AOL Mail Service Hacked
April 24, 2014 –AOL officials have confirmed that their mail service has been hacked. Thousands of users have been complaining about their accounts being used to send spam emails to their contacts. AOL released a statement saying, “AOL takes the safety and security of consumers very seriously, and we are actively addressing consumer complaints. We are working to resolve the issue of account spoofing to keep users and their respective accounts running smoothly and securely.” There has been no indication of who is behind the hack.
FBI Says Healthcare Cybersecurity Lagging
April 24, 2014 –The FBI has issued an alert to the healthcare industry saying, “according to open source reporting from SANS, Ponemon and RSA, the healthcare industry is not technically prepared to combat against cyber criminals' basic cyber intrusion tactics, techniques and procedures, much less against more advanced persistent threats.” The alert was not issued due to any imminent threats, but as a service to the industry as more organizations shift to electronic healthcare systems and medical devices that are connected to the Internet. A spokeswoman for the FBI said, “We're trying to educate people in the sector who are not aware.” The alert points out that the healthcare industry is not as resilient to cyber intrusions compared to the financial and retail industries.
Cyber Attacks From Iran Increasing
April 24, 2014 –A new report shows that in the past year there has been an increase in cyber attacks originating in the Middle East and Iran specifically. Up until now Iran has been thought of as a second-tier cyber threat behind countries like China and Russia. The report speculates that the increase in attacks from Iran is due to an interest in breaching critical infrastructure targets. After analyzing these new attacks, the report concludes that Iran still lacks the tools and skills necessary to be considered a “full-scope cyber actor.” Traditionally Iranian-based attackers rely on publicly available tools to exploit known vulnerabilities, which would put a limit on how much damage they can actually do. However, the researchers warn that Iran is expanding their capabilities and technical proficiency making them a more persistent threat.
New Russian Bill Could Ban Facebook, Gmail, Skype
April 24, 2014 –Russia's parliament has passed a new bill, as part of it's anti-terrorism laws, that would ban technology services that do not store Russian data within the country. The bill requires companies, such as Facebook, Gmail and Skype, to relocate Russian customer data within Russian territory, so that it can be legally acquired and inspected by the Russian government. If domestic or foreign email, social networking and instant messaging providers do not provide access to six months' worth of data, they can be banned from operating in Russia. To be compliant with this new law, foreign companies would need to install servers and data centers in Russia. The law has not yet been ratified by President Vladimir Putin.
HP And Amazon Cloud Service Vulnerabilities Discovered
April 23, 2014 –Researchers have discovered that HP and Amazon Cloud Services are vulnerable to hacker attacks, due to their running unpatched versions of Windows Server 2003. The researchers were able to exploit old security vulnerabilities on the servers because updates were never applied. It was discovered that the last patches applied to HP's Public Cloud were done in July 2013. Experts believe that the cloud service providers have disabled the autoupdate feature on their servers resulting in these issues. Other cloud service providers have the same problems, including GoGrid which hasn't updated their server installations since April 2012.
30,000 Iowa State University Students Have SSNs Exposed In Hack
April 23, 2014 –Iowa State University has said that five servers were breached in a recent hacking attack. The servers contained the social security numbers of approximately 30,000 students. According to the school no financial information was exposed, and there is no evidence that the social security numbers were actually stolen. Jonathan Wickert, Iowa State's Senior Vice President and Provost said, “We don't believe our students' personal information was a target in this incident, but it was exposed. Iowa State has always taken information security very seriously, and we will continue to take every possible action to safeguard the personal information of those who learn and work here.” The university is currently working with law enforcement to investigate the incident.
Indian Political Party Blocks Pakistani Access
April 23, 2014 –Following several recent Pakistani hacker attacks against India's Bharatiya Janata Party (BJP) website, the political party's site can no longer be accessed from Pakistan. When attempting to reach the BJP site from Pakistan, users receive a message saying, “The owner of this website has banned your IP address on the country or region you are accessing it from.” The head of BJP's IT department said that the blocking is an automatic response by their self-defense mechanisms due to the number of hacking attacks originating in Pakistan. The website for the BJP's candidate for Prime Minister is also blocked from Pakistan.
Two Members Of Anonymous Cambodia Arrested
April 23, 2014 –Two 21 year-old Cambodian men, believed to be members of Anonymous Cambodia, have been arrested and charged with computer hacking. The men, known as the hackers Black Cyber and Zoro, face up to two years in prison. The director of Cambodia's Ministry of Interior's internal security department said, “These are the first members of the Anonymous hacker group who have been arrested by the [Cambodian] police, and we found no [evidence] of any [planned] terrorist attack.” The men are currently in prison awaiting trial. Additional people are currently being investigated for alleged connections to cyber attacks against the Cambodian government, but no further arrests have been made at this time.
AnonGhost Reveals Critical Facebook Flaw That Leads To DNS Hijack
April 22, 2014 –The hacker known as Mauritania Attacker, a known member of the AnonGhost hacking group, has revealed that there is a critical Facebook security flaw which allows any hacker to perform a DNS hijack attack. A DNS hijack will result in Facebook users being navigated to any server the hacker chooses. Mauritania Attacker has published a package containing full instructions on how to perform this attack. The hacker was able to show four sample attacks that would result in Facebook's DNS being hijacked.
iBanking Malware Targeting Android Users
April 22, 2014 –A new mobile malware known as iBanking has been discovered. The malware is able to steal SMS messages and redirect incoming phone calls. The attack actually begins with a Trojan called Win32/Qadars, which attempts to have victims download iBanking. The iBanking mobile application is used to bypass mobile two-factor authentication methods. This method is called mobile transaction authorization number, and is used by several financial institutions as well as Gmail, Twitter and Facebook.
Anonymous Announces OpMcDonalds
April 22, 2014 –Members of the Anonymous collective have released a video announcing the planning of a new operation targeting McDonalds. They accuse McDonalds of abusing their employees and stealing wages. In the video, the hacktivists say, “The corporation's flagrant disregard for the millions of people slaving away each day to create its profits is truly staggering. But that millions more of us continue to hand over our cash to such an unethical company, for food barely worthy of the description, that is even worse.” No specific details about the operation have been released at this time.
Indian Party Leader's Site Defaced By Pakistani Hacker
April 22, 2014 –The Pakistani hacker known as Muhammad Bilal breached and defaced the website of the Indian BJP party leader L.K. Advani. The defacement message called for an end to “militarized governance in Kashmir.” There has been no statement from Advani or the BJP party.
GAO Not Satisfied With SEC Information Security
April 21, 2014 –The Government Accountability Office (GAO) has issued a report saying that the Security and Exchange Commission (SEC) needs to improve its information security controls. The report specifically addresses issues with access controls, patch management, contingency and disaster recovery planning and segregation of duties. The report reads, “The information security weaknesses existed, in part, because SEC did not effectively oversee and manage the implementation of information security controls during the migration of a key financial system to a new location.” The SEC's CIO, Thomas Bayer said, “In 2014, the SEC will continue to optimize our controls and further improve the security of our systems that support financial processes and our overall risk management process.”
NullCrew Hacks University Of Virginia
April 21, 2014 –Members of the NullCrew hacking group are claiming to have breached and stolen data from the systems of the University of Virginia. The hackers say that this hack is part of the F**kTheSystem operation. NullCrew issued a statement saying, “F**kTheSystem is generally aimed at the government, or anything that is corrupt . . . ranging from government contractors, to universities, to telecommunications companies and other things. . . They are all part of the system.” The hackers said they were targeting other entities including Spokeo, Telco Systems and BATM, Klas Telecom, the State of Indiana, National Credit Union, ArmA2, International Civil Aviation Organization and the Science and Technology Center of Ukraine.
Over 500,000 Mobile Banking Users Infected With Malware
April 21, 2014 –Researchers have discovered a new malicious mobile phone app called mToken that has infected over 500,000 online banking users. Most of the infected users are located in the Gulf region. The cybercriminals have created fake phone apps that look identical to the official apps of well-known Middle East banks. They then use the malicious apps to infect the device and steal personal and banking information.
Bangalore, India City Police Site Breached
April 21, 2014 –The Pakistani hacker known as H4x0r10ux m1nd is claiming to have hacked and defaced the Bangalore, India City Police website. The hacker left a message on the site criticizing the Indian government for killing innocent people in the Kashmir region. The message reads, “Govt. of India its time to repay for what you have done to our Kashmiri Brothers! You killed them just because they support and want to be a part of Pakistan.” At the time of this writing the site was restored and operating normally.
Vulnerabilities Found In SATCOM Systems
April 18, 2014 –Satellite communications (SATCOM) systems have become a target for cyber attacks due to their critical role in military and government operations. Researchers have uncovered several critical vulnerabilities including hardcoded credentials, undocumented and insecure protocols and backdoors in widely deployed SATCOM terminals. If an attacker exploits these vulnerabilities they could intercept, manipulate or block communications. Attackers could also remotely take control of the physical devices used in satellite communications.
Redhack Breaches Turkish Investment Bank
April 18, 2014 –Members of the RedHack hacking group are claiming to have hacked the systems of Aktif Bank, a Turkish investment bank. The attack is a response to the bank's new e-ticketing system for soccer fans. The new system requires ticket purchasers to provide personal information, and then will keep track of where each person is seated. According to the government, the system is designed to help reduce violence at games, but the hackers believe its a way to keep track of anti-government protestors. RedHack has also started a distributed denial-of-service attack against the bank's website.
LocalBitcoins Confirms Security Breach
April 18, 2014 –LocalBitcoins, a decentralized Bitcoin exchange located in Finland, has confirmed that they have suffered a security breach. The breach was first discovered by several users who reported missing funds from their accounts. LocalBitcoins issued a statement saying, “Most likely explanation to these attacks have been stolen user credentials through phishing or malware.” The company has over 110,000 users, which makes it the largest decentralized market in the world.
Hacker Taking Credit For Inappropriate US Airways Tweet
April 18, 2014 –Earlier this week an inappropriate tweet was sent from US Airways Twitter account. US Airways has since issued an apology and said one of their employees posted it accidentally. However, a hacker known as breakfast_ is claiming responsibility for hacking the US Airways account and sending the offensive image. The hacker said, “A friend of mine sent me the picture . . . and I told him 'I'm going to work my a** off to hack airlines this week.' Originally, I wanted to tweet it out form the Malaysian Airlines account but I thought better of it and US Airways was the first account I got a hold of.” breakfast_ hacks corporate accounts because he believes the US is becoming an oligarchy, and he feels the country is being controlled by the wealthy. He went on to say, “I'm working actively right now to hack some hardcore republicans. The usual suspects who are talking on Fox News.”
SQL Injection Attacks Hit 65% Of US Organizations
April 17, 2014 –The Ponemon Institute has issued a new study that 65% of US organizations have experienced an SQL Injection attack in the last 12 months. The study included 595 US security practitioners, who also reported that it took an average of 140 days to discover a breach and an additional 68 days to remediate. Only 34% of respondents agreed or strongly agreed that their organization had the technology or tools to detect SQL injection attacks. Fifty-two percent said that they do not test or validate any third party software to ensure it's not vulnerable to SQL Injection attacks. Dr. Larry Ponemon, the founder of the Ponemon Institute, said, “Organizations believe they struggle with SQL Injection vulnerabilities, and almost half of the respondents said the SQL Injection threat facing their organization is very significant.”
Canadian Teen Arrested For Using Heartbleed To Compromise Tax Payer Info
April 17, 2014 –A 19-year-old Canadian man, Stephen Arthuro Solis-Reyes, was arrested by the Royal Canadian Mounted Police (RCMP) for stealing the personal information of 900 Canadian tax payers. The man leveraged the Heartbleed bug to gain access the data. The RCMP released a statement saying, “It is believed that Solis-Reyes was able to extract private information held by the CRA by exploiting the security vulnerability known as the Heartbleed bug.” Solis-Reyes is charged with with mischief and unauthorized use of a computer to steal data from the Canada Revenue Agency's website.
Nigerian Cyber Army Breach And Deface Nigerian Army Site
April 17, 2014 –Members of the Nigerian Cyber Army (NCA) hacking group breached and defaced the Nigerian Army's website. The defacement messages warned the Army that the NCA has returned and they plan on targeting more government sites. The Nigerian Army was able to quickly regain control of the site and delete the defacement messages.
Romanian Arrested For Attempted Hack Of President's Site And Stealing Credit Card Data
April 17, 2014 –Romania's Directorate for Investigating Organized Crime and Terrorism (DIICOT) have arrested a 37-year-old man who they believe attempted to hack into Romania's presidency website. He is also accused of stealing details of over 62,000 credit cards. Authorities say that the man attempted to breach the president's website to access restricted information. Representatives of the Special Telecommunications Service, the organization that administrates the website, have said that the site has never been breached.
LaCie Hacked, Customer Information Leaked
April 16, 2014 –The website of LaCie, the digital storage manufacturer, has been hacked. According to the company they were breached by a piece of malware that stole website transaction information. The compromised information includes user names, passwords, names, addresses, email addresses, credit card numbers and card expiration dates. LaCie has contracted a forensic investigation firm to analyze the breach.
Bulgarian Cryptocurrency Exchange Hit With DDoS
April 16, 2014 –Bulgarian cryptocurrency exchange, BTC-e suffered a distributed denial-of-service attack. According to BTC-e the attack happened periodically, but there was nothing significant about it. In a statement the company said, “We don't consider it as an important problem, as there is a workaround to fix it quickly.” The company said this was a minor outage and there was no security breach. At the time of this writing the exchange was up and operating normally.
Connecticut Utilities Penetrated, But Interruptions Prevented
April 16, 2014 –Connecticut state utility regulators reported that electric, natural gas and major water companies and regional distribution systems have been penetrated by cybercriminals, but their defense systems were able to prevent any disruptions. The report from the Public Utilities Regulatory Authority said that security threats are constantly evolving and “becoming more sophisticated and nefarious” and the utilities must constantly improve their defenses to prevent breaches. Governor Dannel Malloy said, “The chance of an attack doing serious damage to the state of Connecticut cannot be taken lightly, and therefore we are stepping up our game in preparation.”
Twitter To Ban Some Turkish Accounts
April 16, 2014 –A senior Turkish government official said that Twitter has agreed to ban several users' accounts at the government's request. Recently the Turkish government had attempted to block the Twitter service in the country, but they were not successful. The block was lifted after a Turkish court ruled that blocking the service violated free speech laws. There has been no official word on how many accounts would be banned. Twitter has not released a statement about this issue.
German Aerospace Center Under Spyware Attack
April 15, 2014 –The German Aerospace Center, Germany's national center for aerospace, energy and transportation research is being targeted by a coordinated and systematic spyware attack. It is believed that the attack is being conducted by a foreign intelligence agency. The attack is so complex that forensic investigators have not been able to detect the actual malware. Some of the Trojans used are designed to self-destruct when they are discovered. All operating systems at the German Aerospace Center are impacted by this attack.
VFW Breached, 55,000 SSNs Exposed
April 15, 2014 –The Veterans of Foreign Wars website has been breached by hackers believed to be from China. The names, addresses and social security numbers of over 55,000 VFW members were compromised. A letter from the VFW said, “VFW has been informed that the purpose of the attack wasn't identity theft, but rather to gain access to information regarding military plans or contracts.”
National Retail Federation Developing Cybersecurity Program
April 15, 2014 –The National Retail Federation (NRF) is developing a retail and merchant industry information sharing and analysis center designed to assist companies when dealing with cyber threats. The program, being developed with the support of the Financial Services Information Sharing and Analysis Center. The new program will give retailers a central location for cyber security information from government departments, law enforcement agencies, other retailers and financial service organizations.
480,000 Individuals Exposed In UK Cosmetic Surgery Breach
April 15, 2014 –The personal details of 480,000 people have been compromised in a breach of the UK based Harley Medical Group website. The names, addresses and phone numbers of the individuals that entered their information in a form on the website. No medical or financial information has been exposed. Harley Medical Group representatives said that they took “measures” as soon as they were made aware of the breach.
Flickr Vulnerabilities Discovered
April 14, 2014 – Flickr, the online photo management website, has multiple web application vulnerabilities according to researchers. SQL injection vulnerabilities have been discovered on Flickr Photo Books, a new custom printing feature that was launched 5 months ago. Two parameters have been found that are vulnerable to Blind SQL injections and one vulnerable to Direct SQL injections. A successful SQL attack could allow access to the database and MySQL administrator password. Yahoo, which owns Flickr, said it has now patched the vulnerabilities.
Tunisian Hacker Team Threatens United States
April 14, 2014 – Members of the Tunisian Hackers Team hacking group have posted a new video in which they threaten to target the United States. The new campaign is called TheWeekOfHorror and the goal is to get the United States to remove their military from the “Muhammad lands.” According to the video, the campaign will begin in July 2014. The hackers say they will attack the US's financial industry and computer systems at airports.
