Showing posts with label DDoS. Show all posts
Showing posts with label DDoS. Show all posts

British Spy Agency GCHQ Performed DDoS Attack Against Anonymous -Snowden Documents Transpired

Posted by Avik Sarkar On 2/10/2014 01:49:00 am

British Spy Agency GCHQ Performed DDoS Attack Against Hacktivist Anonymous & LulzSec -Snowden Documents Transpired
While excavating the past, it was always found that cyber criminals, large hacker collective groups were the culprits for engaging voluminous denial of service attack. But this widely transfusing story get a one eighty degree reverse turn, when the former NSA contractor Edward Snowden revealed another trade secret. Recently a lurid story get spot lighted, as the whistle blower Snowden unfold yet another breathtaking stealthy  documents taken from the National Security Agency. The clandestine documents taken the mask from the so called good guys, unveiling British spy agency GCHQ had launched a secret war against the infamous hacktivist collective Anonymous and a splinter group known as LulzSec several years ago. Many of you guessed right, this was happened when Anonymous were targeting various UK companies and government websites. The documents disclose that GCHQ carried out seemingly illegal DDoS attacks against the collective, flooding their chatrooms with so much traffic that they would become inaccessible – and all with the approval of the British government. The revelations come less than a year after several LulzSec activists were jailed by a British court for carrying out similar DDoS attacks against targets including the CIA, the UK’s Serious Organized Crime Agency (SOCA), News International, Sony and the Westboro Baptist Church, among others. 
This sensational issue was made public by NBC News deferentially with the help of none other than Edward Snowden. In their exclusive report headed 'War on Anonymous: British Spies Attacked Hackers,' NBC said -The blunt instrument the spy unit used to target hackers, however, also interrupted the web communications of political dissidents who did not engage in any illegal hacking. It may also have shut down websites with no connection to Anonymous. According to the documents, a division of Government Communications Headquarters (GCHQ), the British counterpart of the NSA, shut down communications among Anonymous hacktivists by launching a “denial of service” (DDOS) attack – the same technique hackers use to take down bank, retail and government websites – making the British government the first Western government known to have conducted such an attack.
The documents, from a PowerPoint presentation prepared for a 2012 NSA conference called SIGDEV, show that the unit known as the Joint Threat Research Intelligence Group, or JTRIG, boasted of using the DDOS attack – which it dubbed Rolling Thunder -- and other techniques to scare away 80 percent of the users of Anonymous internet chat rooms. 
The existence of JTRIG has never been previously disclosed publicly. The documents also show that JTRIG infiltrated chat rooms known as IRCs and identified individual hackers who had taken confidential information from websites. In one case JTRIG helped send a hacktivist to prison for stealing data from PayPal, and in another it helped identify hacktivists who attacked government websites. 
As soon as this story getting all the spot lights, immediately the GCHQ responded to this saying all their movements and operations were lawful“All of GCHQ’s work is carried out in accordance with a strict legal and policy framework which ensure[s] that our activities are authorized, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Parliamentary Intelligence and Security Committee. All of our operational processes rigorously support this position.” -GCHQ said the press. To know more detail about this story, don't forget to stay tuned with VOGH



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

'PayPal 14' Culprits Enter Guilty Pleading Over Pro-WikiLeaks DDoS Attack Versus PayPal

Posted by Avik Sarkar On 12/08/2013 01:14:00 am

Accused 'PayPal 14' Culprits of Anonymous Enter Guilty Pleading Over Pro-WikiLeaks DDoS Attack Versus PayPal

