Showing posts with label cyber rampage. Show all posts
Showing posts with label cyber rampage. Show all posts

BBC Server Compromised! Russian Hackers Broke Into FTP & Tried to Sell Unauthorized Access

Posted by Avik Sarkar On 1/02/2014 11:09:00 pm

BBC Server Compromised! Russian Hackers Hacked Into FTP & Tried to Sell Unauthorized Access on The X-Mass Evening 
Earlier we have seen world renowned media houses like CNN, NBC, Fox News, Washington Post, NY Times, NDTV and so on have fallen victim to hackers and cyber criminals. Now it was the turn for world’s largest and oldest broadcaster -British Broadcasting Corporation, widely known to us as BBC. Sources revealed that cyber criminals have managed to breach the security system of BBC and secretly took over a computer server at the BBC and then launched a Christmas Day campaign to convince other cyber criminals to pay him for access to the system. The attack was first identified by a cyber security firm named Hold Security LLC, in Milwaukee that monitors underground cyber crime forums in search of stolen information. However, it is still not clear whether the hacker stole any information or data or caused any damage to the site. In conversation with press Alex Holden, founder and Chief Information Security Officer of Hold Security told -"So far Hold Security researchers have found no evidence the conversations led to a deal or that data was stolen from the BBC.” So far the identity of hacker has not been confirmed, but the firm researchers observed a notorious Russian hacker known by the monikers "HASH" and "Rev0lver," attempting to sell access to the BBC server on December 25. However, BBC's security team managed to secure the site on Saturday, claims a person close to clean up efforts. One of the BBC spokesman refused to comment on the issue, he said, “We do not comment on security issues.” On the other hand, Justin Clarke, a principal consultant for the cyber security firm Cylance, said that while "accessing that server establishes a foothold within BBC's network which may allow an attacker to pivot and gain further access to internal BBC resources.” So far Hold Security researchers have found no evidence the conversations led to a deal or that data was stolen from the BBC. But we all know that  ftp systems are typically used to manage the transfer of large data files over the Internet. That's why the chances of data breach cant not be denied at this time. For updates on this piece of news and other hot information of the cyber & tech world stay tuned with VOGH


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Anonymous Hacker Denied Bail in Singapore, Accused For Hacking Prime Minister Website

Posted by Avik Sarkar On 12/08/2013 01:14:00 am

Anonymous Hacker Denied Bail in Singapore, Accused For Hacking Prime Minister Website

A Singapore court in this week has denied bail of accused anonymous hacker charged for hacking high value government websites. Last month a Singaporean hacker named James Raj was extradited from Malaysia. He was charged for hacking the Ang Mo Kio district website, whose MPs include Prime Minister Lee Hsien Loong, under the banner of worlds most dangerous hacktivist community Anonymous. The alleged hacking was among a string of cyber attacks that have also targeted the websites of Premier Lee and President Tony Tan as well as pro-government media, in a row over Internet freedom in the city state. This 35 years old hacker was deeply linked with Anonymous and he was covered himself with nickname "The Messiah".  District Judge Soh Tze Bian said Raj, posed a flight risk because he previously jumped bail and fled to Malaysia after being slapped with illegal drugs consumption charges in 2011. 
Police have previously said Raj was also linked to other hacking attacks, including on the website of a charity associated with the ruling People's Action Party. Two Singaporean men have so far been charged with defacing the president's website. Police have said that there are no links between Raj and these suspects. 
The round of attack from Raj took place three days before a self-proclaimed spokesperson for Anonymous appeared in a video on October 31 to demand the scrapping of a recent Singapore law requiring news websites to obtain annual licences. The Internet licensing rules, which came into effect in June, have sparked anger among bloggers and activists who say they are designed to muzzle free expression. Singapore strictly regulates the traditional media, but insists the recent licensing rules do not impinge on Internet freedom. 

-Source (Global Post)


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Linux/Cdorked.A: One of The Most Sophisticated Apache Backdoor Targets Millions of Websites

Posted by Avik Sarkar On 5/05/2013 03:11:00 pm

Linux/Cdorked.A: One of The Most Sophisticated Apache Backdoor Targets Millions of Websites to Serve Blackhole Exploit

ESET one of the world renowned security firm headquartered in Bratislava have figured out what it called a malicious cyber rampage targeting millions of cPanel-based servers. Since last few months security experts have been tracking server level compromises that have been utilizing malicious Apache modules to inject malware into websites and  redirecting some of its requests to the infamous Blackhole Exploit packs. On cPanel-based servers, instead of adding modules or modifying the Apache configuration, the attackers started to replace the Apache binary (httpd) with a malicious one. This new backdoor is very sophisticated and this new malware has been dubbed "Linux/Cdorked.A." Several analysis reveals that it is a sophisticated and stealthy backdoor meant to drive traffic to malicious websites. According to the official blog post of ESET - Linux/Cdorked.A is one of the most sophisticated Apache backdoor's we have seen so far. The backdoor leaves no traces of compromised hosts on the hard drive other than its modified httpd binary, thereby complicating forensics analysis. All of the information related to the backdoor is stored in shared memory. The configuration is pushed by the attacker through obfuscated HTTP requests that aren't logged in normal Apache logs. This means that no command and control information is stored anywhere on the system.
This malicious cyber rampage was first detected by another security firm named 'Sucuri' and later ESET published a detailed analysis of the issue. But still there are thoughtful matter as already thousands of websites get infected. The attack is particularly dangerous as Apache web servers are among the most well-known and widely-used in the world and are used by numerous companies. This means that a successful security breach can affect numerous different businesses across a diverse range of industries.
As this malware also known as Linux/Cdorked.A has already been spotted in the wild, so on behalf of cyber media, we urge all the concern system administrator, security analyst to take care of the above issue while to checking their servers and verify that they are not affected by this threat. Detailed instructions to perform this check are provided in the ESET blog.





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search