Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Hackers attack. Show all posts

Signs Your Home Network Has Been Hacked and How to Protect Yourself

 

While many are aware of the risks associated with public Wi-Fi, fewer realize that home networks are also vulnerable to cyberattacks. Hackers can infiltrate home networks to access sensitive information like bank details, private conversations, and personal photos. Here are key indicators that your home network may be compromised and steps to enhance your security. 

One sign of a compromised network is a sudden drop in internet speed. If your connection slows down without any issues from your provider, it could mean hackers are using your bandwidth for malicious purposes. Another warning sign is the appearance of unfamiliar devices on your network. Hackers might connect their devices to your network to steal information. To check for this, log into your router and review the list of connected devices. Unrecognized entries should be investigated. Unexpected changes to your Wi-Fi password are also concerning. If you haven't changed it but find it different, someone might have hacked into your network to lock you out. 

Additionally, spotting unfamiliar software on your devices can indicate malware installation by hackers aiming to steal your data. Browser hijacking is another serious threat. If hackers gain access to your router, they can alter its DNS settings, redirecting your internet traffic to malicious sites that can steal information and install harmful software. If your browser frequently redirects to suspicious websites, your network might be compromised. Understanding how hackers operate can also help in recognizing threats. 

For example, they may pose as buyers in online transactions, sending phishing links to steal bank details from sellers. To protect your home network, ensure your router’s firmware is up to date and use strong, unique passwords for your Wi-Fi and devices. Enable network encryption, such as WPA3, and disable remote management features that can provide easy access to hackers. Using a virtual private network (VPN) can further secure your internet traffic and protect your online activities. 

Securing your home network requires vigilance and proactive measures. By staying aware of potential warning signs and implementing strong security practices, you can protect your personal information and maintain your digital privacy. Continuous learning and adaptation to new cyber threats are essential for keeping your network safe.

Massive Data Breach Exposes Sensitive Information of Indian Law Enforcement Officials

 

Recently, a significant data breach compromised the personal information of thousands of law enforcement officials and police officer applicants in India. Discovered by security researcher Jeremiah Fowler, the breach exposed sensitive details such as fingerprints, facial scans, signatures, and descriptions of tattoos and scars. Alarmingly, around the same time, cybercriminals advertised the sale of similar biometric data on Telegram. 

The breach was traced to an exposed web server linked to ThoughtGreen Technologies, an IT firm with offices in India, Australia, and the United States. Fowler found nearly 500 gigabytes of data, encompassing 1.6 million documents dating from 2021 to early April. This data included personal information about various professionals, including teachers, railway workers, and law enforcement officials. Among the documents were birth certificates, diplomas, and job applications. 

Although the server has been secured, the incident highlights the risks of collecting and storing biometric data and the potential misuse if leaked. “You can change your name, you can change your bank information, but you can't change your actual biometrics,” Fowler noted. This data, if accessed by cybercriminals, poses a long-term risk, especially for individuals in sensitive law enforcement roles. Prateek Waghre, executive director of the Internet Freedom Foundation, emphasized the extensive biometric data collection in India and the heightened security risks for law enforcement personnel. 

If compromised, such data can be misused to gain unauthorized access to sensitive information. Fowler also found a Telegram channel advertising the sale of Indian police data, including specific individuals’ information, shortly after the database was secured. The structure and screenshots of the data matched what Fowler had seen. For ethical reasons, he did not purchase the data, so he could not fully verify its authenticity. In response, ThoughtGreen Technologies stated, “We take data security very seriously and have taken immediate steps to secure the exposed data.” 

They assured a thorough investigation to prevent future incidents but did not provide specific details. The company also reported the breach to Indian law enforcement but did not specify which organization was contacted. When shown a screenshot of the Telegram post, the company claimed it was “not our data.” Telegram did not respond to requests for comment. 

Shivangi Narayan, an independent researcher, stressed the need for more robust data protection laws and better data handling practices by companies. Data breaches are so frequent that they no longer shock people, as evidenced by a recent face-recognition data breach involving an Indian police force.

Globally, as governments and organizations increasingly use biometric data for identity verification and surveillance, the risk of data leaks and abuse rises. For example, a recent face recognition leak in Australia affected up to a million people and led to a blackmail charge. It also has to be noted that many countries are looking at biometric verification for identities, and all of that information has to be stored somewhere. If they decide to farm it out to a third-party company, they lose control of that data.

Anonymous Leaks 82 GB Police Data as Protest Against Australian Detention Centre

Earlier this week, the Anonymous collective released 82 GB worth of emails that belonged to the Nauru Police Force. As per Anonymous, the data leak was a protest against the bad treatment of asylum seekers and refugees by Island authorities and the Australian government. 

Nauru is a small island country in Micronesia, Australia, infamous for an offshore refugee detention camp, for which Australia provides assistance. The total number of leaked emails is around 285,635 and open for direct and torrent downloads via the official website of "Enlace Hacktivista," a forum that tries to document hacker history. 

"Nauru agreed to assess people's claims for international protection and host the facilities required to detain them, while Australia committed to bearing the entirety of the cost. Nauru has a population of 10,000 people, with around 107 asylum seekers as of July 2021. 
 
