Showing posts sorted by relevance for query attack. Sort by date Show all posts
Showing posts sorted by relevance for query attack. Sort by date Show all posts

30 Chinese Government Sites Hacked By Hitcher

Posted by Avik Sarkar On 8/02/2011 07:05:00 pm

 
30 Chinese Government Sites Hacked By Hitcher

Hacked Sites:-
 
 
Mirror Link:-
 
 
To see the pastebin posted by the hacker click here 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

WikiLeaks Again Under DDoS Attack For Last 5 Days

Posted by Avik Sarkar On 8/09/2012 05:04:00 am

WikiLeaks Again Under DDoS Attack For Last 5 Days

Yet again Wikileaks official website faced denial of service attack. Earlier we have seen two similar attack, first it was in 2011 when  an Anonymous member took responsibility of that Attack on Wikileaks website. That  time the attacker executed a massive Denial of Service while using newly developed tool #refref. In an exlusive report by Corero Network Security said the attack on Wikileaks site was one of the largest DDoS attack ever took place in 2011. Back in May this year, Wikileaks was also taken down by a DDoS attack which also infected controversial file sharing site "The Pirate Bay". As per sources the site has been down for the last five days, during which it has been experiencing a massive Distributed Denial of Service (DDoS) attack. So far it was the longest attack ever happened against Wikileaks. The most notable thing is that according the organisation already claimed a government entity is behind the hit. Many of other unofficial sources are connecting this attack with a recent story, which restarted the WikiLeaks donation. At the time of the attack team VOGH took the following screen shot which clearly showing that Wikileaks.org was indeed inaccessible

The first tweet was sent out on August 3:-
WikiLeaks.org is down for unknown reasons. We are investigating. wikileaks.org is still up.
#WikiLeaks donation page and FDNN portal down. You can still donate via supporter merchandise: http://wikileaks.spreadshirt.com/ http://www.cdbaby.com/cd/wikileaksbeattheblockade2
WikiLeaks has been under sustained large scale DDoS attacks since August 3. Help us purchase more bandwidth: http://shop.wikileaks.org/donate
Speculation on DDoS attack against WikiLeaks timing: 1. Olympics cover 2. Upcomng release. 3. Ongoing Syria, Stratfor releases
Wikileaks est actuellement sous le feu d’une attaque DDOS d’ampleur.
wlcentral.org and http://justice4assange.com are now down.
Update: http://wikileaks.org https://secure.fdn2.org/fdn2/nouser http://cabledrum.net/ still down. http://wlcentral.org/ http://justice4assange.com/ back online.
UPDATE: WikiLeaks battles ongoing DDoS attack
#WikiLeaks .onion mirror available: http://isax7s5yooqgelbr.onion/ Accessible only through Tor

Most WikiLeaks mirrors have been brought offline as well, with some coming back today. Even sites simply related to WikiLeaks have been targeted. These include the WikiLeaks-endorsed website Cabledrum, including its mirror of the WikiLeaks website, and French non-profit FDNN, which hosts a WikiLeaks' donation portal. The latter was attacked shortly after WikiLeaks linked to it as an alternative to donate while the WikiLeaks website is down. WL Central and Justice for Assange were also attacked for a short period of time. According to Zdnet a hacker group calling themselves 'AntiLeaks' is claiming responsibility for the attack, and has issued the following statement:-
"You can call me DietPepsi. I am the leader of AntiLeaks. We are not doing this to call attention to ourselves. We are young adults, citizens of the United States of America and are deeply concerned about the recent developments with Julian Assange and his attempt at aslyum in Ecuador.
Assange is the head of a new breed of terrorist. We are doing this as a protest against his attempt to escape justice into Ecuador. This would be a catalyst for many more like him to rise up in his place. We will not stop and they will not stop us."