I am quite sure that all of your regular readers still remember the devastating cyber attack from Anonymous against PayPal, the attack was conducted under the banner of Operation PayPal (#OpPayPal). The infamous hacker community stated a reason for this mass protest as the online payment company suspending the account of WikiLeaks. #OpPayPal is considered as one of the most demolishing cyber attack ever taken in cyber space. PayPal with law enforcement agencies immediately taken steps and start investigation, in the primary step PayPal sent 1000 IP address of Anonymous hacker who was linked on that attack to FBI. As expected the hackers who were behind that attack was serially busted by the police. And finally the accused anonymous hacker appeared in federal court in California on Thursday and will be formally sentenced in one year. Eleven of the so-called “PayPal 14” members each pleaded guilty in court to one felony count of conspiracy and one misdemeanor count of damaging a computer as a result of their involvement in a distributed denial-of-service (DDoS) attack waged by Anonymous in late 2010 shortly after PayPal stopped processing donations to the anti-secrecy group WikiLeaks. Prosecutors say the defendants used a free computer program called the Low Ion Orbit Cannon, aka LOIC, to collectively flood PayPal’s servers with tremendous amounts of illegitimate internet traffic for one week that winter, at moments knocking the website offline as a result and causing what PayPal estimated to be roughly £3.5 million in damages
Pending good behavior, those 11 alleged Anons will be back in court early next December for sentencing, atpleading guilty to the misdemeanor counts only, likely removing themselves from any lingering felony convictions but earning an eventual 90 day jail stint when they are finally sentenced. A fourth defendant, Dennis Owen Collins, did not attend the hearing due to complications involving a similar case currently being considered by a federal judge in Alexandria Virginia in which he and one dozen others are accused of conspiring to cripple other websites as an act of protest during roughly the same time.
which point the felony charges are expected to be adjourned. Two of the remaining defendants cut deals that found them. In his press reaction defense attorney Stanley Cohen said the terms of the settlement were reached following over a year of negotiations, “based upon strength, not weakness; based upon principle, not acquiescence.” In the courtroom all the accused hacker stood up and said, ‘We did what you said we did . . .We believe it was an appropriate act from us and we’re willing to pay the price.’ 
On the other hand Cohen, who represented PayPal 14 defendant Mercedes Haefer in court, said one of the hacktivists told him after Thursdays hearing concluded that "This misdemeanor is a badge of honor and courage." When media questioned Michael Whelan, a lawyer for one of the defendants, he declined to comment on the plea. 


-Source (RT)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

#OpKillingBay- Anonymous Threaten to Engage Cyber Attack Against Japan Govt Over Dolphin Hunt

Posted by Avik Sarkar On 11/19/2013 06:52:00 pm

#OpKillingBay- Anonymous Threaten to Engage Cyber Attack Against Japan Govt Over Dolphin Hunt

I am sure that many of you remember the famous Oscar winning documentary 'The Cove' where the atrocious practice of killing Dolphins have been highlighted. Now it seems that the internet activist have pick that issue very seriously as the world's largest community of international hackers and activist, widely known as Anonymous has rises his voice against a gruesome culture of Dolphin hunting in Japan. The Japanese government has received an online threat from dangerous hacker collective group Anonymous where they vows to engage massive cyber attack against Japan government if they did not stop this cruel practice of killing the rare spices of dolphin near Taiji, Wakayama Prefecture. According to Japanese officials, they have received this bullying message from Anonymous “STOP these slaughters IMMEDIATELY, or get ready to face the extent of our wrath.” In a pastebin release the hacker group has declared 22 high profile Japanese websites on their hit list, including those of the prime minister’s office, Taji, Wakayama Prefecture, the Ministry of Agriculture, Forestry and Fisheries, and the Ministry of Internal Affairs and Communications.


While following their consuetude, Anonymous has called this campaign Operation KillingBay dubbed #OpKillingBay, where the hacker promised to engage massive cyber attack, in order to damage the Japanese Cyber space. The government has taken this threat very seriously, while looking at the past history of Anonymous and their capabilities, Taiji government and the National Information Security Center have been sent immediate alert since the warning from Anonymous been received. To gain public attention on this very matter the internet activist has already started a project named Save Japan Dolphins, now this contribution of Anonymous will definitely enhance this protest. For updates on this story and also all the other cyber updates stay tuned with VOGH


-Source (JDP)





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Israel Hit By Demolishing Cyber Attack From Anonymous Caused $3 Billion Damage (#OpIsrael)

Posted by Avik Sarkar On 4/11/2013 01:44:00 am

VOGH Exclusive: Israel Hit By Demolishing Cyber Attack From Anonymous Caused $3 Billion Damage (#OpIsrael) 

