Showing posts sorted by date for query Ukraine. Sort by relevance Show all posts
Showing posts sorted by date for query Ukraine. Sort by relevance Show all posts

Customs Services of Ukraine Govt Hacked By Anonymous, 1 GB of Classified Data Stolen

Posted by Avik Sarkar On 11/18/2013 08:16:00 pm

Customs Services of Ukraine Government Hacked By Anonymous, 1 GB of Classified Data Stolen
Anonymous -the world largest hacker community, also known as the infamous hacktivist who is widely known for engaging massive cyber attack against several governments strikes again. This time the target was Ukraine Government. According to multiple relevant sources of Anonymous it has been confirmed that the hackers have launched what it called an organised attack against different servers belongs to Ukrainian Government. During this round of cyber attack the main target was the Customs department of Ukraine. In their press release Anonymous took responsibility of performing onerous attack on CUSTOMS.GOV.UA, and caused what it called a voluminous data leak from it. This is the server that is responsible for the Odessa customs and handling of goods in the region of the Danube and Black Sea. From the press release we came to know that voluble of the stolen data is almost of 1GB, which is pointing a finger of sensational information of illegal operations of oil and gas, corruption schemes, bribes, cargo operations and so on. 
Most of the information is reported on the site, concerning the former head of the State Customs Service of Ukraine Ihor Kaletnik , who left the post after being elected deputy to in 2012 by Communist Party of Ukraine. Now Kaletnyk is the Deputy Speaker

Official Release of Anonymous: -

"Ukraine GOV hacked. CUSTOMS of UKRAINE customs.gov.ua MASSIVE Docs leak.
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 
Greetings Our Fellow lulz. + 
Time to anchore Our ​​Marie Lulzize in an unstable Harbour + of Odessa in Ukraine. This Great Day We present you 1GB of raw + Data from one of the Servers of CUSTOMS.GOV.UA. To be pricise Ukraine Customs in + Black Sea and Danube - marine Customs. + Inside you Will Find lulz much related to Illegal Operations with + Oil and gas, corruption and Schemes Also much of good eddible Intel + All related to corruption in Ukraine Government controlled marine + Cargo Operations, Bribes and kickbacks gov. + Much of the Inside of the package is related to Ukraine + Former Chief Customs - Ihor Kaletnyk WHO is an active FSB operative + Russian enforcing rules of Engagement in Ukraine. + Also alot of Offshore moneylaundering by this persona and Other Government + Crooks. We undrstand that oil is money and money is power. + But They just do not Realize That one Day + shit happens and this shit pours from Big A Greedy right into Their throats.  + Sneak Peak of 64 Documents ..."

The hacker community has posted all the leaked information on an image archive and made that available for public. The 1 GB of the stolen data has also been made public in three different archive links

But on other hand the Ukrainian Government Officials denied the entire issue, according to the spokes man of government "Custom server can not be compromised. Therefore, as at customs.gov.ua a web server. Other documents, as far as I know, this server is not stored."  He also said that "Those documents that have posted allegedly crackers were not extracted from the server to the customs. In this I am 100%. Let me explain. Please note, most of the documents photographed, that is, it is done the person who had physical access to them, perhaps even temporary. Given that the documents from different regions of Ukraine, then they could meet only in the State Customs Service (MinDohodov) or law-enforcement agencies." 

While talking about this recent breach, we would like to remind you that couple of years ago, another infamous hacker community going by the name of Kosovo Hackers Security (KHS) targeted Ukraine govt. That time KHS have successfully penetrated the official website of Ukraine Police, Gazeta.ua (Ukraine Largest News Portal) and many more high profile sites. Now this hack of Anonymous is again another big attack which caused a serious damage to the Ukrainian cyber space. For updates on this hack and also all the other cyber updates stay tuned with VOGH




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

48 Countries Worldwide Joined Biggest Global Alliance Against Child Sexual Abuse Online

Posted by Avik Sarkar On 12/11/2012 05:53:00 pm

48 Countries Worldwide Joined Biggest Global Alliance Against Child Sexual Abuse Online

Cyber bullying, online child sexual abuse has became one of the biggest threat and challenge for the society. Several security report are pointing out that the number of cyber bully is increasing every day. There are daily reminders about those risks, whether it's the tragic fate of Amanda Todd, bullied into suicide. To get rid of these burning issues European Union (EU) Commissioner for Home Affairs Cecilia Malmström together with US Attorney General Eric Holder launched a Global Alliance against Child Sexual Abuse Online. In this campaign Forty-eight countries have joined forces to launch the most expansive fight ever against the spread of online child sex abuse. According to current estimates, there are more than one million images of sexually abused and exploited children now online. Every year, that number grows by 50,000 new images, according to the United Nations Office on Drugs and Crime (UNODC). Participants at the launch include Ministers and high-level officials from 27 EU Member States, who are also joined by 21 countries outside the EU (Albania, Australia, Cambodia, Croatia, Georgia, Ghana, Japan, Moldova, Montenegro, New Zealand, Nigeria, Norway, the Philippines, Serbia, Republic of Korea, Switzerland, Thailand, Turkey, Ukraine, United States of America, and Vietnam). The countries of the alliance are committing themselves to a number of policy targets and goals. Thanks to increased international cooperation, the fight against child sexual abuse online will therefore be more effective.
"Behind every child abuse image is an abused child, an exploited and helpless victim. When these images are circulated online, they can live on forever. Our responsibility is to protect children wherever they live and to bring criminals to justice wherever they operate. The only way to achieve this is to team up for more intensive and better coordinated action worldwide", said Commissioner for Home Affairs Cecilia Malmström.
“This international initiative will strengthen our mutual resources to bring more perpetrators to justice, identify more victims of child sexual abuse, and ensure that they receive our help and support,” said Attorney General Holder. “Through this global alliance we can build on the success of previous cross-border police operations that have dismantled international pedophile networks and safeguard more of the world’s children.” 

