Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Defaced Website
Defaced Website

20 + websites hacked by Indian Cyber Leets(ICL)

Nyro hacker, silent hacker and shorty charso beas from Indian cyber leets group , hacked and defaced more than 20 websites.

List of hacked sites:
20 + sites hacked by nyro hacker, silent hacker n shorty charso beas
sites
http://www.24-hour-emergency-locksmith.net/icl.html
www.tanyahati.com/icl.html
http://www.gasfreeev.com/icl.html
http://www.atomchemindia.com/icl.html
http://www.caitygaffphotography.com/icl.html
http://heingartner.com/icl.html
http://dgwinandsoft.net/icl.html
http://dagooz.com/icl.html
http://juicyfunfun.com/icl.html
http://www.weeklytravelnews.com/icl.html
http://tensai-desu.org/icl.html
http://www.nilivia.com/icl.html
http://www.pligggu.com/icl.html
http://secrethangar.com/icl.html
http://www.shorelinegreenbusiness.com/icl.html
http://studentsidonline.org/icl.html
http://galaxycorner.com/icl.html
http://www.savemyface.com/icl.html
http://whatis401k.com/icl.html
http://trelibloco.com.br/icl.html
http://www.unisonturkey.com/icl.html
http://708online.com/icl.html
www.websiteautomationwizardreviews.net/icl.html
http://blakewestman.com/icl.html

mirror's
http://www.zone-hack.com/defacements/?id=25573
http://www.zone-hack.com/defacements/?id=25572
http://www.zone-hack.com/defacements/?id=25571
www.zone-hack.com/defacements/?id=25568
http://www.zone-hack.com/defacements/?id=25569
www.zone-hack.com/defacements/?id=25570
www.zone-hack.com/defacements/?id=25565
http://www.zone-hack.com/defacements/?id=25566
http://www.zone-hack.com/defacements/?id=25567
www.zone-hack.com/defacements/?id=25561
www.zone-hack.com/defacements/?id=25562
www.zone-hack.com/defacements/?id=25563
www.zone-hack.com/defacements/?id=25564
http://www.zone-hack.com/defacements/?id=25556
http://www.zone-hack.com/defacements/?id=25557
www.zone-hack.com/defacements/?id=25558
www.zone-hack.com/defacements/?id=25559
http://www.zone-hack.com/defacements/?id=25560
http://www.zone-hack.com/defacements/?id=25551
www.zone-hack.com/defacements/?id=25552
www.zone-hack.com/defacements/?id=25553
www.zone-hack.com/defacements/?id=25554
www.zone-hack.com/defacements/?id=25555
http://www.zone-hack.com/defacements/?id=25550


Read more »
Malware Report
Malware Report

Android malware found in Google Play market, targets Japanese users


A new android malware that promises to display videos steals your sensitive data in background. McAfee Researchers spotted this malware in the official Google Play market that targets Japanese users. 

When installation, the app request for two permissions -read contact data and read phone state and identity. Once the app installed, it steals sensitive information such as the Android ID, phone number and Contact list.

Once the information is obtained, the malicious application sends it to a remote server in clear text.

"If the data was sent successfully, the application requests a specific video to the same server and displays it using a VideoView component. If the malware fails at its background theft (for example, the device does not have an Internet connection), a message in Japanese says that an error has occurred and the video has not loaded." McAfee said.
So far, McAfee discovered 15 malicious applications. The apps had been downloaded by at least 70,00 users. McAfee security products detect it as Android/DougaLeaker.A

Read more »
Hackers Arrested
Anonymous Hackers Breaking News Cyber Crime Hackers Arrested

FBI track Anonymous Hacker AnonW0rmer' after posting girlfriend photo

An Anonymous hacker '@AnonW0rmer' has been tracked down ,when he made mistake by posting a picture of scantily clad girlfriend in an image bragging about his hacking exploits.

Higinio O. Ochoa III, from Texas, computer programmer, has been charged by the FBI with hacking into the websites of at least 4 US law enforcement websites and leaking the sensitive data of police officers.

The photo, cropped from the neck down, featured the bikini-clad babe holding a sign saying "PwNd by w0rmer & CabinCr3w <3 u BiTch's".

The photo was taken via iPhone. Unfortunately, failed to purge its metadata which revealed the GPS co-ordinates in an outer-Melbourne suburb where the photo was taken. "EXiF data from this picture shows that it taken with an iPhone 4 and edited with Photoshop," the complaint states.