The past 7th April will be unforgettable for Israeli cyber space, yes it was no doubt the black day for Israel, when the World's largest hacker group "Anonymous" with help of several other hackers communities caused ruin while bringing down almost all the Israeli Government websites, along with more that 100,000 other important Israeli websites, 40,000 Facebook pages, 5,000 Twitter accounts and 30,000 bank accounts belonging to Israeli people. The hacker group not only demolished the cyber space of Israel, but also caused a loss of 3 billion USD. This never forgettable hacking rampage dubbed Operation Israel became the most devastating and venturesome hacking rampage ever happened to the Israeli cyber space. In the last week of March, it was dangerous hacker collective group Anonymous who called the operation widely known as #OpIsrael, where the hacker group vows to erase Israel from the Internet. And indeed the hacker group did that, According to several Israeli source, leading media outlets it has been confirmed that almost all the important sites owned by the Government of Israel have been  either hacked and paralyzed. These sites include the site of the Israeli Police, Israeli Prime Minister, Bureau of StatisticsIsraeli intelligence agency Mossad, Stock Market and the Israel Ministry of Defense and many more. Regardless of the amount of damage done, the scale of the attack is bound to be embarrassing for the Israeli government. This is the second time that Anonymous has successfully taken down Israeli government websites. The first #OpIsrael attack happened last November and affected Israeli cyber fence heavily. Like the last November, this time also the reaction of Israel Government was indifferent and unconcerned. Despite of what Anonymous's claims of massive damage to Israel, the country's cyber security officials say that the attack caused minimal damage. "So far it is as was expected, there is hardly any real damage," Yitzhak Ben Yisrael from the government's National Cyber Bureau told the press. "Anonymous doesn't have the skills to damage the country's vital infrastructure. And if that was its intention, then it wouldn't have announced the attack ahead of time. It wants to create noise in the media about issues that are close to its heart." This is more or less what Anonymous always does, often with varying levels of success.







SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

PostgreSQL Fixed “Persistent Denial-of-Service” Vulnerability (CVE-2013-1899)

Posted by Avik Sarkar On 4/11/2013 01:44:00 am

PostgreSQL Fixed 'High-Exposure Security Vulnerability' Causing Denial-of-Service Attack (CVE-2013-1899)

Security researcher's have yet again figured out a serious security hole in one of most widely used object-relational database management system, PostgreSQL also known as Postgres. While manipulating the loophole an attacker can easily corrupt files and in some cases, can execute malicious code on underlying servers causing "persistent denial-of-service" attack. By corrupting the files an attacker can cause database server to crash and refuse to reboot. Affected servers could only be restarted by removing garbage text from the files or by restoring them from a backup. Versions 9.0, 9.1, and 9.2 are all vulnerable. As soon as this vulnerability get spotted, the developers at PostgreSQL immediately  released updates while addressing a "high-exposure security vulnerability in versions 9.0 and later." The updates are available for 9.0, 9.1, and 9.2 branches, as well as 8.4. This updates also allow PostgreSQL to be built using Microsoft Visual Studio 2012. According to developers: "A major security issue fixed in this release, CVE-2013-1899, makes it possible for a connection request containing a database name that begins with "-" to be crafted that can damage or destroy files within a server's data directory. Anyone with access to the port the PostgreSQL server listens on can initiate this request. This issue was discovered by Mitsumasa Kondo and Kyotaro Horiguchi of NTT Open Source Software Center." In addition to fixes for one major security issue, the updates also include four more minor security fixes, as well as fixes for other, non-security-related issues. 

Some of these fixes include:
  • A security vulnerability that made contrib/pgcrypto-generated strings too easy to guess;
  • A vulnerability that would allow unprivileged users to interfere with backups;
  • Security issues involving the OS X and Linux installers;
  • Vaious issues with GiST indices;
  • An issue related to crash recovery; and
  • Memory and buffer leaks, among others.

The complete list of fixes and enhancements in each version can be found on the PostgreSQL release notes archive page. Also the patched PostgreSQL 9.2.4, 9.1.9, 9.0.13, and 8.4.17 are available now at download  page. While talking about this fix, we would like to remind you that, late in last year another security vulnerability hit PostgreSQL database system, including versions 9.1.5, 9.0.9, 8.4.13 and 8.3.20. The security holes associated with libxml2 and libxslt. Along with that a vulnerability in the built-in XML functionality, and a vulnerability in the XSLT functionality supplied by the optional XML2 extension. 



-Source (Campus Technology & The-H)








SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Anonymous Targeted Mexican Defense, Navy & Ministry Websites