The participants of this campaign put out this list of goals for the new initiative, which has been dubbed the Global Alliance Against Child Sexual Abuse Online, in a press release:-

  • Enhance efforts to identify victims and ensure that they receive the necessary assistance, support and protection;
  • Enhance efforts to investigate cases of child sexual abuse online and to identify and prosecute offenders;
  • Increase children's awareness of online risks, including the self-production of images and "grooming" methods used by paedophiles;
  • Reduce the availability of child abuse material online and the re-victimization of children;
  • Establish dedicated law enforcement units for these crimes in all countries;
  • Make it easier to initiate joint cross-border police investigations;
  • Intensify co-operation with hotline services, where the public can report findings of online child pornography; and
  • Ensure that the Interpol international database of child abuse material grows by 10 percent annually.







SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Personal Data of 35,000 Israeli People Leaked By Kosovo Hackers Security (KHS)

Posted by Avik Sarkar On 11/19/2012 03:03:00 am

Personal Data of 35,000 Israeli People Leaked By Kosovo Hackers Security (KHS)

More hackers taking part in the Israeli rampage dubbed Operation Israel. As soon as the story of bombing and air strike in Gaza get spotted on the social networks, we have seen immediate protest coming from almost every part of the world. In case of digital bombing, then it was first Anonymous who called Operation Israel, then hackers from different part of the world joined and contributed in this combined protest. So far we have seen along with Anon, Pakistani hacker Hitcher from Muslim Liberation Army, Indian hacker Godzilla have played vital role in this rampage. According to sources more than 44 million hacking attempts have been made on Israeli government web sites since Wednesday. Attempts on defense related sites have been the highest, while 10 million attempts have been made on the site of Israel's president, 7 million on the Foreign Ministry and 3 million on the site of the prime minister.
But its yet not over, many more to come, as another very popular hacker collective group named Kosovo Hackers Security (KHS) have taken part in #OpIsrael. At the very first phase of their attack Kosovo Hacker's Security Group has attacked many servers belongs to Israeli govt, corporate & other major sectors. Thus the hacker group has gathered documents of more that 35,000 Israeli people including full name, email-id, postal address, phone number, passwords, fax & so on. According to KHS those leaked data belongs to Israeli citizen, along with Govt employs, police and several other sensitive personalities. All those leaked data are made public by the hacker group and can be found in 1337.al. KHS leader & Hotmail hacker, Th3 Dir3ctorY vows to engage more cyber attack against Israel while saying "Israel is attacking Gaza without any proper reason, so if they don't stop doing that we will attack in the energy sector & nuclear area of Israel and we will attack Israel with very bad viruses..." Before this leak, earlier in this year KHS also exposed more than 7 thousand credit card details of Israeli people. Also this hacker group was behind several attacks against Ukraine, Greece, Hotmail, IBM and so on.




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Russian Hacker Behind Cyber Attack on Georgia Caught on His Webcam

Posted by Avik Sarkar On 11/02/2012 03:29:00 am

Suspected Russian Hacker Behind Cyber Attack on Georgia Caught on His Webcam 

It said that there may be hundred ways to commit crimes but there are chances of one hundred and one times to get busted. Exactly the same things happened for a Russian hacker who was behind the cyber attack against the country of Georgia. Since 2011 Georgia is blaming that few Russian hackers are disturbing their cyber space while attacking its computer networks, injecting malicious code into websites, and planting spyware to steal classified information. After discovering that a cyber-spy was infecting government computers with malware designed to mine important documents, government officials decided to fight fire with fire. They intentionally allowed the malicious software to infect one particular computer, and baited it with a ZIP file called “Georgian-Nato Agreement” — exactly the sort of thing they knew the intruder would be looking for. Instead of important documents, however, the bait file was loaded with the hacker’s own malware. Once the hacker downloaded and opened the file, the software went to work stealing his documents and, best of all, hijacking his webcam to capture clear video of his face. According to the CERT-Georgia report, an analysis of the attack's command-and-control center revealed that at least 390 computers were infected in the attack. 70% of compromised PCs were based in Georgia, with other victims found in the USA, Canada, Ukraine, France, China, Germany and Russia. Computers hit in Georgia were predominantly based in government agencies, banks and critical infrastructure the report claims. 
In a 27 page report, the Georgian government explains in details that, how in early 2011 Georgian news websites were hacked in order to exploit vulnerabilities, and spread malware that hijacked infected computers and searched for sensitive documents. 
According to report by Naked SecurityGeorgian officials lay a trap. Georgia's CERT deliberately infected one of its own PCs with the malware, and planted a ZIP file named "Georgian-Nato Agreement" on its drive, hoping it would prove irresistible for the hacker. Sure enough the hacker stole the archive file and ran malware that Georgia CERT had planted inside, meaning that now investigators had control over the hacker's own computer. This made it relative child's play to capture images of the suspect at work in front of his PC. The CERT researchers claim that they also found a Russian email conversation on the suspect's computer in which he gives instruction on how to use his malware and infect targets. Furthermore, the suspected hacker's city, ISP, email address and other information were also acquired. Curiously, a domain used by the attackers was registered to an address in Moscow belonging to the Russian Ministry of Internal Affairs, department of logistics - which just happens to be based close to the Russian Secret Service (FSB). Furthermore, according to CERT-Georgia, websites used to control the infected Georgian computers have links with RBN, the notorious Russian Business Network.