Israeli Hackers Identify Individuals Behind OpIsrael
April 14, 2014 – The Israeli hacking group known as Israeli Elite Force is claiming to have identified the individuals behind the OpIsrael hacking campaign. Buddhax, a member of the Israeli Elite Force, has posted files that include the names, email addresses and pictures of sixteen people that are accused of being behind OpIsrael. The individuals are from Indonesia, Malaysia, Portugal, Italy, Finland, Switzerland, Saudi Arabia, the UK and Algeria. Buddhax also posted a message with the information saying, “Next time do not take part in an offensive against Israel. We know who you are, we know where you are. Hail Israel.”
Nine Arrested For Using Zeus Malware To Steal Millions
April 14, 2014 – The US Department of Justice has charged nine alleged cybercriminals for using the Zeus banking malware to steal millions of dollars from banks. The men are charged with defrauding Bank of America, First Federal Savings Bank, First National Bank of Omaha, Key Bank, Salisbury Bank & Trust, Union Bank and Trust and United Bankshares Corporation. All of these banks are insured by the Federal Deposit Insurance Corporation. The defendants are also charged with infecting thousands of business computers with malware that steals passwords, account numbers and other online banking information. The Metropolitan Police Service in the UK, the National Police of the Netherlands' National High Tech Crime Unit and the Security Service of Ukraine are assisting with the investigation.
South Korean Banks Breached, Leads To Data Leaks
April 11, 2014 – According to South Korean authorities, Citibank Korea Inc. and Standard Chartered Bank Korea have been breached. Information belonging to over 50,000 clients have been stolen from the banks. This is the second data leak involving the two banks, in December the personal data of 130,000 customers was leaked. The new data leak apparently does not include any critical information such as credit card numbers or passwords. This new information is being utilized in a phone phishing scheme, where the cybercriminals are attempting to scam the bank's customers into revealing sensitive financial information.
US Government Says Companies Will Not Be Sued For Sharing Cybersecurity Information
April 11, 2014 – The US Justice Department and the Federal Trade Commission issued a formal policy statement, assuring companies the federal government will not bring lawsuits against them for sharing cybersecurity information with each other. There has been concern that sharing cybersecurity information would be in violation of antitrust laws. Antitrust laws are meant to prevent companies from inflating prices and hindering competition. The policy statement says that sharing cybersecurity information such as incident reports or malicious code is unlikely to violate the law. The head of the Justice Department's Antitrust Division said, “As long as companies don't discuss competitive information like pricing and output when sharing cybersecurity information, they're okay.”
Saudi Arabian Ministry Of Health Site Defaced
April 11, 2014 – The hacking group known as the Moroccan Islamic Union-Mail have breached and defaced a website belonging to the Saudi Arabian Ministry of Health. The defacement is in response to Saudi Arabia naming the Muslim Brotherhood a terrorist organization. The defaced site belongs to the Public Administration for Combating Generic and Chronic Diseases. The defacement includes a picture of a group of people holding signs of Mohamed Morsi, the former president of Egypt and a leader within the Muslim Brotherhood. At the time of this writing, the site is still defaced.
Lubbock, TX Cardiology Clinic Breached, Leak Health Records
April 11, 2014 – The Lubbock Cardiology Clinic in Lubbock, TX has issued a notification that their EHR (electronic health records) system was breached and the hackers gained unauthorized access to medical records. According to the notification the breach occurred between December 15, 2013 and January 30, 2014. Over 1,400 medical records were viewed, copied, downloaded and exported. The records included names, addresses, phone numbers and social security numbers. The Clinic says they are, “vigorously seeking answers and recovery of this information.”
IRS Data Security Not Sufficient According To GAO
April 10, 2014 – The Government Accountability Office (GAO) have reported that the Internal Revenue Service (IRS) does not sufficiently monitor their databases for activity that could indicate a breach has occurred. According to the GAO report, for the seventh consecutive year the IRS has not patched security vulnerabilities that could lead to leaks of financial data. GAO Managing Director, Nancy Kingsbury wrote in the report, “Serious weaknesses remain that could affect the confidentiality, integrity and availability of financial and sensitive taxpayer data.” IRS officials in a written response to the GAO said they are dedicated to improving data security and look forward to working together to “develop appropriate measures.”
Financial Malware On The Rise According To Report
April 10, 2014 – A recent report shows that the number of cyberattacks involving financial malware increased to 28.4 million in 2013, a 27.6% increase over 2012. The increased use of cryptocurrency is partially responsible for this increase. The most common methods of financial malware are banking Trojans, keyloggers and two new types of malware – the first that breaches Bitcoin wallets and the other that downloads software designed to generate cryptocurrency.
Deltek Breached, Customer Info Leaked
April 10, 2014 – Deltek, an enterprise software and information solutions provider, had it's GovWin IQ website breached. The website provides information to assist organizations in winning government business. The hackers accessed customer information including names, billing addresses, telephone numbers, business email addresses, credit card numbers and expiration dates. President and CEO of Deltek, Mike Corkery issued a statement saying, “We have remedied the security vulnerability that we believe the hacker exploited in order to gain unauthorized access to our GovWin IQ system.” Deltek is working with law enforcement to investigate the incident.
Another Pleads Guilty In Carder.su Cybercrime Ring
April 10, 2014 – Cameron Harrison, one of several individuals charged with being involved in the Carder.su identity theft service has changed his plea from not guilty to guilty. Harrison said he has not been offered a plea agreement from the government. Harrison is accused of purchasing counterfeit identification documents and stolen payment card data from Carder.su members. He is charged with participating in a racketeer influenced corrupt organization, conspiracy to engage in a racketeer influenced corrupt organization and trafficking in the production of false identification documents. The total sentence for all charges could be up to 55 years in prison and a fine of up to $750,000. Over 50 other individuals have been charged in connection with Carder.su, but the heads of the organization have not yet been found.
Bank Of Israel Ids And Passwords Leaked
April 9, 2014 – The hacking group known as Moroccan.Agent.Secret has leaked data that they claim belongs to over 1,800 Bank of Israel customers. The hackers say that the leak is part of OpIsrael, and that the information was obtained when they breached the bank's systems earlier this week. There has been no verification that the information is legitimate. Other hacking groups have claimed to leak information from Israeli sources this week, but it has turned out that the information was old.
Anonymous To Target Educational Institutions
April 9, 2014 – Members of the Anonymous collective have announced the formation of OpSafeEdu. The hackers said that the lack of security on educational websites is a violation of student liberties. The Center for Internet Security (CIS) has issued a warning about a potential increase in attacks on educational institutions in response.
President Of Gabon's Site Taken Down
April 9, 2014 – Members of the Anonymous hacking collective are claiming to have taken down the official website of Ali Bongo Ondimba, the President of Gabon. The distributed denial-of-service attack is part of OpGabon. At the time of this writing the site is back up and operating normally.
Remote Code Execution Flaw On BlackBerry 10
April 9, 2014 – BlackBerry customers have received warnings that a stack-based buffer overflow vulnerability in the qconnDoor service could lead to a remote code execution on BlackBerry 10 phones. The qconnDoor service is used to provide shell and remote debugging capabilities. However if exploited, an attcker can execute code with superuser rights, or terminate the qconnDoor service. An update has been released to fix the vulnerability.
Russian Crime Syndicate Accused Of High Profile Hacks
April 8, 2014 – U.S. officials say they have identified a Russian crime syndicate as the group responsible for dozens of high profile hacking operations over the last several years. The attacks attributed to the group include Neiman Marcus, 7-Eleven, JetBlue Airways, JC Penney and Visa. The officials say that they have been unable to dismantle the syndicate due to a lack of cooperation from Russian authorities. Richard Clarke, former special adviser for cybersecurity to the Bush administration said, “The FBI has tried to get cooperation, the State Department has asked for help and nothing happens, so law enforcement options under the current circumstances are pretty negligible.” The FBI did issue an advisory to retailers warning that the memory-parsing malware that infects POS systems used in the Neiman Marcus and Target breaches has been connected to over 20 other hacking cases in the last year, and retailers should expect more breaches. The syndicate is believed to be responsible for stealing over 160 million credit card records.
Top Websites Vulnerable To New Heartbleed Vulnerability
April 8, 2014 – Researchers have discovered a new OpenSSL vulnerability that is being referred to as the Heartbleed bug. The Heartbleed bug can be leveraged to intercept private keys, user names, passwords and other private information. According to the researchers several of the top 1,000 Alexa sites are vulnerable to the bug including Yahoo, Imgur, Stackoverflow, Flickr, OKCupid, DuckDuckGo, Eventbrite and several popular adult sites. The researchers were able to detect successful exploitation of the vulnerability by inspecting the sites' network traffic.
April 8, 2014 – Yesterday, hackers launched the second OpIsrael campaign meant to, “wipe Israel from the Internet”, as the AnonGhost hacking group said. Hackers launched attacks against thousands of Israeli sites, most belonging to small businesses. Only a few Israeli government sites suffered outages that lasted only a few minutes. In response to the attacks, Israeli hackers launched counter attacks against several radical Islamist sites and the OpIsrael website. The hackers defaced the OpIsrael site with pro-Israel slogans and links.
Indian Hacker Takes Down Pakistani Terrorist Website
April 8, 2014 – The Indian hacker known as Godziila is claiming to have taken down the Pakistani terrorist group, Tehreek e Taliban Pakistan's (TTP) website. The hacker issued a statement saying, “This website was hosted on a shared server, we found several security flaws and crushed down the website.” TTP is an organization of various militant groups that have been banned and labeled as terrorist organizations by the Pakistani government. Godziila has previously attacked the websites of the Pakistani Army and other political groups.
European Cyber Army Leaks Over 60,000 Account Details From Syrian Sites
April 7, 2014 – A member of the European Cyber Army known as Zer0Pwn is claiming to have leaked over 60,000 account details from two Syrian websites. The leaked information includes names, email ids, passwords, phone numbers and other details. The hacker published the leaked information with the title, “ECA vs. Assad.”
April 7, 2014 – As previously stated by members of Anonymous and AnonGhost, OpIsrael was launched today. This is the second time that the hackers have run this operation against Israel. So far there have been several small business websites in Israel that have been defaced. In addition some government and financial websites have been targeted with distributed denial-of-service attacks. There have also been a number of false hack claims, with hackers publishing old data and claiming to have leaked it from different companies. At this point most of the analyzed “leaked data” appears to either be old or fake.
Kansas Online Student Testing System Suffers DDoS Attack
April 7, 2014 – The Kansas Interactive Testing Engine (KITE), an online student testing system, was hit with a distributed denial-of-service attack. Students who were taking the test during the time of the attack received an error message or a blank screen. Marianne Perie, co-director of the Center for Educational Testing and Evaluation at the University of Kansas said, “We don't know if it was two bored teenagers or an anti-testing attack. We have no information.” State representatives have stated that no student information was accessed. At the time of this writing all systems have been restored and are operating normally.
Leak Of Over 36k Accounts From Hacked Jobs Site
April 7, 2014 – BigMoneyJobs.com, an online jobs website, has been hacked by the hacker known as ProbablyOnion. ProbablyOnion is the hacker responsible for the recent hack of Boxee.tv. After breaching the website, the hacker also leaked information of over 36,000 users. The leaked information includes names, home addresses, phone numbers, emails and clear text passwords. It is believed that an SQL injection vulnerability was leveraged in the attack.
Sabu Sentencing Delayed Again
April 4, 2014 – The sentencing of Hector Xavier Monsegur, formerly known as Sabu - the leader of the LulzSec hacking group, has been delayed for the sixth time. Monsegur was scheduled to be sentenced on April 2nd, but it was postponed until May 8, 2014. Monsegur has been working with the government in finding other hackers. He was originally arrested in June 2011 and has pled guilty to 12 charges. The first sentencing date was scheduled for August 2012.
Arcadia, FL Website Hacked
April 4, 2014 – The official government website for the city of Arcadia, Florida has been hacked. The hackers breached the site and have set up a pop-up advertisement for a video player download. Visitors that clicked on the download were actually downloading either a Trojan or a piece of ransomware. The Arcadia website administrators removed the pop-up as soon as they were notified about the issue.
Israel To Suspend International Traffic
April 4, 2014 – In preparation for OpIsraelBirthday, the Israeli government has announced that they will temporarily block international traffic to some government websites. OpIsraelBirthday is a hacking operation being planned by the AnonGhost hacking group and other pro-Palestinian hackers. The operation is scheduled for April 7, 2014. According to sources the suspension will be in effect from Friday through Monday. In addition Israeli civil servants have been instructed not to open emails from any foreigners.
Anti-Testing Group Website Hacked
April 4, 2014 – The United Opt Out National, a nonprofit organization dedicated to eliminating standardized tests, website has been hacked. The hack took place last month while the leaders of the organization were attending a conference to discuss strategy to promote their mission. Administrators were not able to access the site and they have since taken the site down. Visitors to the site now are greeted with a message that says, “Our site has been maliciously hacked and destroyed in an act of political sabotage. Please be patient while we rebuild the site, and get our Opt-Out resources back on line.”
NullCrew Hacks Saudi News Org
April 3, 2014 – Members of the NullCrew hacking group have breached the Saudi-owned Al Arabiya news organization. NullCrew claims to have worked with members of The Horsemen of Lulz hacking group to exploit a vulnerability in Al Arabiya's email server and web client software. As a result of the breach the hackers leaked user names and passwords for the mail server. The hackers posted a message saying, “Al Arabiya is the second largest news agency in the Middle East. Considering we've been targeting large media corporations? Well, it falls right into our range; So, without further ado. NullCrew and The Horsement Of Lulz persent to you? The candies.” The hackers claim that they have additional information that they could leak, but have not decided if they will at this time.
Oracle Java Cloud Service Attack Code Posted
April 3, 2014 – Adam Gowdiak, a Polish security researcher has posted the technical details and attack code for several security vulnerabilities that affect Oracle's Java Cloud Service. Some of the vulnerabilities could allow an cybercriminal to remotely attack applications hosted in the service's data centers. The vulnerabilities affect customers in Java Cloud's US and EMEA data centers. Gowdiak said he published the information because Oracle stopped corresponding with him about the vulnerabilities. Oracle has not issued a statement at this time.
Egyptian Armed Forces Training Authority Defaced
April 3, 2014 – The hacker known as YMH is claiming to have breached and defaced the Egyptian Armed Forces Training Authority website. The defacement message was left in Arabic, translated to English it says, “Owned by YMH! We don't know with whom to fight, el Sisi or the Muslim Brotherhood, leave all the politics behind and enjoy yourselves a little with the tea of Om Hasan.” YMH has previously claimed to hack the sites of the Tourist Development Authority of Egypt and the Military Technical College of Egypt.
ISPs Suffering From DNS DDoS Attacks
April 3, 2014 – New research has discovered that ISPs have become increasingly vulnerable to DNS amplification distributed denial-of-service attacks due to the millions of home routers that have open DNS proxies. In February 2014 alone, over 5.3 million home routers were used to generate DDoS attacks. In one specific attack over 70% of the ISP's DNS traffic was associated with an amplification DDoS attack. The researchers conclude that due to this built-in vulnerability in DNS proxies, ISPs can be victimized even if they follow normal best practices to protect their networks.
Samsung's Boxee.tv Hacked
April 2, 2014 – Web based television service company Boxee.tv has been hacked and customer data has been leaked. The cybercriminals posted private information belonging to 158,000 of Boxee,tv's clients. The breach includes almost 800 Mb of data stolen from the company's forum. Over 158,000 user accounts were compromised exposing password hashes, user IPs, dates of birth and user messages sent through the service.
WinRAR Files Allow Spoofing Vulnerability
April 2, 2014 – Israeli researchers have discovered a WinRAR file extension spoofing vulnerability, which can assist hackers in the delivery of malware.. The file spoofing allows hackers to modify the filenames and to bind malignant code in the archive disguising itself as '.jpg', .'txt' or another format. Researchers have also found Zeus like Trojans attached to the files. Users are advised to use alternate archive software and avoid opening archives with passwords.
Liquor Sore Chain Suffers Data Breach
April 2, 2014 – Spec's, a Texas liquor store chain, suffered a breach of the systems of 34 stores for a total of 17 months.. The cybercriminals had access to customer credit and debit card numbers, expiration dates and security codes. They also obtained driver's licenses numbers, check information, bank account and routing numbers and birth dates. The company stated that less then 550,000 customers and Spec's employees were impacted. Spec's released a statement saying, “Thankfully, most of our customers were not affected. While it is a relief that fewer than 5% of our total transactions may have been impacted, that in no way diminishes our great concern for those affected.” Spec's advised their customers to place fraud alert on their files with major credit card holders.
