Chinese Hackers Eavesdropping European Diplomats Before G20 Summit

Researchers At FireEye Found -Chinese Hackers Snitching  Europeans Before G20 Summit 

Story of cyber espionage by Chinese hackers used to remain one of most highest pick of breakneck. Yet again another breathtaking issue of  eavesdropping by Chinese hackers get spot light, when  California-based renounced computer security firm FireEye Inc have figured out that a group of Chinese hackers eavesdropped on the computers of five European foreign ministries before last September's G20 Summit, which was dominated by the Syrian crisis. From the detailed analysis we came to know that the hackers have infiltrated the ministries' computer networks by sending emails to staff containing tainted files with titles such as "US_military_options_in_Syria," which sells virus fighting technology to companies. Whenever the targeted recipients opened those documents, they loaded malicious code on to their personal computers. Researchers of FireEye said that they were able to monitor the "inner workings" of the main computer server used by the hackers to conduct their reconnaissance and move across compromised systems for about a week in the late August. But suddenly they lost access to the hackers after they moved to another server shortly before the G20 Summit in St. Petersburg, Russia. 

Though the company has declined in open press to identify the nations whose ministries were hacked, although it said they were all members of the European Union. But FireEye informed the FBI about the whole issue in details. FireEye also confirmed that the hackers where from China, but they did not find evidence which may link those hackers to the Chinese government. Not surprisingly and obviously like earlier the Chinese government has distanced itself from any claim that it might have hacked foreign governments for data. FireEye also successfully monitor several dozen hacking groups operating in China, most of which they suspect of having ties to the government. The firms also suspect the hacking groups of stealing intellectual property for commercial gain. The researchers had been following the hackers behind the Syria-related attack for several years, but this is the first time the group's activities have been publicly documented. The company calls the group "Ke3chang," after the name of one of the files it uses in one of its pieces of malicious software. "The theme of the attacks was U.S. military intervention in Syria," said FireEye researcher Nart Villeneuv. 

On reaction Chinese Foreign Ministry spokesman Hong Lei said- "U.S. internet companies are keen on hyping up the so-called hacker threat from China, but they never obtain irrefutable proof, and what so-called evidence they do get is widely doubted by experts. This is neither professional nor responsible," 

While talking in this story of Chinese eavesdropping, I also want to dig some points from decent parts where we all became very habituated of seeing Europe & U.S. countries blaming China for engaging cyber attacks; and China also do the same for accusing U.S. like vice versa. I am reviving your memories of last few years where If you look at the story of major cyber attacks of this year we will find that the name of China has been involved several times for engaging cyber attacks against several high profile websites and organization of U.S. including New York Times, Twitter, NBC and so on. And if you refresh our memory then then we will find the scenario of big cyber attack and espionage by Chinese hackers have been spotted several times. In 2012 Chinese hackers had  breached Telvent's corporate network & gained control of US Power Grid. Also in the middle of last year, we have seen that Chinese hackers have broken into Indian Navy's Computer System & stolen sensitive data. Few months before this hack, Tokyo based computer security firm Trend Micro confirmed that Chinese hackers were responsible for biggest cyber-espionage in India, Japan & Tibet. Also the director of National Security Agency (NSA) General Keith Alexander confirmed that hackers from China was responsible for the serious attack on one of the leading IT security & cyber security company RSA. Also in 2011 China was responsible behind the attack on US Chamber of Commerce, Satellite System of U.S, Nortel Network & so on.  But few days ago National Computer Network Emergency Response Coordination Center of China (CNCERT/CC), China's primary computer security monitoring network claimed that China fallen victim of one of biggest cyber attacks originated from US, Japan & South Korea. We must have to say that this statement is truly irrelevant. Cyber crime investigator have found that China was directly responsible for the hack into Japan's Biggest Defense Contractor Mitsubishi, Japan Aerospace Exploration Agency (JAXA) & Parliament of Japan. In case of South Korea  more than 13 Million of MapleStory players data has been stolen, there also hackers from China was responsible.  