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

A Chicago Woman Sentenced To 2.5 Years in Prison For $9 Million ATM Hacking

Posted by Avik Sarkar On 8/27/2012 12:23:00 pm

A Chicago Woman Sentenced To 2.5 Years in Prison For $9 Million ATM Hacking

$9 million ATM hacking case takes a new direction. The Federal authorities have track down a ring of cyber-criminals. A Chicago woman was busted and sentenced to two years and six months in federal prison for helping steal more than $9 million USD back in 2008. She was also ordered to spend five years on supervised release following prison, and pay $89,120.25 in restitution. According to federal prosecutors, 45-year-old Sonya Martin was the member of a cell in what they claim was "one of the most sophisticated and organized computer hacking and ATM cashout schemes ever." Her Chicago cell was one of many "cashing crews" that drained millions of dollars from roughly 2,100 ATMs in 280 cities across the globe.
U.S. District Court officials claim that a group of hackers obtained unauthorized access to Atlanta-based payment processing company WorldPay U.S. Inc. back in November 2008. WorldPay handles companies who use payroll debit cards to pay their employees that in turn use these cards to make purchases or withdraw their salaries from an ATM. The hackers allegedly used "sophisticated techniques" to compromise the data encryption used to protect customer data on these cards. Once they gained access to these accounts, the hackers fraudulently raised the balances and ATM withdrawal limits. They then handed over 44 debit card account numbers and their associated PIN numbers to the cashing crew cells to cash out the accounts. Martin's cell and others located around the world including United States, Russia, Ukraine, Estonia, Italy, Hong Kong, Japan, and Canada drained those accounts in less than 12 hours on November 8, 2008.
Officials said Sonya Martin worked with one of the lead cashers and supervised a cashing crew in Chicago. This cell withdrew approximately $80.000 from various Chicago area ATMs using counterfeit debits cards she manufactured using a payroll card number and PIN code. "While this was a complex, internationally coordinated crime with many different players and components, it would not have gotten very far without the cashing crews [like the one Martin worked with]," said Brian D. Lamkin, Special Agent in Charge, FBI Atlanta Field Office.



-Source (TOM'S HARDWARE)









SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

C&C Servers of World's Third Largest Spam Botnet "Grum" Been Knocked Down

Posted by Avik Sarkar On 7/21/2012 02:58:00 am


C&C Servers of World's Third Largest Spam Botnet "Grum" Been Knocked Down



Researcher get another big success by taking down two of the command and control(C&C) servers belong to  the world's largest spam botnet named "Grum". Though  this is not complete victory, as there are still two other C&C servers are currently working actively, but researchers are very much optimistic that the volume of spam will drop this take down. 
Atif Mushtaq, senior staff scientist at security firm FireEye, said in a blog post that the botnet known as Grum drew its last dying breath on Wednesday, after six servers in Ukraine and one in Russia were shut down. In a tense faceoff with whitehats, the botnet operators had deployed those servers following the disconnection earlier this week of separate servers in the Netherlands and Panama. Faced with the threat of losing a 100,000-computer network that generated an estimated 18 billion spam messages a day, the Grum operators were desperately trying to transition to those machines when they stopped working.

"Grum's takedown resulted from the efforts of many individuals," Mushtaq wrote. "This collaboration is sending a strong message to all the spammers: 'Stop sending us spam. We don't need your cheap Viagra or fake Rolex. Do something else, work in a Subway or McDonalds, or sell hotdogs, but don't send us spam." We would also like to give you reminder that, this year Microsoft closed two C&C server of Zeus, another dangerous botnet. Also researcher from different parts of the world have unveiled the mystery of few other botnets like Bredolab, Rustock, Duqu and so on. 





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Microsoft Azure Cloud Starts Supporting Linux (Hybrid Cloud)

Posted by Avik Sarkar On 6/09/2012 07:00:00 pm

Microsoft Azure Cloud Starts Supporting Linux (Hybrid Cloud)

If you love both Microsoft and Linux parallely then we have a great news for you and that is Microsoft is now offering Linux-based operating systems on its Windows Azure cloud service. The software giant has announced the release of a new preview version of the platform which will add Infrastructure-as-a-Service (IaaS) capabilities to it. As well as Windows Server 2008 and the release candidate of Windows Server 2012, Microsoft will be supporting openSUSE 12.1, SUSE Linux Enterprise Server 11, Ubuntu 12.04 and CentOS 6.2 on the Hyper-V virtual machines that power Azure.

Some of the Highlights:- 
  • Windows Azure Virtual Machines— Virtual Machines give you application mobility, allowing you to move your virtual hard disks (VHDs) back and forth between on-premises and the cloud.   Migrate existing workloads such as Microsoft SQL Server or Microsoft SharePoint to the cloud, bring your own customized Windows Server or Linux images, or select from a gallery.    As a common virtualization file format, VHD has been adopted by hundreds of vendors and is a freely available specification covered under the Microsoft Open Specification Promise.
  • Windows Azure Virtual Network— Virtual Network lets you provision and manage virtual private networks (VPNs) in Windows Azure as well as securely extend on-premises networks into the cloud.  It provides control over network topology, including configuration of IP addresses, routing tables and security policies and uses the industry-standard IPSEC protocol to provide a secure connection between your corporate VPN gateway and Windows Azure. 
  • Windows Azure Web Sites —Build web sites and applications with this highly elastic solution supporting .NET, Node.js, and PHP while using common deployment techniques like Git and FTP.  Windows Azure Web Sites will also allow easy deployment of open source applications like WordPress, Joomla!, DotNetNuke, Umbraco, and Drupal to the cloud with a few clicks. 
  • New tools, language support, and SDK—Windows Azure SDK June 2012 includes new developer capabilities for writing code against the latest service improvements with updated support for Java, PHP, and .NET, and the addition of Python as a supported language on Windows Azure.  Additionally, the SDK now provides 100% command line support for both Windows and Mac.
  • Availability in New Countries— Availability of Windows Azure is being expanded to customers in 48 new countries, including Russia, South Korea, Taiwan, Turkey, Egypt, South Africa, and Ukraine.  Roll-out will be complete later this month, making Windows Azure one of the most widely available cloud platforms in the industry with offerings in 89 countries and in 19 local currencies.  
These new capabilities simplify building and bringing applications of all kinds to the cloud and enable flexibility in the following areas:
  • Increased datacenter capacity through secure VPN connections to the cloud
  • Easy operations and management from an improved Windows Azure Management Portal, with powerful operational capabilities for deploying and managing your cloud applications – with similar management support from the command line
  • Cloud scale for building websites with ASP.NET, PHP, and Node.js
  • Support for additional Operating Systems and OSS language libraries for building cloud applications
  • Scale on demand by migrating existing applications to the cloud using portable, industry standard VHDs -- delivering global scale with maximum control
  • Secure connectivity between cloud and on-premises applications
  • Ability to develop, test and configure new applications in the cloud, and then deploy on-premises for production