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Social-Engineer Toolkit (SET) Version 4.0 Codenamed “Balls of Steel” Released

Posted by Avik Sarkar On 9/23/2012 12:05:00 am

Social-Engineer Toolkit (SET) Version 4.0 Codenamed “Balls of Steel” Released


Social Engineer Toolkit also known as SET gets another update. Now we have Social Engineer Toolkit version 4.0 codename “Balls of Steel” is officially available for public consumption. In his official blog; Trusted Sec, the developper of SET has claimed that this version of SET is the most advanced toolkit till today. This version is the collection of several months of development and over 50 new features and a number of enhancements, improvements, rewrites, and bug fixes
Lets talk about some highlights and the new major features of SET 4.0- the Java Applet attack has been completely rewritten and obfuscated with added evasion techniques. All of the payloads have been heavily encrypted with a number of heavy anti-debugging tools put in place. PyInjector is now available on the Java Applet attack natively and deploys shellcode automatically through a byte compiled executable. The powershell attack vectors now support customized payload selection through the config/set_config. A new attack vector has been added called the Dell DRAC Attack Vector (default credential finder). A new teensy payload has been added from the Offensive-Security crew – the auto-correcting attack vector with DIP switch and SDcard “Peensy”. The web cloner has been completely rewritten in native python removing the dependency for wget. The new IE zero day has been included in the Metasploit Web Attack Vector. The Java Repeater and Java Redirection has been rewritten to be more reliable. Obfuscation added to randomized droppers including OSX and Linux payloads.

Full Changelog of The Social-Engineer Toolkit (SET) 4.0:- 

  •  Added a new attack vector to SET called the Dell Drac attack vector under the Fast-Track menu.
  •  Optimized the new attack vector into SET with standard core libraries
  •  Added the source code for pyinjector to the set payloads
  •  Added an optimized and obfuscated binary for pyinjector to the set payloads
  •  Restructured menu systems to support new pyinjector payload for Java Applet Attack
  •  Added new option to SET Java Applet – PyInjector – injects shellcode straight into memory through a byte compiled python executable. Does not require python to be installed on victim
  •  Added base64 encoded to the parameters passed in shellcodexec and pyInjector
  •  Added base64 decode routine in Java Applet using sun.misc.BASE64Decoder – native base64 decoding in Java is the suck
  •  Java Applet redirect has been fixed – was a bug in how dynamic config files were changed
  •  Fixed the UNC embed to work when the flag is set properly in the config file
  •  Fixed the Java Repeater which would not work even if toggled on within the config file
  •  Fixed an operand error when selecting high payloads, it would cause a non harmful error and an additional delay when selecting certain payloads in Java Applet
  •  Added anti-debugging protection to pyinjector
  •  Added anti-debugging protection to SET interactive shell
  •  Added anti-debugging protection to Shellcodeexec
  •  Added virtual entry points and virtualized PE files to pyinjector
  •  Added virtual entry points and virtualized PE files to SET interactive shell
  •  Added virtual entry points and virtualized PE files to Shellcodeexec
  •  Added better obfsucation per generation on SET interactive shell and pyinjector
  •  Redesigned Java Applet which adds heavily obfsucated methods for deploying
  •  Removed Java Applet source code from being public – since redesign of applet, there are techniques used to obfuscate each time that are dynamic, better shelf life for applet
  •  Added a new config option to allow you to select the payloads for the powershell injection attack. By specifying the config options allows you to customize what payload gets delivered via the powershell shellcode injection attack
  •  Added double base64 encoding to make it more fun and better obfuscation per generation
  •  Added update_config() each time SET is loaded, will ensure that all of the updates are always present and in place when launching the toolkit
  •  Rewrote large portions of the Java Applet to be dynamic in nature and place a number of non descriptive things into place
  •  Added better stability to the Java Applet attack, note that the delay between execution is a couple seconds based on the obfuscation techniques in place
  •  Completely obfsucated the MAC and Linux binaries and generate a random name each time for deployment
  •  Fixed a bug that would cause custom imported executables to not always import correctly
  •  Fixed a bug that would cause a number above 16 to throw an invalid options error
  •  Added better cleanup routines for when SET starts to remove old cached information and files
  •  Fixed a bug that caused issues when deploy binaries was turned to off, would cause iterative loop for powershell and crash IE
  •  Centralized more routines into set.options – this will be where all configuration options reside eventually
  •  Added better stability when the Java Applet Repeater is loaded, the page will load properly then execute the applet.
  •  The site cloner has been completely redesigned to use urllib2 instead of wget, long time coming
  •  The cloner file has been cleaned up from a code perspective and efficiency
  •  Added better request handling with the new urllib2 modules for the website cloning
  •  Added user agent string configuration within the SET config and the new urllib2 fetching method
  •  Added a pause when generating Teensy payloads
  •  Added the Offensive-Security “Peensy” multi-attack vector for the Teensy attacks
  •  Added the Microsoft Internet Explorer execCommand Use-After-Free Vulnerability from Metasploit into the Metasploit Browser Exploits Attack vectors
  •  Fixed a bug in cleanup_routine that would cause the metasploit browser exploits to not function properly
  •  Fixed a bug that caused the X10 sniffer and jammer to throw an exceptions if the folder already existed



