Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Pakistan Haxors CREW
Defaced Website defacement Hacking News Pakistan Hacker Pakistan Haxors CREW

Two more Indian Government websites hacked by Pakistani Hackers


In last few days, several Pakistani hacker groups have defaced plenty of Indian government websites.  Pakistan Haxors CREW is one of the group targeting the Indian websites.

The group today hacked into two Indian government websites: West Bengal State Coastal Zone Management Authority and Damodar Valley Corporation .

At the time of writing, 'wbsczma.gov.in' still showing the defacement while the 'portal.dvc.gov.in' went offline.  The group also claimed to have dumped the database. 

Today, another group named as "Team MaXiMiZerS" have defaced two India's Kerala state government websites along with hundreds of other websites.

Last night, Voice Of Black Hat Hackers group from Pakistan hacked two India's Rajasthan state government websites.
Read more »
Team MaXiMiZerS
Defaced Website Hackers News Pakistan Hackers Team MaXiMiZerS

Pakistani hacker group 'Team MaXiMiZerS' hacks India's Kerala state Government websites

Hundreds of Indian websites including two Kerala state Government websites have been breached by a Pakisani hacker group identifying itself as "'Team MaXiMiZerS"

The affected websites are Cooperative Institute of Management and Technology (cimat.kerala.gov.in) and Kerala Cultural Welfare Development(cwb.kerala.gov.in), Kerala's Kannur University (kannuruniversity.ac.in). 

Other affected sites have been listed here: http://pastebin.com/p0zPbQDC

The defaced websites displayed the message  "What we Ask From India All the time is the only Kashmir , Most of the times we dnt act like that but this is the only way left . Why indian army is killing innocent's in kashmir ?  We Just Ask you these simple Question's and the indian gov got no answer's..... why ?"

"This is the only way left to protest for us. For what you are scared of ? India will loose the beauty of kashmir ? how many muslim brother's being killed on daily basis did u ever thought ? a 16 year's girl raped and killed a boy shot in the head for what ? because they are protesters ?All we ask is just the Answer of these Questions Nothing Personal ...you will pay for these sins one day"
Read more »
Voice Of Black Hat Hackers
Defaced Website Hacking News Voice Of Black Hat Hackers

Two Rajasthan Government websites hacked by Voice Of Black Hat Hackers

Pakistani hackers keep targeting Indian Government websites and breached several servers.

Today, a hacker named "ArYaNZ KhaN " from a pakistan hacker group called as "Voice Of Black Hat Hackers" hacked into the two India's Rajasthan government websites.

One of the website is appeared to be a testing website(webmis.rajasthan.gov.in/ArYaNZ.html).  The other one belong to the "Information and Public Relations Department of Rajasthan(dipr.rajasthan.gov.in/ArYaNZ.html).

"HEY INDIA!; Think again! Salute oh martyr from the land of Kashmir, your last wish to recite verses of holy Quran was not fulfilled. But the dream you lived with, will surely be fulfilled. India will taste defeat. " the defacement message reads.

"India celebrates this day while not realising what is coming for it now, this wont end the Intifada from Kashmir, you will see more and intesne reveolution." Hacker said in the defacement.
Read more »
The RedHack
Data Breach Database Leaked hacker news The RedHack

RedHack claimed to have hacked ISP TTNET, Vodafone and Turkcell


The Turkish hacktivist collective RedHack claims to have breached systems of Turkish ISP TTNet(www.ttnet.com.tr), vodafone and leading Turkish mobile operator TurckCell(turkcell.com.tr).

"Customer data of ISP TTNET, mobile operator Vodafone and Turkcell infiltrated and vast amount of data collected from the systems. +"  Hackers announced the hack earlier today.

Hackers claimed to have compromised millions of records from the servers.

"If we are able to reach these info on their systems with our limited resources imagine what can foreign intelligence agency do. These companies have 90% of the population's data on their systems and they can't protect them." Hackers said.

The have dumped(http://justpaste.it/eaml) some of data compromised from TTNet.  The dump only contains the membership details of Ministries, National Intelligence Agency(MIT),and Security Directorate.  Hackers didn't publish the data belong to general public, "as a matter of principle".

The leak contains information such as names, phone numbers, addresses, email IDs and other information.

Hackers said the reason for these breaches is to prove the fact that no one and no system is 100% secure.