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Researcher.ibm.com (IBM Research) Hacked By KHS

Posted by Avik Sarkar On 5/19/2012 06:48:00 pm

Researcher.ibm.com (IBM Research) Hacked By KHS 

After successful execution of Operation Greek, now the hacker collective group dubbed Kosova Hacker Security or in other word KHS targeted IT giant & multinational technology and consulting corporation IBM. In this attack KHS successfully hacked into the official site of IBM Researcher. In their statement hacker group said that IBM had a SQL-i & remote code execution vulnerability, which lead them access on its server. According the KHS spokesman another hacker group named Teamgreyhat figure out this vulnerability which allow KHS to breach the server and deface index page. As expected the hacker group also created a deface mirror on Zone-H. As per the resources, IBM authority immediately patch the security hole and restore the site to its normal format. Earlier this hacker hacker group take lead role in many cyber attack on Ukraine, Israel, Hotmail and many more




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Greece Under Cyber-Attack, Ministry & Telecom Service Provider Hacked By KHS

Posted by Avik Sarkar On 5/01/2012 03:24:00 pm

Greece Under Cyber-Attack, Ministry & Telecom Service Provider Hacked  By KHS

Now a days Greece is facing several cyber attacks, first it was hacker collective Anonymous who carried denial of service attack on Greece Ministry to bring down Ministry of Justice. Now another infamous hacker group named Kosova Hacker Security (KHS) engaged massive cyber attack on Greek fence. This attack also dubbed "Operation Greek" which causes serious damage for Greek Ministry of Education, Lifelong Learning and Religion, OTE- Greek Telecom Service and so on. The hack on OTE exposed more than 10K user credentials along with the Admin details. All the hacked databases can be found on the official forum of KHS named Cyber-Hell. According to KHS this attack is a counter attack or in other word tit for tat of Greek hackers who hacked few Albanian websites. KHS also vows to engage cyber-war while saying "if Greece don't stop their activity then they will see the worst day in the Internet..."
Earlier this group has carried several cyber attack on Ukraine, Israel and so on






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

SpyEye Banking Trojan Swallowing US, Russia & Ukraine -Said AhnLab

Posted by Avik Sarkar On 3/30/2012 08:49:00 pm

SpyEye Banking Trojan Swallowing US, Russia & Ukraine -Said AhnLab 

Researcher at AhnLab has figure out a significant majority of the domains and hosts for the SpyEye Banking Trojan are in the US. The malicious code has gained attention as of late for the threat it poses to online banking user information. According to SpyEye-relevant host data extracted by the AhnLab Packet Center, 48% of all SpyEye domains were found to be located in the US, followed by Russia at 7%, and the Ukraine at 6%. The AhnLab Packet Center is the company’s malicious packet analysis system, which assesses suspicious packet data, including that from SpyEye C&C servers. The findings indicate that the main targets of SpyEye are mainly in the US, and that North American financial institutions and users should remain especially vigilant.
Since its toolkit first became public in 2010, the SpyEye Trojan has produced many variants. According to analysis by the AhnLab Packet Center, the “10310” variant was identified as the most distributed version at 34.5%. The “10299” and “10290” variants followed at 14.7% and 14.6%, respectively. Additional variants are expected in the future. SpyEye, along with ZeuS, are notorious banking Trojans that have helped thieves steal more than $100 million around the world. Without an end-user PC solution, banks face great difficulty protecting individual customers from the sophisticated threats posed by these malicious codes. AOS ensures comprehensive transaction security with its Anti-keylogger, Firewall and Anti-virus/spyware agents for individual user PCs, as well as Secure Browser which creates an independent online space for safe communication. With AOS’ unique approach to transaction security, banks are able to deliver complete peace of mind to their online customers.

The four components of the AhnLab Online Security (AOS) solution, designed to protect the entire transaction process, include:-
  • AOS Secure Browser: Provides a dedicated security browser that creates an independent and protected environment for online transactions. It secures user banking data against Man-In-The-Browser (MITB) attacks such as SpyEye and ZeuS, memory hacking, webpage alteration, HTML injection, cross-site scripting (XSS), browser help object (BHO) hacking, screen capturing, debugging, and reverse engineering.
  • AOS Anti-keylogger: Delivers the protection needed to keep account information safe and prevent theft of personal banking data during input via a keyboard.
  • AOS Firewall: Protects the user by detecting and blocking unauthorized intrusions and hacking attempts and preventing the leakage of personal information.
  • AOS Anti-virus/spyware: Secures online transactions against the latest malicious codes with AhnLab’s cloud based security technology known as ASD (AhnLab Smart Defense).
Yesterday we have discussed that Microsoft’s Digital Crimes Unit coordinated with several financial services organizations and the United States seized the two command-and-control servers of Zeus


