Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Canadian accused in 2014's Yahoo Hacking Case


A Canadian youth accused by the United States of helping Russian intelligence agents in hacking Yahoo emails in 2014, according to court records.

Karim Baratov is scheduled to appear before the federal court in San Francisco on Tuesday for the plea hearing, and it is expected that he would plead guilty.

Baratov is a 22-year-old Canadian citizen born in Kazakhstan, was arrested in Canada in March at the request of U.S. prosecutors. He was sent to U.S. this summer after he was waived off his right to fight against a  U.S. request for his extradition from Canada.

Baratov is accused of hacking 80 Yahoo accounts and faces 20 years in prison in the U.S. if convicted.

However, both Baratov's lawyer, Andrew Mancilla,  and U.S. Attorney's Office in San Francisco declined to comment.

Read more »

Bitcoin Gold wallet compromised, users may have downloaded malware

It seems that Bitcoin Gold has been dealt more than their share of bad luck recently. The company is still mired in the aftermath of the MyBTGWallet scam, and now they have been hit with another problem that is causing them to issue a critical warning to their customers. Users of Bitcoin Gold (BTG) are facing another cybersecurity issue. The BTG team has earlier revealed that someone has gained access to their Github repository for the project and replaced the compiled Windows file with a different one.

According to a critical warning sent by BTG, the link on the Download page and the file downloads on the Github release page have been serving a suspicious file of unknown origin for approximately four and a half days or approximately 36 hours.

Anyone who downloaded the Bitcoin Gold Wallet for Windows between November 24th, 13:11 UTC and November 25th, 2017, 22:30 UTC is at risk of a malware infection, BTG developers announced on the coin’s official site, BitcoinGold.org.
The file does not trigger antivirus/anti-malware software, however, in an abundance of caution, BTG is presuming that the file is of malicious intent to steal user information and/or cryptocurrency. The developers are still analysing the file.

The BTG warning explains: “Until we know otherwise, all users should presume this file was created with malicious intent – to steal cryptocurrencies and/or user information. The file does not trigger antivirus / anti-malware software, but do not presume the file is safe.”

The team adds that: “If the file was used, the computer on which it was used should be addressed with extreme caution; the file should be deleted, the machine should be thoroughly checked for malware and viruses (or wiped clean), and any cryptocurrencies with wallets accessible on that machine should be moved to new wallet addresses immediately.”

It’s the second BTG-related swindle in the past week — just days ago, a site claiming to generate BTG wallets for users who submitted their private keys instead stole the balances, netting over $3 million USD in various digital assets.
Read more »

ISIS official website filled with Pornographic images

A group of young Iraqi hackers, Daeshgram, have targeted official website of Islamic State by sticking pornographic images on their home page.

Members of Daeshgram said that their motive behind this hack was to spread distrust among Isis supporters about messages sent by the group's leader, according to Newsweek.

"Our intention was to flood the market with fake Amaq content in order to dilute the credibility of Amaq - a so-called news agency," one anonymous member of Daeshgram told  Newsweek.

Daeshgram, whose name is an amalgam of two words: one is Instagram and another one is the Arabic word for Isis, Daesh, aims to disrupt pro-Isis groups on the encrypted instant messaging software Telegram.

"Daesh responded by telling supporters not to trust any of the Amaq links.They even had fights among themselves about the topic and deleted each other from various groups."

Hackers photoshopped a pornographic scene and posted it on an ISIS announcement about the opening of a new media center in Syria. A video gave an impression to the ISIS supporters, whoever listened to the announcement, as the extremists were actually watching a projection of a naked woman.

"We wanted Daesh to know that we are inside their groups to create a level of paranoia and distrust," the hacker told Newsweek. "Many Daesh clicked on it and saw it as fake. The odd thing is that when Daesh marked the content as fake, even more, Daesh clicked on it to understand why a genuine looking link and content is fake."

This is not the first time Isis have been subjected to target, in 2016, WachulaGhost hacked more than 250 social media accounts which were administrated by Isis supporters, all the contents were repleced with pornography and gay pride messages.