April 2, 2014 – Members of the Anonymous collective have issued a new statement with a list of new demands for OpAlbuquerque. Operation Albuquerque is a response to the police shooting of a homeless man in March. The hacktivists' statement said, “We are here in solidarity with the Albuquerque's citizens and to help bring justice that is long overdue. . . We call upon you to hold the appropriate authorities accountable . . .” The demands include the US Department of Justice taking over the Albuquerque Police Department, 'authentic and verified citizen oversight of APD', the immediate arrest of the officers involved in the shooting, the termination of the Police Chief and the indictment of all officers who violate citizens' rights. OpAlbuquerque has so far included the distributed denial-of-service attacks against the APD and City of Albuquerque websites. The Anonymous members are also planning a Twitter storm for today.
DDoS Attack On Mad Mini
April 1, 2014 – Email marketing service company Mad Mimi was hit with a distributed denial of service attack from an attacker using the name Mark Nds.. In order for the attacks to stop, the cybercriminal demanded to be paid 1.8 bitcoin, (which is worth less than $1,000) in 24 hours. The marketing company has refused to make payment, saying, “Blackmail and extortion don’t stop with acquiescence – it only encourages further attacks. As such, we’ve decided to not play along.” At this time Mad Mimi is working with law enforcement to find a solution.
Kuwait's Ministry Of Interior Hacked
April 1, 2014 – Two hackers known as Shmook Amer and Dr. Hjd are claiming to have hacked the website of Kuwait's Ministry of Interior. The message left by the hackers was a plea to Middle Eastern countries to join forces and take military action on the crisis in Syria. The hackers left a message on the defaced page in Arabic saying, “We need actions because they are louder than words.” At the time of this writing the website has been restored.
China Reports That US Is Responsible For Most Cyberattacks Against China
April 1, 2014 – According to a recent report released by China's Computer Emergency Response Team (CNCERT), most cyber attacks on China's computers are coming from the United States. The CNCERT report shows that the US is responsible for attacks on 30% of Asia's computers each year. According to the report, Anonymous hackers are responsible for breaching over 600 of China's government computer system and malware tripled in 2013 because of the US based attacks. The Chinese agency claims they have the data to prove these claims against the US.
DeadMau5 Twitter And Facebook Accounts Hacked By Anonymous
April 1, 2014 – Earlier today, members of the Anonymous collective hacked the Twitter and Facebook accounts of music producer Joel Zimmerman, also known as DeadMau5. Several messages were posted on Zimmerman's Twitter account before it was recovered. After also hacking the entertainers Facebook account, a message was posted that said, “Way to use the same password.” After a few hours Zimmerman was able to recover the accounts. No reason was given as to why the hackers targeted Zimmerman.
Chinese Embassy In Moscow Hacked
March 31, 2014 – Members of the Russian Cyber Command hacking group are claiming to have breached the Chinese Embassy in Moscow. The hackers have leaked information from Ukrainian telecom company Intertelecom. The leaked information includes data of over 100,000 customers. The hackers say this is the first leak in a series of seven. The hackers say that they obtained the information from the Chinese Embassy in Moscow after installing a Remote Access Trojan. The fact that Intertelecom's information was stored at the Chinese Embassy is seen as proof by the hackers that the Russian and Chinese governments are working together to spy on Ukraine.
Albuquerque Police Department Website Hacked
March 31, 2014 – As we reported last week, members of the Anonymous collective published a statement threatening the City of Albuquerque and the Albuquerque Police Department after the shooting of a homeless man on March 16. Today, the Albuquerque Police Department website has been taken down by hacktivists. Authorities told The Associated Press that the source of the attack is not known. City officials had said they enhanced their website security, but the site was still taken down despite these efforts.
Smart Cars Can Be Hacked
March 31, 2014 – New research carried out on the Tesla Smart car has proven that hackers are able to remotely locate and unlock the Tesla Motors electric vehicles by cracking a six character password using traditional hacking techniques. Researchers have reported that by using a tool kit called Can Hacking Tool (CHT) hackers can breach the smart cars, giving them entire control of the car to the attacker. When the customer purchases the smart car they are required to sign up for the Tesla smart phone app which controls the vehicle. The password is vulnerable to several kinds of attacks similar to those used to gain access to a computer or on line account. Tesla spokesperson Patrick Jones declined to comment on it, though he said the research is being carefully reviewed by the car makers.
Pakistani Consulate Website Hacked In Protest
March 31, 2014 – Hasnain Haxor, a Pakistani hacker, is claiming to have hacked and defaced the official website of the Pakistani consulate in Jeddah. The hacker left the website defaced, along with messages written in Urdu and English on the home screen. The messages spoke about protesting against the ongoing corruption in Pakistan. The hacker stated, “Pakistan Haxors Crew is here to remind you of your security. Our fight is not against any individual but the system as a whole. Should you choose to ignore security, it will reincarnate as your worst nightmare! We just defaced your website to give you a chance to put your hands on it before others come and destroy it!” At this time the website has been restored and is currently operating normally.
RedHack Attacks Turkey's Telecommunications Directorate Site
March 28, 2014 – Members of the RedHack hacking group attacked Turkey's Telecommunications Directorate (TIB) website. The attack was in response to Turkey's attempt to ban YouTube and Twitter. The hackers posted a message saying, “You forgot the coordinator of everything while calculating things. The ban is meant to be banned.” YouTube was blocked after a recording of top security officials discussing possible military operations in Syria was leaked. Prime Minister Tayyip Erdogan has said the leak is just another attempt to discredit him before the upcoming elections.
Anonymous Threatens Albuquerque Police Department
March 28, 2014 – Members of the Anonymous collective have threatened to crash the Albuquerque Police Department's (APD) website in response to the shooting of a homeless man. The hacktivists posted a message saying, “Whether this man had a history of crime is irrelevant. We drastically need to address the growing police state that has occupied our country.” Albuquerque City Attorney Rob Perry stated, “We respect this group. They have an ability to get into highly, federally protected computer systems ... and we're going to do what we can to guard against the problem.”
Monster Job Website Targeted With Gameover Zeus Malware
March 28, 2014 – Cybercriminals are reportedly targeting companies that use the services of Monster.com with a new variant of the Gameover malware. The Gameover malware infection is similar to the Zeus banking malware whose source codes were leaked in 2011. The malware steals log-in information and other sensitive information by injecting false web forms into legitimate websites when accessed from infected computers. In the second phase of the attack, the hacker obtains your sensitive information and uses it to conduct fake security checks. Security experts are warning that users should “be wary of any irregularities. If the account is potentially tied to a bank account and a spending budget, it's a target for banking Trojans.”
Chinese Authorities Detain People Allegedly Involved In Spam Operation
March 28, 2014 – Chinese officials have arrested 1,530 individuals involved in a mobile spamming operation. Authorities have also seized 2,600 devices used for spamming and shut down 24 websites that sell spam distribution equipment. Departments within the Chinese government have been targeting people involved in the manufacturing, selling and purchasing unlicensed telecommunications stations. One of the groups arrested are charged with sending more than 200 million spam messages.
Report: 30 Million New Malware Variants In 2013
March 27, 2014 – A new report has been released showing that 30 million new malware variants were created in 2013. Over 30% of the computers in the world were found to be infected with malware. The Android platform was the primary target for malware. There were four major categories of malware with Trojan malware accounting for 78.97% of infections. Worms (6.89%), Viruses (5.83%) and Adware/Spyware accounted for most of the remaining infections. The most infected countries were China, Turkey, Uruguay, Chile, Spain and Colombia.
New CoinKrypt Malware Targeting Mobile Phones
March 27, 2014 – Researchers have discovered several new variants of the CoinKrypt malware. CoinKrypt is designed to hijack mobile devices and turn them into digital currency mining bots. The malware is not stealing information from the infected devices, but it is using its resources and data plans to mine for digital currency. CoinKrypt is targeting Litecoin, Dogecoin and Casinocoin, it has not yet been seen targeting Bitcoin.
Over 275 DDoS Attacks Every Hour According To Report
March 27, 2014 – A recent study on distributed denial-of-service attacks is claiming that there are over 275 DDoS attacks against major corporations around the world occurring every hour. According to the study these attacks are frequently being used to hide APT attacks. DDoS amplification attacks are also rising, and continue to be a major challenge for businesses. In the month of February amplification attacks were seen to rise 371%. The study was based on analysis of attacks in Tier-1 and Tier-2 data centers operated by ISPs and major corporations throughout 2013.
South Korean Search Portal Breached
March 27, 2014 – Naver, South Korea's largest Web portal, suffered a breach which resulted in 25 million accounts being compromised. The Asian National Police Agency arrested a 31 year-old South Korean man, referred to as Seo, on charges of infiltrating and hacking the accounts. The allegations say that the man purchased the user information from another hacker several months ago. Seo is accused of using the stolen information to breach the accounts of Naver users and sending out spam messages and other “illicit emails” to the account holders. A Naver representative said, “The best preventive measure for now would be for users to change their passwords on a regular basis so that even if someone should access their accounts the impact would be minimal.”
WordPress Major Source Of Malware Distribution
March 26, 2014 – Security researchers have issued a report showing that sites running the WordPress software are a major source for malware distribution. The report points out that in many instances the fault for the security issues lies with the site administrators, who do not keep WordPress updated. Only recent versions of WordPress have auto updating features, but even this requires the web server process have access to the WordPress program files. In addition, insecure plugins lead to many blog breaches and attacks on blog visitors according to the report.
Israeli Defense Magazine Forum Hacked
March 26, 2014 – It is being reported that it is suspected that Muslim hackers have breached the Israel Defense Magazine website and customer database. The customer database is believed to have been used to launch a SMS attack on Israelis. Hundreds of Israelis, including many journalists, received texts warning that Hamas was going to conquer Israel. Other messages said they were "a warning to the Zionists, the al-Qassam rockets are waiting for you." In addition, an email that appeared to come from Israel Defense was sent to its subscribers warning that Israelis will be sent to hell if they think of reoccupying Gaza.
Ethiopian Government Accused Of Spying On Opponents
March 26, 2014 – A human rights watch group has accused the Ethiopian government of importing technology to spy on the phones and computers of its opponents. The group claims that the government is using the technology from European and Chinese firms to attempt to silence dissent. Ethiopian Information Minister Redwan Hussein said, "There is nothing new to respond to," when asked about the accusations. All phones and Internet connections in Ethiopia are provided by a state-owned company, giving the government the ability to monitor communications.
AnonGhost Planning OpIsraelBirthday
March 26, 2014 – Members of the AnonGhost hacking group have announced plans for OpIsraelBirthday. The operation will take place on April 7, 2014, the one year anniversary of the original OpIsrael. Last year's operation did not have any major impact on Israel, although the hackers say they hacked over 1 million Facebook accounts of Israelis and over 7,000 Israeli websites to date. AnonGhost is the group behind other hacking operations, such as OpPetrol and OpUSA.
Anonymous Ukraine Leaks Millions Of Credit Cards
March 25, 2014 – Members of the Anonymous Ukraine hacking collective have posted over 7 million credit card numbers on the Internet. The hackers posted a message with the data saying, “Today we publish the first part of our exposure of the international financial system Visa, MC, Discover & Amex, enslaved people around the world. More than 800 million credit cards. Over a trillion dollars.” While the hackers claim over 800 million cards, only slightly over 7 million cards have been released. Of those released, about 4,000 have full user data including social security number, credit card, card expiry, name, pins, dates of birth and zip codes. The other data appears to have valid credit card numbers, bank routing numbers and full names, but does not contain the credit card CCV or card expiry dates. The majority of the cards come from United States based banks.
Basecamp Suffers DDoS Attack
March 25, 2014 – Basecamp, the project management tool, has been hit with a distributed denial-of-service attack. The hackers claiming responsibility have contacted Basecamp and are demanding payment in exchange for stopping the attack. Representatives of the company have said they “will not succumb to blackmail.” It is believed that the hackers are the same ones that attacked Fotolia.com last week. Basecamp issued a statement saying, “We're doing everything we can with the help of our network providers to mitigate this attack and halt the interruption of service. We're also contacting law enforcement to track down the criminals responsible.”
Microsoft Word Vulnerability Exploited In Targeted Attacks
March 25, 2014 – A remote code execution vulnerability is being actively exploited in targeted attacks against Microsoft Word 2010. The vulnerability allows remote code execution when a user opens a maliciously written RTF file using Word 2010 or when previewing or opening an RTF email message in Microsoft Outlook while using Word as the email viewer. An attacker could access the user's rights if the vulnerability is exploited successfully. Microsoft is working to fix the vulnerability, but suggests that users disable opening RTF content in Word in the meantime.
Anonymous Plans April Attacks On South Korean Government
March 25, 2014 – Members of the Anonymous collective have issued a statement warning of attacks against South Korean government websites on April 14. The hacktivists are blaming the government for wating taxpayers' money, distorting the media and suppressing its citizens. An official from the South Korean Ministry of Science, ICT and Future Planning said, “The ministry is working with the intelligence and other government to work out countermeasures as Anonymous has a track record of making actual hacking after warning.”
NSA Accused Of Stealing Huawei Source Code
March 24, 2014 – Several sources are reporting that the National Security Agency conducted an offensive cyber operation about Huawei, the Chinese networking company, in 2009. Known as Operation Shotgiant, the NSA worked with the CIA, the White House intelligence coordinator and the FBI, to find an association between Huawei and China's People's Liberation Army. According to reports, the NSA stole the source code for certain Huawei products, and learned how to exploit the products in order to conduct surveillance on foreign customers. The NSA is accused of spying on former Chinese President Hu Jintao, the Chinese trade ministry, banks, telecom firms and tracking more than 20 Chinese hacking groups, including some which were Chinese Army and Navy units.
Anonymous Takes Down Monsanto Brazil Site
March 24, 2014 – Members of the Anonymous collective conducted a distributed denial-of-service attack against the Monsanto Brazil website yesterday. As a result the website has been unavailable. Monsanto has been a frequent target for the hacktivist community. This attack was specifically protesting the use of GE Trees, which the hacktivitsts claim poisons land and displaces communities in Latin America. At the time of this writing the website is still down.
Android Flaw Leaves Billions Of Devices Open To Infection
March 24, 2014 – Security researchers have discovered new Android vulnerabilities that carry out privilege escalation attacks because of the weakness in its Package Management Service (PMS). These new vulnerabilites puts over one billion Android devices at risk to malware infection. The researchers are calling these flaws “Pileup flaws”. Six different vulnerabilities have been discovered within the Android PMS. All of the flaws have been reported to Google. At this time only one has been fixed.
Hackers Take Down Egyptian State Information Service Site
March 24, 2014 – The hacker group known as IzzahHackers are claiming to have taken down the Egyptian State Information Service website. The hackers refer to the website as the government's propaganda service. They also refer to Deputy Prime Minister of Egypt, Abdel Fattah el-Sisi, as the Egyptian Hitler. Other hackers are calling on the IzzahHackers to take down additional websites.
SEA Leaks Microsoft Invoices To FBI
March 21, 2014 – The Syrian Electronic Army (SEA) has leaked copies of invoices from Microsoft to the FBI's Digital Intercept Technology Unit (DITU). The hackers see this as evidence that Microsoft is selling user information to the government. The invoices detail the amount charged for each request for data. SEA says they accessed the invoices by compromising DITU. The invoices were from December 2012, August 2013 and November 2013. The last invoice was for $281,000.
HootSuite Hit With DDoS Attack
March 21, 2014 –The social media management tool, HootSuite was hit with a distributed denial-of-service attack. Ryan Holmes, CEO of HootSuite, sent an email to customers saying, "HootSuite services experienced downtime, which might have impacted you or your organization. . . We experienced what's known as a denial of service attack (DoS). I’m writing today to let you know that the HootSuite Engineering and Security teams are working to mitigate the DoS attack and that there are no inherent security risks to your accounts, nor has any customer data been compromised." At the time of this writing the site is back up and operating normally.
Turkish Government Blocks Twitter
March 21, 2014 –The Turkish government has blocked access to Twitter, just days prior to local elections. Turkey's Prime Minister Recept Tayyip Erdogan, had threatened to "root out" Twitter, after wiretapped recordings showing evidence of corruption among his administration had been leaked. Officially Twitter was blocked due to their failure to follow four court orders. BTK, a Turkish telecom watchgroup said that Twitter was blocked after complaints were made by citizens that Twitter was breaching privacy. BTK issued a statement saying, "Because there was no other choice, access to Twitter was blocked in line with court decisions to avoid the possible future victimization of citizens." Twitter has made no formal statement, but did post a message advising people that they could still post messages to the platform by using mobile phone text messaging. Erdogan's office issued a statement saying, "If Twitter officials insist on not implementing court orders and rules of law ... there will be no other option but to prevent access to Twitter to help satisfy our citizens' grievances." The ban quickly caused an uproar among Turkish users, and they have quickly come up with ways to bypass the block, including using the text messaging suggested by Twitter and by using VPNs. Online activists have been comparing this action by the Turkish government to those of the Iranian and North Korean governments. In addition, some of the activists are trying to organize physical protests in Turkey.