To Download The Social-Engineer Toolkit (SET) 4.0 Click Here



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

14 Israeli and US Websites Hacked By Hitcher (PCF)

Posted by Avik Sarkar On 8/21/2011 07:58:00 pm

Pirate Bay & WikiLeaks Goes Offline After Prolonged Denial of Service Attack

Posted by Avik Sarkar On 5/18/2012 01:34:00 am

Pirate Bay & WikiLeaks Goes Offline After Prolonged Denial of Service Attack
 
Most popular and controversial file sharing site "The Pirate Bay" faced a prolonged distributed denial of service which interrupts the service. In their official Facebook page confirmed the attack. DDoS attack left the site largely inaccessible for the last 24 hours, with only intermittent service in the UK. The Pirate Bay took to its Facebook page to confirm the attack, saying that it did not know who was behind it, although it ‘had its suspicions’. There had initially been speculation that the attack on The Pirate Bay was initiated as an act of revenge by the Anonymous hacker collective after members of The Pirate Bay criticised Anonymous for organizing DDoS attacks on UK internet service provider (ISP) Virgin Media for blocking access to The Pirate Bay. The Pirate Bay has said, however, that Anonymous is not to blame for the attack on its site.
Meanwhile, a former Anonymous member by the name of AnonNyre has claimed responsibility for DDoSing the Pirate Bay site. There is no evidence though to confirm that AnonNyre was actually behind the attacks. 

Not only TPB, but also Wikileaks official website faced massive distributed denial of service attack which hampers the site for 72 long hours. According to official twitter of Wikileaks "WikiLeaks has been under sustained DDOS attacks over the last 72 hours..."  
This not the first time, before this Wikileaks have faced cyber attack and an Anonymous member took responsibility of that Attack on Wikileaks website. That  time the attacker executed a massive Denial of Service while using newly developed tool #refref. In an exlusive report by Corero Network Security said the attack on Wikileaks site was one of the largest DDoS attack ever took place in 2011. But still it is not clear if there is any connection between the two incidents. 





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Pastebin Under Massive Cyber Attack, 20K IP Address Blocked To Prevent DDoS Attack

Posted by Avik Sarkar On 2/22/2012 11:57:00 pm

Pastebin Under Massive Cyber Attack , More Than 20K IP Address Blocked To Prevent DDoS Attack

Pastebin - most widely used & world's number one paste tool yet again faced massive cyber attack. According to pastebin official twitter profile the 1st attack came on the 18th February where the attacker was using a botnet to send millions of requests to pastebin servers in an attempt to flood the network, inshort the attacker was trying to engage a DDoS attack. In response the pastebin team immediately took action while blocking more than 4000 IP address, but it was later found that those counter measure seems useless in-front of the attack so again more than 9000 IP address get blocked. According to the last twitter update pastebin confirmed that they are still adding more IP to the block list and now the number of block listed IP became more than 20000. This attack came on the day when Pastebin’s developers revealed the fact that the 3.1 version has gone online. 
In the press release Pastebin team said:- 
"For the last 16 hours Pastebin.com has been under attack by a botnet. Someone is using this botnet to send millions of requests to our servers in an attempt to flood the network to the point where it becomes inaccessible. A botnet is a collection of compromised computers connected to the Internet (each compromised computer is known as a 'bot').
So far we have been able to block about 20,000 IP's, but this number is growing by the minute. These IP's are most likely from innocent people who have no clue that their computer is being used for this purpose. It is highly recommended that you always have up-to-date antivirus software installed, and a good Firewall active.
Later today we will publish the list of IP's from today's 'botnet attack' on another server so you are able to check if your own computer has been compromised.
If your IP is in this list, you will not be able to access Pastebin at this time. With the current IPv4 system there are a total number of 4,294,967,296 IP's. The chance that your IP is blocked is rather small.
We sincerely apologize for the times that we were unable to block the attacks, and we will continue to fight these attacks as well as we can to make sure Pastebin is available 24/7."



