Showing posts with label ROT. Show all posts
Showing posts with label ROT. Show all posts

(#OpFreeKorea) Anonymous Breached Uriminzokkiri, Stolen 15k User Data & Hijacked Twitter, Flickr Account

Posted by Avik Sarkar On 4/05/2013 06:31:00 pm

Anonymous Breached Uriminzokkiri.com, Stolen 15K User Data & Hijacked Twitter, Flickr Account (#OpFreeKorea)

Anonymous the most organized and infamous hacktivist group of the world have targeted the cyber fence of North Korea, and the hacking campaign started with the hack of propaganda site Uriminzokkiri.com. The attack had been executed in different steps, first the hacker group calling them selves 'Anonymous Korea' managed to gain access inside Uriminzokkiri and claimed to have stolen more than 15,000 user data (including the names, email addresses, passwords and dates of birth & many more) and later they defaced the website. Uriminzokkiri's main site was offline till Thursday morning. Not only the data breach and defacement, Anonymous affiliated hackers continued their chariots of cyber attack, which then hit the official twitter and Flickr account belongs to Uriminzokkiri. Both the twitter feed and flickr photos have been replaced by the hacker group with anti-North Korea messages. In their message Anonymous boldly demanded that Kim Jong-Un resign and installs free democracy in North Korea while saying Kim Jong as "threatening world peace." Meanwhile Uriminzokkiri's official Twitter account picture had been changed to show two mask-wearing dancers, alongside the legend "Tango Down" and links to hacked companion sites as follows: Hacked uriminzokkiri.com, uriminzokkiri.com/itv, ryugyongclip.com
Notably the hackers posted a cartoon wanted poster of Kim Jong Un – "aka Nuke Nuke Mickey Lover" – with a list of his alleged crimes, including "threatening world peace with ICBMs and nuclear weapons," "wasting money while his people starve to death," and "concentration camps and the worst human rights violation in the world."

The entire cyber attack was done under the banner of Operation Free Korea also dubbed #OpFreeKorea. Hackers from Anonymous vows the North Korean government while claiming to have access to the country’s local intranets, mail servers and web servers. Anonymous hackers claimed to have taken five of the country’s websites offline over the weekend. "We are inside your local intranets, we are inside your mail servers, we are inside your web servers." said the twitter feed of Anonymous Korea. From one of the relevant source of Anonymous it is confirmed that the next activity for the Anonymous #OpFreeKorea campaign is slated as happening on April 19. 


#OpFreeKorea Press Release of Anonymous:-

Hello, citizens of the world.
We are Anonymous
North Korean government is increasingly becoming a threat to peace and freedom.
Don't misunderstand us: As well we disagree with the USA government too - these guys are crooks,
USA is a threat to world peace too, and direct democracy (or any kind of democracy) doesn't exist
there. The American government is a target and enemy of Anonymous as well!
This is not about country vs country - This is about we, the people, the 99% (of USA and of North
Korea) vs oppressing and violent regimes (like USA gov. and N.K. gov)!
We, the people, are gathering together because we are stronger now and we won't fight your wars
anymore, we won't eat your shit anymore!!!
We demand:
- N.K. government to stop making nukes and nuke-threats
- Kim Jong-un to resign
- it's time to install a free direct democracy in North Korea
- uncensored internet access for all the citizens!


Brief About Uriminzokkiri: Uriminzokkiri ("Our Nation") is based in China, but publishes news and propaganda from North Korea's state media and is considered one of Pyongyang's primary online mouthpieces. 






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Anonymous Threatens Israel to Erase From The Internet (#OpIsrael)