-Source (Market-Watch)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Professor Warner Helps FBI To Crack "Trident Breach" ($70 Million Cyber-crime Ring)

Posted by Avik Sarkar On 3/23/2012 03:45:00 pm

Professor Warner Helps FBI To Crack "Trident Breach" ($70 Million Cyber-crime Ring)

Earlier in 2008 cyber criminals have managed to steal more than  $70 million from the payroll accounts of some 400 American companies and organizations – all from the safety of their homes in Eastern Europe. The case was known to us as "Trident Breach". As expected FBI was inspecting that case but hardly get success. 
At the beginning of 2008, the group of hackers compromised hundreds of thousands of Americans computers using a malicious computer “Trojan” bug called ZeuS. When computer users clicked on certain attachments and e-mail links, ZeuS infected their computers. ZeuS is designed to zero in on users’ bank information. For example, when a user visits a bank website, ZeuS knows; and since it is a key logger program, it records the user's keystrokes as he or she enters usernames and passwords. It then sends that information by instant text message to waiting hackers, who then have access to the compromised accounts. Henry is one of the country’s top cybercrime fighters. He says Americans are increasingly prone to “virtual gangs” prying on people’s personal data stored on their computers. In late 2008, they created some 3000 money mules, many of them unwitting Americans, by luring them into work-at-home jobs requiring "employees" to open bank accounts.
Later FBI appoint Prof. Gary Warner of the University of Alabama at Birmingham, who teaches a program that combines computer forensics and justice studies. Warner is also a member of the little-known FBI-affiliated group called InfraGard, comprising some 50,000 members across the United States who keep an eagle eye on U.S . critical infrastructure: power plants, water supply, security and financial services…and the Internet. After the entry of Warner the investigation turns. Warner said hackers transferred cash from business payroll-type "ACH" (Automated Clearing House) accounts to the mule accounts and the mules sent the cash by Western Union or MoneyGram to Eastern Europe, taking eight or 10 percent commission. So stealthy was their ZeuS operation, neither the hackers nor the mules had counted on getting caught. But, using complex data mining techniques, Prof. Warner established links between ZeuS-infected computers and traced the origins of the mass infection to Ukraine; and many of the hackers and their mules were caught. And after the FBI published a wanted poster of the students, Warner’s students began using what they’d learned in class to track the criminals. 



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

7K+ Israeli Credit Card Details Exposed By Kosovo Hackers Security (KHS)

Posted by Avik Sarkar On 1/18/2012 11:31:00 pm


Few days ago we have covered that hackers from Saudi Arabia named Group-XP has hacked more than 400K Israeli credit cards and they have openly posted on a pastebin release names, passwords, addresses, phone numbers and government ID numbers and so on. 0xOmar a hacker from Group-XP told "We decided to give the world a new year gift". Later Israel govt took this matter very seriously and vows to treat hackers like terrorists. But this threat of Govt. seems valueless to hackers. Today well known hacker group KHS aka Kosovo Hackers Security has did exactly same what Group-XP has done before. They have hacked more than 7000 Israeli credit cards.  Th3 Dir3ctorY, ThEtA.Nu, & X|CRIPO, three hackers from KHS openly posted all the credentials including full name of the card holder, CCV, card no, expiry date and so in tinypaste. Earlier this group has hacked many high profile websites including President of the Republic of Macedonia, Ukraine Govt. sites and many more. One of their major attack was taken place when hacker named Th3 Dir3ctorY has hacked the Hotmail server, and he managed to stop the entire Hotmail for more than 12 hrs. Today again they have proved their capability after leaking more than 7K credit card details. 



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Ukraine Under Massive Cyber Attack By Kosovo Hackers Security (KHS)

Posted by Avik Sarkar On 12/25/2011 04:26:00 pm


Few days earlier Kosovo Hackers Security has hacked the official website of President of the Republic of Macedonia. Now Hotmail hacker Th3 Dir3ctory & Theta.Nu with X-Crepo from KHS hit the Ukraine cyber fence. In this cyber attack more than 600 websites get hacked, including the official website of Ukraine Police (Govt. of Ukraine)Gazeta.ua (Ukraine Largest News Portal) and many more high profile sites. The deface mirror has been created by KHS on zone-h. Also they have released a pastebin containing all those hacked sites. According to KHS this entire "cyber attack is motivated by true patriotism." said Th3 Dir3ctory and later he added that "this is nothing many mooooore to come....."




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Willysy Malware Infects More than 6 Million WeSites

Posted by Avik Sarkar On 8/08/2011 02:00:00 pm

 
In less than two weeks, a malware injection that targets e-commerce Web pages has ballooned from 90,000 infected pages to more than 6 million. Malware willysy The malware, called willysy, exploits a vulnerability in a popular online merchant platform, osCommerce, according to Web application security provider Armorize, of San Francisco.
When the company initially reported the injection on July 24, it found 90,000 infected pages. When it took another look at the malware on August 3, it found the injection had spread to some 6.3 million pages.

Although the identity of the perpetrators of the attacks by the malware could not be identified by Armorize, the company did trace the forays to eight IP addresses, all located in the Ukraine.
Armorize explainedthat the attacks exploit three known vulnerabilities in version 2.2 of osCommerce. The exploits allow the attackers to place an invisible frame (iFrame) on the page and then inject malicious code (JavaScript) into the page, where it will infect visitors to the online store.
Once the infection makes it to shopper's computer, it targets vulnerabilities in Java, Adobe Reader, Windows Help Center and Internet Explorer. Although the flaws in those programs targeted by the infection are known and have been patched, the attackers are betting that the user hasn't patched all the programs.
Even the exploitation of osCommerce itself depends on lax patch management by the shopping site, since the holes in the program used by the attackers were patched in version 2.3 of the software released in November of last year. Since that time, two versions of the offering have been released, 2.3.1 and 3.0.1.