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Anonymous Engaged Massive Cyber-Attack To Bring-down Vatican Website

Posted by Avik Sarkar On 3/09/2012 05:50:00 pm

Anonymous Engaged Massive Cyber-Attack To Bring-down Vatican Website 
Hacker collective group Anonymous take-down the official site of Vatican. In the last Wednesday evening Vatican faced massive denial of service of attack and www.vatican.va, was inaccessible for much of Wednesday afternoon and evening. According to Anonymous the motive of this cyber attack is to protest everything from Catholic doctrine to the sexual abuse of children. The hacker group said - "This attack is not against the Christian religion or the faithful around the world but against the corrupt Roman Apostolic Church," said the statement, posted on the Italian-language version of the Anonymous website. 
"Anonymous decided today to besiege your site in response to the doctrine, to the liturgies, to the absurd and anachronistic concepts that your for-profit organization spreads around the world," the hackers said in a statement. Last year also Anonymous tried to engage cyber-attack into the Vatican but failed. The Vatican spokesman, the Rev. Federico Lombardi, confirmed the attack but declined to comment on its possible source. He said he didn't know how long it would take the Vatican's technicians to bring the site back up. 
Similarly last year Anonymous has declared Operation Brotherhood and Threatens to "Destroy The Muslim Brotherhood". According to the official you tube video release Anon declared that  to hack Muslim Brotherhood websites, starting with the Arabic Ikhwanonline.com. But #OpBrotherhood  caused serious damage for Anonymous while a hacker named a Pakistani Hacker called Tha Disastar has Hacked and defaced the official website of AnonyOPS. The DDoS specilist has also faced massive denial of service attack on the anonyops.com. In the message hacker said that "Anonymous should stay in limits,and must not go out of there limits to others peoples religion". That time also Anonymous clarified that the attack was not to hit the Muslim religion but to those grand-masters who vows to follow all orders of the Murshid, without hesitation such as terrorism and so on. But the Muslims took that in a conservative way and as a result Anon faced massive criticism as well ass cyber attack. Who knows may be this attack against Vatican may also create the same scenario for the Hacktivist.  

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

HSBC Comeback Online After Prolonged DDoS Attack From Anonymous

Posted by Avik Sarkar On 10/20/2012 12:07:00 pm

HSBC Comeback Online After Prolonged DDoS Attack From Anonymous 

Massive attack against banking and financial sector continues, this time HSBC became the latest victim of cyber attack. The attack which interrupt the service for 10 hours long were mainly originated from Iran and Russia. After 'Izz ad-Din al Qassam Cyber Fighters' now it was the time for Fawkes Security, an offshoot of hacktivist group Anonymous, quickly took credit for the attack, acknowledging the take down in posts yesterday afternoon on Twitter and Pastebin The group claimed to have knocked HSBC’s main site, along with its US, UK and Canadian counterparts offline and on Friday,claimed it logged 20,000 debit card details from the site while it was down. 
According to HSBC newsroom- "On 18 October 2012 HSBC servers came under a denial of service attack which affected a number of HSBC websites around the world." But HSBC denied any sort of data loss. Fawkes Security claimed to have details of more than 20K cards, but in their release HSBC said "This denial of service attack did not affect any customer data, but did prevent customers using HSBC online services, including internet banking." 
But now the whole situation is under control, websites belonging to British bank and financial services company HSBC are back online and working normally. According to an update posted on its website, HSBC restored all of its websites globally to full accessibility as of 3:00am UK time. 
New York Stock Exchange, Bank of America, Wells Fargo, US Bank and PNC was brought down by few hacker collective group as protest against the anti Islamic movie. After this attack the name of HSBC has also been enlisted with those poor victims (affected banks & finance sector) who suffered DDoS attack in last month.