Posted by Avik Sarkar On 3/20/2013 04:10:00 am

Anonymous Threatens Israel to Erase From The Internet (#OpIsrael)
Infamous hacker collective group Anonymous along with some organized hacker communities together started a massive rampage against Israeli cyber space. The hacker group threatened Israel government while  planning to engage a massive cyber-attack on Israel, saying that, they will "erase" the country from the Internet. From some legitimate sources it has been confirmed that the hackers are planning to execute the attack on 7th of April. One of the twitter account of Anonymous also confirmed the date and timing, while saying "Hacktivists Starting Cyber Attack against Israel on 7th of April." Also twitter feed of Anonymous invited numerous hackers communities around the world to join up for the cyber rampage dubbed Operation  Israel Phase 2 (#OpIsrael). On the other hand Israel government took the threat seriously and taking almost every steps to avoid any kind of disaster. Ofir Ben Avi, director of online group Accessible Government of Israel told the media -“It’s something being organized online over the past few days. What distinguishes this plan when compared to previous attacks is that it really seems to be organized by Anonymous-affiliated groups from around the world in what looks like a joining of forces”
As you all might know that past experience of Israel while dealing hackers was not at all sweet. In case of Anonymous then we would like to remind you that, this would be the second attack on Israel by the group, as they launched the first “OpIsrael” in November 2012 in response to Israel’s attack on the Gaza Strip.  If you dig the recent past you will come to know that not only Anonymous, but also hackers from different part of the world targeted Israeli cyber space and caused big damages. For instance we can recap the hack of Kosova Hackers Security (KHS) where they hacked and exposed personal data of 35,000 Israeli people. Here we must have to name the hackers from Pakistan who are constantly against Israel causing massive cyber attack against leading IT industry of Israel and other high profile Israeli sites. Just a couple of months ago, the world seen what it call the black day in the history if Israeli cyber space where another Pak hackers community hacked the main domain controller of Israel, which causes a massive hack against almost all the big Israeli sites such as government, MSN, Bing, Live, Skype, Microsoft Store, BBC, CNN, Coca-Colla, XBOX, Windows, Intel & many more. Here we can also take the name of Indian hacker Godzilla & Arabian hacker community (Group-XP) who also harassed and harmed the Israeli cyber space very very badly. After observing all the scenario mentioned above, it is expected to watch some sensational fight between hackers and Israeli government. So lets wait for the time, and stay tuned with VOGH to get all the latest update on this story and also other cyber issues.



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

President of Philippines Official Website Hacked By Anonymous

Posted by Avik Sarkar On 3/18/2013 04:12:00 am

President of Philippines Official Website Hacked By Anonymous in Protest of "Sabah Issue"

After remaining silent for a certain period, the infamous hacker collective group Anonymous strikes again. As you all might know that normally this group targets high profile websites like government organization, federal authorities, defense, ministry and other giant organization. This time also the same strategy get repeated, as the hacker group targeted the official website of the President of Philippines. During this cyber attack the hacker group has breached the security system and managed to get access in side the website, and as expected they defaced the index page. In the news section of the website the hacker group calling them selves "Anonymous Philippines"; affiliated to one of the worlds most dangerous and largest hackers community going by the name "Anonymous";  left message for the President Benigno Aquino III. From the message left by the hacker, we came to know that the hacking was a part of protest against the Aquino administration’s mishandling of  the crisis in "Sabah issue" 

Message of Anonymous Philippines:- 
“Greetings, President Aquino! We have watched how you signed into law a bill that endangers and tramples upon the netizens’ freedom of speech and expression. Now, we are silent witnesses as to how you are mishandling the Sabah issue. We did not engage the Malaysian hackers who invaded our cyberspace since we expected you to appropriately and judiciously act on the same, but you failed us.
“You did nothing while our fellow brothers are being butchered by the Malaysian forces, and while our women and children become subject of human rights abuses. If you can’t act on the issue as the Philippine President, at least do something as a fellow Filipino. We are watching.” 

As soon as this hack get spotted, the Philippine government took immediate step while closing the backdoor and removing the deface page. After an hour of maintenance the website get restored and came back in proper manner. Later in-front of press the Philippine government acknowledged the issue. In the official statement the Communications Secretary of Philippine Sonny Coloma said -“At around 1:30 a.m. today, we detected a breach when an errant sentence critical of the government on the Sabah issue was found to have been inserted in one of the news items within the website.” Coloma did assure the public that the site will be up and running “in a few hours.” 
“We expect to resume public display of the President's website in a few hours after needed protection measures have been put in place,” Coloma said, adding that the site was not compromised in any other way. “No further intrusions were made as the internal security protocols were activated,” he said. 
While covering the hack of President site, we must give you reminder that, this hack is not the first one, earlier half dozen of major government website of Philippine was targeted by the same hacker group, even in this year the official website of Senator Vicente C. Sotto III get hacked and defaced by Anonymous Philippines for the protest of "Cybercrime Prevention Act" 




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Master Card Blog Hacked & defaced By Syrian Electronic Army

Posted by Avik Sarkar On 1/16/2013 06:57:00 pm

Master Card Payments Perspectives Blog Hacked & defaced By Syrian Electronic Army