Posted by Avik Sarkar On 1/23/2013 04:57:00 pm

Anonymous Targeted Mexican Defense, Navy & Ministry Websites 

The whole cyber world can be the witness of bitter relation between hacker collective group Anonymous and the Mexican government. We those who used to observe the cyber domain have already seen several protest campaign came from Anonymous against Mexico, whether it was the Pope or Mexican Drug Cartels or Mexican Govt. sponsored bus organization. Here again the same thing get repeated when the infamous Anonymous targeted  several web sites of Mexico’s defense and navy departments. 
The name of the group "Anonymous Mexico" was visible on the website in front of a black background, with phrases from the manifesto of the Zapatista National Liberation Army (EZLN). The group MexicanH Team, which identified itself as part of Anonymous Mexico, said on Twitter that it had hacked and "defaced" the ministry website. In another Twitter account, the group Anonymous Hispano, which uses the handle @anonophispano, claimed that "the entire content" of the defense ministry server was hacked and that it will be "released soon." 
“Brothers and sisters, let’s raise our voices for a Mexico free of corruption, free of crime,” the message said. “Let’s show the world that were are one, we are everyone. We are anonymous. We are legion. We don’t forgive. We don’t forget. Wait for us!” -added by the hacker. 
In response of hacking, the Defense Ministry responded that its website was “momentarily out of service” but did not explain why and did not refer to the hacking claim. But on the other hand the Mexican Navy accommodated the cyber attack and said that- its web site was targeted only by a simple denial-of-service, attack and that no sensitive information was compromised. Later Sedena issued a statement hours later saying that while its Web site was indeed temporarily down, but the department’s internal information and communication systems were “functioning with complete normality.” And After couple of hours all the services and website came back live with proper functionality. 





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Citi Bank & Bank of America Faced Sent Offline After Massive DDoS Attack (Operation Ababil)

Posted by Avik Sarkar On 1/05/2013 09:48:00 pm

Citi Bank & Bank of America Faced Sent Offline After Massive DDoS Attack (Operation Ababil)

Late in last year we have reported that major banking and finical sector of America faced massive cyber attack. The attack came just after 'anti Islamic' video was posted online. During the time of attack the hacker group named 'Izz ad-Din al Qassam Cyber Fighters' said "these series of attacks will continue until the Erasing of that nasty movie from the Internet". But now its seems that, the earlier deceleration of the hacker collective group was fake, as they again engaged denial of service attack against large banking sector, where Citi Bank and Bank of America fallen victim. Several website of those above banks were reported offline for a certain period of time. "Just moments ago Izz ad-Din al-Qassam Cyber Fighters attacked CitiBank and made all the parts out of reach. This was the 2nd attack this day. Banks could not stop al-Qassam Cyber fighters this week" - said the hacker group in their blog. In thier blog Hilf-ol-Fozoul reports that on Thursday several domains of Citi Bank such as citicards.com, citibank.com and citi.com were inaccessible during the pick hours. "In the 3rd week from Operation Ababil, Bank of America faced technical difficulties due to heavy traffic made by al - Qassam Cyber Fighters and users can no more reach the site." said the hackers
The Citi Bank’s representatives acknowledged the cyber attack while saying “Currently we are aware & are working on technical issues with Citi websites. We will let you know when service is fully restored. We apologize for the inconvenience. Please call the number on the back of your card if you need immediate assistance,” on Twitter. But the representatives of Bank of America have not issued any statements on the matter.




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

British Court Convicts Anonymous Hacker "Nerdo" For DDoS Attack Over WikiLeaks Funding

Posted by Avik Sarkar On 12/11/2012 05:53:00 pm

British Court Convicts Anonymous Hacker "Nerdo" For DDoS Attack Over WikiLeaks Funding

Another alleged Anonymous hacker faced cour rule. A British court has convicted a 22-year-old for allegedly being a ‘key figure’ behind Anonymous DDoS attack on PayPal in revenge for its freezing WikiLeaks payments. A 22-year-old British student Christopher Weatherhead, self described "hacktivist", going by the name of "Nerdo" was convicted by the jury on a count of conspiracy to impair computer operations. The conviction came after guilty pleas of three of Weatherhead's co-conspirators.
"Christopher Weatherhead is a cyber criminal who waged a sophisticated and orchestrated campaign of online attacks on the computer systems of several major companies," prosecutor for the CPS Organized Crime Division Russell Tyner said in a statement. "These were lawful companies with ordinary customers and hard working employees. This was not a victimless crime."
This court rule came as a part of its ongoing pursuit to strike back at hackers, U.K. courts have convicted a member of Anonymous for conspiracy.
That very cyber attack, for which Christopher Weatherhead has been charged was dubbed "Operation Payback" where Weatherhead and several other Anonymous members targeted those companies that opposed internet piracy, but switched to companies like Mastercard, Visa and PayPal after they refused to process payments to WikiLeaks. Recently in our report, we described that Operation Payback cost a massive damage, for PayPal it cost more than €4.3 million. According to CPS, those campaigns carried by the hacker cost the companies more than $5.6 million in additional staffing, software, and loss of sales. 
The student denied the accusation claiming he was merely an Anonymous chatroom operator and never took part in the attacks. The judge allegedly demanded that Weatherhead provide “as much information as possible” and threatened him with a jail term. The court ruling in Mr. Weatherhead's case will be announced later. 