According to osCommerce, the open source software is used by some 249,000 store owners, developers, service providers and enthusiasts.
Attacks like the one discovered by Armorize can be especially harmful to small and medium-size businesses (SMB), asserts Frank Kenney, a former Gartner analyst and vice president of Global Strategy at Ipswitch, a file transfer security company in Lexington. Malware willysyWillysy's progress Those companies typically don't have the financial resources of larger firms so they're attracted to open source programs like osCommerce and use off-the-shelf software in their operations. "Whenever you use off-the-shelf software, you have to understand there are data issues and all types of security vulnerabilities that exist," he told
While the makers of off-the-shelf software patch their programs often, he continued, the business still has to invest in the resources to insure that proper patch work is done. "That requires an outlay of capital that SMBs are not willing to deal with or don't have within their margins," he says.
Such lack of diligence can hurt a business in the long run, because security breaches can invite scrutiny from credit card companies, he explained. A credit card company may refuse to allow the business to use its services until it shows a certain level of security compliance that is out of the reach of the business from a financial or time and resource point of view.
That would have dire consequences for an SMB, he maintains. "The ability to process cards is the difference between a small business or a chain of mom-and-pop stores being open today and being closed tomorrow," he says.
 
-News Source (PC World)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

CNAIPIC Hacked & More 8Gb Data Leaked (#Antisec)

Posted by Avik Sarkar On 7/25/2011 05:23:00 pm

National Anti-Crime Computer Centre for Critical Infrastructure Protection hacked By Anonymous and Lulzsec community.


The Official Statement Of the Hackers are:-


"...
////////////////////////////////////////////////////////////////////////////////////////////
+Legion of Anonymous Doom+ Release Zero1+
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Heynow,
This is a prerelease of a series we are going to make to reveal the biggest in history of European LE cyber operation Evidence exploitation and abuse. Thing's gonna get published and twittered all over anonymous and lulzsec community.

 Today we were granted with the Italian law enforcement Pandora box, we really think it shall be a new era of “regreaissance” to the almighty Homeland Security Cyber Operation Unit in EU.
So we decided to leak everything they got since they were established as a full scale cyber taskforce named CNAIPIC.

 This corrupted organization gathered all the evidence from the seized property of suspected computer professional entertainers and utilized it over many years to conduct illegal operations with foreign intelligence agencies and oligarchy to facilitate their lust for power and money, they never used obtained evidence to really support ongoing investigations.

 Today we reveal a whole Load of stuff (estimated leak would be over 8Gb) from such owned institutions, just to make it clear all of this stuff was stored on CNAIPIC evidence servers for years while people are doing time in jail waiting for the trial while CNAIPIC used the evidence in the global spy game galore:
  Egypt: Ministry of Transport and Communication
  Australia: Ministry of Defence
  Russia: Atomstroyexport, Diaskan, Sibneft, Gazprom etc.
  Ukraine: several embassies and consulates on it’s territory
  Nepal: Ministry of Foreign Affairs
  Belarus: Ministry of Foreign Affairs, Belneftehim, Belspetzexport
  Gibraltar, Cyprus, Cayman Islands etc: Tecno Develp, Line Holdings,    Dugsberry Inc, Alpha Prime, Alpha Minerals etc.
Vietnam: PetroVietnam (PTSC), Ministry of Natural Resources (MONRE)
  USA: EXXON MOBIL, US Department of agriculture and hundreds of attorneys and DOJ accounts including: McCallion & Associates LLP, Goodkind, Labaton, Rudoff & Sucharow, LLP, and hundreds of bullshit agencies we don’t even know why we pay taxes to support all of them.

 So to cut the crap let’s get it over with fellaz…

http://imgur.com/a/tkFdY#UTByw  
Is the image preview to get a glimpse on what is meant to be said.

http://depositfiles.com/files/tm7zeqiq9 
first of 2 preview archives with preview documents to get a general idea.

http://depositfiles.com/files/nn6dbleyv
2nd preview archive

http://www.sendspace.com/file/ta62tk  
CNAIPIC file structure and listing Part 1


Thank you all,
Stay tuned...4 update on this one.
NKWT LOAD  .."

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

UK is Enhancing Cyber Security to fight Against Hackers

Posted by Avik Sarkar On 7/07/2011 12:11:00 am

The fight against cyber crime needs a stronger common international legal framework to enable perpetrators outside the country of their victims to be tracked down and punished, a British security official said on Tuesday.
James Brokenshire, a Home Office (Interior Ministry) Minister for Crime and Security, added in remarks to reporters that governments and companies had to work much more closely together to fight the "scammers, fraudsters and hackers" who were creating a truly global problem.
"Active international partnerships are central to tackling cyber crime," he said. "There needs to be an international response including international treaties, bilateral treaties and common agreements between countries." A priority for governments is to find ways of hunting criminals across borders and ensuring they are punished, but many nations lack a common definition of cyber crime or common legal standards that would enable prosecutions of criminals operating offshore. Security experts have long said the core problem has been that nations are thinking too parochially about their online security to collaborate on crafting global cyber regulation.
High-profile online assaults in recent weeks have targeted the International Monetary Fund, the U.S. Central Intelligence Agency and the U.S. Senate, and companies such as Citigroup and Lockheed Martin Corp. The raids have raised doubts about the security of government and corporate computer systems and the ability of law enforcement to track down hackers. Saying there should be "no safe haven" for online criminals, Brokenshire added that governments had to work with the private sector to provide technical expertise to police in those countries that lacked the resources to fight cyber criminals.