Before I conclude, I request you to closely look at the above mentioned stories, you will find China majorly responsible for eavesdropping & security breach. On the same side China also been effected by the same way. So in conclusion, we cant put a full stop in this chain of cyber attacks, hacking & eavesdropping, as it comes from both end. So this exciting episode will be continued like it does. If you want to stay updated then don't forget to stay tuned with VOGH. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Chinese Hackers Eavesdropping European Diplomats Before G20 Summit "https://www.voiceofgreyhat.com/2013/12/china-eavesdropping-europeans-before-G20-summit.html</a>

Drupal.org Hacked ! More Than 967,000 Registered User Details Compromised

Drupal.org Hacked ! More Than 967,000 Registered User Details Compromised 

Drupal, one of the most famous and widely used open-source content management framework have fallen victim to cyber criminals. The Drupal Security Team and Infrastructure Team has discovered unauthorized access to account information on the official Drupal website and another site called groups.drupal.org. This security breach has exposed user names, country, and email addresses along with hashed passwords of more than 967,000 registered users on the Drupal.org. But still a matter of relief is that the breach failed to infiltrate the credit card details which was stored on the same server. According to security release unauthorized access was made via third-party software installed on the Drupal.org server infrastructure, and was not the result of a vulnerability within Drupal itself. Drupal team have worked with the vendor to confirm it is a known vulnerability and has been publicly disclosed. They are still investigating and will share more detail when it is appropriate. Upon discovering the files during a security audit, the security team has already shut down the association.drupal.org website to mitigate any possible ongoing security issues related to the files. The Drupal Security Team then began forensic evaluations and discovered that user account information had been accessed via this vulnerability. The suspicious files may have exposed profile information like username, email address, hashed password, and country. In addition to resetting your password on Drupal.org, it is also recommending a number of measures (below) for further protection of your information, including, among others, changing or resetting passwords on other sites where you may use similar passwords. 

As a precautionary measure of the said security breach, Drupal Security Team has reset all Drupal.org account holder passwords and are requiring users to reset their passwords at their next login attempt. A user password can be changed at any time by taking the following steps. 

1. Go to https://drupal.org/user/password 
2. Enter your username or email address. 
3. Check your email and follow the link to enter a new password. It can take up to 15 minutes for the password reset email to arrive. If you do not receive the e-mail within 15 minutes, make sure to check your spam folder as well.

Counter Measures that Drupal has Taken to avoid such mishap is something followed- as attacks on high-profile sites (regardless of the software they are running) are common, Drupal strive to continuously improve the security of all Drupal.org sites. To that end, Drupal have taken the following steps to secure the Drupal.org infrastructure:

• Staff at the OSU Open Source Lab (where Drupal.org is hosted) and the Drupal.org infrastructure teams rebuilt production, staging, and development webheads and GRSEC secure kernels were added to most servers
• Drupal is scanning and have not found any additional malicious or dangerous files and making scanning a routine job in their process
• There are many subsites on Drupal.org including older sites for specific events. Drupal created static archives of those sites.

This security breach of Drupal which affected more than 967,000 users is giving us a remind of the decent history of breach where we have seen a slew of attacks against the following sites: Scribd, Guild Wars 2, Gamigo, Blizzard, Yahoo, LinkedIn, eHarmony, Formspring, Android Forums, Gamigo,  Nvidia,Blizzard, Philips, Zynga, VMWare, Adobe,  Twitter  New York Times, Apple and so on. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Drupal.org Hacked ! More Than 967,000 Registered User Details Compromised "https://www.voiceofgreyhat.com/2013/06/Drupal.org-Hacked-967000-User-at-Risk.html</a>

E!Online Official Twitter Account Hijacked By Syrian Electronic Army (#twithackery)

E!Online Official Twitter Account Hijacked By Syrian Electronic Army (#twithackery) Fake Tweet Claimed Justin Bieber is Gay