"In the coming days we'll continue with those exploiting the country. No public information will be shared. Our people can be at ease." The group said that they will continue the operation.
Read more »
Pakistan Haxors CREW
Cyber War hacker news HaXor Hasnain Pakistan Hackers Pakistan Haxors CREW

Indian Public Health Engineering Department website hacked by Pakistan Hackers


West Bengal Branch of Indian Public Health Engineering Department website(www.wbphed.gov.in) has been breached by a hacker from Pakistan.

A hacker with handle H4$N4!N H4XOR from Pakistan Haxors CREW has has uploaded a defacement page in the "Uploads" directory of the site (http://www.wbphed.gov.in/applications/GO/uploads/index.html).

When we asked about the vulnerability responsible for the breach, the hacker said that the website is vulnerable to SQL Injection vulnerability.

"Security Breach!Free Kashmir. Free Syria. Stop Spying On US. Stop Killing Muslims. We Have All Your Data. Don't Try To Catch Us" The defacement message reads.

The hackers said the defacement is revenge for hacking Pakistan websites.  He also claimed to have compromised the database from the server.

In the last two days, the group hacked into Indian Railways website and Official website of Assam Rifles.
Read more »
IT Security News
Breaking News Data Breach Database breached Hackers News IT Security News

Orange.fr hacked, details of 800,000 customers stolen

Unknown Hackers have breached the website of Telecoms giant Orange and have compromised details of 800k customers from the www.orange.fr.

According to PCINpact, My accounts page of website has been targeted by hackers on January 16.  Hacker have gained access to personal data including names, email IDs, phone numbers, mail addresses and other details.

Orange states claims only personal information have been accessed by hackers, passwords have not been compromised in the Data Breach.  Customers' bank account numbers are stored in separate server which is not impacted by this breach.

Few hours after became aware of the intrusion, the ISP immediately closed the "My Accounts" page to prevent further attack.  The security hole responsible for the breach is said to have been closed.

The company said only 3% of its customers impacted by the breach.  In an email sent to affected customers,  the company warned them that the stolen data can be used by cyber criminals to launch phishing attacks.

The company has filed a complaint about the breach and working with Police.
Read more »
SQL Injection
Data Breach Database Leaked Hacking News NullCrew SQL Injection

Bell Canada website hacked with POST-based SQL Injection vulnerability

Few days back, Nullcrew hackers hacked into Bell Canada website and leaked thousands of customer data.

Bell Canada confirmed Sunday that usernames and passwords of 22,421 and five valid credit card numbers have been leaked by hackers.  However, the organization points finger at Third-party saying the leak "results from illegal hacking of an Ottawa-based third-party supplier's information technology system".

Bell claims its own network wasn't affected by this breach.  Bell has disabled all passwords and notifying all affected users.  They are currently working with law enforcement and government security officials to investigate the matter.

"Quite a laughable claim, Bell actually knows of the breach, they knew the vulnerable section of the website for two weeks."In a response to the Bell's claim, hackers said in their twitter account.

The screenshot provided to DataBreaches shows that the hackers had a chat with Bell Support team.

Nullcrew chatting with Bell support team

Hackers said a POST based SQL Injection vulnerability resides in the password recovery page of Bell's sub-domain( https://protectionmanagement.bell.ca/passwordrecovery_1.asp)

Post-based SQL Injection in Bell Canada
Read more »
Moroccan Islamic Union-Mail
Defaced Website Hacking News Moroccan Hackers Moroccan Islamic Union-Mail

Moroccan Islamic Union-Mail hacks 5 Italian Government websites

Moroccan hackers going with the team handle "Moroccan Islamic Union-Mail" have hacked and defaced Several Of Italian Government Websites again.

Home page of the hacked websites have been modified with hackers' message and a youtube video. 

"We do not want muscle-flexing. Just want to get our message across the world to discover the truth."The message left by the team reads. " Yes, the fact that should be explored invite you to show filter this video to discover the truth for yourself.  #THE TRUTH WILL PREVAIL"

In addition to the above statement the defaced website was also playing a
Youtube video, depicting The stark reality about the Prophet Muhammad in the
Bible.