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Serious Organised Crime Agency (SOCA) Under DDoS Attack

Posted by Avik Sarkar On 5/05/2012 01:41:00 am

Serious Organised Crime Agency (SOCA) Under DDoS Attack 
Hacker performed massive denial of service attack to take down the official website of UK's Serious Organised Crime Agency (SOCA). Last night cyber criminals sent large number of data packets by which they managed to send SOCA offline. SOCA authority confirmed that they have suffered a DDoS attack which interrupts  their services. A spokesman said the site was taken offline at 22:30 on Wednesday, but that the attack did not "pose a security risk to the organisation". The exact reason of this attack is unclear but it can be predicated that either Soca's movement  on closing down 36 websites believed to be selling stolen credit card information may caused this DDoS attack. “The SOCA DDoS attack is probably related to the carder site takedowns last week,” F-Secure’s Chief Research Officer Mikko Hypponen wrote on Twitter.Experts are also highlighting another reason which may have influenced hacktivist to engage this cyber attack and that is the Supreme Court's decession on blocking The Pirate Bay in UK . What ever this is the second time in less than a year that SOCA's website has found itself the target of malicious attackers, having previously suffered from a DDoS attack at the hands of the notorious LulzSec gang in June 2011.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

THC-IPv6 Attack Toolkit, A Tool to Attack the Inherent Protocol Weaknesses of IPV6 & ICMP6

Posted by Avik Sarkar On 10/13/2012 01:26:00 am


THC-IPv6 Attack Toolkit, A Tool to Attack the Inherent Protocol Weaknesses of IPV6 & ICMP6

German hackers group, widely known as THC -The Hacker's Choice released an comprehensive attack toolkit for the IPv6 protocol suite named 'THC-IPv6 Attack Toolkit'. THC is the first group who is releasing such attacking tool for IPv6 protocol. According to the release note this is  a complete tool set to attack the inherent protocol weaknesses of IPV6 and ICMP6, and includes an easy to use packet factory library. It comprises of state-of-the-art tools for alive scanning, man-in-the-middle attacks, denial-of-service etc. which exploits inherent vulnerabilities in IPv6. 

Features at a Glance:- 
  • parasite6: icmp neighbor solitication/advertisement spoofer, puts you as man-in-the-middle, same as ARP mitm (and parasite)
  • alive6: an effective alive scanng, which will detect all systems listening to this address
  • dnsdict6: parallized dns ipv6 dictionary bruteforcer
  • fake_router6: announce yourself as a router on the network, with the highest priority
  • redir6: redirect traffic to you intelligently (man-in-the-middle) with a clever icmp6 redirect spoofer
  • toobig6: mtu decreaser with the same intelligence as redir6
  • detect-new-ip6: detect new ip6 devices which join the network, you can run a script to automatically scan these systems etc.
  • dos-new-ip6: detect new ip6 devices and tell them that their chosen IP collides on the network (DOS).
  • trace6: very fast traceroute6 with supports ICMP6 echo request and TCP-SYN
  • flood_router6: flood a target with random router advertisements
  • flood_advertise6: flood a target with random neighbor advertisements
  • exploit6: known ipv6 vulnerabilities to test against a target
  • denial6: a collection of denial-of-service tests againsts a target
  • fuzz_ip6: fuzzer for ipv6
  • implementation6: performs various implementation checks on ipv6
  • implementation6d: listen daemon for implementation6 to check behind a fw
  • fake_mld6: announce yourself in a multicast group of your choice on the net
  • fake_mld26: same but for MLDv2
  • fake_mldrouter6: fake MLD router messages
  • fake_mipv6: steal a mobile IP to yours if IPSEC is not needed for authentication
  • fake_advertiser6: announce yourself on the network
  • smurf6: local smurfer
  • rsmurf6: remote smurfer, known to work only against linux at the moment
  • sendpees6: a tool by willdamn(ad)gmail.com, which generates a neighbor solicitation requests with a lot of CGAs (crypto stuff ;-) to keep the CPU busy. nice.
  • thcping6: sends a hand crafted ping6 packet [and about 25 more tools for you to discover]
For detailed information about the usage, library interface & so on click here. To Download THC-IPv6 Attack Toolkit Click Here (Linux Only). For those who are hearing the name THC first time, we want to give you reminder that before this tool, this German hackers group published few other hack tools like Hydra (Fastest Login Cracker), THC SSL Dos and so on. 