The massive ongoing twitter hijacking also known as twithackery carried by carried by the infamous pro-Assad group of hackers known as the Syrian Electronic Army targeted another high profile twitter account. After the successful hijack of three high profile twitter account of CBS news followed by the hack of BBC and the Associated Press twitter account, now Syrian Electronic Army aka SEA have caught another big fish  that is E! Online -one of the leading resource of entertainment and celebrity gossip news. The official twitter account of E!Online that has over five million followers fallen victim to these dangerous hacker collective group. As per several legitimate sources this high valued twitter account was hacked on Saturday afternoon and subsequently posted several false tweets about a few celebrities, most specifically Justin Bieber. After the successful hijack, exactly like earlier the hacker group started tweeting false message. Among those One tweet read, “Exclusive: Justin Bieber to E!Online: I’m a gay,” followed by a shortlink.  Another read, “Exclusive: Selena Gomez tells E! she will fully supporting Justin in his coming out” [sic], also followed by a shortlink.  (Selena Gomez was Bieber’s girlfriend up until recently).  And another made reference to Angelina Jolie blaming Jordan for “the Syrian refugees’ atrocious conditions.” Here is screen capture of those fake tweets:- 

After this mishap security experts have figured out that many of those links associated with the above fake tweets redirecting users to malicious webpages. So users were urged not to click on the links. Not only the official twitter account, but also the hacking group also managed to infiltrate the E!’s text messaging system, sending hundreds of thousands of subscribers similar messages including an obscene message relating to President Barack Obama. 

While talking about twitter hacking, widely known as #twithackery; we would like to remind you the following names, WWE champion John Cena, Star Rita Ora, Justin Bieber, Teyana Taylor,American pop singer Kesha, NBC News, Fox News Politics, USAToday, Lady Gaga’s Twitter Account, Anders Breivik, Mahesh Bhatt, Huffington Post & CBS; these are the famous names who have fallen victim to twithackery before E!Online. In the wake of all the recent cyberattacks on news organizations, Twitter has warned media accounts that they will continue to be targets of hackers, and has advised them to take all appropriate steps to further secure their Twitter accounts. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">E!Online Official Twitter Account Hijacked By Syrian Electronic Army (#twithackery) "https://www.voiceofgreyhat.com/2013/05/twithackery-EOnline-twitter-hacked-by-SEA.html</a>

Several Twitter Accounts of CBS News (60Minutes, 48Hours & CBSDenver) Hacked

Several Twitter Accounts of CBS News (60Minutes, 48Hours & CBSDenver) Hacked By Syrian Electronic Army [#twithackery]

Yet again CBS one of the major commercial broadcasting television network of United States faced cyber attack. First it was hacker collective Anonymous who targeted CBS and managed to hack the TV network of CBS in January last year. The attack was done under the banner of Operation Megaupload. And now CBS have fallen victim of what it called twithackery, where hacker managed to gain temporary access of popular twitter accounts and broadcast fake tweets. This Sunday such twithackery targeted and compromised several twitter account of CBS. Infamous hacker community going by the name of Syrian Electronic Army claimed to have hijacked the twitter accounts of CBS, the list of the hijacked accounts include "60 Minutes" and "48 Hours" which is maintained by CBS news program. Later it has been reported that another twitter account @CBSDenver has also been hacked, during this ongoing cyber attack. CBS acknowledged the whole phenomena and later a CBS spokeswoman confirmed that the accounts had been compromised. "PLEASE NOTE: Our Twitter account was compromised earlier today. We are working with Twitter to resolve." - said the CBS spokesman. Another message from CBS said, "A message that was posted earlier to this account was not written or sent by @60Minutes or its staff."

Here is the list of those fake tweets came from the hijacked accounts of CBS:- 

From @60Minutes account we got the following message -

• "The US government is hiding the real culprit of the Boston bombing"
• "The US government is sponsoring a coup in Venezuela and a terrorist war in Syria"
• "Your duty is to protect your nation from the parasites that have taken your government"
• "Obama wants to destroy the Syrian and American people. We must stop this beast" 

Other messages claimed: "Syrian Electronic Army Was Here via @SyrianCyberArmy" and suggested the action was in response to the suspension of the @Official_SEA account. Tweets sent out on the @48Hours account reportedly included: "General Dempsey calls for #Obama's arrest under new anti-terror laws #48hours" As soon as the issue get spotted, CBS regain those hijacked accounts and immediately deleted those rouge messages. Later the two accounts @60Minutes and @48Hours has been suspended. 