Link of targeted website along with its mirror can be found below:

http://www.smsagenovesi.gov.it/
http://www.add-attack.com/defaced/468738/smsagenovesi.gov.it/

http://www.superdue.gov.it/
http://dark-h.org/deface/id/8018

http://www.matteodellacorte.gov.it/
http://www.add-attack.com/defaced/468745/matteodellacorte.gov.it/

http://www.terzonocera.gov.it/
http://www.add-attack.com/defaced/468744/terzonocera.gov.it/

http://www.liceoclassicogbvico.gov.it/
http://www.add-attack.com/defaced/468747/liceoclassicogbvico.gov.it/

Hackers modified the content of home page 10 hours ago.  But, all of those affected sites are still showing the defacement.

The group has hacked several other Government websites in the past including South African, Colombia.
Read more »
Syrian Electronic Army
Ebay and Paypal hacked Featured Hacking News Syrian Electronic Army

Ebay and Paypal UK domains hacked by Syrian Electronic Army

Paypal is the latest Organization to be victim of Syrian Electronic Army(SEA).  Today, the group has hacked into the MakrMonitor account managing the Ebay and Paypal domains.

Exclusive :MarkMonitor account of Ebay

SEA managed to modify the DNS records of ebay.co.uk and paypal.co.uk and left them defaced.

"For denying Syrian citizens the ability to purchase online products, Paypal was hacked by SEA" The group said in a tweet.

The group said it is purely a hacktivist operation and no user accounts or data affected by this breach.

"If your Paypal account is down for a few minutes, think about Syrians who were denied online payments for more than 3 years. #SEA"

Syrian Electronic Army is best known for its Spear Phishing attacks where employees of organization are targeted with malicious emails. It appears the group used the same attack to compromise the Mark Monitor account of Ebay.

Exclusive: Ebay defaced
The group also hacked the email account Paul Whitted, Sr. Manager, Site Engineering Center at eBay and posted screenshot of the internal communications.


Update:

"We’re aware our UK & France marketing pages were redirected briefly for a few users. Situation is resolved; NO customer info was compromised"Paypal has acknowledged the breach on its official twitter account.
Read more »
NullCrew
Data Breach Database Leaked Hacking News NullCrew

Nullcrew hackers claims to have hacked Bell Canada

The Nullcrew Team is back! After several months, the group returned with a new database leak.  They claimed to have hacked into the Bell Canada website(www.bell.ca) and compromised the database server.

Just few hours before, the group published a link to leak(http://nullcrew.org/bell.txt).  The leak contains thousands of usernames,email addresses and plain-text passwords and even some credit card data.

"Go f****g figure, people who are suppose to provide secure connection to the internet?.. They can't secure themselves, and with that said?" Hackers wrote next to the leak.

"Successful day hacking internet service providers is successful. #NullCrew" Tweet posted by hackers on Jan 14 reads.

It appears the group also had a talk with Bell support team.

"We'd like to give a shout-out to the beautiful people over at twitter.com/Bell_Support.  First of all, asking a hacker their providence made all of us lolololol!" The group said.
Read more »
Malware Report
Android Malware Malware Report

Android malware delivered via windows, when debugging-mode enabled

Be careful if you are connecting your android device to others computers! 
A New windows-based malware installs malicious application in debugging-mode enabled android devices.

Usually, malware applications get installed in your device, only if you have changed the default security settings to allow apps from third-party app stores.  But, Malware analysts at Sophos say a malware still can reach your device, even if you have not enabled so-called "off-market" apps.

When you have enabled USB debugging mode,  you can install apps directly from your windows machine.  A new windows-based malware appears to be taking advantage of this facility.

The malware first register itself as a system service and downloads a configuration file "iconfig.txt".  The iconfig.txt file contains the list of exe files to be downloaded in the infected machine.

"Samsung.exe, LG.exe, AdbWinApi.dll, AdbWinUsbApi.dll, aadpt.exe, adb.exe, AV-cdk.apk, ok.bat" are the files downloaded by the malware.

The "ok.bat" is a batch file that runs "C:\Users\Yourname> adb install AV-cdk.apk" in your command prompt, results in the malicious apk file getting installed in your android device.

The name of apk file sounds like it is pretending to be an Antivirus, but once installed, the app disguise itself as "Google Play store".

Researchers suggest to turn it off the Android Debugging option, when you don't need it.
Read more »
Subscribe to: Comments (Atom)