Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Malware Report
hacker news IT Security IT Security News Malware Report

Chinese hackers compromised European Ministries' computers before G20 summit


Network Security company FireEye found out Chinese hackers have compromised computers of 5 European foreign Ministries before the last Sep. G20 Summit, reports Reuters.

The cyber attack was achieved by sending spam email containing malicious file entitled "US_military_options_in_Syria". Once the recipient opened the file, it infects the their computer.

The company said they were monitoring the main command and control(C&C) server used by hackers in late August. However, the researchers lost access after the hackers moved to another server before the G20 summit began.

FireEye believes the hackers were preparing the attack to steal data from the compromised computers.

Based on evidences, especially the language used in the hacker's server and computers used for testing the malware, researcher come to conclusion that the attack is from China.
Read more »
hacker news
Bitcoin hacker news

Chinese Vendors no longer accepting Bitcoins as currency

We aware that Chinese Government restricts Banks from doing Bitcoin transactions.  As a result of this, Chinese vendors that previously accepted bitcoins as currency also stopped doing the Bitcoin transactions.

Baidu, Chinese Biggest Search engine, that had started accepting the virtual currency on October 14 for their website-hosting service, also stopped accepting Bitcoins.

Chinese local smartphone and Smartwatch vendor Geak which claimed to be the first China's commercial company allow bitcoin transaction said it would cease accepting bitcoin, PCWorld reports.

And a Chinese grocery store said they also stopped accepting bitcoin.


Read more »
Pakistani Hackers
Breaking News Defaced Website hacker news Pakistani Hackers

Over 30 Rajasthan Government websites hacked by Pakistan Hacker "H4x0r HuSsY"

More than 30 India's state 'Rajasthan' Government websites has been hacked and defaced by a Pakistani hacker named as "H4x0r HuSsY".

The motivation of the hack is appeared to be increasing defacement notification in Zone-h.  The hacker claims he is the "person with the highest number of special (.IN) Notifs."

"Proved to be Hell For India!  I might Opt Out of the Cyber World As I don't get much time. But Here's a Peace Message.  To All Indian Hackers etc etc  U Gotta Look at my Zone-H Archive Whenever you have Intentions of hacking (.PK) Sites"  The defacement message reads.

It appears hacker does not like to deface the main page because it will be easily detected by admins.  He just uploaded 1337.html which contains the defacement contents instead.

This is not the first time these Rajasthan Government Government websites being hacked by Pakistani hackers; Last year, KhantastiC haXor defaced them.

The hacker also mentioned that the server was previously compromised by the Khantastic and he again compromised the server with another security flaw in the server.

In july 2013, H4x0r HuSsY also hacked more than 15 Goa government websites.

Full list of hacked websites:
http://dpipraj.gov.in/1337.html
http://bor.rajasthan.gov.in/1337.html
http://bpe.rajasthan.gov.in/1337.html
http://bpl.rajasthan.gov.in/1337.html
http://collegeeducation.rajasthan.gov.in/1337.html
http://doitc.rajasthan.gov.in/1337.html
http://dop.rajasthan.gov.in/1337.html
http://finance.rajasthan.gov.in/1337.html
http://ftmsdemo.rajasthan.gov.in/1337.html
http://governorhouseonline.rajasthan.gov.in/1337.html
http://gpck.rajasthan.gov.in/1337.html
http://gwpcjpr.rajasthan.gov.in/1337.html
http://igprgvs.rajasthan.gov.in/1337.html
http://jalabhiyan.rajasthan.gov.in/1337.html
http://jawaharkalakendra.rajasthan.gov.in/1337.html
http://jrrsanskrituniversity.ac.in/1337.html
http://krishi.rajasthan.gov.in/1337.html
http://lokayukt.rajasthan.gov.in/1337.html
http://mail.rajasthan.gov.in/1337.html
http://hcmripa.gov.in/1337.html
http://minorityaffairs.rajasthan.gov.in/1337.html
http://rajamb.com/1337.html
http://rerc.gov.in/1337.html
http://rajasthankrishi.gov.in/1337.html
http://rajeduboard.rajasthan.gov.in/1337.html
http://rajftms.rajasthan.gov.in/1337.html
http://rajind.rajasthan.gov.in/1337.html
http://rajpanchayat.gov.in/1337.html
http://rajsec.rajasthan.gov.in/1337.html
http://rfconline.org/1337.html
http://rhbonline.com/1337.html
http://ric.rajasthan.gov.in/1337.html
http://sdri.rajasthan.gov.in/1337.html
http://techedu.rajasthan.gov.in/1337.html
http://testrpsc.rajasthan.gov.in/1337.html
http://transport.rajasthan.gov.in/1337.html
http://ttctest.rajasthan.gov.in/1337.html
http://uitbhilwara.rajasthan.gov.in/1337.html
Read more »
Security News
hacker news Information Security IT Security News Privacy Breach Security News