While talking about twitter hacking, widely known as #twithackery; we would like to remind you the following names, WWE champion John Cena, Star Rita Ora, Justin Bieber, Teyana Taylor,American pop singer Kesha, NBC News, Fox News Politics, USAToday, Lady Gaga’s Twitter Account, Anders Breivik, Mahesh Bhatt, Huffington Post; these are the famous names who have fallen victim to twithackery before CBS. 

-Source (BBC & Reuters)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Several Twitter Accounts of CBS News (60Minutes, 48Hours & CBSDenver) Hacked"https://www.voiceofgreyhat.com/2013/04/CBS-News-Twitter-Hacked.html</a>

Israel Hit By Demolishing Cyber Attack From Anonymous Caused $3 Billion Damage (#OpIsrael)

VOGH Exclusive: Israel Hit By Demolishing Cyber Attack From Anonymous Caused $3 Billion Damage (#OpIsrael) 

The past 7th April will be unforgettable for Israeli cyber space, yes it was no doubt the black day for Israel, when the World's largest hacker group "Anonymous" with help of several other hackers communities caused ruin while bringing down almost all the Israeli Government websites, along with more that 100,000 other important Israeli websites, 40,000 Facebook pages, 5,000 Twitter accounts and 30,000 bank accounts belonging to Israeli people. The hacker group not only demolished the cyber space of Israel, but also caused a loss of 3 billion USD. This never forgettable hacking rampage dubbed Operation Israel became the most devastating and venturesome hacking rampage ever happened to the Israeli cyber space. In the last week of March, it was dangerous hacker collective group Anonymous who called the operation widely known as #OpIsrael, where the hacker group vows to erase Israel from the Internet. And indeed the hacker group did that, According to several Israeli source, leading media outlets it has been confirmed that almost all the important sites owned by the Government of Israel have been  either hacked and paralyzed. These sites include the site of the Israeli Police, Israeli Prime Minister, Bureau of Statistics, Israeli intelligence agency Mossad, Stock Market and the Israel Ministry of Defense and many more. Regardless of the amount of damage done, the scale of the attack is bound to be embarrassing for the Israeli government. This is the second time that Anonymous has successfully taken down Israeli government websites. The first #OpIsrael attack happened last November and affected Israeli cyber fence heavily. Like the last November, this time also the reaction of Israel Government was indifferent and unconcerned. Despite of what Anonymous's claims of massive damage to Israel, the country's cyber security officials say that the attack caused minimal damage. "So far it is as was expected, there is hardly any real damage," Yitzhak Ben Yisrael from the government's National Cyber Bureau told the press. "Anonymous doesn't have the skills to damage the country's vital infrastructure. And if that was its intention, then it wouldn't have announced the attack ahead of time. It wants to create noise in the media about issues that are close to its heart." This is more or less what Anonymous always does, often with varying levels of success.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Israel Hit By Demolishing Cyber Attack From Anonymous Caused $3 Billion Damage (#OpIsrael) "https://www.voiceofgreyhat.com/2013/04/OpIsrael-Caused-3-Billion-USD-Damage.html</a>

(#OpFreeKorea) Anonymous Breached Uriminzokkiri, Stolen 15k User Data & Hijacked Twitter, Flickr Account

Anonymous Breached Uriminzokkiri.com, Stolen 15K User Data & Hijacked Twitter, Flickr Account (#OpFreeKorea)

Anonymous the most organized and infamous hacktivist group of the world have targeted the cyber fence of North Korea, and the hacking campaign started with the hack of propaganda site Uriminzokkiri.com. The attack had been executed in different steps, first the hacker group calling them selves 'Anonymous Korea' managed to gain access inside Uriminzokkiri and claimed to have stolen more than 15,000 user data (including the names, email addresses, passwords and dates of birth & many more) and later they defaced the website. Uriminzokkiri's main site was offline till Thursday morning. Not only the data breach and defacement, Anonymous affiliated hackers continued their chariots of cyber attack, which then hit the official twitter and Flickr account belongs to Uriminzokkiri. Both the twitter feed and flickr photos have been replaced by the hacker group with anti-North Korea messages. In their message Anonymous boldly demanded that Kim Jong-Un resign and installs free democracy in North Korea while saying Kim Jong as "threatening world peace." Meanwhile Uriminzokkiri's official Twitter account picture had been changed to show two mask-wearing dancers, alongside the legend "Tango Down" and links to hacked companion sites as follows: Hacked uriminzokkiri.com, uriminzokkiri.com/itv, ryugyongclip.com