Poland's Military Strengthening Cybersecurity Through Universities
March 21, 2014 –Poland's Ministry of Defense has signed an agreement with three universities to bring in research collaborations in the areas of mathematical and information technology. The agreement will bring the National Cryptology Center, Poland's cryptography and cyberwarfare military branch, together with the University of Warsaw, the Technical University of Warsaw and the Technical University of Wroclaw with the goal of arming itself with the technical knowledge necessary for increased cyberwar capabilities. The first goal of the program is to increase Poland's cryptography capabilities. The National Cryptology Center's director, Piotr Markowski said, "The cryptographic security of information should not depend on algorithms to which a country does not have full rights. The ability to secure its information with its own algorithms shows the power of a country."
Australian Arrested In Connection With US Gaming Company Hack
March 20, 2014 – A 21-year-old man from Kingaroy, Australia has been arrested by Australia's Queensland Police Service and charged with fraud and hacking related offenses. The suspect and the company he attacked were not named, but he is suspected of hacking the systems of a US-based online gaming company. Detective Superintendent Brian Hay of the Fraud and Cyber Crime Group said, "We would like to acknowledge the assistance of the FBI and the US based gaming company for their assistance in bringing this investigation to a successful close." The man has been charged with three counts of computer hacking and misuse, and five counts of fraud, including dishonestly obtaining property from another, dishonestly applying property to own use and dishonestly cause detriment and possessing equipment for purpose of committing or facilitating the commission of an offense. He is scheduled to appear in court on April 8.
New Variant Of Zeus Malware Discovered
March 20, 2014 – Researchers have discovered a new variant of the Zeus malware. This new variant is unique in that it is not designed to steal sensitive information, rather it is designed to load clickbots. The TROJ_ZCLICK.A variant displays arbitrary websites on infected computers, once opened by the threat the sites occupy the entire screen, preventing users from opening other windows or files. New websites are opened every time the victim performs an activity like opening a window or a file. If the user doesn't take any action the malware will take control of the mouse. The malware is designed to generate income for its masters through pay-per-click activities. The only way to return to the desktop is by pressing the Windows key + D. Even when this is done, the sites will continue to run in the background.
Another Bitcoin Exchange Hacked
March 20, 2014 – It is being reported that another Bitcoin exchange, CoinEX.pw has been hacked. A representative of CoinEX.pw posted a message saying, "Yes, our wallet server got hacked and all funds were withdrawn . . . we're covering this from our own pockets." Since the exchange has gone down, the site's administrator has deleted his Twitter and Github accounts. CoinEX.pw has not issued any further statements at this time.
Cryptocurrency Mining Linux Worm Found
March 20, 2014 – A new variant of a Linux worm that infects Internet enabled devices, including security cameras, routers, set-top boxes, printers and industrial control systems running Linux, has been found by security researchers. This worm infects computers running Intel x86 architectures, but can also infect devices running MIPS, ARM and PowerPC architectures. Once the malware is installed on a device it downloads open source mining software. Through the end of last month, the worm had stolen over 42,000 Dogecoins and 282 Mincoins. Researchers believe it focuses on Dogecoins and Mincoins, instead of Bitcoins, because they can be mined from home PCs. The areas most affected by the worm are China, the United States, South Korea, Taiwan and India.
Hacked EA Games Site Hosting Apple Phishing Page
March 19, 2014 – A hacked EA Games webserver has been found to be hosting a phishing page which attempts to steal Apple IDs. Hackers broke into the EA subdomain by exploiting vulnerabilities in an outdated version of a web calendar application. The phishing page is designed to trick visitors into providing their login information for the Apple website. Investigators are still trying to determine if the hackers accessed any internal servers or other information.
March 19, 2014 – The Moroccan hacker known as Diabl0 has been arrested in Thailand. Diabl0 is Farid Essebar, a 27-year old Moroccan with Russian citizenship. Essebar is being accused in Switzerland of hacking into the systems of several banks and causing damage estimated at $4 billion. Essebar has previously been accused of creating the Zotob worm, which infected computers at CNN, ABC News, NY Times, Boeing and the US Department of Homeland Security.
Botnet That Infected 25,000 UNIX Servers Found
March 19, 2014 – Researchers have discovered a malware campaign in which over 25,000 UNIX servers have been infected and abused over the past two years. The infected servers were used to send out 35 million spam emails a day. At that rate almost 500,000 computers were at risk of being infected each day. Most of the infected servers are in the United States, Germany, France and the UK. Experts say that infected devices should be wiped and the operating system and software should be reinstalled.
Three Charged In Attempt To Hack Pentagon Payroll
March 19, 2014 – Three men have been indicted for attempting to hack into the Department of Defense's payroll service and customer accounts at 14 different financial institutions. If successful, the hackers would have stolen at least $15 million. The US Attorney's office has charged two men from Kiev, Ukraine and a third from New York, with conspiracy to commit wire fraud, conspiracy to commit access device fraud and identity theft and aggravated identity theft. The New Yorker is in custody, while both Ukrainians are currently fugitives. The men face a maximum sentence of 27 years.
Vulnerability In Paypal Subsidiary Allows Internal Network Access
March 18, 2014 – Researchers have discovered a critical Server Side Request Forgery (SSRF) vulnerability in the website for Paypal subsidiary, Bill Me Later. The vulnerability was found in the merchants.billmelater.com subdomain. A hacker could send a request to any internal network through Bill Me Later's API and get a response. Researchers were able to query internal databases without being required to enter login credentials. Paypal has partially corrected the vulnerability by restricting the API's ability to access the internal servers. However, it can still act as a proxy to view other hosts.
Hackers Deface Multi-Hazard Early Warning System Site
March 18, 2014 – The Indonesian hacking group known as Black Angels, have breached and defaced the Regional Integrated Multi-Hazard Early Warning System for Africa and Asia (RIMES) website. The defacement message reads, "Initiating System! System loaded, Your web server needs security! Security system owned by Black Angels." RIMES is an international group that generates early warning information for its member states. At the time of this writing, the site is still displaying the defacement.
Russian Cyber Command Hackers Leak Investment Fund President Personal Info
March 18, 2014 – Members of the Russian Cyber Command (Rucyborg) hacking group have leaked personal information belonging to Alexandr Bagnuk, the President of the Russian Industrial Investment Fund, a semi-governmental investment company. The hackers are claiming to have stolen information from Bagnuk's personal computer, including information on "critical Russian business operations and shadow banking." Along with the stolen information, the hackers posted a message saying, "Today we aren’t going to say much, since we aint got nothing to say pretty much, except that Putin has lost his mind. Russian Industrial Investment Fund is one of the biggest Russian ‘non-profit’ as they declare organization but they attract investments into Russian economy."
Toyota, Chevrolet and Renault's Guatemalan Sites Defaced
March 18, 2014 – The Pakistani hacking group known as Team Cyber Criminals have breached and defaced the Guatemalan sites of Toyota, Chevrolet and Renault. The three websites seem to have been developed by the same company, leading experts to believe that the sites share a common vulnerability. The hackers left a message saying, "Hacked by Algeriano. TOYOTA & RENAULT & CHEVROLET Guatemala hacked. Cyber Criminals Was Here." There was no reason given by the hackers as to why these sites were targeted. At the time of this writing the sites have been restored and are operating normally.
Google's Public DNS Hijacked
March 17, 2014 – Yesterday, Google's public DNS service was hijacked for 22 minutes, affecting networks in Brazil and Venezuela. It appears that the traffic was redirected to BT Latin America's network. Approximately 70 million IP addresses use the DNS service, accounting for about 130 - 150 billion queries a day. At this time it is not known who was behind the attack.
SEA Attacks US CENTCOM And Syrian National Coalition Site
March 17, 2014 – The Syrian Electronic Army (SEA) is claiming that they have penetrated the systems of the US Central Command (CENTCOM). SEA has provided information that shows they have accessed some Army Knowledge Online servers. The information that they released appears to be unclassified and CENTCOM is denying that their systems have been breached. In addition, SEA has hacked and defaced the National Coalition for Syrian Revolutionary and Opposition Forces (also known as the Syrian National Coalition) website. The Syrian National Coalition is made up of opposition groups that focus on replacing Bashar al-Assad and his government.
Ukrainian Hackers Target NATO Sites
March 17, 2014 – The Ukrainian hacking group known as Cyber Berkut are claiming responsibility for the downtime of three NATO websites. The sites that suffered the distributed denial-of-service attacks are nato.int, the NATO Parliamentary Assembly and the NATO Cooperative Cyber Defense Center of Excellence. NATO representatives have confirmed that the sites were the target of a "significant DDoS attack." The representative added that no NATO data or system was affected by the attack. The hackers say they launched the attack because they don't want NATO to interfere in Ukraine.
Polish Bitcoin Exchange Hacked
March 17, 2014 – Bitcurex, Poland's largest bitcoin exchange, temporarily shut down it's site due to a hacking attack that targeted users' funds. Bitcurex posted a statement online saying that due "to an error and ongoing maintenance work (Bitcurex) has decided to temporarily shut down service." The temporary closing of the site will allow Bitcurex's IT team to "perform a necessary verification." The statement continued, "We successfully blocked a hacking attack . . . preventing mass theft of BTC funds of our users. Thanks to automatic safety procedures, hackers managed to defraud only a portion of the funds stored in operational Hot Wallet Bitcurex. The majority of funds from Hot Wallet, as well the entirety of funds from Cold Wallet and FIAT monetary funds remained intact." The total amount that was stolen has not been disclosed at this time.
UK Supermarket Giant Morrisons Suffers Financial Data Breach
March 14, 2014 – The fourth largest supermarket chain in the United Kingdom, Morrisons, reported that a list of personal information – including names, addresses and banking payroll data – has been stolen. The information on all of its employees was posted on an unnamed website and was available for hours until the company could take it down. The company is in the process of analyzing the threat, but believes it came from an internal actor rather than an outside cyber-criminal. Morrisons has promised to support all employees with financial and personal identity security, although it is still in the planning process of how to do this.
Russian Government Blocks Anti-Putin Sites, Hackers Retaliate
March 14, 2014 – The Russian government has blocked access to several website that have in the past been highly critical of President Putin and his coalition. One site included the blog of Alexei Navalny, an outspoken opponent of Putin and a vocal anti-corruption advocate. Russia claims the websites were blocked because they promote crime, releasing a statement that read “[t]hese sites contain incitement to illegal activity and participation in public events in violation of the established order.” Critics have argued they are deliberate censorship of legitimate anti-Putin sentiment. In response, several hackers have defaced or attacked government and other websites, including the Russian central bank. Others have posted public information on how to bypass the new blocks.
Google Begins To Encrypt Search Terms In Mainland China
March 14, 2014 – Google is taking steps to encrypt all searches on its search engine within China, mirroring actions it has taken in the United States and several other countries. Google retreated from much of the mainland in 2010 following revelations that its servers had been hacked by China and increased requests to censor content. The company now currently headquarters its Chinese efforts in Hong Kong and commands only 5-10% of the market share. Google has begun to offer encrypted searches around the world, with the service now automatic in the United States, and believes it will allow Chinese users to search any topic, regardless of Chinese spying or filtering. The majority of Google users in China are believed to be tech-savy, however, and are largely believed to know how to bypass Chinese censorship anyway. China has not commented on Google's initiative.
Target Was Alerted To, But Ignored, Warnings Of Massive Data Theft
March 14, 2014 – New reports show that Target, who suffered a data breach of over 40 million customers' cards during the peak of the holiday shopping season, was receiving alerts about active malware in its system and of suspicious activity but ignored them. The prolonged breach now seems to have occurred, in part, because of security operational failure. Target, which reportedly moved to a new security system just 6 months prior, ignored many of the alerts because of a combination of mistrusting the new software and believing the alerts to be false-alarms. As well, outsourced system monitors in Bangalore failed to connect with Target's security team in the United States, slowing down the company's response to the threat.
EC-Council Reports Hackers Gained Access To Member E-mails
March 13, 2014 – EC-Council, a US-based ethical-hacker certification organization, reports that hackers gained access to its e-mail system, hosted by a third-party. The breach, although only compromising 2% of user e-mails, would have exposed any private conversation using the address for a short amount of time. EC-Council is still investigating the attack, though it claims it has identified the vulnerability and addressed it. No credit-card or financial information has been made vulnerable.
Agent.btz Believed To Be Possible Ancestor Of Recently Discovered Espionage Campaigns
March 13, 2014 – Several recently discovered cyber-espionage campaigns that targeted government computers and defense networks may have a common origin in Agent.btz, a malware program discovered in 2008 that forced the US Department of Defense to ban USB drives. Both the Red October Campaign, first reported in 2013, and the 'Snake' campaign discovered this month, share coding similarities with the Agent.btz program. All three campaigns, including the also-recently discovered Uroburos malware component to the Snake campaign, seemed to specifically target government, defense and diplomatic institutions. In addition, all three programs seem to have been written by Russian speaking programmers and the malware within the Snake campaign shares extensively similar logging and other similarities with Agent.btz. While researchers are not ready to confirm that all three attacks have been orchestrated by the same group, some believe it is likely that Agent.btz at least inspired the other campaigns; especially after much of the code of Agent.btz was released to the public, providing at least a partial blueprint for future attacks.
North Dakota University System Has 290,000 Personal-Information Records Stolen
March 13, 2014 – The North Dakota University System discovered that its servers had been breached sometime in October and that over 290,000 files containing identification information – including social security numbers – of students, applicants and employees were stolen. The university is unsure if the hackers took advantage of the information, as it appears the primary purpose of the attack was to leverage the system's processing power to attack other sites. It is possible they did not know the files were even present, according to a statement from the school, but it is still offering free identity protection services for a year.
Nigerian Electronic Army Defaces Popular Reddit Pages
March 13, 2014 – A group going by the name 'Nigerian Electronic Army', claimed responsibility for a series of defacements on popular Reddit pages on gaming, technology and general interests. Reddit reported that each attack was carried out by successfully logging into various Moderator accounts with just one password try, suggesting there is an accurate password list somewhere on the Internet. Reddit is uncertain how the list was gathered but urged all moderators to create stronger, unique passwords for their accounts. The Nigerian Electronic Army is attempting to sell the information to carry out similar attacks for one bitcoin on its created-Monday Twitter page.
NSA Nominee Talks Cyberwar Units
March 12, 2014 – President Obama's nominee to head the National Security Agency, Vice Admiral Michael Rogers, told the Senate Armed Services Committee that cyberwar combat units would help counter the perception that the United States is "an easier mark" for cyberattacks because it did not "have the will to respond." The plan is for all major combat commands in the US military to have dedicated forces to conduct cyberattacks. The Senate committee still must approve Rogers appointment as the head of the NSA and the US Cyber Command. Rogers testified that the United States has seen evidence of cyberattacks on the new government in Ukraine, but would not say if he believed the Russian government was behind the attacks. Rogers said, "Clearly, cyber will be an element of almost any crisis we're going to see in the future." He also said that the Defense Department systems were vulnerable to major attacks, and would be until a new architecture was implemented. Rogers committed to making the NSA's activities more transparent and he would "assure a sense of accountability" for their activities.
Harvard Law National Security Journal Site Breached
March 12, 2014 – The Harvard Law School National Security Journal website has been breached. The hackers injected links to various rogue pharmacies into the website. This allows the hackers to optimize the rogue sites by creating backlinks to them, a common mal-intended SEO tactic. The hidden links have been inserted into almost every sentence of the site's source code. Further research shows that these same links have been injected into at least 300 other websites. There has been no comment made by the Harvard Law National Security Journal at this time.
Data Leaked From Russian IT Security Firm
March 12, 2014 – Members of the hacking group known as Russian Cyber Command have leaked data they claim was accessed by compromising SearchInform. SearchInform is a Russian IT security company that offers solutions for employee monitoring and data protection. The hackers say they gained access to SearchInform's systems and used that access to compromise their support system, allowing them to access the servers of the company's customers. The hackers claim that SearchInform is a "top Russian spy company." "Tonight we deliver a devastating blow into Putin regime by annihilating his TOP IT market leader – the FSB company that is in control of main Russian infrastructure companies," a representative of the hacking group said. The data leaked contained over 3,000 files that included emails, databases, source code, software and various types of documents. The hackers said their next target is Veles Capital, which is the main investor in Russian Crimea.