ANZ inadvertently sent Bank Statement of customers to 2 year old kid


Privacy Breach:

The Australia and New Zealand (ANZ) Bank has inadvertently sent the bank statements of customers holding hundreds of dollars to a two year old kid.

The kid Joel Morrison who has his own saving account of about $200 received those statements in the mail after his mom Stacey Morrison requested details of her own spending.

The ANZ requested Stacey to return the statements. However, she first informed the account holders in question and they are all disappointed with the incident.

ANZ Spokesperson told TVNZ that they have launched an investigation to find out how it happened.  He said their "inquiries point to it being a handling error at a printer".

The bank replied to those client who asked what could have happened if the details fallen into wrong hands that it didn't contains any sensitive data that put their accounts at risk.
Read more »
Virtual Currency
Anonymous Bitcoin hacker news Virtual Currency

Highly Unstable Virtual Currency "Bitcoins


Bitcoins are highly Unstable, the Price keeps going up to $1100 and then it crashes back one nite to $700 and again climbs to $1100, then again drops with negative news. Looks like buying has been more of speculative nature.

Is it worth mining:

Depends on what price you get the miners. Most of people who are benefitting are people who are talented to make the miners(and sell hashfast.com, BFL labs(butterfly labs).

The bulls are brilliant as they know what to do with the money they make. They rotate it, sell it on ebay/paypal or buy from one exchange and sell on other exchange which gives them more return. they resort to trading to improve the money.

There is a pump and dump scam going on, which leads them to pump it falsely and then dump.

In long run the above methods removes the trust on bitcoin and eventually the bitcoins will crash. Computer programmers/hackers/technologist should protect the bitcoin and not go greedy about it.

We evaluated some of the mining:

a. cloudhasing.com - Cloud mining for bitcoins. contracts are so costly like 1 Ths cost around $20,000 (for a one month pre-order booking). Now when we computed the amount of money you make at current exchange rate. First month you make good money like $10,000 as the difficulty increases(around 15% every month) the amount of machine you need is close to 20% every month to make the same money.

cloud providers also take management fee, contract payment fee, electricity - Cooling. So eventually you make only 50% of actual BTC which is made. So it actually takes around 5 months to recover your investment with all exchange rate, mining difficulty(maintained at 15% per month). If exchange rate for Bitcoin does not increase regularly then its not worth. After china talked about bitcoin , bitcoin has crashed with not much buyers. If there is negative news from india, US...most of bitcoin exchange rate would fall and there would be no takers.

Cloud mining companies out of greed are retaining the bitcoin (they earn from buy orders) and they will go backrupt eventually. One of the provider takes money 4 months in advance for cloud minning of BTC. by the time the contract comes its not worth.

b. Grouphashing(announced) contracts for mining litecoin. It is not worth. You spend 1Mhs - 1.2BTC for a year contract which is close to $800 in todays rate. Takes you 50 Litecoin in today exchange rate to buy. You may make 0.4 litecoin a day.

c. CEX.io is too costly and not worth the returns.

d. Miners like KNC - 3 Ths are better bet if they deliver on time after 3 months.