-Source (Cnet)








 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

DDoS Attack From Anonymous Cost PayPal £3.5 Million of Damage

Posted by Avik Sarkar On 11/23/2012 08:07:00 pm

DDoS Attack From Anonymous Cost PayPal £3.5 Million of Damage 

The distributed denial of service attack (DDoS) from hacktivist Anonymous has cost PayPal more than €4.3 million. The attack which was named Operation Payback were initially aimed at companies that opposed internet piracy, but switched to companies like Mastercard, Visa and PayPal after they refused to process payments to WikiLeaks. After that attack PayPal -the global leader in online money transfer and payments has paid around £3.5 million defend and arm itself against such kind distributed denial-of-service (DDoS) attacks. In a report BBC said that more than one hundred skilled employees from eBay, PayPal's parent company, spent almost three weeks working on DDoS-attack-related issues and that PayPal had bought software and hardware to defend itself against further attacks. In all, the total cost of this work came to £3.5 million. This details have been revealed in a court case at Southwark Crown Court where a defendant, Christopher Weatherhead (studying at Northampton University when who allegedly took part in the campaign), is facing charges of conspiring to impair the operation of computers. He has pleaded not guilty to conspiring to impair the operation of computers between 1 August 2010 and 22 January 2011.
Sandip Patel, prosecuting, said the group caused PayPal "enormous economic harm". Mr Patel said they used distributed denial of service, or DDoS, which flooded the targets computers with enormous amounts of online requests. Target websites would crash and users would be directed to a page displaying the message: "You've tried to bite the Anonymous hand. You angered the hive and now you are being stung."
Mr Patel said: "This case, simply put, is about hackers who used the internet to attack and disable computer systems - colloquially described as cyber-attackers or vandals." He said Mr Weatherhead, who used the online name Nerdo, posted plans on an Internet Relay Chat (IRC) channel encouraging an attack on PayPal. 
He said PayPal was the victim of a series of attacks "which caused considerable damage to its reputation and loss of trade". 






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Israel Ministry of Justice & it Sub-domains Hit By Godziila Volcanimum

Posted by Avik Sarkar On 11/19/2012 02:17:00 am

Israel Ministry of Justice & it Sub-domains Hit By Godziila Volcanimum

After Anonymous & Hitcher it was the turn for Indian hackers. A young hacker code named "Godziila Volcanimum" joined the hack activity or in other word the Israeli rampage. During the attack he targeted several Israeli government websites including Israel Ministry of Justice and its ten to twelve sub-domains. According to the sources all those targeted websites were frozen by the hacker while sending massive traffic to generate load and interrupt the services. The attack was took place in the Friday evening and the hacker managed to violate the services for several hours. Several sources and medias confirmed that the official website of Israeli ministry of justice was remain down for more than a day. The list of all those targeted Ministry of Justice domain, which fallen victim to this round of cyber attack, can be found on a pastebin note; released by the hacker. In his press release Godziila Volcanimum said "Is killing innocent people a Justice?? Stop killing small kids and women's.. Don't cross your limit.. ./Peace is just what we want..." which clearly indicating that the motive of this cyber attack was driven by the cause of Gaza and to to show support for Palestine, which is currently under heavy fire. 

Update:- Now the server of Israeli Ministry of Justice has overcome the cyber attack. All those targeted websites have been restored and came back online, as expected they are functioning properly. So far the Israeli ministry have confirmed that more than 44 million hacking attempts have been made on Israeli government web sites since Wednesday when Israel began its Gaza air strikes. 




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Teen Hacker "Cosmo the God" of Underground Nazi Sentenced 6 Yrs Internet Ban By California Court

Posted by Avik Sarkar On 11/12/2012 06:38:00 am

Teen Hacker "Cosmo the God" of Underground Nazi Sentenced 6 Yrs Internet Ban By California Court