Adviser To Turkish Prime Minister Has Twitter Account Hacked
March 12, 2014 – The official Twitter account of Mustafa Varank, a top adviser to Turkish Prime Minister Recep Tayyp Erdogan, has been hacked by a Turkish hacking group. The hackers posted messages from the account about supporting the protests in memory of Berkin Elvan. Elvan is a teenager that died as a result of a head injury caused by being hit with a teargas canister during the Gezi protests in Istanbul. The account was recovered after a few hours, and Varank posted a message saying, "After voyeurism, montage and blackmail, they have also started to steal accounts. I think I have succeeded to get my account back. I apologize to my followers."
Ongoing Investigation Reveals 200 Million Consumer Records Stolen In Experian Compromise
March 11, 2014 – The latest findings from a year-long investigation into Hieu Minh Ngo, a 24 year old Vietnamese national, reveals that up to 200 million Americans may have had personal information – including social security numbers – stolen from the databases of Experian, one of the big three national credit reporting agencies. Posing as a private investigator in Singapore, Ngo payed a license fee to access the online database ,U.S. Info Search. U.S. Info Search has an agreement with Experian-owned Court Ventures, an aggregator of public records data, which ultimately gave him access to countless records of American citizens. The stolen information includes addresses, contact information and social security numbers. Ngo is accused of selling batches of data – and taking requests for specific searches – on identity theft websites. Though Ngo had access to the 200 million records, investigators believe he may have only sold records of up to 30 million citizens, but it will be some time before the final number is known.
Hacker 'Ethical Spectrum' Goes On Celebrity Website Defacement Spree
March 11, 2014 – The hacker Ethical Spectrum, who made headlines in February for breaching the system of Finnish game developer Supercell, has defaced the websites of American celebrities Miley Cyrus, Selena Gomez, Taylor Swift, Britney Spears, Nicki Minaj and Chelsea Handler. The hacker originally launched an attack around March 8th replacing the websites with a popular dancing Internet meme and the message “Hacked. For more security [e-mail address]”. The hacker has defaced the websites again and posted the e-mail address of Greg Patterson, the COO of ground(ctrl), a web development firm specializing in celebrity clients. In previous cases the hacker has reached out to companies and offered to secure their systems, hacking the systems only after the offer is ignored.
Data Breach Of Archdiocese Of Seattle Exposes SSN Of 90,000 Employees And Volunteers
March 11, 2014 – The Archdiocese of Seattle has alerted 90,000 employees and volunteers that personal information – including names, addresses and social security numbers - have been stolen by unknown cybercriminals. The organization, which keeps the information on file for running background checks, has hired a forensic security company to investigate and has alerted the FBI. The first known case of fraud occurred last week and the list of victims has continued to grow. The information, thus far, has been used to file fake tax returns with the IRS.
Over 160,000 WordPress Accounts Used In DDoS Attack Of WordPress Account
March 11, 2014 – A new security investigation has revealed that a vulnerability in all WordPress accounts, accessed through the enabled-by-default XML-RPC setting, has been abused to carry out a DDoS attack against another popular WordPress site. The site, which has not been named publicly, was brought down by the attack that turned thousands of accounts into botnets without actually gaining login information or otherwise compromising the accounts. A subsequent examination by the site's new security firm immediately identified that a majority of the page-requests used in the attack were coming from legitimate WordPress websites. An investigation revealed the XML-RPC abuse and the site has since been restored.
Mt.Gox Bitcoin Exchange Hacked Again, Attackers Claim CEO Lied To Customers
March 10, 2014 – On Sunday, the official blog of Mark Karpeles, CEO of the now defunct, Tokyo based Bitcoin exchange Mt.Gox, was hacked. A post was made by the attackers claiming that Karpeles lied about the number of BitCoins stolen in the breach that resulted in the exchange's closure. The post contains balance information and various company files that seem to suggest the bank still contains the estimated 850,000 Bitcoins reportedly stolen and argues the organization is lying to its customers in an attempt to pocket the currency. The hackers posted proof of their access to servers and large amounts of information, but refused to release customer data as they claim they want revenge against Mt.Gox and not to make the customers suffer further. Some researchers have suggested the hackers are showing outdated financial information, while others have argued that the reportedly stolen Bitcoins have not yet been used or moved – suggesting they really are still at Mt.Gox. The attackers have promised more information is still to come.
New Findings Link Various Sophisticated Malware Programs To Russian Campaign
March 10, 2014 – A new report links various ongoing malware campaigns that infect classified databases primarily in Eastern Europe, but also in Western Europe and the United States. The Uroburos malware, reported on last week, has been linked to a Russian cyber-espionage campaign entitled 'SNAKE', that has gone undetected for at least eight years. Also within this campaign is the Turla malware program discovered by Western intelligence organizations that has specifically targeted European and US government computers. The various programs within 'SNAKE' share similar sophisticated coding and attack patterns that target vulnerabilities in Windows operation system security.
Indian Defense Ministry Hacked, Classified Military Files Vulnerable
March 10, 2014 – It is being reported in India that over fifty computers belonging to the Defense Ministry and the Defense Research and Development Organization had been infected with malicious software. Indian intelligence agencies became alerted of the spyware in December and reported that the malware was capable of infecting devices not connected to the Internet. It has been suggested that up to thirty classified military-related files may have been breached by hackers, though the Indian Army has downplayed the severity of the attack. The majority of cyber-espionage attempts against India are carried out by China or Pakistan, though it is still unclear who is responsible for this latest breach.
Latest Hack of Justin Bieber's Twitter Exposes Danger of Celebrity Accounts
March 10, 2014 – The official Twitter account of Justin Bieber, with over fifty million followers, was hacked again over the weekend. Tweets were posted in Indonesian that directed followers to a phishing site that promised more social media attention if users entered their information. The account was eventually recovered, but with so many followers it is unknown how many users fell victim to the scam. Celebrity accounts have increasingly come under attack as their viewership, likes or followers have increased, exposing millions of people to spam or intrusions even if the celebrity account is only briefly hijacked.
Over 2 Million Facebook Profiles Infected By Latest Scheme
March 7, 2014 – The latest scheme by hackers hoping to gain access to profiles on the popular global social network service has infected over 2 million accounts and is believed to be spreading rapidly. The attack involves infected profiles posting what appears to be private, adult or pornographic content on friends profiles. Once the user brings up the video – which is set up to appear as a YouTube page – they download an infected flash plug-in and their profile data and passwords are stolen.
Dendroid Toolkit For Sale Makes Infecting Android Easier
March 7, 2014 – A new Android development toolkit - called Dendroid – is on the market for $300. Dendroid allows criminals to infect legitimate Android applications with malicious software, which can then take control of various device functions including web access, recording video, audio, calls and texts and file deletion. The toolkit is not the first commercialized malware program for Android but researchers believe it is the most sophisticated currently available. The control panel for the program is delivered as a service, with the function hosted on offshore virtual private servers.
Prime Minister Of Turkey Threatens To Shut Down Social Media
March 7, 2014 – Following increased scrutiny over an ongoing corruption scandal, Prime Minister Tayyip Erdogan of Turkey has threatened to ban popular social media sites Facebook and YouTube in the near future. Many of the allegations against his government have originated on the Internet and Mr. Erdogan has expressed interest in blocking various social media sites to to stop “all kinds of immorality, all kinds of espionage.” Turkey's president, Abdullah Gul, has ruled out such actions except to protect privacy. Anonymous Turkey, through its #OpTurkey campaign, is believed to have condemned the threat through a picture posted on its Twitter promoting free speech.
ComiXology Website Breached, Accounts Compromised
March 7, 2014 – The digital comic delivery platform ComiXology announced its website has been hacked, with a database containing customer and merchant profiles and passwords compromised. The breach was discovered when several e-mails to users and merchants not authorized by the website were sent out. ComiXology claims no payment information was stolen and that it has fixed the vulnerability in its security system. All users must reset their passwords before being able to log back on.
Update: Newsweek Exposes BitCoin Creator, Supporters React With Anger
March 6, 2014 – The creator and original coder of the BitCoin digital currency, Satoshi Nakamoto, has been exposed in an article by Newsweek magazine. The Japanese-American retreated from public life in 2011 and had not been heard from since. Having tracked him and members of his family down, Newsweek revealed details about his personal life and political leanings. They also published a photograph of Nakamoto and his house; an act viewed as a breach of privacy by many BitCoin champions and fans, that has resulted in the exposure of Nakamoto's home address. Forums dedicated to BitCoin traders and fans have erupted in debate over the article with some calling for action against Newsweek for exposing and endangering the creator of BitCoin.
Anti-Putin Hacker Group Leaks Classified Military Files; Claims More To Come
March 6, 2014 – Announcing a successful hack of Rosoboronexport, the dominant defense exporter for Russia, a group of Anti-Putin hackers leaked thousands of documents pertaining to Russia's military trade with India and other related files. Claiming they breached the security of the Embassy of India in Moscow, the Hackers said they gained access to Rosoboronexport and other businesses by sending infected e-mails from Embassy accounts. The hackers have threatened to release more leaked documents in the future. The company has not yet responded to the leaks.
Manufacturers Releasing Android Phones With Pre-Installed Malicious Apps
March 6, 2014 – Security researchers have discovered that major manufacturers like Samsung, LG and Motorola are producing several versions of Android phones pre-installed with malicious apps. Examples include fake Netflix applications that are designed to steal log in and credit card information. Current investigations of the stolen information reveals that it is sent to Russian networks.
BitStamp, World's Largest Bitcoin Exchange, Has Mailing List Hacked
March 6, 2014 – In another string of bad news for the Bitcoin currency, BitStamp, the world's largest Bitcoin Exchange, admitted that its mailing list has been breached and used to send out malicious e-mails to users. Admitting to the hack only after users reported the messages, BitStamp said they became aware of the breach two weeks earlier. It is unclear what other information – if any – has been compromised. The phishing e-mails are similar to the recent incident with MtGox, the Tokyo-based BitCoin exchanged that was forced to close after a major attack that stole thousands in Bitcoins.
Over 280,000 Stolen Credit Cards For Sally Beauty Discovered For Sale
March 6, 2014 – Sally Beauty, a nationwide beauty product company is the latest victim of credit card data theft after information from 282,000 stolen credit and debit cards was found for sale on a popular Internet crime store. Sally Beauty found evidence of an intrusion into its network recently but investigations suggested that no data had been stolen. Analysis of the stolen credit card information, however, revealed that all cards were used to purchase from the company during the same period of time. Security investigators said there are several similarities between this attack and the massive breach of Target customer data in December.
Smucker's Forced To Shut Down Online Store After Hack
March 5, 2014 – Smucker's has been forced to temporarily close its online store following an attack that may have exposed customer information – including names, addresses, and credit card data. The information was stolen while it was entered by the customer during the check-out process via a sophisticated piece of malware. Security researchers believe the hackers are the same one's who recently targeted Adobe, the National White Collar Crime Center and SecurePay. It is believed all were running an outdated version of ColdFusion software.
NSA Chief Reports Anti-Leaks Legislation Coming Soon
March 5, 2014 – National Security Agency head General Keith Alexander suggested legislation designed to stop or punish media leaks would be forthcoming. Hinting the new laws could begin within weeks at a cyber-security talk on Tuesday, Alexander said “We've got to handle media leaks first. I think we are going to make headway over the next few weeks”. General Alexander is an outspoken critic of media leaks, especially since Edward Snowden's communications on NSA activity.
Russian 'Uroburos' Cyber-Espionage Program Targets Government Institutions
March 5, 2014 – Security researchers have discovered a Russian malware program that has possibly been active for three-years. The malware uses a sophisticated rootkit to steal data and monitor traffic specifically within highly secure systems. Code similarities with previous malware is believed to link the software to the Russian intelligence service. The program infected various European and American government, corporate and research institutions operating Windows before being discovered.
Security Audit Reveals Surprise Vulnerability In Linux
March 5, 2014 – Hundreds of open source applications and services, including Ubuntu, Red Hat and Debian versions of the Linux operating system, have been discovered to possess a security bug in their GnuTLS libraries that allows attackers to bypass SSL and TLS security protections. It is believed the coding error that enables the bug has been present since 2005. The library developer has urged an update to fix the recently discovered problem.
Russia Today's Video News Service, Ruptly, Hit With DDoS Attack
March 4, 2014 – Following yesterday's defacement of the Russia Today (RT) website, the Ruptly international video news agency website has been hit with a distributed denial-of-service attack. Ruptly announced the attack while it was happening this morning. Within an hour service had been restored to the website. Though no one has yet to claim responsibility for this attack, there are on-going DDoS efforts against Russian and Ukrainian sites in regards to recent events.
Meetup Website Faces Several Day Long DDoS Attacks, Temporarily Goes Down
March 4, 2014 – The popular social networking and group meet up website, Meetup.com reports it has been the victim of a massive distributed denial-of-service attack since February 27th, that has periodically taken down its website and mobile apps. In a statement made by CEO Scott Heiferman, the company claims a hacker allegedly hired by a competitor threatened to begin the DDoS attack unless paid $300. Meetup ultimately decided not to pay and, as of today, the website has been restored.
300,000 Hacked Routers Redirect Traffic To Hacker Sites
March 4, 2014 – Security researchers have discovered a scheme where DNS settings were rewritten on 300,000 routers largely in Asia and Europe to redirect users to hacker-controlled sites. The attack has been linked to 3NT Solutions, a United Kingdom based company that has been offline for some time and has not responded to comment since the allegations have been made. While this type of attack is not necessarily uncommon, this case is reportedly the largest in recent memory.
$600,000 Worth Of BitCoins Stolen From Flexcoin Bank After Website Hack
March 4, 2014 – Bitcoin bank FlexCoin has reportedly been hacked, with 896 bitcoins worth over $600,320 stolen from the organization. The website has currently been closed. FlexCoin says the attack occurred on March 2nd and, citing a lack of resources and assets to recover, has shut down immediately. Users who deposited their bitcoins in 'cold-storage' offline servers will be contacted and refunded their currency; meanwhile, users who were not protected in this manner have been directed to FlexCoin's terms of service which state it is not responsible for insuring lost bitcoins.
Syrian Electronic Army Issues Threat To US Government
March 3, 2014 – Members of the Syrian Electronic Army (SEA) have issued a statement saying, "SEA advises the terrorist Obama to think very hard before attempting 'cyberattacks' on Syria. We know what Obama is planning and we will soon make him understand that we can respond." SEA is known for hacking social media accounts and defacing some websites, but they say the attacks against the US government will not be "of the same kind." The first government target appears to be the US Central Command. SEA issued an additional statement saying, "The next attack will prove that the entire US command structure was a house of cards from the start."
Russia Today Website Hacked And Defaced
March 3, 2014 – Russia's largest news channel website, Russia Today, was hacked and defaced over the weekend. A group of unknown hackers breached the website and replaced 'Russia' and 'Russians' with 'Nazi' and 'Nazis'. Russia Today issued a statement saying, "RT website has been hacked, we are working to resolve the problem." After 30 minutes the site was restored to normal.
Hackers Leak Info From Mt. Gox
March 3, 2014 – The hacker known as nanashi is claiming to be a part of a group of hackers that have breached the systems of Mt. Gox. According to the hacker, the breach is an attempt to find out what really happened to the now closed Bitcoin exchange. nanashi says the hackers have access to Mt. Gox source code, a conversation in Japanese between a banker and Mt. Gox's CEO Mark Karpeles, passport scans and personal information belonging to the company's employees. Information that has been leaked so far includes employee email addresses, phone numbers and the Mt. Gox source code.
AnonUkraine Hacks Polish Sites
March 3, 2014 – Members of the Anonymous Ukraine hacking collective have breached and defaced several Polish websites. The hackers say they have targeted the Polish sites as a warning that they may face the same fate as Ukraine. A member of Anonymous said, "Ukraine has suffered a coup and Nazis came to power. Yes, Nazis came to power in a European country in the 21 century! Europe has suffered Nazi terror in the past. Now it may happen again. We want to warn people of Poland that their country is in great danger." The defaced pages included a message that read, "Nazi alert!", and had a picture of a swastika and a link to a video called "Europe. Nazi alert."
UK Intelligence Agency Hacked Webcams Of Millions
February 28, 2014 – It has been revealed that the UK's Government Communications Headquarters (GCHQ) worked with the NSA on an operation called Optic Nerve. The operation was a bulk surveillance program in which they stole webcam images every five minutes from Yahoo users' video chats. The operation targeted Yahoo webcam chats between 2008 and 2010. Within a six month period images of almost 1.8 million users were captured and stored on the agencies' servers. According to leaked information from GCHQ, Optic Nerve was still active in 2012. The purpose of capturing these images was so that they could experiment with facial recognition. Yahoo has denied any knowledge of the operation, and said this activity is "a whole new level of violation of our users' privacy." A GCHQ spokesperson said, "It is a longstanding policy that we do not comment on intelligence matters."