Notably the hackers posted a cartoon wanted poster of Kim Jong Un – "aka Nuke Nuke Mickey Lover" – with a list of his alleged crimes, including "threatening world peace with ICBMs and nuclear weapons," "wasting money while his people starve to death," and "concentration camps and the worst human rights violation in the world."

The entire cyber attack was done under the banner of Operation Free Korea also dubbed #OpFreeKorea. Hackers from Anonymous vows the North Korean government while claiming to have access to the country’s local intranets, mail servers and web servers. Anonymous hackers claimed to have taken five of the country’s websites offline over the weekend. "We are inside your local intranets, we are inside your mail servers, we are inside your web servers." said the twitter feed of Anonymous Korea. From one of the relevant source of Anonymous it is confirmed that the next activity for the Anonymous #OpFreeKorea campaign is slated as happening on April 19. 

#OpFreeKorea Press Release of Anonymous:-

Hello, citizens of the world.
We are Anonymous
North Korean government is increasingly becoming a threat to peace and freedom.
Don't misunderstand us: As well we disagree with the USA government too - these guys are crooks,
USA is a threat to world peace too, and direct democracy (or any kind of democracy) doesn't exist
there. The American government is a target and enemy of Anonymous as well!
This is not about country vs country - This is about we, the people, the 99% (of USA and of North
Korea) vs oppressing and violent regimes (like USA gov. and N.K. gov)!
We, the people, are gathering together because we are stronger now and we won't fight your wars
anymore, we won't eat your shit anymore!!!
We demand:
- N.K. government to stop making nukes and nuke-threats
- Kim Jong-un to resign
- it's time to install a free direct democracy in North Korea
- uncensored internet access for all the citizens!

Brief About Uriminzokkiri: Uriminzokkiri ("Our Nation") is based in China, but publishes news and propaganda from North Korea's state media and is considered one of Pyongyang's primary online mouthpieces. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">(#OpFreeKorea) Anonymous Breached Uriminzokkiri, Stolen 15k User Data & Hijacked Twitter, Flickr Account "https://www.voiceofgreyhat.com/2013/04/OpFreeKorea-Anonymous-Breached-Uriminzokkiri.com.html</a>

Anonymous & RedHack Breached Israeli Intelligence Agency 'Mossad' Leaked Personal Data of 35K Officials

Anonymous & RedHack Breached Israeli Intelligence Agency 'Mossad' Claimed to Have Personal Data of 35K Officials (#OpIsrael)

A week ago infamous hacker collective group Anonymous called for Operation Israel (#OpIsrael) second phase, where they vows to engage massive cyber attack against Israeli cyberspace in order to interrupt all the necessary service, which the hacker called a complete outage. The main phase of attack was planned at 7th April, but now it looks that those hacker collectives changed their strategy, or may be they can't wait till April, and as result anti-Israel hacking collective affiliated with Anonymous managed to breach several Israeli government servers, causing a big data leak of more than 35,000 Israeli government officials, including politicians, military leaders, and police officers. The hack was done under the banner of #OpIsrael, and from the twitter feed of Anonymous, the hacker group took responsibility of the cyber attack. A comprehensive spreadsheet purporting to include the information of all 35,000 Israeli officials was published by the website Cryptome, though it did not independently verify the information. The coalition of hackers appears to have ties to the Iranian government, Pakistan, Syria, Egypt, and the terror group Hezbollah, according to a report published by Cryptome. 