It's became a very common scenario that hackers targets banks, payment gateway and other financial sectors. Sites like Paypal, Visa, Master Card were among those common victims who used to face massive round of cyber attacks. Past two years hacktivist managed to interrupt the service of those websites many times. Here also in the beginning of 2013 almost same situation took place, when the official blog of Master Card get hacked and defaced.  It was the Saturday evening when a hackers collective group named "Syrian Electronic Army" managed to breach and get access inside Master Card blog. I am sure that all our readers will be shocked after hearing the way of intrusion. In the platform of the blog, Master Card was using an older version of WordPress (Ver. 3.3.2) which has several critical vulnerabilities like XSS, file uploading, CSRF and so on. Exploiting those loopholes the hacker managed to get access inside the blog and defaced one of the page of the giant in international financial services company's blog. Though WordPress have released a security patch and also version 3.5, but it's quite unfortunate and shocking that Master Card did not even patched their older version for which their system get penetrated. It is truly unbelievable that sites like Master Card is so careless about basic security and counter measure of cyber attack. According to sources Syrian Electronic Army used  the CSRF exploit of WordPress which is said to be available on the Internet and allows an attacker to add a new administration user. This is a possible explanation of how the Syrian Electronic Army managed to hack and deface the blog. After this incident occurs Master Card immediately updated the version of WP and closed those back doors. Still the the defaced and cached version of the  blog can be viewed on Google’s Web Cache







SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Google Pakistan Hacked & Defaced By Turkish Hacker

Posted by Avik Sarkar On 11/24/2012 07:05:00 pm

Google Pakistan Along With Microsoft  HP, HSBC, Apple, PayPal, Blogspot Hacked & Defaced By Turkish Hacker

Today was most probably the worst day in the history of Pakistan cyber space. Ten big domains of Pakistan has been stroked very badly. Many of you are guessing that it was Indian hackers who cost this damage. But in reality the attack was not generated from India, Bangladesh or such any other native countries,  but it was a Turkish hacker who have reportedly taken down the home and search page of Google Pakistan while leaving an image of two penguins walking across a bridge for million of users. I think now you got that, yes it was Google Pakistan which has been hacked and defaced by a Turkey hacker code named "KriptekS". In the deface page the hacker left several messages in Turkish language, the translation of the text, written on the website, is: "eboz. My homies in a friend always there for me. Have not shot by me with every breath." Also the hacker left a message saying "Pakistan Downed" which is indicating that the home page of Google Pakistan is indeed take down. According to deface mirror on Zone-H, the attack took place around 02:17 in the afternoon, but still, when I am writing this article, the home page of Google Pakistan is still offline. 
May be you are thinking that the story is over, but no; as I told earlier it was the worst day for Pakistani cyber fence, trust me indeed it was. As along with Google, KriptekS, the Turkish hacker also targeted Pakistani domain of Blogger, HSBC, Coca-Cola, Fanta, Paypal, Microsoft, HP & Apple. Also it has been reported that Pakistani domain of Sony, Yahoo & Windows has also been allegedly hacked. And all those hacked domains are still offline. 

List of Hacked Sites:-

http://www.google.com.pk
http://www.google.pk
http://www.hp.com.pk
http://www.apple.pk
http://www.hsbc.pk
http://www.blogspot.pk
http://www.coca-cola.pk
http://www.fanta.pk
http://www.paypal.pk
http://www.microsoft.pk
www.visa.com.pk
www.ebay.pk
www.msn.org.pk
www.sony.pk
www.windows.com.pk
www.yahoo.pk


Deface Mirrors:-

http://zone-h.com/mirror/id/18639529
http://zone-h.com/mirror/id/18639530
http://zone-h.com/mirror/id/18639528
http://zone-h.com/mirror/id/18639527
http://zone-h.com/mirror/id/18638930
http://zone-h.com/mirror/id/18638890
http://zone-h.com/mirror/id/18638879
http://zone-h.com/mirror/id/18638866
http://zone-h.com/mirror/id/18638824
http://zone-h.com/mirror/id/18638825
http://zone-h.com/mirror/id/18638826
http://zone-h.com/mirror/id/18638827
http://zone-h.com/mirror/id/18638828
http://zone-h.com/mirror/id/18638820
http://zone-h.com/mirror/id/18638822
http://zone-h.com/mirror/id/18638823


While talking about this dangerous cyber attack, we would like to remind you that few days ago couple of Pakistani hackers defaced several big Israeli domains including MSN, Bing, Live, Skype, Microsoft Store, BBC, CNN, Coca-Colla, XBOX, Windows, Intel, Philips, Israeli Parliament, Citi Bank and so on. Whether it is not clear that this attack on Pakistan has nay relation with that attack on Israel. But what we can say is that "KriptekS" exactly followed the same path, which Pak hackers shown the world few days ago. 