Read more »

A $31m raid on Tether Token

The price of Bitcoin hit a record high by around 6% on Tuesday after the $31 million theft of cryptocurrency, Tether token.

Tether is a digital token that is built on top of open blockchain technologies, leveraging the security and transparency that they provide. The worth of Tether Token is equal to the price of national currencies like the US dollar, the Euro, and the Yen.

 The company published a statement, "We discovered that funds were improperly removed from the Tether treasury wallet through malicious action by an external attacker. Tether integrators must take immediate action, as discussed below, to prevent further ecosystem disruption."

The Hong Kong-based company said that they had taken necessary action to prevent the thieves from entering the broader ecosystem and redeem any of the stolen tokens. The firm has requested all its users to install an update.

Tether has suspended its wallet services as the investigation is still going on. It added "The attacker is holding funds in the following address: 16tg2RJuEPtZooy18Wxn2me2RhUdC94N7r. If you receive any USDT tokens from the above address, or from any downstream address that receives these tokens, do not accept them, as they have been flagged and will not be redeemable by Tether for USD."

The news website Coindesk has reported that after an announcement of the hack several crypto-currency exchanges had taken steps to freeze trade in Tether.


Read more »

Information Commissioner warns parents against ‘smart’ Christmas presents

Net-connected toys and gadgets bought as Christmas gifts could put the privacy and safety of children at risk, warns the UK's data regulator.

With a rise in the number of ‘smart’ toys and devices gracing the wish list this year, parents should consider the safety of them being connected directly to the internet before giving them as gifts.

The Information Commissioners’ Office has urged parents to turn off the cameras and automatic tracking devices, including Bluetooth setting in their children’s Christmas presents because of the risk of hacking. Deputy Commissioner Steve Wood advised adults to destroy some sorts of children's smartwatches too and set strong passwords on toys destined for children’s stockings.
Many toys have poor security, easy to guess passwords and cannot be updated to fix bugs, said Wood. Cameras and sensors leave children at risk of being targeted, he warned. Some are so poorly protected that they could be used by hackers as a route into a home network, he said.

He urged parents to take care when buying the smart devices.

In a blog on the regulator's website Wood wrote: “You wouldn’t knowingly give a child a dangerous toy, so why risk buying them something that could be easily hacked into by strangers? In the same way that safety standards are a primary consideration for shoppers buying toys, we want those buying connected items in the coming weeks to take a pause and think about both the child’s online safety, and also the potential threat to their own personal data such as bank details, if a toy, device or a supporting app is hacked into.”

The warning comes amid growing concerns about the ability of criminals to hack into toys containing sensors, microphones, cameras, data storage and other multi-media capabilities.

A recent investigation found ‘worrying security failures’ with the I-Que Intelligent Robot, Furby Connect, Toy-fi Teddy, and CloudPets cuddly toy.
Read more »

Game of Thrones hack: US prosecutors charged Iranian Hacker

US prosecutors have charged an Iran-based hacker with hacking into HBO's computer system,  leaking unaired episodes of Game of Thrones scripts and demanding $6million  (£4.5m)  in Bitcoins as ransom.

According to an indictment filed on Tuesday in U.S District Court in Manhattan accused Behzad Mesri of computer fraud, wire fraud, extortion and identity theft.

Mesri is a member of  Turk Black Hat Security hacking team, who defaced hundreds of websites in the United States and other countries. He has also worked on behalf of the Iranian military to attacks against Israel's military systems, nuclear software systems, and infrastructure.

Acting U.S. Attorney Joon Kim said, "He will never be able to travel outside of Iran without fear of being arrested and brought here to face these charges," Kim said. "The memory of American law enforcement is very long."

During May, Mesri had launched a campaign to gain an unauthorized access to HBO's servers through employee user accounts. He succeeded, even though the firm has a  sophisticated defense system.

"Over the next couple of months, he successfully compromised multiple user accounts in order to obtain access to the media giant's servers," court documents say.