In our last report on this story we covered that, the attack will be organized as Anon ask other hackers and other underground communities to join the campaign. As expected, it happens; RedHack, a Turkey-based Marxist hacker group responded to Anonymous and they claimed to breach Israeli intelligence agency known as 'Mossad.' RedHack claimed to gain access inside Mossad's server; which lead them release personal information including phone numbers, emails and addresses of Mossad officials. "Yes, we realize we are sailing in dangerous water but we like swimming,” said hackers of RedHack. From a report of RT we came to know that not only data breach but also hackers performed massive denial of service attack against Mossad. In spite of RedHack’s claims, some argue that the names and information do not belong to Mossad officers or informants. 

“Whatever they stole, it probably wasn’t secure details of top Israeli brass, either from the army or the Mossad,” internet researcher Dr. Tal Pavel told the media. “There is no doubt that they got some identification information about Israelis, but the claims that they hacked the Mossad site and got a list of Mossad agents is most likely psychological warfare, and not a hack into an important database,” Pavel added. 

Whether those leaks are not that classified, whether those data does not belongs to Mossad, but one thing is clear and that is in-spite of having precaution, Israel government yet again failed to protect themselves from massive attack which caused a massacre. And from this story it is also predictable that hackers around the globe came under one shade or one unity, in order to target Israel over Gaza issue. As 7th April is still a week away from today so lets wait for the time, and stay tuned with VOGH to get all the latest update on this story and also other cyber issues.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Anonymous & RedHack Breached Israeli Intelligence Agency 'Mossad' Leaked Personal Data of 35K Officials"https://www.voiceofgreyhat.com/2013/03/OpIsrael-Anonymous-RedHack-Hacked-Mossad.html</a>

Anonymous Threatens Israel to Erase From The Internet (#OpIsrael)

Anonymous Threatens Israel to Erase From The Internet (#OpIsrael)

Infamous hacker collective group Anonymous along with some organized hacker communities together started a massive rampage against Israeli cyber space. The hacker group threatened Israel government while  planning to engage a massive cyber-attack on Israel, saying that, they will "erase" the country from the Internet. From some legitimate sources it has been confirmed that the hackers are planning to execute the attack on 7th of April. One of the twitter account of Anonymous also confirmed the date and timing, while saying "Hacktivists Starting Cyber Attack against Israel on 7th of April." Also twitter feed of Anonymous invited numerous hackers communities around the world to join up for the cyber rampage dubbed Operation  Israel Phase 2 (#OpIsrael). On the other hand Israel government took the threat seriously and taking almost every steps to avoid any kind of disaster. Ofir Ben Avi, director of online group Accessible Government of Israel told the media -“It’s something being organized online over the past few days. What distinguishes this plan when compared to previous attacks is that it really seems to be organized by Anonymous-affiliated groups from around the world in what looks like a joining of forces”

As you all might know that past experience of Israel while dealing hackers was not at all sweet. In case of Anonymous then we would like to remind you that, this would be the second attack on Israel by the group, as they launched the first “OpIsrael” in November 2012 in response to Israel’s attack on the Gaza Strip.  If you dig the recent past you will come to know that not only Anonymous, but also hackers from different part of the world targeted Israeli cyber space and caused big damages. For instance we can recap the hack of Kosova Hackers Security (KHS) where they hacked and exposed personal data of 35,000 Israeli people. Here we must have to name the hackers from Pakistan who are constantly against Israel causing massive cyber attack against leading IT industry of Israel and other high profile Israeli sites. Just a couple of months ago, the world seen what it call the black day in the history if Israeli cyber space where another Pak hackers community hacked the main domain controller of Israel, which causes a massive hack against almost all the big Israeli sites such as government, MSN, Bing, Live, Skype, Microsoft Store, BBC, CNN, Coca-Colla, XBOX, Windows, Intel & many more. Here we can also take the name of Indian hacker Godzilla & Arabian hacker community (Group-XP) who also harassed and harmed the Israeli cyber space very very badly. After observing all the scenario mentioned above, it is expected to watch some sensational fight between hackers and Israeli government. So lets wait for the time, and stay tuned with VOGH to get all the latest update on this story and also other cyber issues.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Anonymous Threatens Israel to Erase From The Internet (#OpIsrael)"https://www.voiceofgreyhat.com/2013/03/OpIsrael-Anonymous-to-Erase-Israel-from-Internet.html</a>