Anonymous Declares Cyberwar On Countries Interfering In Ukraine
February 28, 2014 – Members of the Anonymous collective have released a video declaring cyberwar on countries and organizations that pose a threat to the freedom and independence of Ukraine. In the video Anonymous says, "Members of Anonymous Ukraine are aware of the internal meddling by the United States, NATO and the European Union into the internal sovereign affairs of Ukraine. The people of Ukraine do not want European Union integration. The people of Ukraine do not want NATO on their territory. The Bandera Nazis and fascist thugs that are beating and killing police and members of the security services of Ukraine do not represent the will or the wishes of the people of Ukraine." The hackers want the Ukrainian President Yanukovich to restore order and stability in the country. The video ends with the hackers saying, "We will strike at the web resources of countries and organizations that pose a threat to freedom and independence of Ukraine!"
New Charges Against Hacker Lauri Love
February 28, 2014 – New charges have been brought against British hacker Lauri Love, accusing him of hacking the US Federal Reserve's servers. According to the charges, Love worked with other hackers from October 2012 to February 2013 to gain access to the servers of the Federal Reserve. They used an SQL injection vulnerability to access names, email addresses and phone numbers of Federal Reserve users. He has been formally charged with one count of computer hacking and one count of aggravated identity theft. He faces up to 12 years in prison for these charges. Previously, after being arrested by the UK's National Crime Agency's Cyber Crime Unit, Love had been charged with hacking into the systems of the US Army, the Missile Defense Agency, NASA, the military's Plans and Analysis Integration Office and the Environmental Protection Agency. A representative from the FBI said, "Cyber crime knows no boundaries and justice will not stop at international borders. The FBI is committed to working with private and public entities to stop computer intrusions and prevent hackers from harming victim companies and individuals. We thank the Federal Reserve Bank of New York for its assistance in this investigation."
Ukrainian Government Sites Targeted By Hackers
February 28, 2014 – The websites of the Ukranian Parliament and the Right Sector Nationalist Movement have been attacked by hackers. Distributed denial-of-service attacks have been launched against six government run sites in the latest online attacks. At the time of this writing the parliament website has been restored, but the other sites are still offline. Hackers have been attacking Ukranian government sites since November.
World Cup Cyber Attacks Threatened
February 27, 2014 – Brazilian hackers have issued a statement threatening to launch attacks to disrupt the World Cup in June. The hackers say the attacks will include distributed denial-of-service attacks against websites and data theft. The hacker known as Che Commodore said, "The attacks will be directed against official websites and those of companies sponsoring the Cup." General Jose Carlos dos Santos, the head of the cybercommand for Brazil's Army said, "It would be reckless for any nation to say it's 100 percent prepared for a threat. But Brazil is prepared to respond to the most likely cyber threats."
Bitcoin Exchange Hacked, $30,000 Stolen
February 27, 2014 – Crypto-Trade, a Hong Kong based Bitcoin exchange, has announced that it suffered a hack in which $30,000 was stolen. This comes only days after MtGox announced it was closing due to a hack that stole over $300 million. Crypto-Trade posted a statement on their site saying, "We discovered a bug in our system which allowed someone to hack around $30,000. All coins are safe and we will pay (for the loss) . . .Crypto-trade.com will open back in 24 - 48 hours with trading halted. You will be able to withdraw your coins. When all users (are) refunded, we will close the website for an undetermined period (2 - 3 weeks estimated) in order to fix our software and make a security audit to reopen later in best conditions."
Indiana University Suffers Data Breach
February 27, 2014 – Indiana University has notified 146,000 students and recent graduates that their names, addresses and social security numbers may have been compromised during a data security breach. The administration says the breach was not a targeted attack, rather the information was accidentally stored in an insecure location and was downloaded by three automated webcrawling programs. James Kennedy, a University Associate Vice President said since this was not a targeted attack, "the chance of sensitive data falling into the wrong hands . . . is remote."
Korean Hackers Arrested For Stealing Data
February 27, 2014 – Three hackers have been arrested by South Korea's Incheon Metropolitan Police Agency for allegedly hacking 225 websites and stealing personal information of 17 million people. Some of the sites they are accused of hacking include real estate and trading services, the Korean Dental Association, the Association of Korean Medicine and the Korean Medical Association. The charges say that they sold the stolen data to loan companies and chauffeur services for about $93,000. Six other individuals are also being investigated as part of this criminal operation.
360 Million Records Stolen From FTP Servers
February 26, 2014 – Security researchers have found 360 million stolen credentials and 1.25 billion records containing only email addresses available for purchase online. It appears that the records were stolen in different attacks, with the most significant hack resulting in 105 million credentials. The researchers believe that these records were stolen in hacks that have not yet been revealed, meaning that some organizations may not be aware they've been breached. A this time the researchers are attempting to identify and notify the victims.
EC-Council Denies Being Hacked
February 26, 2014 – Earlier this week it was reported that a hacker claimed to have breached the website of the EC-Council, an organization that provides Ethical Hacker certifications. The EC-Council is now denying these reports saying that the hacker used a DNS hijack to redirected visitors to a defacement page hosted in Finland. The council posted a statement saying, "EC-Council's Security Team has confirmed no access to any EC-Council Servers was obtained, the domain redirection was done at the DNS Registrar and traffic was re-routed from Authentic EC-Council Servers to a Host in Finland known for hosting other illegal websites." The council is working with the FBI and international law enforcement to identify the hacker.
Z Hacking Crew Takes Down English Defence League Site
February 26, 2014 – Members of the Z Hacking Crew are claiming to have taken down the website of the English Defence League. The hackers posted a statement early this morning saying, "englishdefenceleague.org tango down again lol." No reason was given for the attack. At the time of this writing the site is offline.
Philippines Government Sites Targeted By Anonymous
February 26, 2014 – Members of the Anonymous collective have hacked several Philippines' government websites in a protest against a provision of the Cybercrime Prevention Act. The targeted sites include the Office of the Vice President, the PNP Command Center, the National Telecommunications Commission, the Pilipinas Anti Piracy Team, the DOST Information Network, the Technical Education and Skills Development Authority, the Philippine Embassy in Italy and several city and municipalities. The hacktivists posted a message saying, "In the year 2012 politicians and lawmakers came up of the bill that kills the right of the people to freely express their opinion and freedom of speech through the Internet . . . This is our way to express and oppose the bill that may destroy the future of the Internet in the Philippines." Some of the affected sites have been restored, but many remain offline.
Anonymous Targeting 'Facebook Pedophiles'
February 25, 2014 – Members of the Anonymous collective are starting a new campaign targeting Facebook pages which share images of underage children in underwear or swimsuits. The hacktivists believe that the pictures are usually stolen from parents' pages and then distributed through websites, groups and pages on Facebook. The first target of the campaign is a Facebook page called "S*** Little Girls. An Anonymous member posted a message saying, "Facebook will not take this page down so we are Anonymous and we will take matters into our own hands."
Google Paraguay Hijacked
February 25, 2014 – The Iranian hacker known as Mormoroth hacked the Network Information Center of Paraguay (NIC), and used the access to alter the DNS records for Google Paraguay to redirect visitors to a defacement page. The hacker exploited a remote code execution vulnerability to hack NIC, and has leaked user credentials and other information from their database. He only leaked the information because Paraguayan authorities said there wasn't any hack, so he felt the need to prove them wrong. Google's systems were never breached by the hacker.
World Wildlife Fund Site Hacked
February 25, 2014 – The Indonesian hacking group known as Gantengers Crew have breached and defaced the website of the World Wildlife Fund. The group also hacked the website of Earth Hour Philippines. Both websites were defaced with the same message reading, "Gantengers Crew Hacked you! :) Hacked WWF-Philippines, Indonesian h4x0r back! Greets / sh00ts To All Muslim hackers!" No reason for the attacks were given. At the time of this writing both websites have been taken offline.
Venezuela Internet Shut Down
February 25, 2014 – The Electronic Frontier Foundation reported that Venezuelan Internet has lost connectivity. It is believed that this a government response to the protests against President Nicolas Maduro and his administration. Venezuela's media regulation network CONATEL is saying that the outage is not due to the protests, and blame hackers working for the opposition. Maduro has admitted that he ordered the shut down of news network NTN24 because it was attempting to "torment anxiety about a coup d'etat."
Ethical Hacker Website Hacked
February 24, 2014 – The website for EC-Council, an organization that provides Ethical Hacker certifications, has been breached by the hacker known as Eugene Belford. Belford posted a defacement message that reads, "Owned by certified unethical software security professional." It appears that the hacker used a DNS hijacking attack to deface the site and possibly gain access to their email. Belford later updated the message saying, "It seems like lots of you are missing the point here, I'm sitting on thousands of passports belonging to (Law Enforcement and Military) officials." If the hacker gained access to the EC-Council email, he may have access to email correspondence with law enforcement and military personnel.
South Korea To Develop Stuxnet-Like Cyberweapons
February 24, 2014 – South Korea's defense ministry has proposed building Stuxnet-like cyberweapons to destroy North Korean nuclear facilities. The first part of South Korea's plan is to conduct online propaganda operations through the use of North Korean social networking and social media services. A senior military official said, "Once the second phase of the plan is established, the cybercommand will carry out comprehensive cyberwarfare missions." Security experts are warning that using cyberweapons to physically damage critical infrastructure can backfire. As an example, Stuxnet's spread was impossible to predict or control. Experts worry that the South Korean code could rebound and end up damaging South Korean infrastructure that uses the same technologies as the North Korean nuclear facilities.
Philippines' Government Site Breached By Portuguese Hacker
February 24, 2014 – The Portuguese hacker known as Touch is claiming to have breached and defaced the website of the City of Cebu, the second largest city in the Phillipines. The defacement page reads, "Owned By Touch. Security Touched By Portuguese Hacker." City of Cebu representatives said that they are not sure why anyone would target their website since it doesn't store any classified information. At the time of this writing the website is still offline.
YouTube Ads Distributing Banking Malware
February 24, 2014 – Security researchers have discovered a YouTube link that leads users to an exploit kit website. The cybercriminals have built an ad network that's used to serve advertisements on YouTube, which leads users to a site hosting the Styx exploit kit. The kit leverages Java vulnerabilities in order to push malware that steals banking information to the victims' devices. The command and controls servers have been traced to Europe. Google has been notified of the attack, but there has been no comment at this time.
Namecheap's DNS Platform Hit With DDoS Attack
February 21, 2014 – The DNS platform of Namecheap, a domain registrar and web hosting company, was hit with a large scale distributed denial-of-service attack. The attack lasted for about 3 hours, however services were not fully restored for almost 11 hours. According to a statement posted by Namecheap, the attack targeted around 300 domains on the DNS platform. The statement said, "Our DNS platform is a redundant, global platform spread across 3 continents and 5 countries that handles the DNS for many of our customers. This is a platform meticulously maintained and ran, and a platform that successfully fends off other DDoS attacks on an almost-daily basis. Today, however, I am compelled to announce that we struggled. The sheer size of the attack overwhelmed many of our DNS servers resulting in inaccessibility and sluggish performance. Our initial estimates show the attack size to be over 100Gbps, making this one of the largest attacks anyone has seen or dealt with.”
United Nations Internet Governance Forum Breached
February 21, 2014 – The hacking group DeleteSec are claiming to have breached and leaked data from a United Nations based website. The leaked data includes 3,215 user names, email addresses and encrypted passwords. The Internet Governance Forum's purpose is to support the United Nations Secretary-General in carrying out the mandate from the World Summit to "provide an interactive, collaborative space where all stakeholders can air their views and exchange ideas." The hackers did not give a reason for the attack. At the time of this writing the website is operating normally.
Hackers Target Churches Of Scotland And Cyprus
February 21, 2014 – The Saudi Arabian hacker known as SeCuRiTy_511 is claiming to have breached the websites of the Church of Scotland and the Church of Cyprus. Almost 3,000 user details have been leaked from the sites. The leaked information includes names, email addresses, password hashes and administrator credentials. These attacks are a part of a larger campaign of Muslim hackers targeting Christian sites.
Israel Electric Opens Cyber War Room
February 21, 2014 – Israel Electric, Israel's main power company has announced that they have opened a cyber war room, which will focus on stopping attacks from hackers. The company will staff the room 24 hours a day in an attempt to monitor and block as many as 400 million cyber attacks a day. The state-owned Israel Electric generates, transmits and distributes nearly all of the electricity used in the country. Chairman Yiftach Ron-Tal issued a statement saying, "There are hundreds of thousands of attempts to infiltrate Israel Electric's networks every day. We are talking here about a threat on a national level. There is no doubt that cyber is and will be the most significant battlefield of the present and the future."
Salesforce.com Targeted By New ZeuS Variant
February 20, 2014 – Security researchers have discovered a new variant of the banking trojan known as ZeuS. This variant does not target banking credentials, instead it uses web-crawling to target Software-as-a-service (SaaS) applications and steal proprietary data or code. The researchers found a targeted attack against Salesforce.com users, which began spreading through a Salesforce employee's home computer. The malware created a real time copy of the user's Salesforce.com instance which contained all the information from the company account. It is still not known who is behind these attacks, but researchers warn it could be used against any SaaS application to steal business data and customer information.
University Of Maryland Hacked, Info Of 300,000 Staff And Students Compromised
February 20, 2014 – The University of Maryland has confirmed that over 300,000 records of staff, students and affiliates have been stolen during a recent breach of their systems. According to the school no financial records, academic, health or contact information was stolen. President of the University, Wallace D. Loh sent a letter to those affected saying that names, social security numbers, dates of birth and University ID numbers were compromised. In the letter he wrote, "The University was the victim of a sophisticated computer security attack that exposed records containing personal information. I am truly sorry. Computer and data security are a very high priority of our University."
Turkish Ajan Hacks Nepali ISP
February 20, 2014 – Members of the Turkish Ajan hacking group are claiming to have hacked Mercantile Communications Pvt. Ltd., a major Nepali Internet service provider. The hackers say that there is no particular reason they targeted Mercantile, they just wanted to announce their return. They have leaked database structure information and over 100 files containing the names and email addresses of employees. The hackers say they also have phone numbers and physical addresses, but haven't released the information to protect the individuals. According to the representative of the group, Turkish Ajan will now be targeting government organizations, mainly in the United States, Israel and China.
Austrian Energy Provider Hacked
February 20, 2014 – Austria's Energie Steiermark has issued a statement saying that their systems have been breached. The attack only breached a web server that hosts information on gas customers, no financial information is stored on this server. The company is still trying to determine if any information has actually been stolen. The attack was discovered when an internal warning system was triggered. It is unclear who is behind the attack, or what their motive is. State police and CERT Austria are working with Energie Steiermark to investigate the incident.
Syrian Electronic Army Hijacks FC Barcelona Twitter Accounts
February 19, 2014 – The Syrian Electronic Army (SEA) has hacked three official twitter accounts of the FC Barcelona soccer team. SEA posted messages on the accounts that said, "Dear FC Barcelona management, Don't let the Qatari money funds you, it's full of blood and kill." The hacked accounts were the Spanish, Catalonian and English accounts for the team. The messages were deleted from the Spanish and Catalonian accounts within 10 minutes, but the English account took longer to restore. SEA has said that the attack on FC Barcelona is now over.
US Army Website Taken Down By Hackers
February 19, 2014 – Members of the DerpTrolling hacking group are taking credit for the US Army Knowledge Online website (us.army.mil) being down for the past several hours. The hackers posted a message saying, "All Hail Gaben! We will show the infidels the way back to hell! Lord Cage welcomes you." Gaben is the nickname for Gab Newell the co-founder and managing director of Valve. The official home page of the US Army (www.army.mil) is operating normally. At the time of this writing us.army.mil is still down.
Z Company Hacking Crew Hacks Official Indian Sites
February 19, 2014 – Members of the Z Company Hacking Crew (ZHC) are claiming to have hacked two official domains of India's national portal. The hackers left a message on the sites saying, "ZHC was here! Owns Indian National portal. It has been 65 years since your invasion of our lands but the fire of freedom still burns in our hearts." The attack is a protest against India's occupation of the Kashmir region. At the time of this writing the defacement message was still displayed.
Iran Says They Are Ready For Cyber War
February 19, 2014 – General Mohammad Aqakishi, the commander of the IT&C department of the General Staff of the Iranian Armed Forces announced that Iran is ready to handle any cyberattacks that might be launched. He said, "One of the options on the table of the US and its allies is a cyber war against Iran. But we are fully prepared to fight cyber warfare." The General said that Iran has made significant progress in IT and their military has taken advantage of these new technologies.
Forbes Accuses SEA Of Blackmail
February 18, 2014 – Forbes has published an article with details about the Syrian Electronic Army (SEA) attack from last week. In the article Forbes confirms that SEA used spear-phishing emails to obtain employee passwords to the publishing systems. The hackers reportedly sent an email showing information captured from the publishing database, and said that the attack would stop if 'fees' were paid. SEA representatives responded to these claims by saying, "Dear Forbes, making a fake story (we requesting 'fees') after we posted a joke about selling the data is not the good way to defend yourself. Just for future notice, we would never ask for money in return for anything. All we ask for is your support." SEA continued by saying, "We didn't publish the user table of Forbes to show off, but because they deserved to be embarrassed. We have access to bigger user tables than Forbes one but Forbes has been so unethical that they deserved it." Forbes is currently in the process of notifying the million subscribers that were compromised.