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Adobe Confirms Data Breach, Hacker Leaked More Than 150,000 Customer Details

Posted by Avik Sarkar On 11/21/2012 01:17:00 am

Adobe Confirms Data Breach, Hacker Leaked More Than 150,000 Customer Details 

Yet again Adobe, the American multinational computer software company had fallen victim of cyber attack. In September Adobe faced what it called a sophisticated cyber attack where hackers have breached Adobe server in order to compromise certificate to sign malware. As a move Adobe revoked those certificates on October 4th. After that massacre, here again one of Adobe's databases has been breached by a hacker and that it has temporarily taken offline the affected Connectusers.com website. The attacker who claimed responsibility for the attack, told that he used a SQL injection exploit in the breach. Adobe confirmed the breach and said that the hacker indeed managed to break into an Adobe server and copy the private credentials of approximately 150,000 users – including their names, email addresses and password hashes. Those affected accounts include Adobe customers, Adobe employees and partners along with U.S. military users including U.S. Air Force users, and users from Google, NASA, universities, and other companies. To prove the attack, the intruder, who goes by the name of "ViruS_HimA" and claims to be from Egypt, has released extracts from his haul on the Pastebin text hosting service. 
"It was an SQL Injection vulnerability -- somehow I was able to dump the database in less requests than normal people do," said ViruS_HimA. Users passwords for the Adobe Connect users site were stored and hashed with MD5, says the hacker, which made them "easy to crack" with freely available tools. And Adobe wasn't using WAFs on the servers, the hacker notes. "I just want to be clear that I'm not going against Adobe or any other company. I just want to see the biggest vendors safer than this," he told the press. "Every day we see attacks targeting big companies using Exploits in Adobe, Microsoft, etc. So why don't such companies take the right security procedures to protect them customers and even themselves?"
"Adobe is a very big company but they don't really take care of them security issues, When someone report vulnerability to them, It take 5-7 days for the notification that they've received your report!!" he wrote. "It even takes 3-4 months to patch the vulnerabilities!" 
While talking about such big cyber attacks, here we would like to give you reminder that in the last few months we have been a slew of attacks against the following sites: Guild Wars 2GamigoBlizzardYahooLinkedIneHarmonyFormspringAndroid ForumsGamigo,  Nvidia,BlizzardPhilips, Zynga, VMWare, & so on. For all the latest on cyber security and hacking related stories; stay tuned with VOGH


-Source (Dark Reading, The-H)





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Personal Data of 35,000 Israeli People Leaked By Kosovo Hackers Security (KHS)

Posted by Avik Sarkar On 11/19/2012 03:03:00 am

Personal Data of 35,000 Israeli People Leaked By Kosovo Hackers Security (KHS)

More hackers taking part in the Israeli rampage dubbed Operation Israel. As soon as the story of bombing and air strike in Gaza get spotted on the social networks, we have seen immediate protest coming from almost every part of the world. In case of digital bombing, then it was first Anonymous who called Operation Israel, then hackers from different part of the world joined and contributed in this combined protest. So far we have seen along with Anon, Pakistani hacker Hitcher from Muslim Liberation Army, Indian hacker Godzilla have played vital role in this rampage. According to sources more than 44 million hacking attempts have been made on Israeli government web sites since Wednesday. Attempts on defense related sites have been the highest, while 10 million attempts have been made on the site of Israel's president, 7 million on the Foreign Ministry and 3 million on the site of the prime minister.
But its yet not over, many more to come, as another very popular hacker collective group named Kosovo Hackers Security (KHS) have taken part in #OpIsrael. At the very first phase of their attack Kosovo Hacker's Security Group has attacked many servers belongs to Israeli govt, corporate & other major sectors. Thus the hacker group has gathered documents of more that 35,000 Israeli people including full name, email-id, postal address, phone number, passwords, fax & so on. According to KHS those leaked data belongs to Israeli citizen, along with Govt employs, police and several other sensitive personalities. All those leaked data are made public by the hacker group and can be found in 1337.al. KHS leader & Hotmail hacker, Th3 Dir3ctorY vows to engage more cyber attack against Israel while saying "Israel is attacking Gaza without any proper reason, so if they don't stop doing that we will attack in the energy sector & nuclear area of Israel and we will attack Israel with very bad viruses..." Before this leak, earlier in this year KHS also exposed more than 7 thousand credit card details of Israeli people. Also this hacker group was behind several attacks against Ukraine, Greece, Hotmail, IBM and so on.