"Through the course of the intrusions into HBO's systems, Mr. Mesri was responsible for stealing confidential and proprietary data including... scripts and plot summaries for unaired programming, including but not limited to episodes of Game of Thrones."

It is alleged that he had stolen about 1.5TB of data and was started a campaign for ransom amount. He sent hundreds of email to HBO employees that read: "Hi to All losers" Yes it's true! HBO is hacked!"

However, it is still unclear whether any ransom money was paid or not.

Mr. Mesri has not yet commented on the charges.




Read more »

Iranian national charged in Game of Thrones hack

US prosecutors have charged an Iranian national with hacking into cable TV network HBO’s servers and stealing episodes and plot summaries for unaired programs of hit shows including “Game of Thrones” and threatening to release the data unless he was paid $6 million, Joon H Kim, acting US attorney, southern district of New York, announced on Tuesday.

Behzad Mesri (29), also known as “Skote Vahshat,” was charged with the hack in a sealed indictment that was released on Tuesday by the US Attorney’s office in Manhattan. It says he stole unaired episodes from shows including Curb Your Enthusiasm and The Deuce, story plot summaries and scripts for Game of Thrones and confidential cast and crew contact lists. The indictment described Mesri as a “self-professed expert” in hacking who had worked on behalf of Iran‘s military to attack military systems, nuclear software systems and Israeli infrastructure.

Mesri earlier this year infiltrated computer accounts of HBO employees authorized to remotely access the network’s servers, the indictment says. In July, he emailed HBO executives in New York providing evidence of the hack and demanding $5.5 million in digital currency, a figure later raised to $6 million, it says. Included was an image of Game of Thrones Night King character, leader of an army of zombies, with the words, “Winter is coming. HBO is falling. Good luck HBO.”
It also alleged that he helped an Iranian hacking group, Turk Black Hat Security Team, deface hundreds of websites in the United States and other countries.

Now Kim told reporters, “Winter is coming for Behzad Mesri.” Hackers may think they’re safe behind a screen name, but even for them, winter will come, Kim said.

A spokesman with the Attorney’s office said Mesri has not been arrested.

Mesri is in Iran but if he leaves he could be arrested.
Read more »

Digital Space does not become a playground for the Miscreants: Modi



Prime Minister Narendra Modi inaugurated the fifth Global Conference on Cyber Space (GCCS) in New Delhi on Thursday. He reiterated several of his Government's technology-driven programme.

"We all know how cyberspace has transformed the world in the last two decades. The seniors would recall the bulky mainframe computers of the seventies. E-mails and Personal Computers brought a new revolution in the nineties. Change continues perhaps in a faster phase now.Cyberspace has transformed the world in the last few decades. Expressions like IOT and AI have now become common," Modi said.

The two-day GCCS is the world's largest conference on cyberspace and is being attended by delegates from nearly 120 countries. The theme of this conference is 'Cyber4All: A Secure and Inclusive Cyberspace for Sustainable Development.'

Mr. Modi spoke about an emergence of technology in India, which paid a vital role in developing the country, and is able to compete with developed countries. He also recounted many of his initiatives like Jan Dhan Yojana, Aadhaar-based services, and mobile connectivity or M-Power which are part of the Digital India programme.

"Digital technology has led to efficient service delivery, governance, improving access from education to health. The government is committed to empowerment through digital access. Digital India is the world's largest technology-led programme. The JAM [Jan Dhan accounts, Aadhaar, Mobile-enabled services] trinity has greatly helped reduce corruption and increase transparency. India has saved $10 billion in subsidies by removing middlemen."

Prime Minister launched a mobile app called UMANG, which will provide over a hundred citizen-centric services, today during the conference. This app will help the citizens in availing services from different departments of the Union and as well as State Governments.

He also emphasized on the security of the cyberspace, "Nations must also take the responsibility to ensure that the digital space does not become a playground for the dark forces of terrorism and radicalization. Information sharing and coordination among security agencies are essential to counter the ever-changing threat landscape.