Ochoa was scheduled to appear in a criminal court in Austin, Texas over the alleged hacking attack on Tuesday, 10 April.

Read more »
Silent Hacker
Silent Hacker

25 sites hacked by SIlent Haxor and Shorty420 from Indian cyber leets

Hackers 'Silent Hax0r' and 'Shorty420' from Indian cyber leets has hacked and defaced around 25 websites.

List of hacked sites;
http://www.zamzambluetraders.com/help.html
http://www.oceanlink.com.pk/help.html
http://www.bestofarchive.com/help.html
http://www.vitiligos.com/help.html
http://diabetesdiets.us/help.html
http://asianholidays.asia/help.html
http://www.astrolegend.com/help.html
http://www.bmttours.com/help.html
http://www.gemco.com.pk/help.html
http://www.businessandproperty.com.pk/help.html
http://buybyclicks.com/help.html
http://itsteps.org/help.html
http://shelterhotel.pk/help.html
http://saharareportmultan.com/help.html
http://ivsal.com/help.html
http://www.smart-youth.org/help.html
http://www.umrah2011.co.uk/help.html
http://www.drkhurram.com/help.html
http://ibmsgeneva.com/help.html
http://www.itzco.co.uk/help.html
http://www.lahoresurgery.com/help.html
http://www.iledulive.com/help.html
http://www.sixdegreesm.com/help.html
http://hpylorisymptoms.org/help.html
http://www.softprohost.com/help.html


Read more »
Defaced Website
Defaced Website

3 Nepal government sites hacked by Indian cyber leets


Hackers 'Nyro hacker' and 'Silent Hacker' from Indian Cyber leets hacked three Nepal government websites and one download site.

National center of aids and std(www.ncasc.gov.np/), Nepal Academy of Science of Technology(www.ncasc.gov.np),Nepal water for health(newah.org.np) has been defaced by hackers.

The mirrors are:
  • http://www.zone-hack.com/defacements/?id=25306
  • http://www.zone-hack.com/defacements/?id=25305
  • http://www.zone-hack.com/defacements/?id=25304
  • http://www.zone-hack.com/defacements/?id=25244



Read more »
Vulnerability
Featured OS Vulnerability Vulnerability

'No permissions' Android app can access sensitive data


A security researcher ,Paul Brodeur, from Leviathan Security Group, has created a proof-of-concept app called "No Permissions" that demonstrate how an android application which doesn't ask for any security permission is still able to access to your sensitive data.

Usually, whenever android user try to install an app, a screen will be displayed to asks users to approve the permission requested by app. The purpose of Android Permissions is to let you know exactly what information an app maker is harvesting from your device, so you can make an informed decision over whether or not you want to install it. An app needs your permission to do even trivial tasks like performing network access, keeping the device awake.

According to Paul's research, even an Android app with zero permissions are able to access the sensitive  data from your devices. His app which doesn't ask for any permissions is still able to access files on SD card, files stored by other apps and handset identification data.

In order to send collected information to the criminal, app will need INTERNET permission. Unfortunately, there is one network call that can be made without any permissions.

"the URI ACTION_VIEW Intent opens a browser. By passing data via GET parameters in a URI, the browser will exfiltrate any collected data. In my tests, I found that the app is able to launch the browser even after it has lost focus, allowing for transmission of large amounts of data by creating successive browser calls." researcher explained.

He tested the app against Android 4.0.3 and Android 2.3.5.  If you are curious to know the capabilities of the app, then you can download it from here.
Read more »
Malware Report
Breaking News Malware Report

New Mac OS X backdoor Trojan 'Sabpab' discovered


While more than 600,000 Mac users are struggling with the FlashBack Trojan infection, researchers have discovered a new malware that works like Flashback.

The Trojan dubbed as "Sabpab" exploits the same drive-by Java vulnerability used to create the Flashback botnet.

The trojan attempts to connect to a control server using HTTP, receiving commands from remote hackers. "The criminals behind the attack can grab screenshots from infected Macs, upload and download files, and execute commands remotely." Says sophos researcher.

Sophos security solutions identifies the malware as OSX/Sabpab-A.
Read more »
Ransomware
Malware Report Ransomware

Ransomware encrypts users files and demands 50-Euro Ransom

A malware Encrypting user files and demanding money is not new one, known as Ransomware. Recently, BitDefender security researchers come across a ransomware.  As usual, the malware encrypts the user file and demanding 50 euros in exchange to unlock.