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

"Project Blackstar" Team Ghostshell Leaks 2.5 Million Records From Russian Govt & Individual

Posted by Avik Sarkar On 11/05/2012 05:08:00 am

"Project Blackstar" Team Ghostshell Leaks 2.5 Million Records From Russian Govt & Individual 

A hacker group calling them selves "Team Ghostshell" who was recently behind the attack several top universities called an open operation declaring war on Russia's cyberspace. The operation is dubbed “Project Blackstar”. In the first phase of the operation  the hacking collective Team Ghostshell posted approximately 2.5 million accounts/records leaked, from governmental, educational, academical, political, law enforcement, telecom, research institutes, medical facilities, large corporations (both national and international branches) in such fields as energy, petroleum, banks, dealerships and many more. The hacker group also claimed to have access "to more russian files than the FSB and we are very much  eager to prove it." - said Ghostshell. The rest of the Pastebin post goes on to call out the Russian government and is littered with references to corruption, capitalism and social injustice. Judging by some of the records released, the Russian Police, along with Novatek, Russia's largest independent natural gas producer, the Alfa Group, an investment consortium and JINR, the country’s Joint Institute for Nuclear Research, all appear to have been implicated in the alleged leak. Some records appear to include individuals’ usernames and passwords while other documents almost read like resumes, complete with individuals’ names, IP addresses, education and job history.
Above I have discussed the last hack by Team Ghostshell where they had published 120,000 records from some of the world’s top universities. That leak, dubbed “Project WestWind,” sought to “raise awareness towards the changes made in today’s education,“ spilling student and faculty email addresses, passwords and IDs. Now this “Project Blackstar” with a leak of 2.5 million records from several Russian cyber space,  again arising a big doubt, that how much secure our cyber world is? 



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

DRDO, National Innovation Council, RAC & PM Adviser's Websites Hacked By Algerian Hackers

Posted by Avik Sarkar On 11/04/2012 04:52:00 am

DRDO, National Innovation Council, RAC & PM Adviser's Websites Hacked By Algerian Hackers

Couple of high profile Indian Government websites faced cyber attack. Where hackers from Algeria targeted the official website of Defence Research and Development Organisation (DRDO) & Sam Pitroda, advisor to Prime Minister on Information Technology. According to Govt sources the above two website came under massive cyber attacks on last Wednesday night, Even that attack lead them to shutdown their normal service for certain time. Hackers group calling them selves 'SanFour25' & 'Algerian Hackers' took responsibility of the hack. On the other hand the website of National Innovation Council, along with the Recruitment and Assessment Centre (RAC) was hacked a day before he was to organize a two day global innovation conference. Here also the hacker has been identified as SanFour25. DRDO website was down for nine long hours after the hack. Later all those sites came back online as usual. "After checking the websites, these were restored," a source said, adding that the information contained by these websites is already in the public domain. "There are no secrets on these websites," they stressed.
“On 30 October 2012, suspicious activity was noticed on the National Informatics Server hosting the website. The NIC, as a precautionary measure, therefore temporarily blocked access to the server hosting the RAC website and restored it next day," DRDO said in a release on Thursday. 





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Unpatchable Security Hole in PlayStation 3 Leading The "final hack" Also LV0 Cryptographic Keys Revealed

Posted by Avik Sarkar On 10/26/2012 05:59:00 am

Unpatchable Security Hole in PlayStation 3 Leading The "final hack" Also LV0 Cryptographic Keys Revealed

We all are very much aware that Sony along with its product's were always been a very hot favorite target of hackers. But here there are few twists, so the word 'Hack' will be be the appropriate one to describe of what happened to Sony. According to a report on Eurogamer Sony's PlayStation 3 is facing a new security threat - one it hasn't seen since the system was cracked via the PSJailbreak in 2011. The PS3 has been hacked before, but Sony was able to inhibit the hack with an update to its own firmware. This is much like the history of jailbreaking on Apple's iOS. But the latest PS3 break is being dubbed unpatchable and the final hack. That's because this hack isn't giving you an exploit to use against a programming hole. It's giving you Sony's so-called LV0 (level zero) cryptographic keys
A decryption key that is reported to be circulating on the net is said to remove the final protective barrier on some models of Sony's PlayStation 3 consoles. In the long run, the release of the key will probably allow unsigned software such as homebrew games, Linux distributions, or pirate copies of software to run on some PS3 consoles. Allegedly, the private key can be used to modify and sign the "LV0" (Level 0), for example to disable its security checks. When the PS3 system boots, from version 3.60 of the PS3's firmware, the LV0 is directly launched by the bootloader (bootldr) that is built into the system's hardware – which means that the chain of trust is broken at a very early stage. As Sony won't be able to update the bootloader with a software update, the hacker community considers this the "final hack" of the PS3 in its current forms. Eurogamer says that these keys may not have been released at all if not for a Chinese hacking outfit called "BlueDiskCFW," who gained access to the keys and planned to charge for new custom firmware updates it would create. The original group that created the LV0 had no plans on releasing them, but eventually they were leaked onto the Internet in some limited fashion. Seeing that someone was going to profit on them, the group known as "The Three Tuskateers" decided to release them into the wilds of the Internet. 
In a statement the hacker group says that "You can be sure that if it wouldn't have been for this leak, this key would never have seen the light of day, only the fear of our work being used by others to make money out of it has forced us to release this now," 