"We can walk the fine balance between privacy and openness on one hand, and national security on the other. Together, we can overcome the differences between global and open systems on one hand, and nation-specific legal requirements on the other."
Read more »

Car hacking is a national security issue, warns expert

Modern cars are an “open door” to hackers from hostile states or terrorists wanting to use them as a weapon, a leading cybersecurity expert has warned.

Car hacking should be considered a national security issue in the current geopolitical climate, as hackers can "kill millions" of people using hijacked cars, said Justin Cappos, a computer scientist at New York University, was quoted as saying to thetimes.co.uk on Monday.

"Many of our enemies are nuclear powers but any nation with the ability to launch a cyber-strike could kill millions of civilians by hacking cars. It's daunting," Cappos said.
Deaths are inevitable within five years if car manufacturers do not rush to solve cybersecurity issues and fix vulnerabilities in technology, said Cappos. According to him, it is currently possible to hack into the computer system of any car built since 2005 and many up to 17 years old are also vulnerable, and hackers could already be causing accidents without the authorities knowing.

“Any car built since 2005 could be controlled remotely by hackers with some cars built as long ago as the year 2000 also at risk. Hackers could already be causing accidents without the authorities realising it because no one was looking for the evidence,” Cappos said. “If there was a war or escalation with a country with strong cyber capability, I would be very afraid of hacking of vehicles.”

Once a vehicle's internal computer network is hacked, the hackers would be able to tamper with key functions, including the braking system, power steering and locking mechanisms.

“Once in, hackers can send messages to the brakes and shut off the power steering and lock people in the car and do other things that you wouldn’t want to happen,” he said.

Ministers have been urged to make laws forcing manufacturers to issue software updates.
Read more »

Uber Paid $100,000 to Hackers to Mask a Data Breach Affecting 57 million users


Uber camouflaged a data breach for more than a year which affected 57 million customers and drivers from Uber Technologies Inc.

According to Bloomberg, the company's former chief executive Travis Kalanick knew about the breach over a year ago. This week, the firm ousted Kalanick and one of his loyal for keeping the hack under wraps and paying a $100,000  to the hackers.

"I recently learned that in late 2016 we became aware that two individuals outside the company had inappropriately accessed user data stored on a third-party cloud-based service that we use," wrote Uber’s current CEO, Dara Khosrowshahi. "You may be asking why we are just talking about this now, a year later. I had the same question, so I immediately asked for a thorough investigation of what happened and how we handled it."

Khosrowshahi said that the data hackers were able to download files containing a significant amount of information, and compromised data includes names, e-mail addresses, mobile phone numbers of 57 million customers,  and driver’s license numbers of around 600,000 drivers, whereas credit card numbers, bank account details, and Social Security numbers hadn’t been breached.

In a press release, the firm wrote "At the time of the incident, we took immediate steps to secure the data and shut down further unauthorized access by the individuals. We subsequently identified the individuals and obtained assurances that the downloaded data had been destroyed. We also implemented security measures to restrict access to and strengthen controls on our cloud-based storage accounts."

However, Uber did not reveal the details of the hack,  which countries were affected by this hack. 
Read more »
Hacking News
Defaced Website E Hacking News Hacking News

Hackers deface the website of the Ministry of Justice of Uzbekistan


On November 20, websites of some organizations including government websites were affected by a cyber attack.

A hacker from Bangladesh goes by an online handle "Skidie KhaN", a member of the hacking group called " Cyber Command0s(#Team_CC)" modified the main page of the websites of the Ministry of Justice. According to the local report, the defacement message said that the website was hacked by the hacker "Skidie KhaN".

In addition,the websites of the Ministry of Internal Affairs, the Ministry of Defense, Attorney General's office and the Ministry of the Economy were also under the cyber attack.

The Information Security Center of Uzbekistan declined to comment on the situation.

The consequences of cyber attacks on the websites of several government agencies of Uzbekistan is said to be eliminated. The government is currently working on finding the causes and method to thwart future cyber attacks.

In September, the attacker hacked into many Government websites of Myanmar.

- Christina

 
Read more »
Subscribe to: Comments (Atom)