Once the malware infects the victim, it encrypts all extensions pertaining to movies, music, photos, shortcuts, PDF, text and html files by adding .EnCiPhErEd to the valid file extension. It also changes the default icons of all the files with modified extensions to a pink common icon.

In each folder it finds on the infected system, the scareware adds a file named "HOW TO DECRYPT FILES.txt" and the following warning message:

“Attention! All your files are encrypted!

You are using unlicensed programms!

To restore your files and access them,

send code Ukash or Paysafecard nominal value of EUR 50 to the e-mail Koeserg@gmail.com.

During the day you receive the answer with the code.

You have 5 attempts to enter the code. If you exceed this date all data is irretrievably spoiled. Be careful when you enter the code!”

Bitdefender security solutions detect the malware as Trojan.Ransom.HM.

Recently, TrendMicro researcher come across a ransomware that works differently from the usual ransomware;Modifies the MBR record instead. (read the full article here).


Security Tips:
To stay secure, users are advised to pay great attention to the files you choose to download from your favorite peer-to-peer network.
Read more »
Hackers Arrested
Cyber Crime Hackers Arrested

Two alleged TeamPoison hackers arrested for hacking Anti-Terrorism Hotline


UK authorities arrests two teenagers , suspect of being member of Teampoison and hacking the MI6 anti-terrorist hotline. But the members of TeaMp0isoN says their member are not arrested.

The suspects, aged 16 and 17, are being held in the West Midlands by detectives from the Police Central e-Crime Unit.

“This just comes to prove on how you shouldn't believe everything you read online. Tsk tsk tsk... NOBODY in #TeaMp0isoN has been arrested,” tweeted F0rsaken , one of the members of the group.

“TriCk was online and well with communication when this article was written. He is not arrested,” he explained.

Read more »
Ransomware
Malware Report Ransomware

New Ransomware compromises Master Boot Record (MBR)

New Ransomware compromises Master Boot Record (MBR) and demands 920 hryvnia($114) to unlock the system. This is completely different from the previous ransomwares.Usually, ransomware encrypts files or restricts user access to the infected system.

After analyzing the malware sample , TrendMicro researcher found that the malwares copies the original MBR and overwrites it with its own malicious code.
This prevents the victim's Operating system from loading.


Once it modifies the MBR ,it automatically restarts the system for the infection take effect. When the system restarts, the ransomware informs the victim's system is blocked and demands 920 hryvnia (UAH) via QIWI to a purse number (12 digits) – 380682699268.

Once paid,they will receive a code that will unlock the system. This code will supposedly resume operating system to load and remove the infection. This particular variant has the “unlock code” in its body. When the unlock code is used, the MBR routine is removed.

Trend Micro detects this ransomware as TROJ_RANSOM.AQB and the infected MBR as BOOT_RANSOM.AQB.
Read more »
Vulnerability
Breaking News OS Vulnerability Vulnerability

WICD privilege escalation 0day affects Backtrack Linux

A student from Infosec Institute managed to find a zero-day vulnerability in Wireless Interface Connection Daemon(WICD) affecting the Backtrack 5.

The discovery has been published on InfoSec's own website and detailed by the student himself, who says that the Wireless Interface Connection Daemon (WICD) has several design flaws that can be misused to execute a privilege escalation exploit.

Improper sanitization of the inputs in the WICD's DBUS interfaces allows an attacker to (semi)arbitrarily write configuration options in WICD's 'wireless-settings.conf' file, including but not limited to defining scripts (executables actually) to execute upon various internal events (for instance upon connecting to a wireless network).

These scripts execute as the root user, this leads to arbitrary code/command execution by an attacker with access to the WICD DBUS interface as the root user.
At the first , researchers incorrectly named the vulnerability as "Backtrack 5 R2 priv escalation 0day ".  Later realized the mistake and change the name to "wicd Privilege Escalation 0Day". They apologized for the confusion to the Backtrack team and any other persons affected by this error.


"To summarise, we believe that the intentional misrepresentation of this bug report has discredited BackTrack unecessarily in the eyes of those who do not understand the underlying mechanisms of our OS, and also discredited the Infosec Institute in the eyes of those who do." Backtrack commented on this issue. 
The wicd team has released a new version that fixes this bug (CVE-2012-2095).
Read more »
Subscribe to: Comments (Atom)