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

HSBC Comeback Online After Prolonged DDoS Attack From Anonymous

Posted by Avik Sarkar On 10/20/2012 12:07:00 pm

HSBC Comeback Online After Prolonged DDoS Attack From Anonymous 

Massive attack against banking and financial sector continues, this time HSBC became the latest victim of cyber attack. The attack which interrupt the service for 10 hours long were mainly originated from Iran and Russia. After 'Izz ad-Din al Qassam Cyber Fighters' now it was the time for Fawkes Security, an offshoot of hacktivist group Anonymous, quickly took credit for the attack, acknowledging the take down in posts yesterday afternoon on Twitter and Pastebin The group claimed to have knocked HSBC’s main site, along with its US, UK and Canadian counterparts offline and on Friday,claimed it logged 20,000 debit card details from the site while it was down. 
According to HSBC newsroom- "On 18 October 2012 HSBC servers came under a denial of service attack which affected a number of HSBC websites around the world." But HSBC denied any sort of data loss. Fawkes Security claimed to have details of more than 20K cards, but in their release HSBC said "This denial of service attack did not affect any customer data, but did prevent customers using HSBC online services, including internet banking." 
But now the whole situation is under control, websites belonging to British bank and financial services company HSBC are back online and working normally. According to an update posted on its website, HSBC restored all of its websites globally to full accessibility as of 3:00am UK time. 
New York Stock Exchange, Bank of America, Wells Fargo, US Bank and PNC was brought down by few hacker collective group as protest against the anti Islamic movie. After this attack the name of HSBC has also been enlisted with those poor victims (affected banks & finance sector) who suffered DDoS attack in last month.





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

THC-IPv6 Attack Toolkit, A Tool to Attack the Inherent Protocol Weaknesses of IPV6 & ICMP6

Posted by Avik Sarkar On 10/13/2012 01:26:00 am


THC-IPv6 Attack Toolkit, A Tool to Attack the Inherent Protocol Weaknesses of IPV6 & ICMP6

German hackers group, widely known as THC -The Hacker's Choice released an comprehensive attack toolkit for the IPv6 protocol suite named 'THC-IPv6 Attack Toolkit'. THC is the first group who is releasing such attacking tool for IPv6 protocol. According to the release note this is  a complete tool set to attack the inherent protocol weaknesses of IPV6 and ICMP6, and includes an easy to use packet factory library. It comprises of state-of-the-art tools for alive scanning, man-in-the-middle attacks, denial-of-service etc. which exploits inherent vulnerabilities in IPv6. 

Features at a Glance:- 
  • parasite6: icmp neighbor solitication/advertisement spoofer, puts you as man-in-the-middle, same as ARP mitm (and parasite)
  • alive6: an effective alive scanng, which will detect all systems listening to this address
  • dnsdict6: parallized dns ipv6 dictionary bruteforcer
  • fake_router6: announce yourself as a router on the network, with the highest priority
  • redir6: redirect traffic to you intelligently (man-in-the-middle) with a clever icmp6 redirect spoofer
  • toobig6: mtu decreaser with the same intelligence as redir6
  • detect-new-ip6: detect new ip6 devices which join the network, you can run a script to automatically scan these systems etc.
  • dos-new-ip6: detect new ip6 devices and tell them that their chosen IP collides on the network (DOS).
  • trace6: very fast traceroute6 with supports ICMP6 echo request and TCP-SYN
  • flood_router6: flood a target with random router advertisements
  • flood_advertise6: flood a target with random neighbor advertisements
  • exploit6: known ipv6 vulnerabilities to test against a target
  • denial6: a collection of denial-of-service tests againsts a target
  • fuzz_ip6: fuzzer for ipv6
  • implementation6: performs various implementation checks on ipv6
  • implementation6d: listen daemon for implementation6 to check behind a fw
  • fake_mld6: announce yourself in a multicast group of your choice on the net
  • fake_mld26: same but for MLDv2
  • fake_mldrouter6: fake MLD router messages
  • fake_mipv6: steal a mobile IP to yours if IPSEC is not needed for authentication
  • fake_advertiser6: announce yourself on the network
  • smurf6: local smurfer
  • rsmurf6: remote smurfer, known to work only against linux at the moment
  • sendpees6: a tool by willdamn(ad)gmail.com, which generates a neighbor solicitation requests with a lot of CGAs (crypto stuff ;-) to keep the CPU busy. nice.
  • thcping6: sends a hand crafted ping6 packet [and about 25 more tools for you to discover]
For detailed information about the usage, library interface & so on click here. To Download THC-IPv6 Attack Toolkit Click Here (Linux Only). For those who are hearing the name THC first time, we want to give you reminder that before this tool, this German hackers group published few other hack tools like Hydra (Fastest Login Cracker), THC SSL Dos and so on. 