A teenager hacker from an infamous hacker collective group named Underground Nazi faced Internet ban. On Wednesday the 15 years old hacker known as "Cosmo" or "Cosmo the God" was sentenced in juvenile court in Long Beach, California. According to sources, Cosmo pleaded guilty to multiple felonies in exchange for a probation, encompassing all the charges brought against him, which included charges based on credit card fraud, identity theft, bomb threats, and online impersonation. 
This newly formed hacker group Underground Nazi had taken the spot light in January this year, when they hacked UFC.com (Ultimate Fighting Championship). Later they involved them selves in mass protest against controversial privacy act SOPA & PIPA. The protest was dubbed Operation Megaupload (#OpMegaupload), where hacktivist Anonymous  along with hackers around the globe stand together against the take down of Megaupload.com. In the middle of 2012 Cosmo was also responsible for Twitter outage, where Cosmo along with few other UG Nazi members performed massive denial of service attack to interrupt the service of Twitter. Also it has been found that, Cosmo pioneered social-engineering techniques that allowed him to gain access to user accounts at Amazon, PayPal, and a slew of other companies. He was arrested in June during a part of a multi-state FBI sting. 
Representatives from both the Long Beach district attorney and public defenders offices refused to comment on the case, given Cosmo’s status as a juvenile. However, according to Cosmo, the terms of the plea place him on probation until his 21st birthday. During that time, he cannot use the internet without prior consent from his parole officer. Nor will he be allowed to use the Internet in an unsupervised manner, or for any purposes other than education-related ones. He is required to hand over all of his account logins and passwords. He must disclose in writing any devices that he has access to that have the capability to connect to a network. He is prohibited from having contact with any members or associates of UG Nazi or Anonymous, along with a specified list of other individuals. He had to forfeit all the computers and other items seized in the raid on his home. Also, according to Cosmo, violating any of these terms will result in a three-year prison term. The probationary period lasting until age 21 is standard, but other terms were more surprising.



-Source (Wired) 









SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

HSBC Comeback Online After Prolonged DDoS Attack From Anonymous

Posted by Avik Sarkar On 10/20/2012 12:07:00 pm

HSBC Comeback Online After Prolonged DDoS Attack From Anonymous 

Massive attack against banking and financial sector continues, this time HSBC became the latest victim of cyber attack. The attack which interrupt the service for 10 hours long were mainly originated from Iran and Russia. After 'Izz ad-Din al Qassam Cyber Fighters' now it was the time for Fawkes Security, an offshoot of hacktivist group Anonymous, quickly took credit for the attack, acknowledging the take down in posts yesterday afternoon on Twitter and Pastebin The group claimed to have knocked HSBC’s main site, along with its US, UK and Canadian counterparts offline and on Friday,claimed it logged 20,000 debit card details from the site while it was down. 
According to HSBC newsroom- "On 18 October 2012 HSBC servers came under a denial of service attack which affected a number of HSBC websites around the world." But HSBC denied any sort of data loss. Fawkes Security claimed to have details of more than 20K cards, but in their release HSBC said "This denial of service attack did not affect any customer data, but did prevent customers using HSBC online services, including internet banking." 
But now the whole situation is under control, websites belonging to British bank and financial services company HSBC are back online and working normally. According to an update posted on its website, HSBC restored all of its websites globally to full accessibility as of 3:00am UK time. 
New York Stock Exchange, Bank of America, Wells Fargo, US Bank and PNC was brought down by few hacker collective group as protest against the anti Islamic movie. After this attack the name of HSBC has also been enlisted with those poor victims (affected banks & finance sector) who suffered DDoS attack in last month.





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Facebook Outage in Many European Countries Not Caused By Anonymous But DNS Problem

Posted by Avik Sarkar On 10/14/2012 06:26:00 pm

Facebook Outage in Many European Countries Not Caused By Anonymous But DNS Problem 

World's most popular and largest social network Facebook faced another downtime. This time the outage effected millions of users in European countries including Denmark, France, NorwayGermany and Italy. After June this is the second outage which effected large number of Facebook users. Last time Facebook users faced disturbance while using their favorite social network. Facebook users across the globe experienced log-in difficulties for several hour. But this time, the social networking giant remain down for a decent time. The outage may have caused Facebook’s share price to go down. For a site with 900 million users worldwide, even a minor outage has a huge effect. Like the June issue, here also hacker collective came first and took credit of the outage. According to a twitter account of the hacktivist group named  Anonymous Own3r, took responsibility of the outage, In his tweet he claimed to figure out several vulnerabilities in Facebook, which causes the outage. In a pastebin note, the hacker publishes those so called vulnerabilities. Also in his tweet the hacker claimed to have control in many servers owned by Facebook. 

But Facebook completely denies the hacker attack & said the cause of the outage was nothing but DNS issue, neither hacker attack nor DDoS.  Here we want yo give you reminder that i2011 Anonymous openly declared to take down Facebook. The operation was dubbed #Op-Facebook and Anonymous told that they will hit FB on the 5th of November last year. But in reality it was just a threat and as expected Anonymous failed to execute Operation Facebook. Later in June this year, Anonymous took credit for a couple of hours outage of Facebook, and here again Anonymous affiliated member repeated the same story, which again proves completely baseless, and in short it was nothing but a publicity stunt. 