$2.5 Million In Bitcoins Stolen In Silk Road 2.0 Hack
February 18, 2014 – Silk Road 2.0, the online black market site, has posted a statement saying, "We have been hacked." The breach has resulted in approximately $2.5 million in Bitcoins being stolen. The Silk Road statement continued, "Our initial investigations indicate that a vendor exploited a recently discovered vulnerability in the Bitcoin protocol known as 'transaction malleability' to repeatedly withdraw coins from our system until it was completely empty."
Hackers Claim To Have 828 Gb of Data From Sands Casino
February 18, 2014 – Last week it was reported that several websites belonging to Sands Casino were hacked and defaced. The hackers behind that attack are now claiming to have stolen 828 Gb of files from the casino's systems. A video has been posted by the hackers showing that they have the stolen information stored on a local hard drive. The files include budget information, details on IT systems, passwords and user data. The company has confirmed that employee information has been compromised, but they have not yet determined if customers have been impacted. There is no evidence that gambling systems or customer financial information has been compromised. The hackers targeted the company after their CEO, Sheldon Adelson said that the United States should drop a nuclear bomb on Iran.
Two Students Arrested For Hack Of Data Infosys
February 18, 2014 – Two Indian students, Kulshrestha Varma and Hardik Sud, have been arrested and charged with hacking into the systems of Data Infosys and fraudulently recharging prepaid mobile phones. It is alleged that Varma and Sud hacked into Data Infosys' website and accessed the e-processing systems to recharge 500 mobile phones. The total amount stolen is believed to be $12,872. Authorities will continue their investigation, as they believe there are more people involved in this operation.
SEA Leaks 1 Million Forbes' Users Details
February 17, 2014 – Last week it was reported that the Syrian Electronic Army (SEA) hacked Forbes Magazine. Over the weekend, SEA followed up the hack with the release of information belonging to over 1 million Forbes customers. The leaked information includes email addresses and login information. Originally SEA tried to sell the information, but then released it for free. Forbes posted a statement saying, "Users' email addresses may have been exposed. The passwords were encrypted . . . We have notified law enforcement. We take this matter very seriously and apologize to the members of our community for this breach."
Kickstarter Hacked, Customer Data Leaked
February 17, 2014 – The online crowdfunding website, Kickstarter has confirmed that hackers have stolen some of its customers' information in a breach that occurred last week. According to Kickstarter, the leaked information includes passwords, phone numbers and email addresses. Kickstarter CEO Yancey Strickler said that no credit card data was accessed and that the breach has been repaired. Strickler posted a statement saying, "We're incredibly sorry that this happened. We set a very high bar for how we serve our community, and this incident is frustrating and upsetting. We have since improved our security procedures and systems in numerous ways."
Facebook's Zuckerberg Has Timeline Hacked
February 17, 2014 – The Egyptian hacker known as Dr. FarFar is claiming to have removed Mark Zuckerberg's Facebook timeline cover photo. According to the hacker he was able to leverage a private exploit to remove the photo. The cover photo was missing for a few hours, but there is no evidence that the account was actually hacked. Facebook representatives issued a statement saying, "There is no merit to this claim. We have confirmed there was no suspicious activity on the account."
Venezuelan Government Sites Hacked In Response To Student Killings
February 17, 2014 – Several Venezuelan government websites have been hacked and defaced in protest of the killing of three students during clashes between demonstrators and police. The hacktivists, from Venezuela, Mexico, Argentina and Colombia, have targeted at least seven sites. Along with the defacements, the hackers have posted instructions on how to bypass the Venezuelan government's censorship system and how to anonymize your identity online. Several of the websites are still defaced at this time.
Syrian Electronic Army Hacks Forbes
February 14, 2014 – The Syrian Electronic Army (SEA) is taking responsibility for hacking several Forbes websites and three Twitter accounts. The hackers compromised the Wordpress Administration panel of the Forbes website and edited several articles. The Twitter accounts that were hacked belonged to the Social Media Editor Alex Knapp, personal finance reporter Samantha Sharf and the ForbesTech account. SEA issued a statement saying, "The Syrian Electronic Army attacked Forbes because many articles against the SEA were posted on Forbes, also their hate for Syria is very clear and flagrant in their articles."
UNICEF And NY Times' FTP Servers Compromised
February 14, 2014 – Administrator credentials for over 7,000 FTP servers are allegedly in the hands of cybercriminals. Security researchers have said that the list of servers includes ones belonging to UNICEF and the New York Times. The cybercriminals are using these servers to host malware, scam websites, exploits and other content. The compromised servers also belong to various other organizations including small businesses, ISPs, multinational corporations and individuals from all over the world. A New York Times representative said that they are currently working on securing the server, while UNICEF issued a statement saying that the affected server is part of a system that is no longer active.
Sochi Olympics Email Leads To Banking Trojan
February 14, 2014 – A new spam email campaign has been launched advertising an Olympics live streaming app for Android devices. The title of the email is, "Olympic live stream in Sochi". The email contains a link to a website that hosts an application file called "olympic.apk". When the file is downloaded it launches a banking Trojan, which contacts a command and control server and sends information from the infected device.
IE Zero-Day Exploit Being Served From US VFW Website
February 14, 2014 – Researchers have discovered a new zero-day exploit on the US Veterans of Foreign Wars' website. Cybercriminals are using the exploit in an operation they are calling "SnowMan". The researchers believe that this is part of a larger attack against US military personnel. The attack is being credited to a group of criminals that were behind previous attacks against the US government, defense companies and law firms. Microsoft has confirmed that the exploit impacts IE 9 and 10, and recommends that companies update to version 11.
30 Vulnerabilities In Java Cloud Service
February 13, 2014 – It is being reported that 30 Java Cloud Service security vulnerabilities have been discovered. All of these vulnerabilities have been confirmed by Oracle. At least 15 of them can be exploited to bypass the Java security sandbox. The company was notified by researchers of these flaws in late January. Oracle has not issued any statement or timeline for when these issues will be fixed.
National-Socialist Party Of Canada Breached, Details Leaked
February 13, 2014 – The hacker known as nairb is claiming to have hacked the website of the National-Socialist Party of Canada. The hacker leaked the information of over 1,000 members including names and email addresses. Other database files, including one containing MySQL credentials, were also leaked. The National-Socialist Party of Canada is a Neo-Nazi organization that advocates for Canada to be "an independent nation of White citizens sovereign in its own living space." The hacker also posted a message saying, "Racists, fascists and hate-mongers beware, nairb is here."
DDoS Disrupts UK Ministry Of Justice Site
February 13, 2014 – The United Kingdom's Ministry of Justice website was hit with a distributed denial-of-service attack. The hackers that launched the attack said the site was targeted because the Ministry of Justice has not condemned the NSA's surveillance. The Ministry posted a statement saying, "The Justice website is now back up and running. Sorry for any inconvenience the downtime caused." The site is now operating normally after being down for about three hours.
Japan Records Over 12.8 Billion Cyberattacks In 2013
February 13, 2014 – A recent report shows that Japan saw over 12.8 billion cyberattacks targeting their government and other organizations in 2013. This is the largest number recorded since attacks began to be tracked in 2005. A spokesperson from the National Institute of Information and Communications Technology said that cyberattacks originating from China, the United States and emerging countries have been growing. The number of cyberattacks grew 64.1% over the 7.8 billion attacks tracked in 2012. The attacks included distributed denial-of-service and system probes used to determine if servers were vulnerable.
CloudFlare Hit With 400Gbps DDoS Attack
February 12, 2014 – Hackers launched a massive distributed denial-of-service attack targeting the European data servers of content-delivery and anti-DDoS firm Cloudflare yesterday. The attack reached more than 400Gbps at its peak of traffic, which is the largest reported attack to date. Cloudflare CEO Matthew Price released a statement saying, "Very big NTP reflection attack hitting us right now. Appears to be bigger than the Spamhaus attack from last year. Mitigating."
Sands Casino Website Defaced
February 12, 2014 – Members of the Anti WMD Team hacking group are claiming to have breached and defaced the websites of the Sands Casino and its subsidiaries. The defacement page features a map of the world with the locations of Sands Casinos marked with flickering flames. The message on the page reads, "Damn A, Don't let your tongue cut your throat. Encouraging the use of weapons of Mass destruction, Under Any condition is a Crime." The defacement also included personal information of Sands employees such as email ids, social security numbers and other information. A total of eight sites have been affected including the Sands official site. All of the impacted sites are currently showing a "Undergoing Maintenance" message. Sands has issued a statement saying they are working with law enforcement to investigate the incident.
Anonymous Attacks GCHQ Websites
February 12, 2014 – Yesterday, members of the Anonymous collective launched a distributed denial-of-service attack against the website of the UK's GCHQ. The attack was in support of the "The Day We Fight Back" anti-surveillance protests. It has been confirmed that the website experienced "noticeable performance issues", but it has not been confirmed what caused those issues. At this time it seems that attack originated in Romania, but the investigation is on-going.
RedHack Leaks US Embassy Staff Information
February 12, 2014 – Members of the RedHack hacking group have leaked the personal information of 36 staff members of the US Embassy in Turkey. The leaked information includes names, email addresses and phone numbers. According to one of the hackers the leak was in memory of one of the founders of the Turkish People's Liberation Army. The hackers say they are protesting the government of the United States, but not the people. Along with the leaked information, the hackers posted a message saying, "Go Home Yankee."
Details Of Seven Year Cyber Espionage Campaign Revealed
February 11, 2014 – Security researchers have released the details of an advanced cyber espionage campaign dubbed “The Mask” which has been ongoing since at least 2007. According to researchers, The Mask campaign has been targeting government agencies, energy companies and other high-profile organizations spread out across a total of 31 countries in the America, Africa, Europe and the Middle East. It is believed the cybercriminals are from a Spanish-speaking part of the world, as they have been using the Spanish language to communicate with one another. The attackers are also said to have a large arsenal of cybercrime tools at their disposal, including a bootkit, a rootkit, malware for Max OS X and Linux and possibly Android and iOS variants of sophisticated threats. The cybercriminals have been distributing the sophisticated malware with the aid of spear-phishing emails sent to victms; these emails contain links to websites which host the exploit kit, and depending on the victim's system configuration, an appropriate type of malware is served. It is believed the main objective of these cybercriminals is to collect sensitive information from networks of government institutions, energy, oil and gas companies, diplomatic offices and embassies, research organizations and even activists.
US Law Firm Attacked By CryptoLocker Ransomware
February 11, 2014 – A U.S. law firm based in Charlotte, North Carolina is reporting that it has fallen victim to a cyberattack which leveraged the CryptoLocker ransomware. According to reports the attackers were able to infect one of the company's servers before sending out fake voicemail notifications which contained the ransomware as an attachment. Representatives of the company stated they lost access to thousands of legal documents, however, no confidential information was stolen. Once the law firm's IT department failed to recover the files, it agreed to pay the $300 fee to get them back, however at this point experts believe it is too late. CryptoLocker is a ransomware which instructs victims of infected machines to pay a ransom fee within 72 hours to recover their lost files.
Mass Protests Launch Today In Opposition Of NSA Mass Surveillance
February 11, 2014 – Mass Protests Launch Today In Opposition Of NSA Mass Surveillance
Some of the leading tech companies of the US are taking part today in a massive protest against the NSA's policy of mass surveillance, known as “The Day We Fight Back.” Over 5,700 websites are hosting banners on their homepages today urging Internet users to call and email members of Congress and ask them to vote against the proposed NSA reforms that the American Civil Liberties Union has labeled “bad for privacy.” The event comes two years after 8,000 websites went black to protest bills that would have given the government free reign to remove websites that were found to violate the Stop Online Piracy Act and the Protect IP Act. Some of the notable participants in the protest include, Facebook, AOL, Twitter, LinkedIn, Yahoo and Reddit. The banner used by participants will read, “Dear Internet, we're sick of complaining about the NSA. We want new laws that curtail online surveillance. Today we fight back.”
Nigerian Government Websites Hacked by Syrian Anonymous
February 11, 2014 – Members of the Syrian Anonymous group, a sub group of the larger Anonymous collective, has managed to hack and deface a total of 25 Nigerian government websites. The list of websites hacked includes the Ministry of Justice, the Ministry of Finance, the Ministry of Education, the Ministry of Power, the Nigerian Christian Pilgrim Commission, the Federal Neuro Psychiatric Hospital Yaba and the Federal Ministry of Science and Technology. There is no known motive for the attacks on Nigerian websites. At the time of this writing, several of the websites have restored, others have been taken down and some are still defaced.
Bank of America Customers Target Of Massive Malware Distribution
February 10, 2014 – Security researchers have identified a new malware distribution campaign aimed add customers of Bank of America. The malware, which is part of the Bredo family of Trojans, leverages traffic volume in an effort to evade filtering engines. Cybercriminals have been sending out fake emails which contain the malware to customers of Bank of America; once the malware is opened it steals sensitive information, including banking data from infected devices. It should also be noted that the Trojan is also capable of downloading other malicious elements onto affected computers. According to researchers the malware was only identified by 11 anti-virus engines.
Barclays Customer Data Stolen, Thousands Of Files Leaked
February 10, 2014 – It is being reported that an Anonymous whistleblower has provided a memory stick with the personal details of 2,000 Barclays' customers. The whistleblower says this is only a sample from a database of 27,000 files. The leaked files are said to contain highly sensitive information, including customers' earnings, savings, mortgages, health issues, insurance polices, passport numbers and national insurance numbers. An investigation has already been set up with both Barclays and the Police working together to solve the crime. It is not yet clear how the data was stolen, however Barclays has stated it has begun notifying investors of the possible breach.
RedHack Begins Attacks In Opposition Of New Internet Law
February 10, 2014 – Members of the RedHack group have remained true to their word and have began attacking websites on Turkish cyberspace. The group is protesting, along with other activists and hacktivists, the new Internet law which they believe seriously limits the freedom of speech of Turkish citizens. The group has leaked two dozen records which contain the phone numbers of police chiefs and superintendents, and have stated this is only the first phase of the attacks. The group then defaced the website of the Kars Municipality, the Gas Distribution Authority of Sakarya and the website of the City of Amasya, from which the hacktivists also leaked AKP (Justice and Development Party) membership applications. The Ministry of Education was also attacked by the group , which leaked invoices and expenditures of the school. The controversial new law has been heavily criticized not only by Turkish citizens but also by members of the EU as well.
Website of Nepalese President Hacked And Defaced
February 10, 2014 – Two different hackers have breached and defaced the official website of Nepal's Office of the President. The first hacker, the Iranian Dr. 3v1l, uploaded a defacement page to the website and leaked some information including administrator user names and passwords. A second hacker of Indian origin was also able to exploit the vulnerability to deface the website's homepage. There is no known motive for the hack and at the time of this writing the website has been restored to its working condition.
Anonymous Releases Message To Russia As Part Of OpSochi
February 7, 2014 – With the Winter Olympics kicking off in Sochi, Russia members of LegionOps a subgroup of the Anonymous collective have issued a warning statement to Russia as part of its OpSochi campaign. The group is demanding the Russian Winter Olympics stop animal cruelty and the use of animals for entertainment and sport. The group is threatening to launch DDoS attacks on various Russian government websites, as well as defacing and leaking sensitive information. A target list including over 25 Olympic related websites has been provided by the group.
Huawei Hacks Indian Telcom Company
February 7, 2014 – According to a new report, Chinese telcommunications company, Huawei, has allegedly hacked into the network of Indian state-owned telecommunications company, Bharat Sanchar Nigam Limited (BSNL). Allegedly, Huawei engineers hacked into a mobile tower owned by BSNL in the Costal area of Andhra Pradesh in October 2013. Minister of State for Communications & IT, Killi Kruparani has stated, "The government has constituted an inter-ministerial team to investigate the matter." The investigation will be led by a team of top officials from the National Security Council Secretariat, the Intelligence Bureau, the Union Home Ministry and BSNL themselves. The Indian government suspects this hacking may be an "inter-corporate" rivalry between Huawei and ZTE, a Chinese telcom company which was offered a major part of BSNL's network in 2012.