The majority of asylum-seekers and refugees on Nauru are from Iran, while many are stateless, and others come from Afghanistan, Iraq, Myanmar, Pakistan, and Sri Lanka," says Enlace Hacktivista website. Experts couldn't find out the trove of emails, but Anonymous says that leaked data consists of details related to violence that the Nauru Police Force and the government of Australia tried to hide. 

Anonymous' statement asked authorities to start an inquiry into all accusations of abuse in the refugee detention camp and to compensate lifetime reparations to victims of abuse. It has also asked to end the policy of compulsory immigration detention and permanent shutting of immigration detention facilities, which includes the island of Nauru. DDoSecrets has confirmed the leak and said that the massive data leak is also available on DDoSecrets. 

Besides this @YourAnonNews, a media representative tweeted "anonymous hackers release 1/4 million Nauru Island Immigration Detention Center Police emails documenting abuses suffered by asylum seekers and refugees under successive Scott Morrison (Prime Minister of Australia since 24 August 2018) portfolios." As of now, there is no official statement from Nauru Police Force and the Australian government related to the leak.

"Ransomware" screen on trams and TV billboards in Russia turn out to be ad from cyber security firm

According to Positive Technologies, provocative street art first appeared, mimicking ransomware malware. So, fictional windows of the Windows interface were depicted on trams with the inscription “All passengers with sad faces. This tram has been hacked,” it was written on the walls “We will return the wall for 3 BTC (bitcoin),” and on the TV screens — “Right now we will steal Antey.”

A few days later, the images were replaced by others, which had the QR code of the Positive Technologies company's manifesto video about the need to pay attention to information protection.

According to Positive Technologies, with the help of an unusual campaign, the company tried to attract the attention of people and organizations to cybersecurity problems, which have become especially acute recently.

“In 2020, compared to 2019, the number of unique cyber incidents increased by 51%. Seven out of ten attacks were targeted. Most often, cybercriminals attacked government and medical institutions, as well as industrial enterprises,” Positive Technologies reports.

Information security experts note that the number of cyberattacks in the world has increased by 40% this year compared to the previous one. As for Russia, the number of cyberattacks has increased even more significantly — by 54%.

“The concept of art is that we visually convey the process of a hacker attack. The information environment already affects the real one. The main desire is to show through clear and simple images that everything can be hacked in the modern world. And do not underestimate such threats, because while you are reading this text, someone can hack you,” said one of the artists.

Hackers attacked major Telegram channels via video on Yandex

 On November 10, hackers conducted a major attack on popular Telegram channels. Reddit's administrators completely lost access to the channel, to which 236 thousand people were subscribed. The attackers used the old scheme: they simply sent the Trojan-infected file to the administrators

Hackers stole the Telegram channel of the Reddit forum, administrators could not log in to the control panel. The Telegram channel Baza was also attacked, but the attackers failed to gain access to the channel.

The hackers had the following scheme: they offered to buy advertising space, but first they asked to watch a video with their materials, which could be downloaded from Yandex.Disk. The document could not be opened on a mobile device, and hackers offered to download it to a desktop computer.

After launching the file, the owner of the Reddit channel with 236 thousand subscribers was no longer able to access it.

General Director of the lab Studio.AG Artem Geller explained that this is a very old method of fraud, and Windows is an object for such files. Hackers, under various pretexts, send material containing malware. It allows access to the entire operating system if the victim opens the file. In this particular case, the attackers were interested in Telegram, so the Reddit account was stolen.

Can't blame Yandex.Disk for missing the Trojan. According to Geller, about 300,000 new viruses appear every day in the world, so it's simply impossible to catch them all. Moreover, it may not be a new virus, but a modification of the old one. At the same time, the Trojan has no task to destroy the computer system.

Cloud storage is a convenient way for fraudsters, because they can upload a file of any size there, unlike email. Unprotected, unencrypted files without passwords are loaded into these vaults.

According to the information security expert Alexander Vlasov, we must remember one thing: those who provide the service for free, never sign up to the fact that they will protect your files. Yes, they are trying to track malware, but within the general outline of the ecosystem.

Email of the Pskov Churchman Tikhon was hacked


The Churchman Tikhon (Mr. Shevkunov), who is called "Vladimir Putin's Confessor" in the media, told about the hacking of his mail. Now blackmailers are threatening to publish information of many years

"A few months ago it turned out that my email was hacked for many years. My private and business correspondence began to be published on the Black Mirror website. In parallel, these materials were published on other telegram channels. I was asked to pay ten million rubles to suspend publication. I, of course, refused," said Tikhon.

The attackers, according to the clergyman, demanded to pay 10 million rubles ($132,000) to suspend the publication. The Churchman answered hackers that he can put all the information of his mail in open access if they will donate the same amount to the Pskov diocese.

Tikhon said that he did not want to "accept the terms of blackmailers and encourage dirty business." Shevkunov added that he did not pay attention to the hack at all and commented on it only because of many questions from the media. "I know that the competent authorities are looking for hackers, but whether they find them or not, we will see," said the Metropolitan.