Bitcoin is a gambling. if Exchange rate constantly goes up, Mining difficulty increases drastic because every one wants to get into it. If exchange rate for BTC falls, mining difficulty decreases. The net money you make as investor is not really worth after all the pain.

The exchanges in india like BuysellBTC closes half the days. when you want to sell(price is high-they are shutdown) because they dont want to pay you. when its BTC rate is low, they close down because they dont want to sell you at low rate :) . So even if you make profit you wont get in hand.
Read more »
Government websites hacked
Breaking News Defaced Website Dr.SHA6H Government websites hacked

Kerala Government websites hacked by Syrian Hacker 'Dr.SHA6H'

A Syrian Hacker using online handle 'Dr.SHA6H' who is known for his Government websites' hack, now started targeting Indian Government websites. Today, he hacked into a number of Indian Government sites and left them defaced.

The hacker claiming he is a Syrian who does not accept "the Syrian regime's actions of murder, rape and destruction with the support of most of the countries". He wants to save Syria from Hell.

Though it is still in question why he targeted Indian government, he left a message related to Syria in the defacement.

"Today, after looking at what faces ( Syria ) note most of the countries in the world do not want help Syria. There are a lot of countries all over the world enter the irrational intervention in the problems of other countries such as the
United States intervened in the problem ( Osama bin Laden ) Why .. !?" The defacement message reads.


"Now, America and other countries do not interfere in the problem of Syria Is
there an international interest with ( Bashar al-Assad ) .. !? Or economic interest
or is a political interest ( We do not understand ) .. We want answer all the countries of the world, there are children dying, women raped and houses destroyed."


 
The affected Indian sites are belong to the Kerala State Government websites.  The list of hacked websites are INSIGHT(insight.kerala.gov.in), Kerala State Blood Transfusion Council(blood.kerala.gov.in), Thiruvananthapuram Medical College(tmc.kerala.gov.in), Kerala State Planning Board(spb.kerala.gov.in).

The other affected sites are :
  • Right to Education Kerala(rtekerala.gov.in)
  • Thiruvananthapuram(trivandrum.gov.in)
  • Fisheries Network Information System(fishnetkerala.gov.in)
  • Ombudsman For LSGI Kerala (ombudsmanlsgiker.gov.in)
  •  Farm Information Bureau(fibkerala.gov.in)
  • Arogyakeralam National Rural Health Mission Kerala Web Portal (arogyakeralam.gov.in), sevana.gov.in
Read more »
Spywares
hacker news Information Security IT Security News malware Malware Report Spywares

FBI uses Spear Phishing technique to plant malware in Suspect's system


It's not surprising that FBI uses malware to track the activities and location of suspects. A New article published by Washington Post covers the story about FBI using malware for surveillance to track suspect's movements.

FBI team works much like other hackers, targets suspects with the Spear Phishing technique that will attempt to exploit vulnerability in the target's machine and installs malware. The malware then collects information from the infected machine and send it back to FBI's server. The malware is also capable of covertly activating webcams.

In a bank fraud case, Judge Stephen Smith rejected FBI request to install spyware in the suspect's system in April.

Smith pointed out that using such kind of technologies ran the risk of accidentally capturing information of others who are not involved in any kind of illegal activity.

In another case, another judge approved the FBI's request in December 2012. The malware also successfully gathered enough information from the suspect's system and helped in arresting him.

In another case, July 2012, an unknown person who is calling himself "Mo" from unknown location made a series of threats to detonate bombs at various locations. He wanted to release a man who had been arrested for killing 12 people in a movie theater in the Denver suburb of Aurora, Colo.

After investigation, they found out Mo was using Google Voice to make calls to Sheriff , he also used proxy for hiding his real IP.

After further investigation, FBI found out Mo used IP address located in Tehran when he signed up for the email account in 2009. 