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Greece Under Cyber-Attack, Ministry & Telecom Service Provider Hacked By KHS

Posted by Avik Sarkar On 5/01/2012 03:24:00 pm

Greece Under Cyber-Attack, Ministry & Telecom Service Provider Hacked  By KHS

Now a days Greece is facing several cyber attacks, first it was hacker collective Anonymous who carried denial of service attack on Greece Ministry to bring down Ministry of Justice. Now another infamous hacker group named Kosova Hacker Security (KHS) engaged massive cyber attack on Greek fence. This attack also dubbed "Operation Greek" which causes serious damage for Greek Ministry of Education, Lifelong Learning and Religion, OTE- Greek Telecom Service and so on. The hack on OTE exposed more than 10K user credentials along with the Admin details. All the hacked databases can be found on the official forum of KHS named Cyber-Hell. According to KHS this attack is a counter attack or in other word tit for tat of Greek hackers who hacked few Albanian websites. KHS also vows to engage cyber-war while saying "if Greece don't stop their activity then they will see the worst day in the Internet..."
Earlier this group has carried several cyber attack on Ukraine, Israel and so on






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Citi Bank & Bank of America Faced Sent Offline After Massive DDoS Attack (Operation Ababil)

Posted by Avik Sarkar On 1/05/2013 09:48:00 pm

Citi Bank & Bank of America Faced Sent Offline After Massive DDoS Attack (Operation Ababil)

Late in last year we have reported that major banking and finical sector of America faced massive cyber attack. The attack came just after 'anti Islamic' video was posted online. During the time of attack the hacker group named 'Izz ad-Din al Qassam Cyber Fighters' said "these series of attacks will continue until the Erasing of that nasty movie from the Internet". But now its seems that, the earlier deceleration of the hacker collective group was fake, as they again engaged denial of service attack against large banking sector, where Citi Bank and Bank of America fallen victim. Several website of those above banks were reported offline for a certain period of time. "Just moments ago Izz ad-Din al-Qassam Cyber Fighters attacked CitiBank and made all the parts out of reach. This was the 2nd attack this day. Banks could not stop al-Qassam Cyber fighters this week" - said the hacker group in their blog. In thier blog Hilf-ol-Fozoul reports that on Thursday several domains of Citi Bank such as citicards.com, citibank.com and citi.com were inaccessible during the pick hours. "In the 3rd week from Operation Ababil, Bank of America faced technical difficulties due to heavy traffic made by al - Qassam Cyber Fighters and users can no more reach the site." said the hackers
The Citi Bank’s representatives acknowledged the cyber attack while saying “Currently we are aware & are working on technical issues with Citi websites. We will let you know when service is fully restored. We apologize for the inconvenience. Please call the number on the back of your card if you need immediate assistance,” on Twitter. But the representatives of Bank of America have not issued any statements on the matter.




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

'PayPal 14' Culprits Enter Guilty Pleading Over Pro-WikiLeaks DDoS Attack Versus PayPal

Posted by Avik Sarkar On 12/08/2013 01:14:00 am

Accused 'PayPal 14' Culprits of Anonymous Enter Guilty Pleading Over Pro-WikiLeaks DDoS Attack Versus PayPal

I am quite sure that all of your regular readers still remember the devastating cyber attack from Anonymous against PayPal, the attack was conducted under the banner of Operation PayPal (#OpPayPal). The infamous hacker community stated a reason for this mass protest as the online payment company suspending the account of WikiLeaks. #OpPayPal is considered as one of the most demolishing cyber attack ever taken in cyber space. PayPal with law enforcement agencies immediately taken steps and start investigation, in the primary step PayPal sent 1000 IP address of Anonymous hacker who was linked on that attack to FBI. As expected the hackers who were behind that attack was serially busted by the police. And finally the accused anonymous hacker appeared in federal court in California on Thursday and will be formally sentenced in one year. Eleven of the so-called “PayPal 14” members each pleaded guilty in court to one felony count of conspiracy and one misdemeanor count of damaging a computer as a result of their involvement in a distributed denial-of-service (DDoS) attack waged by Anonymous in late 2010 shortly after PayPal stopped processing donations to the anti-secrecy group WikiLeaks. Prosecutors say the defendants used a free computer program called the Low Ion Orbit Cannon, aka LOIC, to collectively flood PayPal’s servers with tremendous amounts of illegitimate internet traffic for one week that winter, at moments knocking the website offline as a result and causing what PayPal estimated to be roughly £3.5 million in damages
Pending good behavior, those 11 alleged Anons will be back in court early next December for sentencing, atpleading guilty to the misdemeanor counts only, likely removing themselves from any lingering felony convictions but earning an eventual 90 day jail stint when they are finally sentenced. A fourth defendant, Dennis Owen Collins, did not attend the hearing due to complications involving a similar case currently being considered by a federal judge in Alexandria Virginia in which he and one dozen others are accused of conspiring to cripple other websites as an act of protest during roughly the same time.
which point the felony charges are expected to be adjourned. Two of the remaining defendants cut deals that found them. In his press reaction defense attorney Stanley Cohen said the terms of the settlement were reached following over a year of negotiations, “based upon strength, not weakness; based upon principle, not acquiescence.” In the courtroom all the accused hacker stood up and said, ‘We did what you said we did . . .We believe it was an appropriate act from us and we’re willing to pay the price.’ 
On the other hand Cohen, who represented PayPal 14 defendant Mercedes Haefer in court, said one of the hacktivists told him after Thursdays hearing concluded that "This misdemeanor is a badge of honor and courage." When media questioned Michael Whelan, a lawyer for one of the defendants, he declined to comment on the plea. 