China Claiming Their Defense & Military Sites are Serially Attacked By U.S. Hackers

China Claiming Their Defense & Military Sites are Serially Attacked By U.S. Hackers 

We all are very much familiar of hearing the story of cyber espionage and cyber attacks originated from China by Chinese hackers. Where many countries across the globe have fallen victim like U.S. India, Japan, South Korea, many European countries and many more. But today a complete reverse story came under light where the Chinese government are claiming that several top secrete government sites like defense, army, military were targeted and hit by hackers from United States. According to some classified sources it came that Chinese government websites are routinely hacked from IP addresses originating within the United States. In a news conference, spokesman of Defense Ministry of China; Mr. Geng Yansheng said that - more than 144,000 hacking attempts per month are targeted at the China Military Online and Defense Ministry websites. According to Chinese defense ministry a close to two-thirds of those attacks (62.9 percent) originated in the United States. Geng said he had noted reports that the United States planned to expand its cyber-warfare capability but that they were unhelpful to increasing international cooperation towards fighting hacking.

"We hope that the U.S. side can explain and clarify this." The U.S. security company, Mandiant, identified the People's Liberation Army's Shanghai-based Unit 61398 as the most likely driving force behind the hacking. Mandiant said it believed the unit had carried out "sustained" attacks on a wide range of industries. Yansheng did not mention a direct link between the cyber attacks and the U.S. government only that the attacks originated in the United States. He did note, however, that China is concerned with reports that the United States is planning to expand its cyber warfare capabilities. 

In the last month China was blamed for engaging cyber attacks against several high profile websites and organization of U.S. including New York Times, Twitter, NBC and so on. And if you refresh our memory then then we will find the scenario of big cyber attack and espionage by Chinese hackers have been spotted several times. In 2012 Chinese hackers had  breached Telvent's corporate network & gained control of US Power Grid. Also in the middle of last year, we have seen that Chinese hackers have broken into Indian Navy's Computer System & stolen sensitive data. Few months before this hack, Tokyo based computer security firm Trend Micro confirmed that Chinese hackers were responsible for biggest cyber-espionage in India, Japan & Tibet. Also the director of National Security Agency (NSA) General Keith Alexander confirmed that hackers from China was responsible for the serious attack on one of the leading IT security & cyber security company RSA. Also in 2011 China was responsible behind the attack on US Chamber of Commerce, Satellite System of U.S, Nortel Network & so on.  But few days ago National Computer Network Emergency Response Coordination Center of China (CNCERT/CC), China's primary computer security monitoring network claimed that China fallen victim of one of biggest cyber attacks originated from US, Japan & South Korea. We must have to say that this statement is truly irrelevant. Cyber crime investigator have found that China was directly responsible for the hack into Japan's Biggest Defense Contractor Mitsubishi, Japan Aerospace Exploration Agency (JAXA) & Parliament of Japan. In case of South Korea  more than 13 Million of MapleStory players data has been stolen, there also hackers from China was responsible. 

After keeping in mind all the above facts, we can not conclude the matter very easily, but what we can say that, whether China is responsible or not is neither been proved so far. In spite of looking at the situation we can only say, the entire matter is foggy; where the original truth has either been manipulated or been still untold. But it is sure that those untold or manipulated issues will some day came in front, till that time we have to keep patience and don't forget to stay tuned with VOGH for all kind of cyber related topics and expert reviews.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">China Claiming Their Defense & Military Sites are Serially Attacked By U.S. Hackers"https://www.voiceofgreyhat.com/2013/03/Chinese-defnese-attacked-by-us-hackers.html</a>