In December 2012, judge approved FBI's request that allowed the FBI to send email containing surveillance software to the suspect's email id. However, the malware failed to perform as intended.  But, Mo's computer sent a request for info to FBI's server from two different IP address.  Both suggested that he was still in Tehran.
Read more »
hacker news
Database hacked Database Leaked hacker news

Vegastripping.com hacked, database leaked


A hacker with the twitter handle @zVapor has claimed to have hacked VegasTripping website(Vegastripping.com), a website providing guide for Las Vegas Hotel & Casino.

Speaking to E Hacking News, the hacker told a SQL Injection vulnerability in the Board section allowed him to compromise the database server.  The vulnerability has been fixed at the time of writing.

The hacker leaked all user information compromised from the target server in pastebin(http://pastebin.com/raw.php?i=ujgVuvX1).

The database dump contains usernames, hashed passwords, email address, country and other details.  It includes the credentials of admin account.

The hacker also doxed the admin account and published the personal info(address, phone number) of the admin.

If you ever have signed up for this website and used the same password anywhere else, you are recommended to change it now.
Read more »
Malware Report
Bitcoin Bitcoin malware Citadel hacker news Malware Report

Citadel Malware targets Bitcoin users, takes screenshots of browsers


Virtual currency Bitcoin become the most hot topic in the Internet after its value recently reached unbelievable level.

We recently aware that cyber criminals breached Bitcoin related websites to steal the Bitcoins.  There are also malware that will install Bitcoin Miner in victim's machine(eg: ZeroAccess).

Trusteer’s Security team have come across a new variant of Citadel malware which targets Bitcoin users capable of capturing screenshots of victim's browser whenever they visit Bitcoin related websites.

It also targets other virtual currency related websites such as Yandex money(money-yandex.ru), Webmoney.ru, QIWI.ru, Perfect Money(perfectmoney.com).
Read more »
Hackers Arrested
Anonymous Hackers hacker news Hackers Arrested

Anonymous hacker charged for hacking Singapore PM website


 A 27 year old Singaporean has been charged for hacking into the Singapore Prime minister's website and deface it.

Mohammad Azhar bin Tahir, charged for modifying the contents of PM's website (www.pmo.gov.sg) on Nov 7, causing it to display a message with an Anonymous mask picture.

The hacker also faces nine other unrelated-charges which includes hacking into and changing the Wireless network password belong to a person Nadia Binte Ali Khan.

In fact, the Prime Minister's website is not actually hacked; the hacker just exploited the 'Reflected' XSS vulnerability and managed to display the defacement message.  It is non-persistent that means visitors of the site won't be able to see the defacement, only those who visit crafted-link.

Defacement exploiting Reflected XSS vulnerability

Azhar's 21-year-old brother, Mohammad Asyiq Tahir, also faces 6 charges under Computer Misuse and Cybersecurity Act. One was for hacking Ridhwan's ex-girlfriend's facebook account.

Last month, James Raj Arokiasamy who is said to be the Anonymous hacker with handle "The Messiah", charged for hacking into Ang Mo Kio Town Council website.
Read more »
Zeroaccess
hacker news Information Security News Security News Sirefef Botnet Zeroaccess

One of the largest Botnet "Sirefef" disrupted by Microsoft


Microsoft teamed up with law enforcement agencies and A10 Networks has disrupted one of the world's largest Botnet "ZeroAccess" that defrauded online advertisers.

ZeroAccess also known as Sirefef is a notorious malware which makes money for cyber criminals through Click fraud - Hijacking victim's search results and generating fake clicks on ads. It also installs Bitcoin miners in the infected machines.

Victims usually get infected by the ZeroAccess through drive by download attacks.

The malware has reportedly infected more than two million computers. It costs online advertisers around $2.7 million per month.

David Finn, executive director and associate general counsel of the Microsoft Digital Crimes Unit said the disruption "will stop victims’ computers from being used for fraud and help us identify the computers that need to be cleaned of the infection"

Microsoft said the action will not "fully eliminate the ZeroAccess botnet due to the complexity of the threat". However, it will significantly disrupt the botnet's operation and will bring loss of revenue for the cyber criminals who behind the ZeroAccess.
Read more »
Subscribe to: Comments (Atom)