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Leading US Banking & Financial Sector Suffering From Massive DDoS Attack

Posted by Avik Sarkar On 9/30/2012 03:50:00 pm

Leading US BankingFinancial Sector Suffering From Massive DDoS Attack 

Few days ago in a report we said that US National Security officials accused the Iranian government for engaging cyber attacks against US Banks. The attack came just after 'anti Islamic' video was posted online. Attacks against the websites of leading banks in the United States have the banking and financial services industry on edge. The Financial Services ISAC (Information Sharing and Analysis Center) set its Threat Level to “High” on Wednesday, September 19, indicating a high risk of cyber attacks. Attacks against the websites of leading banks in the United States have the banking and financial services industry on edge. A Muslim hacking group calling itself Izz ad-Din al Qassam Cyber Fighters took responsibility for attacks on the New York Stock Exchange, Bank of America and Chase last week. This week brought attacks against Wells Fargo, US Bank and PNC. Wells Fargo used its Twitter account to apologize for service interruptions on Wednesday and said it was working to "quickly resolve this issue." Most of the targeted banks were back online and operational Thursday. The events prompted U.S. Senator Joe Lieberman (I-CT) to use an interview on C-SPAN to point the finger of blame at the Iranian government and its elite Quds Force.
Wheather it is Iran Govt or that hacker group 'Izz ad-Din al Qassam Cyber Fighters' but the main issue of concern is that the Banking and financial sector has been highly disturbed since last few weeks. Though the situation came under control at last Thursday but still experts are predicting that this ongoing cyber attack is not over yet. In their statement the hacker group vows to engage more attack. "These series of attacks will continue until the Erasing of that nasty movie from the Internet," said the hacker.


-Source (Naked Security) 





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Chinese Hackers Breached Telvent's Corporate Network & Gained Control of US Power Grid

Posted by Avik Sarkar On 9/30/2012 03:12:00 am

Chinese Hackers Breached Telvent's Corporate Network & Gained Control of US Power Grid

Telvent - the maker of power-grid control systems and smart meters and whose software and services remotely administers and monitor large sections of the US energy industry has began warning its customers about a sophisticated hacker attack originated from China. Telvent, a division of Schneider Electric, has admitted hackers breached its corporate network, implanted malicious software and lifted sensitive project files. The raid spanned Telvent systems in the US, Canada and Spain, according to a letter sent to the company's customers this month. Criminals can now study the documents for vulnerabilities in the systems, and potentially devise attacks to sabotage nations' electricity distribution networks. It looks like the hackers managed to get past the company firewall and security systems. In letters sent to customers last week, Telvent Canada said the attack happened on September the 10th.
The attackers installed malicious software and stole project files related to one of its core offerings — OASyS SCADA — a product that helps energy firms mesh older IT assets with more advanced “smart grid” technologies. The company said it was disconnecting the usual data links between clients and affected portions of its internal networks. Meanwhile it is looking for virus or malware files. Telvent has cut data links between at-risk portions of its internal network and clients' systems as a precaution while it probes the breach. Police have been called in to investigate the attack. 
In a report The Register said -Dale Peterson, founder and chief of industrial control security specialist Digital Bond, spelled out the kinds of information present in the lifted documents. "Some project files contain the 'recipe' for the operations of a customer, describing calculations and frequencies at which systems run or when they should be turned on or off," He told press. "If you're going to do a sophisticated attack, you get the project file and study it and decide how you want to modify the pieces of the operation. Then you modify the project file and load it [onto a company's control system], and they're not running what they think they're running." 

While talking about US power grid, we would like to remind you that, earlier researcher have warned about several security holes in power which could even allow an attacker to shutdown the entire system. Soon after  this story made public, National Security Agency (NSA) suspected that hacktivist Anonymous may target the Entire U.S. Power Grid. What ever such massacre did not happen, and Anon said they are not interested to hit power industry. 