Shahrukh.com -The Official Fan Site of Shahrukh Khan Hacked

Shahrukh.com -The Official Fan Site of Shahrukh Khan Hacked

Last week we covered the hack of several Yamaha motor's official website, where a newly formed hacker group named 'Dark Snipper' took responsibility of that attack. Yet again that group strikes while setting a new target and that is the official website of famous Indian actor Shahrukh Khan's fan. Shahrukh Khan widely known as SRK, one of the most famous actor in Indian industry called "Bollywood". The attack took place couple of days ago, where this Pakistani hackers community have gained access into the server where shahrukh.com was hosted and thus the defaced the index page. After the matter get spotted, the webmaster took action and recovered the website. But the hacker did not forget to create a deface mirror on Zone-H, to justify the hack. Though such kind of cyber attack against Bollywood celebrities is a very normal phenomenon, infarct earlier we have seen the official website of Shahrukh Khan's movie named 'Ra.One' Also the twitter account of srk once became the hot target of hackers. If we define the nature of the attack, then we must have to say no such big object or cause driven the hackers, so the main purpose of engaging the hack can be defined as fun purpose. While talking about relation between hackers and Bollywood we would like to remind you that earlier we have seen several instances where celebrities like Mahesh Bhatt, Kangna Ranaut, Mallika Sherawat, Arbaaz Khan, Vishal and Shekhar and so on have fallen victim to cyber criminals. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Shahrukh.com -The Official Fan Site of Shahrukh Khan Hacked"https://www.voiceofgreyhat.com/2013/02/Shahrukh.com-Hacked.html</a>

NBC.com Compromised, Hackers Exploited The Website to Spread Malware

NBC.com Compromised, Hackers Exploited The Website to Spread Malware

The month of February is still going from bad to worse for the cyber domain, in this very month cyber criminals swallowed the security system of many giant companies like Facebook, Twitter, Apple, New York Times and many more. But the game is not over yet, as we have just passed a few weeks, when the attack on NY Times took place, which stolen the employ database; yet again the cyber criminals have targeted another media giant National Broadcasting Company widely known as NBC. During the attack, hackers have successfully gain access inside the server of NBC and planted malware, in order to harm innocent readers. Famous security expert and blogger Brian Krebs said that the hackers inserted code into the NBC.com homepage. This caused visiting browsers to load pages from third-party sites that were compromised. While explaining the nature of the attacker, Krebs said; "The compromised sites tried to foist the Citadel Trojan, a variant of the Zeus Trojan." The Zeus is a "sophisticated data theft tool that steals passwords and allows attackers to control machines remotely" he added. Not only the NBC’s home page, also several others were affected, including the pages of late night talk show hosts Jay Leno and Jimmy Fallon. Well known security firm Sophos explained how roughly attack played out, and how NBC got sucked into the equation:

• NBC's hacked pages were altered to add some malicious JavaScript that ran in your browser.
• The JavaScript injected an additional HTML component known as an IFRAME (inline frame) into the web page.
• The IFRAME sucked in further malicious content from websites infected with an exploit kit known as RedKit.
• The exploit kit delivered one of two exploit files to try to take control over your browser via a Java vulnerability or a PDF bug.
• If the exploit worked on your computer, financially-related crimeware from the Citadel or ZeroAccess families was installed.

This, of course, is an example of a dreaded drive-by download, where the crooks use a cascade of tricks to download, install and execute software without going through any of the warnings or confirmation dialog you might expect. This, in turn, means that even if you are a careful and well-informed user, you may end up in trouble, since there are no obvious signs that you are doing anything risky, or even unexpected.

As soon as this story get spotted the American commercial broadcasting television network, NBC News reported and confirmed that its site had been attacked. The broadcaster released the following statement regarding the website: "We've identified the problem and are working to resolve it. No user information has been compromised."

The emergency response team immediately take the situation under control and restored the website, and confirmed that the site is back again and completely safe for its visitors. But so far there is no evidence of attackers who were involved in this attack. For the safety of VOGH readers we would like to recommend you to update your operating systems and browser plugins. Also note that the attack on NBC was similar to many that have occurred in recent years in that the malicious sites tried to exploit vulnerabilities in Java. So it will better to disable Java, unless it is that much necessary. So stay tuned with VOGH and be safe in the cyber domain. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">NBC.com Compromised, Hackers Exploited The Website to Spread Malware"https://www.voiceofgreyhat.com/2013/02/NBC.com-Compromised.html</a>