He was speaking at the launch of the International Cyber Security Protection Alliance (ICSPA), a global not-for-profit organisation that aims to channel funding, expertise and help directly to law enforcement cyber crime units around the world.The venture, which will seek funding from the European Union, governments of the United States, Canada, Australia, New Zealand and Britain, and private sector companies, plans to work in partnership with European police agency EUROPOL.
Rik Ferguson, Director of Security Research at Trend Micro said areas of concern to ICSPA included Brazil, which had expertise in banking malware, China, where computers were often used by criminals elsewhere to host attacks in third countries, and Russia and Ukraine.Companies supporting the venture include McAfee , Cassidian, Trend Micro, Yodel, Core Security Technologies, Visa Europe , Shop Direct group, A&REdelman, Transactis and Article10. Cyber crime costs the British economy some 27 billion pounds ($43.5 billion) a year and appears to be "endemic", according to the first official government estimate of the issue published in February 2011.
Brokenshire's call echoes remarks by U.S. Secretary of Homeland Security Janet Napolitano who said last week that cyber criminals were outwitting national and international legal systems that fail to embrace technological advances.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Now anyone can be a cyber criminal

Posted by Avik Sarkar On 5/15/2011 03:26:00 pm



Cyber crime is no longer the exclusive domain of nerds with advanced coding and hacking skills. Thanks to simple and affordable, DIY downloadable crimeware, even novices can jump into what has turned into a global industry.
This is a far cry from the days when hacks were motivated more by the thrill of the kill than monetary gain, with even Steve Jobs and Steve Wozniak (Apple’s co-founders) allegedly on their rolls. It’s in the last decade, with the widening reach of the internet, that cyber crime turned virulent, as viruses like Melissa and I Love You clogged inboxes and spawned a multi-billion-dollar anti-virus software industry. And now, with the DIY attack kits, cybercrime is evolving into an extremely profitable, distributed global entity.
These malware toolkits aren’t just professional, marketable, and easy to deploy, they’re even being sold on a subscription model with after sales support.
Mpack, Neosploit, ZeuS, Nukespoilt P4ck, Phoenix … there’s an array of choices for script kiddies (those with minimal coding skills). “These kits come with features like encryption and hardware-based licensing, which one would find in enterprise-grade software,” says cyber sleuth Prasanna V, principal consultant of information security with Packet Verify. They enable users to launch pre-written threats against computer systems, and also customise them.
The United States, Russia, China, the UK, Germany, Brazil and Eastern European countries like the Ukraine are considered the hotbeds for development of such kits, and the damage they’re causing is already evident. According to a report by Symantec Corp, there was a 93% increase in web-based attacks in 2010 compared to the previous year, driven primarily by the prevalence of attack toolkits.
The modus operandi:
Most of the toolkits share a few common behavioural patterns, say Dr Madhupani and Dr Srinivas, technology experts with Cyber Security Works. “These can include capabilities to penetrate into browser processes, take screenshots of the victim’s machine or control it remotely, hijack e-banking sessions, add pages to a website and monitor them or steal passwords that have been stored by popular programs/browsers.” Users are lured through phishing websites, spam emails, download websites, freeware, or malicious codes inserted in legitimate programs.
What’s more worrying is that malware attacks from toolkits are difficult to monitor and curb because of both technological and legal factors. The cyber laws in most countries are largely inadequate to deal with the scale and reach of the crime. For example, a tool kit can enable a cyber criminal in Nigeria to spoof an Indian bank to send phishing emails to trick users in India. The network of cyber crime is spread so wide that it demands a coordinated effort by law enforcement agencies from all over the world that, as of now, is nonexistent.
On the technical side, “toolkits enable hackers to continuously generate new mutated malware variants, each targeting a different victim, making traditional discovery and fingerprinting of these threats nearly impossible,” says Ajay Goel, managing director, Symantec for India and SAARC.
On your guard:
So what can you do to protect yourself? For starters, realise that security does not start and end with an antivirus kit or a firewall, quips Prasanna. “Do not perform any financial transactions from shared systems like cyber cafes. Avoid connecting to free Wi-Fi hotspots. Scan USB before using. Stay away from suspicious websites and emails, limit the amount of personal information you give out on social networking sites like Facebook or Orkut,” he warns. “Finally, set the ‘automatic update’ option ON in all applications.”
Cyber Security Works issues another guideline: “Treat information the way you would treat your money.”

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Tracker Software Products Announces Launch of New Online PDF Viewer Cloud Applications