In case of large social network like Facebook, such kind of DNS issues can be happened. Whatever immediately after this outage Facebook released a statement saying -
"There has not been a hack of Facebook. We have investigated these claims, and they are not valid. The evidence cited was produced by an automated vulnerability scanner that alerts developers of potential vulnerability, and we have found these all to be false alerts.
We expect Anonymous just like we expect any other attack on any other day. Due to our size, we face the same threats as seen everywhere else on the Web, but we have developed partnerships, back-end systems, and protocols to confront the full range of security challenges we face. Facebook has always been committed to protecting our users’ information, and we will continue to innovate and work tirelessly to defend this data.
Earlier (Thursday), we made a change to DNS as part of a traffic-optimization test, and that change resulted in some users being temporarily misrouted. We detected and resolved the issue immediately, but a small number of users located primarily in Western Europe experienced issues accessing the site while the DNS addresses repopulated. We are now back to 100 percent, and we apologize for any inconvenience..."



-Source (All Facebook)




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

THC-IPv6 Attack Toolkit, A Tool to Attack the Inherent Protocol Weaknesses of IPV6 & ICMP6

Posted by Avik Sarkar On 10/13/2012 01:26:00 am


THC-IPv6 Attack Toolkit, A Tool to Attack the Inherent Protocol Weaknesses of IPV6 & ICMP6

German hackers group, widely known as THC -The Hacker's Choice released an comprehensive attack toolkit for the IPv6 protocol suite named 'THC-IPv6 Attack Toolkit'. THC is the first group who is releasing such attacking tool for IPv6 protocol. According to the release note this is  a complete tool set to attack the inherent protocol weaknesses of IPV6 and ICMP6, and includes an easy to use packet factory library. It comprises of state-of-the-art tools for alive scanning, man-in-the-middle attacks, denial-of-service etc. which exploits inherent vulnerabilities in IPv6. 

Features at a Glance:- 
  • parasite6: icmp neighbor solitication/advertisement spoofer, puts you as man-in-the-middle, same as ARP mitm (and parasite)
  • alive6: an effective alive scanng, which will detect all systems listening to this address
  • dnsdict6: parallized dns ipv6 dictionary bruteforcer
  • fake_router6: announce yourself as a router on the network, with the highest priority
  • redir6: redirect traffic to you intelligently (man-in-the-middle) with a clever icmp6 redirect spoofer
  • toobig6: mtu decreaser with the same intelligence as redir6
  • detect-new-ip6: detect new ip6 devices which join the network, you can run a script to automatically scan these systems etc.
  • dos-new-ip6: detect new ip6 devices and tell them that their chosen IP collides on the network (DOS).
  • trace6: very fast traceroute6 with supports ICMP6 echo request and TCP-SYN
  • flood_router6: flood a target with random router advertisements
  • flood_advertise6: flood a target with random neighbor advertisements
  • exploit6: known ipv6 vulnerabilities to test against a target
  • denial6: a collection of denial-of-service tests againsts a target
  • fuzz_ip6: fuzzer for ipv6
  • implementation6: performs various implementation checks on ipv6
  • implementation6d: listen daemon for implementation6 to check behind a fw
  • fake_mld6: announce yourself in a multicast group of your choice on the net
  • fake_mld26: same but for MLDv2
  • fake_mldrouter6: fake MLD router messages
  • fake_mipv6: steal a mobile IP to yours if IPSEC is not needed for authentication
  • fake_advertiser6: announce yourself on the network
  • smurf6: local smurfer
  • rsmurf6: remote smurfer, known to work only against linux at the moment
  • sendpees6: a tool by willdamn(ad)gmail.com, which generates a neighbor solicitation requests with a lot of CGAs (crypto stuff ;-) to keep the CPU busy. nice.
  • thcping6: sends a hand crafted ping6 packet [and about 25 more tools for you to discover]
For detailed information about the usage, library interface & so on click here. To Download THC-IPv6 Attack Toolkit Click Here (Linux Only). For those who are hearing the name THC first time, we want to give you reminder that before this tool, this German hackers group published few other hack tools like Hydra (Fastest Login Cracker), THC SSL Dos and so on. 