 Chinese Hackers Behind Some Biggest Cyber Espionage:- 
Couple of months ago we have seen that Chinese hackers have broken into Indian Navy's Computer System & stolen sensitive data. Few months before this hack, Tokyo based computer security firm Trend Micro confirmed that Chinese hackers were responsible for biggest cyber-espionage in India, Japan & Tibet. Also the director of National Security Agency (NSA) General Keith Alexander confirmed that hackers from China was responsible for the serious attack on one of the leading IT security & cyber security company RSAAlso in 2011 China was responsible behind the attack on US Chamber of Commerce, Satellite System of U.S, Nortel Network & so on.  But few days ago National Computer Network Emergency Response Coordination Center of China (CNCERT/CC), China's primary computer security monitoring network claimed that China fallen victim of one of biggest cyber attacks originated from US, Japan & South Korea. We must have to say that this statement is truly irrelevant. Cyber crime investigator have found that China was directly responsible for the hack into Japan's Biggest Defense Contractor Mitsubishi, Japan Aerospace Exploration Agency (JAXA) & Parliament of Japan. In case of South Korea  more than 13 Million of MapleStory players data has been stolen, there also hackers from China was responsible. 

The above phenomena are clearly indicating that hackers from China was directly linked and responsible for all those biggest cyber espionage. Still it is not clear that whether these cyber criminals are supported by the Govt. or not!!









SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Iran Accused of Carrying out Cyber Attacks Against US Banks Over Anti Islamic Movie Issue

Posted by Avik Sarkar On 9/26/2012 01:36:00 am

Iran Accused of Carrying out Cyber Attacks Against US Banks Over Anti Islamic Movie Issue

Since last few days, the conspiracy with the 'Anti Islamic Movie' was the headline in every where. We have seen global violence and a mass protest mainly came from Muslim brotherhood. This protest was also touched the internet, and as expected Muslim hackers joined the movement, which cost many damages for the cyber fence. Thousands of websites became victim of cyber attack, and among them several US banks also faced huge disturbance. This protest takes a new direction when Govt of Iran announced the blockage of Google Inc's search engine and its email service. "Google and Gmail will be filtered throughout the country until further notice," an official identified only by his last name, Khoramabadi, said, without giving further details. The Iranian Students' News Agency (ISNA) said Google ban was connected to the anti-Islamic film posted on the company's YouTube site which has caused outrage throughout the Muslim world. 
This stand of Iran Govt created a controversy, which make them responsible for carrying out cyber attacks against US banks. According to NBC news report US National Security officials accused the Iranian government for engaging cyber attacks against US Banks mainly Bank of America. But when the ball goes to Iran's side then they completely denies the blame, while saying "We officially announce that we haven't had any attacks," This statement came from the Head of Iran's civil defense agency Gholam Reza Jalali when he was asked about the report. The western media reports alleged on Friday that Muslim hackers have repeatedly attacked Bank of America Corp, JPMorgan Chase & Co and Citigroup Inc over the past year as part of a broad cyber campaign targeting the United States. Security sources told Chicago Tribune and NBC News that the attacks on the three largest US banks originated in Iran, but it is not clear if they were launched by the state, groups working on behalf of the government, or "patriotic" citizens. 

Here we want to refresh your memory while digging up a story, when Iran Govt decided a permanent Internet ban in Iran, where Iran Government has announced its plans to establish a National Intranet within five months. The Iranian minister for Information and Communications Technology, announced the setting up of a national Intranet and the effective blockage of services like Google, Gmail, Google Plus, Yahoo and Hotmail, in line with Iran's plan for a "clean Internet." And that five months is almost over, so may be the blockage of Google came due to that reason, or may be not. We suggest our readers that, it will be better if you ask yourself, that whether Iran was indeed responsible for the cyber attack or not??!!


-Source (Reuters, NBC & FARS News Agency)








SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

WWE Champion & Actor John Cena's Twitter Account Hacked

Posted by Avik Sarkar On 9/26/2012 01:35:00 am

WWE Champion & Actor John Cena's Twitter Account Hacked

Now a days hacking of celebrities, singer, Media, high profile personalities' twitter has became a very natural phenomena. Here again another twitter hacking, also known as #twithackery occurs. This time the victim is World Wrestling Entertainment (WWE) champion and renowned actor John Cena. This week more than 2.8 million fans of American professional wrestler John Cena was shocked after seeing irrelevant tweets coming from John Cena's official twitter account. Immediately after it get noticed, the twitter page was restored and those false tweets was deleted. Later a tweet came from John Cena's official twitter page while saying "Sorry guys, guess some attachments got sent out thru my account. Im been a victim of #twithackery" 

Similar things happened earlier when British pop Star Rita Ora, Justin BieberTeyana Taylor,American pop singer KeshaNBC NewsFox News PoliticsUSAToday, Lady Gaga’s Twitter AccountAnders BreivikMahesh Bhatt, Huffington Post Twitter Account became the victim of such twitter hacking. 




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search