Posted by Avik Sarkar On 5/03/2011 04:55:00 pm


 
Tracker Software Products, Ltd has just partnered with Spoon, a cloud computing and virtualization technology company, to offer its PDF and image viewing programs as cloud-based products. In other words, this means that Tracker Software's programs can now be used from any Windows-based computer in the world, as long as it has Internet access. No installation required! All a user needs to do is log on to Tracker Software's website and download the Spoon plugin. This will allow the user to access any Spoon-based products online in addition to Tracker Software's PDF viewers.
Many businesses and professionals are making the switch to cloud-based programs due to the increased versatility, flexibility, and productivity. Additionally, cloud-based programs use less processing power, take up less hard drive space and tend to be better for a company's bottom line. By centralizing processing on the server side rather than the client side, Tracker Software assures users that they don't have to worry about ensuring that their version of software is up-to-date. When run from the cloud, programs are accessible with a single click, they don't take up valuable computer capacity, and any errors or bugs are easily fixed.
Both the free and the professional versions of Tracker Software's PDF-XChange Viewer are available in the new virtualized cloud-based format. These programs allow for easy manipulation and annotation using the most feature-rich PDF viewer currently on the market today. While most people use Adobe to view PDF files, they often run into problems due to a buggy interface, lack of editing capability, non-intuitive design and poor customer support. PDF-XChange allows you to export PDF files to images, to add textual content and extract text, to add security/encryption, to mark up a page with pictures snapped to the grid, to create new documents, to add digital signatures and much more, all through an easy-to-use interface.
This interface has since been put up on the cloud. The basic functionality remains the same, except users may find that the online PDF viewer is faster and doesn't lag the computer quite as much. Additionally, customer support is likely to be faster in the event of a bug, and new features will be added all the time without the need for additional downloads. This change in basic framework will, according to Tracker Software, be the basis for future improvements further down the line.
In other words, the new Online PDF Viewer Cloud Applications don't offer significant change in what you can do right now, but the improved productivity will provide a level of increased ease that wasn't there before. Instead of new features, the skeleton of the program is getting a rework to be better suited for modern computing. More and more companies are going the way of the cloud and virtual machines, because keeping one hundred copies of PDF-XChange Viewer for business purposes, for instance, is inefficient and wasteful according to proponents of the technology.
When it comes to providing PDF software to businesses and professionals worldwide, Tracker Software has been rated by many analysts as one of the best in the industry. They have consistently been on the forefront of technological development, and this latest move proves that they will continue to do so into the foreseeable future.
About Tracker Software
Tracker Software Products, Ltd develops PDF and imaging software, with products including a free PDF reader and a TIFF creator. With sales offices in Canada and the UK and development offices in the USA and Ukraine, Tracker provides document/imaging applications and developer toolkits to professionals around the world. Tracker Software products conform to ISO-maintained PDF specifications, originally defined and extended by Adobe.
About Spoon
Spoon is one of the leading developers of virtualization technologies and cloud computing, meant to connect data, applications and processing power to users instantly, anywhere. Spoon products are available online at Spoon.net, from third party sites through Spoon Feeds, and from within private clouds by way of Spoon Server.
Spoon and Spoon-related products are used by industry leaders in a variety of fields, from education, government and health care to entertainment, finance and information technology. Satisfied customers include Novell, Namco Networks, Autodesk, Core Learning, the U.S. Marine Corps and thousands of software developers around the world

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

cyber-crimeKnowBe4: $35,000 Cybercrime Against Florida Attorney Could Have Been Prevented

Posted by VOICE OF GREYHAT On 4/24/2011 08:44:00 am



According to a new case study published by the Internet Security Awareness Training (ISAT) firm KnowBe4, Bradenton-based lawyer Kimberly Graus found out the hard way that data security breaches can happen to any business, anywhere, at any time when hackers bypassed her antivirus software and initiated $35,000 in wire transfers from a trust fund she manages. She was just one of the nearly 20,000 Floridians who filed a case with the FBI's Internet Crime Complaint Center last year - making Florida #2 in the nation in cybercrime complaints.*
Graus was most likely the victim of a phishing attempt disguised as a seemingly innocuous email. When she clicked a link within the message, it surreptitiously downloaded a program to her computer. This malware allowed the hackers to capture Graus' account passwords when she entered them online, and then initiate the illicit wire transfers from her own IP address.
Upon noticing the missing funds, Graus acted quickly to report the suspicious activity, enabling her bank to stop three of the four electronic transfers. Unfortunately, $9,500 had already gone through to an unknown recipient in the Ukraine. Because businesses do not enjoy the same FDIC insurance that consumers do, that left Graus out nearly $10,000 - plus the cost of a computer forensic analysis and a new laptop.
"Graus protected her account information, maintained antivirus software and had three layers of password security in her online banking system. Yet in spite of these precautions, she still fell prey to the sophisticated cyberheist tactics of Eastern European criminals," explained KnowBe4 founder and CEO Stu Sjouwerman (pronounced "shower-man"). "Many professionals believe that antivirus software will protect them from all external threats, but that simply isn't the case."
Sjouwerman noted that Internet security awareness has led most people to be suspicious of unsolicited emails from unknown senders, especially when the messages are rife with misspellings and poor grammar. But when phishing emails appear to be an official message sent by the recipient's bank or credit card company, a government agency, or a trusted friend or colleague, even the most savvy Internet users may click without thinking. And all it takes is one click to compromise a computer and its data security.
"Small and Medium Enterprises (SMEs) need to take proactive measures to combat new and evolving cybercrime tactics," said Sjouwerman. "They also need to realize that they can't rely solely on their IT teams alone to guard against hackers and other cyber threats. Any employee that inadvertently clicks on a phishing email can expose the entire company to potentially devastating damages and loss. That's why Internet security awareness training is critical for staff at every level of the organization."
KnowBe4 offers a free phishing security test that allows SMEs to determine how Phish-prone™ their employees are. The company's exclusive First2Know™ Internet Security Awareness Training (ISAT) is an industry first, providing high-quality, interactive training to educate staff about phishing, malware, social engineering and other related topics. Afterward, scheduled phishing security tests help to keep employees on their toes and determine if remedial training is necessary.
To view the case study about the Bradenton trust account cyberheist, or to learn more about the Internet Security Awareness Training (ISAT) offered by KnowBe4, visit www.knowbe4.com/case-studies.
*Internet Crime Complaint Center (IC3). 2010 Internet Crime Report and Florida IC3 2010 Internet Crime Report; February 2011.
About Stu Sjouwerman and KnowBe4 
Stu Sjouwerman is the founder and CEO of KnowBe4, LLC, which provides web-based Internet Security Awareness Training (ISAT) to small and medium enterprises. A data security expert with more than 30 years in the IT industry, Sjouwerman was the co-founder of Sunbelt Software, an award-winning anti-malware software company that he and his partner sold to GFI Software in 2010. Realizing that the human element of security was being seriously neglected, Sjouwerman decided to help entrepreneurs tackle cybercrime tactics through advanced Internet security awareness training. He is the author of four books, including Cyberheist: The Biggest Financial Threat Facing American Businesses Since the Financial Meltdown of 2008, available in April 2011. For more information on Sjouwerman and KnowBe4, visitwww.knowbe4.com.


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search