-Source (RT)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

White House Unclassified Network Hacked By Chinese Hackers Using Spear Phishing

Posted by Avik Sarkar On 10/03/2012 04:37:00 am

White House Unclassified Network Hacked By Chinese Hackers Using Spear Phishing

Another cyber espionage generated from China targeted the White House. U.S. government computers reportedly including systems used by the military for nuclear commands were breached by Chinese hackers. The White House it self confirmed the breach, while saying that hackers indeed made an attempt to infiltrate its computer system, but says it thwarted the effort and that no classified networks were threatened. Also the security breach did not appear to have stolen any dataWhite House spokesman Jay Carney told reporters the White House is equipped with mitigation measures that identified the attack, isolated it and prevented its spread. He said there was no indication that any data was removed. “There are distinctions between those networks that contain classified information and those that don’t, and the attack was against an unclassified network,” Carney said. 
The hackers breached the network by using a technique known as spear phishing, in which they target victims who have access to sensitive computer networks by sending personalized emails that appear to come from trusted sources. Once the victims click on the bogus attachment or link, the hackers can install malicious software on the PCs to spy on users and steal data.  A law enforcement official who works with members of the White House Military Office confirmed the Chinese attack to press on Monday, but it remains unclear what information, if any, was taken or left behind. But still The White House officially did not say whether the recent attack was linked to China or not. 

"This [White House Communications Agency] guy opened an email he wasn't supposed to open," the source said. That email contained a spear phishing attack from a computer server in China, the law enforcement source told the press. The attack was first reported by the conservative blog Free Beacon. Spear phishing involves the use of messages disguised to appear as valid; in fact, they contain targeted, malicious attempts to access sensitive or confidential information. 

While talking about this breach, we would like to remind you that just few days ago Chinese hackers breached Telvent's corporate network & gained control of US Power GridCouple of months ago we have seen that Chinese hackers have broken into Indian Navy's Computer System & stolen sensitive data. Few months before this hack, Tokyo based computer security firm Trend Micro confirmed that Chinese hackers were responsible for biggest cyber-espionage in India, Japan & Tibet. Also the director of National Security Agency (NSA) General Keith Alexander confirmed that hackers from China was responsible for the serious attack on one of the leading IT security & cyber security company RSAAlso in 2011 China was responsible behind the attack on US Chamber of Commerce, Satellite System of U.S, Nortel Network & so on.  But few days ago National Computer Network Emergency Response Coordination Center of China (CNCERT/CC), China's primary computer security monitoring network claimed that China fallen victim of one of biggest cyber attacks originated from US, Japan & South Korea. We must have to say that this statement is truly irrelevant. Cyber crime investigator have found that China was directly responsible for the hack into Japan's Biggest Defense Contractor Mitsubishi, Japan Aerospace Exploration Agency (JAXA) & Parliament of Japan. In case of South Korea  more than 13 Million of MapleStory players data has been stolen, there also hackers from China was responsible. 








SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Why does Sony getting hacked for multiple times (full report)

Posted by Avik Sarkar On 6/09/2011 07:01:00 pm


Since the April Play Station Network breach that exposed over 100 million user accounts, Sony has been hacked more than 10 times. Sony Pictures,Sony Europe, Sony BMG Greece, Sony Thailand,Sony Music Japan, Sony Ericcson Canada, and others, have all been the target of attacks. Sony has had to contend with intense scrutiny from media, disgruntled users and lawmakers, with everyone asking the company how it could let such a breach happen. Sony has apologized repeatedly and said that the original attack was a highly professional, criminal cyber attack aimed at stealing credit card numbers. Other experts have said that Sony simply didn't have its security act together and that the attack was likely far simpler. Now, critics are wondering what exactly the motivation might be behind the continued hacks. While the initial PlayStation Network breach was the largest of the hacks to date, Sony's cyber attack problem has continued due to both inconsistent security across Sony's systems and the rise of new groups of hackers interested less in punishing Sony than in showing off their ability to breach the company's defenses, experts say.

Some analysts say Sony's security woes started when the company pressed charges against 20 year-old hacker, George Hotz, who reverse-engineered Sony’s PlayStation 3 so that it could run unapproved third-party applications. Sony responded by suing Hotz, a move that reportedly infuriated many in the hacker community. Many experts say the attack on the PlayStation Network in April could have been an act of vilgilante justice resulting directly or indirectly from Sony's lawsuit against Hotz.

"Sony's perceived abuse of the legal system in targeting reverse-engineer George Hotz infuriated hacker groups," said Randy Abrams, director of technical education at ESET, an IT security firm. Abrams also noted that even before the Hotz incident, Sony had drummed up "significant antipathy" as the result of a 2005 scandal involving Sony CDs that automatically installed a rootkit that made users' computers vulnerable to attack.
The PlayStation Network attack appears to have set off an avalanche of follow-ups.

"Other hackers and hacking groups realized they could jump on the bandwagon and break into other Sony properties and get in the news," said Richard Wang, manager of Sophos Labs, a security vendor. "Really anything that has the Sony brand on it has become a target for someone trying to make a name for themselves or trying to prove they can break into the website."

Fred Cate, director of the Center for Applied Security Research at the University of Indiana, said the first PlayStation Network breach may have tempted hackers by revealing Sony as open to attack. "There's sort of a pile-on effect," Cate said. "Once you hear that there's a vulnerable network out there, other folks start trying. Sony's now a new target of interest."
Other hackers seem to have joined up for reasons other than political or monetary gain. Sites like has sonybeen hacked this week.com demonstrate a curious mixture of genuine curiosity and weary cultural saturation.

"Prior to the PSN hack, the loosely organized Anonymous group had waged war against Sony, reflecting the opinion of a significant share of netizens who got infuriated by Sony's corporate attitude," said Guillaume Lovet, a senior manager of the threat response team at Fortinet. "But now, from being a target for opinion reasons only, it also became a target 'just for the lulz,' for [hacker group] lulzsecurity and others."
"The outcome," Lovet said, "is more attackers, thus more successful hacks."

Some critics have questioned whether Sony's security efforts both before and after the initial breaches have been adequate. Sony has since promised to boost its security systems and review existing procedures. Still, according to experts, many of the attacks used to breach Sony's sites are fairly basic hacks that the company could easily have protected against.

"They seemingly have an almost anarchistic approach to global network security, with no visible coordination of security practices across Internet properties," said Abrams. "Some properties, such as Sony Pictures, seem to have been ignoring basic security best practices."

Part of the problem is Sony’s huge international web presence. Experts say its highly unlikely that the company's multiple divisions, from movies to gaming, are following any coordinated set of security protocols.

"Sony has disclosed many breaches, including different servers in Indonesia and Thailand. I highly doubt that the same developers who developed these websites are the same developers who worked on the Playstation Network, Sony Pictures, etc.,” said Derek Manky, a senior security strategist at Fortinet. "Quite simply, there is a tradeoff: Security dwindles as you add convenience and complexity."

While the novelty of hacking Sony may continue to diminish as other cybersecurity stories hit the news, it's clear Sony must get its act together or risk more attacks, a loss of customer faith and money and possible government intervention. 

"Sony needs time to get their security house in order," Jeremiah Grossman, the CTO of WhiteHat Security wrote in an email. "As an organization, Sony could see this as an opportunity. A year or more from now, they could be an example of how security SHOULD be done across the entire industry."

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search