"There is the COVID-19 virus, there are computer viruses, and there are such viruses in our society. They affect both those who steal other people's letters, wanting to make money on it and those who eagerly read other people's letters," stated the Churchman
Tikhon.

It is worth noting that letters from his hacked mail continue to be published so far. In particular, recently an audio file of his conversation with the filmmaker Nikita Mikhalkov was published

Hackers attacked hospitals in the Czech Republic: Russia is suspected


According to the Lidové noviny newspaper, a foreign state may be behind the cyberattacks, and hacker groups from Russia may be involved.

"The organizer is a foreign country. It is beginning to become clear that Russia may be behind this. IP addresses lead there," a high-ranking officer who is part of the team of investigators told the newspaper. His words were confirmed by a member of the Czech Security Council.

Last week, hackers tried to hack into hospital networks in the Czech Republic. According to Health Minister Adam Vojtech, all attacks were repelled, "but other attacks may follow."

Attacks to the Czech Republic, caused during the pandemic, was mentioned in a speech last weekend by US Secretary Mike Pompeo. He warned that such attacks will not go unpunished.

"I highly appreciate the support of the United States and all its allies who are helping to ensure our country's cybersecurity. Cyberattacks on Czech medical institutions during the fight against the COVID-19 epidemic are similar to the behavior of hyenas. I hope our experts will soon find those who are interested in the defeat of the Czech Republic in the fight against infection,” said Czech Foreign Minister Tomas Petrsicek, in turn.

Meanwhile, the Ukrainian Embassy in the Czech Republic said that they condemn cyberattacks on Czech medical institutions, which is especially cynical during pandemics: "Ukraine, which has been facing Russia's war for six years, including the cyberwar, stands in solidarity with its Czech friends and will share its experience in fighting the aggressor."

The Russian Embassy on its Facebook page called the publications "fake news".

"In this regard, the Embassy of the Russian Federation in the Czech Republic would like to emphasize that parasitising the topic of the coronavirus epidemic ... goes beyond all possible moral and ethical limits."

Dozens of cyberattacks on the website of the Mayor of Moscow have been recorded since the beginning of February


Group-IB specialists recorded several DDoS attacks on Moscow electronic services, including the mos.ru portal. This was announced by the CEO of the company Ilya Sachkov.

As the head of the Moscow Government’s IT department, Eduard Lysenko, reported, the site experienced as many attacks in three hours as it has not experienced in the last two quarters.
At the moment, the cyber defense company Group-IB is figuring out who needed to carry out massive attacks on government resources and is looking for perpetrators.

"The investigation has begun, our task is to understand the reasons for cyberattacks and find the perpetrators. At the moment, we can not provide details, this will interfere with the tasks of investigators", said the head of Group-IB, Ilya Sachkov.

According to him, the huge load on the website mos.ru it also caused many requests for passes from citizens. In addition, the interruptions were affected by the interest of Moscow residents, as there were numerous attempts by users to go to the portal just to explore and understand how it works.

At the same time, Sachkov added, it is possible to ensure stable operation of mos.ru, even despite increased loads. “The portal experiences problems that are standard when launching large-scale services of this kind. Such services are tested for fault tolerance, security, and implementation quality in order to ensure stability and continuity of service.”

Recall that from March 30, Moscow introduced a regime of complete self-isolation. Residents of Moscow are allowed to leave the apartment only as a last resort. Starting April 15, they will need to have a special pass to travel around the city by public or private transport. Such measures are designed to stop the spread of coronavirus infection.

Earlier, E Hacking News reported that hackers hacked the digital Pass System of Moscow residents.

Attackers hacked a Spanish TV channel and showed an interview with the separatist leader of Catalonia


Spanish state television company TVE on Wednesday said that last Thursday unknown attackers used an open portal on its website to air a Russia Today program about Catalan separatist leader Carles Puigdemont.

According to the representative of TVE, hackers did not break into any external cybersecurity barriers but took advantage of the “open door” on the site.

As the source noted, it is too early to talk about the identity and location of the attackers, since the investigation is not yet finished.

The interview shown last Thursday was watched by about 96 users. Puigdemont and former Ecuadorian President Rafael Correa participated in a program produced by the Russian state channel. 
In addition, in an interview, Puigdemont said that there is no option to resolve the problem of Catalonia, which would not include the independence of the region.

It is interesting to note that both of them fled to Belgium after legal proceedings were initiated against them in their home countries.

Earlier, the Spanish authorities found evidence that Russian groups actively used social networks to support the independence movement of Catalonia and tried to influence public opinion in an effort to destabilize Spain.

Russia Today editor-in-chief Margarita Simonyan said that the channel was not involved in the hack.
"Hackers broke into the Spanish channel "+24" and turned on our broadcast instead of them, Simonyan commented on her Telegram channel.

"We just had an interview with Puigdemont, the chief on the independence of Catalonia. We don't know who did it, but it was beautiful," noted she.

Russian hackers in recent years are suspected of interfering in the political affairs of many countries, including the United States, Britain and France.