotely.

The administrator and user of this technology have absolute control over their digital lives and physical access.

An efficient solution for businesses

A solution quickly depreciable, without financial commitment, via a “one-shot” purchase.

The speed of commissioning, the ease of use and learning, save a considerable amount of time on a daily basis.

This is all the truer in the case of its use by companies that use telework and international mobility.

An effective hardware system to combat identity theft and espionage.

This new tool, which can be set at the discretion of the administrator and/or the user, offers an authentication solution that includes 12 physical trust criteria. This effectively combats “attacks on the president.”

EviCypher will be compatible with the #Thunderbird #Mozilla e-mail service to encrypt and decrypt, without contact, via a #NFC device, emails and attachments.

A hardware manager of complicated encryption keys and passwords

It is designed to handle and store up to 200 AES 256 encryption keys and 4 RSA 2048 keys or 2 RSA 4096 keys.

It is also possible to manage up to 200 complicated passwords and/or password phrases with self-login system and logon.

EviCypher is a technology developed, marketed and custom-made only by Freemindtronic Andorra.

 

Continue reading

Anti Mouse Jacking by Freemindtronic

anti mouse jacking sans contact system contacless access controle secured by freemindtronic_andorra

Contactless Anti Mouse Jacking System by Freemindtronic Andorra

Lock Unlock Vehicle via NFC phone

Anti Mouse Jacking system in video demonstration on a “TROTEE.NET” project. 

BEWARE ! The contactless mouse jacking system is a cyber safety and security solution by NFC that allows you to lock and unlock a vehicle without contact.

This video is presented a demonstration developed to measure by Freemindtronic SL. The electric scooters shown in this video are not manufactured or marketed. These are multi-trust contactless access control demonstrators that work via an NFC phone.

This technology is available under patent license.

It offers a quickly and easily adaptable solution for various wireless access controls, particularly in the automotive sector.

Finally, these contactless access control systems are compatible with the other technologies of Freemindtronic EviToken and EviCypher. In fact, this greatly extends the possible added values in many areas such as IT Security, Home Automation Security. 

Functional 2016 prototypes Anti Mouse Jacking were presented to the public for the first time at the FIC in Lille in January 2016.

 

contactless Anti-Mouse Jacking trotee.net salon FIC 2016 by Freemindtronic Andorra

These scooters carry implementations of three patents granted.

These are demonstrators with integration of an NFC device with multi-criteria authentication system of trust. Lock or unlock a vehicle without contact. This action can be subservient to several criteria of trust such as geo location, facial recognition, digital borrowing, a password.

The contactless access control system is energy-independent to operate. It uses energy recovery to power the safety and cybersecurity system.

Similarly, you independently administer and manage user profiles. The tamper-proof black box offers many ideal services for the follow-up of vehicle maintenance.

These technologies are adaptable  by Freemindtronic SL Andorra  tailor-made on specifications for all types of mobility projects.

There are many use cases when it comes to mobility such as, renting, carpooling, user control and protection against vehicle theft. 

It is also a wave jammer resistant technology used for “Mouse Jacking” vehicle theft.

 

Android NFC application

An application under Android has been developed to carry out demonstrations, such as the anti-mouse Jacking, sharing it, fleet management, but not only.

FULLTRACK NFC
FULLTRACK NFC : BETA
GUIDE D’UTILISATION : ND
Update: ND
Black Box version:  ND
Free Download:  ND cause application being updated
Works only with the TROTEE.NET® demonstrator.