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

#OpPhilippines - Anonymous Hacked & Defaced Several Philippine Govt Sites

Posted by Avik Sarkar On 10/03/2012 04:37:00 am

#OpPhilippines -Anonymous Hacked & Defaced Several Philippine Govt Sites 

When the topic or act of Internet surveillance or Internet privacy rises its head, every time the Hacktivist group Anonymous stand against it. Earlier the world seen not only Anonymous but also hackers from different of the world joined in the protest against controversial act like SOPA, PIPA, ACTA or CISPA. Quit similar scenario happens to Philippines, as soon as the anti-cybercrime law get passed, immediately hackers shown a massive protest against it. The cyber fence of Philippine was heavily disturbed since Wednesday. At the very first stage of the attack the hacker group calling themselves "Anonymous Philippines" targeted several government, civil society and other private websites of Philippine and defaced them. This ongoing cyber attack against Philippine have been dubbed as Operation Philippine (#OpPhilippines)


As of Wednesday midnight, the website of Bangko Sentralng Pilipinas, Metropolitan Waterworks and Sewerage System, the American Chamber of Commerce, and the Philippine Anti-Piracy Team succumbed to the cyber-attacks. The websites of the anti-smoking campaign unit of the Department of Health and think tank Institute for Development and Econometric Analysis followed suit, bringing to six the number of websites attacked. One hactivist announced the challenge to commit cyber-crime in social networking site Facebook by a user #pR.isOn3r.  The post hinted in its footnote that the BSP website was a target.

“Challenge Accepted,” the hacktivist said. “If speaking up against idiocy in government and unconstitutional amendments is a crime, then I am PROUD TO BE A CYBER CRIMINAL.”
“We are anonymous. We are Legion. United as one. Divided by none,” the hacktivist said. “The corrupt fear us. The honest support us. The heroic join us. Expect us.”

This attack followed by few more Govt sites and they are- National Telecommunications Commission (NTC), Philippine Information Agency (PIA) and the Food Development Center sites. 


Message of the Hacker on Deface Page:- 
“This domain name associated with GOV.PH has been seized pursuant to an order issued by Anonymous Philippines,
“A federal grand jury has indicated several individuals and entities allegedly involved in the operation of this website / department / office charging them with the following federal crimes: Conspiracy, Violations of Human Rights, Corruption, Copyright infringement, Money Laundering, PIRACY, Misuse of Devices, Libel, Plagiarism, and Destruction of Freedom of Speech.”



The attack is yet not over, The government portal of  Philippine also faced cyber attack. A twitter account which is recognized as one of of legitimate of source of hacker collective anonymous, took responsibility of engaging denial of service (DoS) attack against www.gov.ph 

"Anonymous Operation Philippines | Target: DOWN | http://www.gov.ph  | #Anonymous #OpPhilippines #FuckTheCyberCrimeLaw #Freedom  |" said the hacker, in his twitter



-Source (inquirer.net)




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Leading US Banking & Financial Sector Suffering From Massive DDoS Attack

Posted by Avik Sarkar On 9/30/2012 03:50:00 pm

Leading US BankingFinancial Sector Suffering From Massive DDoS Attack 

Few days ago in a report we said that US National Security officials accused the Iranian government for engaging cyber attacks against US Banks. The attack came just after 'anti Islamic' video was posted online. Attacks against the websites of leading banks in the United States have the banking and financial services industry on edge. The Financial Services ISAC (Information Sharing and Analysis Center) set its Threat Level to “High” on Wednesday, September 19, indicating a high risk of cyber attacks. Attacks against the websites of leading banks in the United States have the banking and financial services industry on edge. A Muslim hacking group calling itself Izz ad-Din al Qassam Cyber Fighters took responsibility for attacks on the New York Stock Exchange, Bank of America and Chase last week. This week brought attacks against Wells Fargo, US Bank and PNC. Wells Fargo used its Twitter account to apologize for service interruptions on Wednesday and said it was working to "quickly resolve this issue." Most of the targeted banks were back online and operational Thursday. The events prompted U.S. Senator Joe Lieberman (I-CT) to use an interview on C-SPAN to point the finger of blame at the Iranian government and its elite Quds Force.
Wheather it is Iran Govt or that hacker group 'Izz ad-Din al Qassam Cyber Fighters' but the main issue of concern is that the Banking and financial sector has been highly disturbed since last few weeks. Though the situation came under control at last Thursday but still experts are predicting that this ongoing cyber attack is not over yet. In their statement the hacker group vows to engage more attack. "These series of attacks will continue until the Erasing of that nasty movie from the Internet," said the hacker.


-Source (Naked Security) 





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search