Turkmenistan Banks Hacked By Dr.SHA6H
February 7, 2014 – Syrian hacker, Dr.SHA6H is continuing his effort to bring attention to the situation in Syria by hacking and defacing the official websites of two Turkmenistan state-owned banks. The banks targeted by the hacker were, the Turkmenbashi Bank and the PrezidentBank; the homepages of both websites were defaced with a message. On the website of Turkmenbashi Bank Dr. SHA6H left a message urging the U.S. and other countries to intervene in the situation in Syria, as the U.S. has done for other countries in need of help. In addition to hacking the banking websites, Dr.SHA6H has also defaced the government owned website of the Union of Industrialists and Entrepreneurs of Turkmenistan, the Nowruz Festival website, and the Research Institute of Earthquake Engineering. At the time of this writing the defaced websites have been restored to their normal settings.
Anonymous Threatens Release Of Singapore Government Employee Information
February 7, 2014 – Members of the Anonymous hacking collective are threatening to leak the personal details of Singapore government employees in protest of the recent arrests of individuals allegedly tied to the Anonymous collective. The names, government email addresses, dates of birth, phone numbers and passport numbers of 10 individuals has been released as a sample to prove that they have obtained the sensitive information. The collective claims the stolen information is from a Singaporean security company, "that does much business (with) government." The hackers have stated they will leak details of thousands of people if the government does not "begin to show a sense of justice and fairness."
Syrian Electronic Army Hacks Mark Monitor, Close To Hacking Facebook
February 6, 2014 – Early this morning members of the Pro-Syrian hacker group, Syrian Electronic Army (SEA), have hacked the domain management brand, Mark Monitor. One member of SEA confirmed that they were minutes away from changing the DNS details of Facebook, however before the changes could be made Mark Monitor disabled their portal. However the group was able to change the registrant information of Facebook to Damascus, Syria, and provided a screenshot of the change. Mark Monitor manages the domains of many of the world's biggest companies, such as Google, Yahoo!, Amazon and Facebook, the group has also provided a screenshot of the Mark Monitor Administration panel. At the time of this writing the registrar data of Facebook appears to have been restored.
Comcast Targeted by NullCrew Hackers
February 6, 2014 – Hackers of the NullCrew group are claiming to have hacked into the systems of Comcast, a major telecom company, after exploiting a local file intrusion vulnerability in a mail server. The group has released a statement which reads, “Hello there beautiful people of the internet, once again; we here at NullCrew have some fun information for you. This time, our target is Comcast, yet another internet service provider who proclaims to be a secured one; shall we test these claims as well?” The hackers were first able to obtain a list of Comcast mail servers running Zimbra, an email server and web client software before finding the local file intrusion flaw on the servers. By leveraging this vulnerability the group was able to gain access to usernames, passwords, and other sensitive information. Comcast has yet to make an official statement regarding the hack.
RedHack Plans Protest Against Turkey's New Internet Law
February 6, 2014 – Hackers of the RedHack hacking group are planning a protest after Turkey's parliament approved controversial changes to Turkey's Internet Laws, which will allow authorities to block access to certain websites. RedHack, along with other hacktivists and activists, is preparing to protest against the new law, which they say limits freedom of speech. A RedHack representative has stated, “Education is a necessity and corruption sucks...This law is designed to suppress people more and silence them in order to stop them from criticizing the AKP government. This is fascism. If people don't react, their rights and freedoms will be stripped from them at all levels.” RedHack has also stated it intends to leak data stolen from the systems of Turkcell before the planned demonstrations. The demonstrations are schedule to start February 8, 2014.
Monsanto And WWF Attacked By Anonymous As Part Of OpGreenRights
February 6, 2014 – As part of its ongoing Operation Green Rights effort, members of the Anonymous collective have attacked the websites of Monsanto Fund, the charity organization of Monsanto agricultural company, the Round Table on Responsible Soy (RTRS), and the Italian and Indonesian websites of the World Wildlife Fund (WWF). Members of the collective launched several distributed denial of service attacks, as well as dumping the database for the Round Table on Responsible Soy. Members of the Anonymous collective also launched several distributed denial of service attacks on the websites of Monsanto South Korea, as well as websites of Italian energy companies in December 2013. At the time of this writing no official statement has been made by any of the companies affected.
Report: US Government Easy Target For Hackers
February 5, 2014 – According to a recent report written by Senator Tom Coburn and other staff members at the Homeland Security and Governmental Affairs Committee, several government agencies are leaving themselves open to hacker attacks by neglecting to implement simple fixes to network problems. The report states that the United States has spent almost $65 billion since 2006 on securing computers and networks, but agencies "continue to leave themselves vulnerable, often by failing to take the most basic steps towards securing their systems and information." In response to the report, the White House admits there is still more work that needs to be done. Special Assistant to the President on cybersecurity policy, Michael Daniel, said, "Almost every agency faces a cybersecurity challenge. Some are farther along than others . . . It often depends on whether they've been in the crosshairs of a major cyber incident."
Anonymous Issues "Final" Warning For OpFunKill
February 5, 2014 – Members of the Anonymous collective have been attempting to raise awareness of animal abuse with Operation Fun Kill. They have issued a new video that says they have issued a final warning to their targets. The hacktivists say, "We have been researching, probing, scanning, and preparing to strike. Our targets have been warned and soon it will be time to act! We are Operation FunKill; a united collective of operations, hackers and activists who stand together against cruelty." Previously targeted websites have suffered distributed denial-of-service attacks.
RedHack Leaks Data From Vodafone
February 5, 2014 – Members of the RedHack hacking collective have leaked data from Vodafone. The data was stolen in RedHack's breach of their systems earlier this week. The leaked information includes names, dates of birth, phone numbers and voicemail delivery dates. The hackers posted a statement saying, "Vodafone has shown great interest in controlling the global internet and lobbies USA and EU to give them the biggest piece from the cake. But yet again they are unable you protect their own systems." Phone numbers and last names have been deleted "to protect the public." According to the hackers they have leaked this information to show that Vodafone is logging voicemails.
Pakistani Hackers Continue Attacks Against Indian Sites
February 5, 2014 – Several different Pakistani hacking groups have launched attacks against Indian banks and government websites. The Hackers Army is reporting that they have breached and defaced the website of India's State Bank of Patiala., Members of the Team Maximizers hacking group claim to have defaced several subdomains belonging to the State of Kerala. In addition, the Pakistan Haxors Crew is claiming to have hacked and defaced the West Bengal State Coastal Zone Management Authority and a portal of the Damodar Valley Corporation.
New Data Security And Breach Notification Act Introduced
February 4, 2014 – Senators Dianne Feinstein, John Rockefeller, Mark Pryor and Bill Nelson have introduced a new bill that will provide a federal standard for data security and breach notifications. If the bill passes, the Federal Trade Commission will create security standards for companies that store personal and financial information. If a company is breached, they will be required to notify authorities and affected customers. The key points of the bill include the FTC establishing security standards for databases, establishing notification requirements to allow people impacted by the breaches to take steps to protect themselves, creating a central entity for breached organizations to report incidents and creating incentives to increase the use of technology to combat cybercrime.
FBI Emails Hacked By Anonymous Slovenia
February 4, 2014 – A member of the Anonymous Slovenia collective known as Black-Shadow is claiming to have compromised the email accounts belonging to several FBI agents. The hacker posted server and DNS information along with email account user names and passwords. The hacker said that he was able to accomplish this with the help of other hacking groups such as AntiSec and LulzSec.
RedHack Breaches TTNet, Vodafone and TurkCell
February 4, 2014 – Members of the RedHack hacking collective are claiming to have hacked the systems of Turkish ISP TTNet, Vodafone and Turkish mobile company TurkCell. The hackers released a statement saying, "Customer data of ISP TTNET, mobile operator Vodafone and Turkcell infiltrated and vast amount of data collected from the systems." At this time the hackers have only leaked some data from TTNet. The information includes the membership details of Ministries, National Intelligence Agencies and the Security Directorate. The motivation for the attack is to show that no system is 100% secure. The hackers added, "In the coming days we'll continue with those exploiting the country. No public information will be shared. Our people can be at ease."
Pakistani Hackers Deface Indian Public Health Engineering Department
February 4, 2014 – Members of the Pakistan Haxors Crew hacking group have breached a defaced the website of West Bengal, India's Public Health Engineering Department. The defacement page reads, "Free Kashmir. Free Syria. Stop Spying On Us. Stop Killing Muslims. We Have All Your Data. Don't Try To Catch Us." The Pakistan Haxor Crew has targeted several Indian websites over the past two months.
Syrian Electronic Army Attacks PayPal and eBay
February 3, 2014 – The Syrian Electronic Army (SEA) has defaced the UK, France and India websites of PayPal and eBay. The sites were displaying a Syrian flag and a message saying, "Hacked by the Syrian Electronic Army. Long live Syria. F*** the United States government." Senior Director of Global Initiatives for PayPal, Anuj Nayar has said that PayPal's systems have not been compromised. He stated, "For under 60 minutes, a very small subset of people visiting a few marketing web pages of Paypal France, UK and India websites were being redirected." SEA said that they had no intention of doing any damage to customers. They said, "Rest assured, this was purely a hacktivist operation, no user accounts or data were touched. If your PayPal account is down for a few minutes, think about Syrians who were denied online payments for more than 3 years.” SEA is claiming to have accessed PayPal's MarkMonitor account. At the time of this writing all PayPal and eBay sites are restored and working properly.
Bell Canada Customer Data Compromised
February 3, 2014 – Members of the NullCrew hacking group have leaked information from over 22,000 Bell Canada customers. Bell Canada has confirmed the leaked data is valid, but they say their systems have not been hacked. The company is claiming that the data was stolen from a third-party supplier in Ottawa. Bell released a statement saying, "Bell's own network and IT systems were not impacted. The issue does not affect Bell residential, mobility or enterprise businesses." NullCrew members have said this is "quite laughable" that Bell Canada was not breached. The hackers say that they notified Bell Canada of the vulnerability two weeks ago.
Orange Hack Compromises 800,000 Customers
February 3, 2014 – Telecom company, Orange has suffered a data breach of the "My Account" section of their website. Information for almost 800,000 customers was accessed during the hack. The information stolen includes names, mailing addresses, email addresses, phone numbers and other information. Once the attack was detected, Orange shut down the section of the website. Technical Director, Laurent Benatar said that passwords were not accessed, but some partial financial information may have been stolen.
UK National Health Service Site Set Up To Serve Malware
February 3, 2014 – The United Kingdom's National Health Service (NHS) website has been breached, and infected with malicious code that redirects people to malware sites. Researchers have determined that that number of infected pages is over 800. NHS representatives have issued a statement saying, "Apologies to anyone having trouble navigating our website - we are aware of the issue and currently working to resolve it."
Yahoo Email Accounts Compromised
January 31, 2014 – Yahoo has announced that "a number of Yahoo mail accounts" have been breached by hackers. According to Yahoo the hackers compromised a third-party database and then gained access to the email accounts. The name of the third-party was not revealed, and Yahoo did not say how many accounts were impacted. Yahoo is working with federal law enforcement to investigate the incident. In their official statement, Yahoo says that there is no evidence that the credentials were compromised directly from its servers.
California High School Students Caught Hacking Computers To Change Grades
January 31, 2014 – Eleven students from the Corona del Mar High School in Newport Beach, California, have been expelled for hacking into the school's computer system and changing their grades. Timothy Lance Lai, a 28 year-old tutor, is accused of teaching the students how to use a key logger. The students then connected the device to a teacher's computer and stole their login credentials. No official legal charges have been filed against the students or Lai.
Indian Paramilitary Website Hacked
January 31, 2014 – Members of the Pakistan Haxors Crew hacking group have hacked and defaced Assam Rifles, one of India's paramilitary forces, website. In addition to posting the defacement page, the hackers posted another message saying, "We have what we want." At the time of this writing the defacement page is still being displayed.
Cambodian Government Sites Defaced For OpCambodiaFreedom
January 31, 2014 – Members of the Team Khmer-Shadow hacking group have defaced two Cambodian government websites as part of OpCambodiaFreedom. The operation is a protest against local Cambodian government. The targeted websites were the Economic, Social and Cultural Council and the Siem Reap Provincial Hall. The home pages of both sites were defaced. The hackers said it is not their goal to "destroy the websites".
Target Hack Blamed On Vendor
January 30, 2014 – Target representatives have said that the hackers that stole information of more than 70 million customers had stolen credentials from a vendor, and used that information to access the company's system. The accused vendor has not been identified and it is still unclear on how the hackers actually stole the information. Target has not identified which portals were used to access the breached payment systems. However, it is being reported that two portals, a supplier's database and a human resources website, have been shut down.
Nigerian Ministry Of Police Affairs Defaced
January 30, 2014 – Members of the Nigerian Cyber Army hacking group have hacked and defaced the website of Nigeria's Ministry of Police Affairs. The attack was a protest against the Nigerian government and police. The defacement message said, "Every offense should have a fair punishment. People have committed greater offenses and nothing was done to them. Police officers collecting bribes only confirms how corrupt our society has become."
Anonymous Portugal Leaks Documents From Parliament
January 30, 2014 – Members of the Anonymous Portugal collective have leaked 185 documents they claim were stolen from the Portugal Parliament's systems. Many of the documents were dated from several years ago, going back as far as 2004. Anonymous Portugal has also released a video where they say that 2013 was "the most shameful year that the Portuguese witnessed during nearly 40 years of democracy."
Vulnerability Leaves Wikipedia Open To Attacks
January 30, 2014 – Researchers have discovered that Wikipedia is vulnerable to remote code executions due to a flaw in the MediaWiki software, an open source wiki software. The vulnerability allows an attacker to execute shell code remotely through an incorrectly sanitized parameter on the MediaWiki application server. The latest version of MediaWiki has patched the vulnerability.
Angry Birds Website Defaced
January 29, 2014 – The official Angry Birds website was defaced for a short time early this morning. Vice President of Rovio Saara Bergstrom said in a statement, "The defacement was caught in minutes and corrected immediately. The end user data was in no risk at any point. Due to how the internet name resolution works, for most areas it was not visible at all, but some areas take time for the correct information to be updated." Security experts say that this was a DNS hijacking and that Rovio's systems were not breached. It appears that the attack came from Lithuania.
Cross-platform Java-Bot Launching DDoS Attacks
January 29, 2014 – Researchers have discovered a new cross-platform Java-Bot, which is infecting computers running Windows, Mac OS X and Linux that has Java Runtime Environment installed. The Java-Bot is exploiting a known critical Java vulnerability that was patched in June. Once a computer is infected, the malware copies itself into the home directory, and registers with the system startup programs. The malware is designed to launch distributed denial-of-service attacks from the infected computers.
ZCompany Hacking Crew Attacks Team Madleets
January 29, 2014 – Members of the ZCompany Hacking Crew (ZHC) are claiming to have breached two subdomains of the Team Madleets website. The Pakistani hacking group, Team Madleets have breached several high-profile websites recently, and ZHC feels they have become "arrogant." The defacement pages contained a message from ZHC saying, "We are not against Madleets or any other team, but when we see someone tryna act like they ‘Own The Scene’ with much arrogance, starts praising and greeting Indians, insulting groups/people who hack for cause like us ‘The ZHC’ & starts yelling about not to hack Indians and they are our friends ? It’s surely something to react too!" Members of Madleets say that their servers have not been breached, saying that the breached servers are not theirs. According to Team Madleets the server was an old server that had expired and has since been purchased by someone else.
Indian Hackers Respond To Republic Day Attacks
January 29, 2014 – On January 26, Republic Day in India, several Pakistani hackers defaced over 2,000 Indian websites. In response, the Indian Cyber Rakshak hacking group has defaced 100 Pakistani sites, but it is believed that they will be continuing the attacks. Several of the sites are still defaced. The Pakistani groups behind the Republic Day attacks include Team Madleets, Maximizers and the KashmirCyberArmy.
Israel Defense Ministry Computer Hacked
January 28, 2014 – Hackers have broken into the computer systems of the Israeli Defense Ministry using a malicious software, which was delivered via an email attachment. The email was made to look as if it was sent by the Shin Bet Israeli spy agency thus fooling users to open the email. Security researchers stated the hackers had temporary control of 15 computers in January. One of the targeted computers belongs to Israel's Civil Administration, which is responsible for monitoring Palestinians in Israeli-occupied territory. At the time of this writing the Israel government is not providing a comment on the incident, however they have stated that the hackers used a variant of the Xtreme RAT software to infect the computers.
Thai Police Website Hacked and Defaced
January 28, 2014 – The hacker known as Stricker Rude of Maximizers Team, has hacked the subdomain of the Thailand Police website. The hacker has also uploaded a defacement and a message that reads, "Owned By The Rude | Team MaXiMiZerS. Secure it Before i come again." This is the second attack carried out by Striker Rude, who earlier this week also targeted several high-profile sites from India, including the Central Bank of India, and the State Bank of Patiala. The Maximizers Team was also the group responsible for attacking several government websites in Morocco and Bangladesh. At the time of this writing the website is still defaced.
Indian Railways Website Hacked
January 28, 2014 – Members of the Pakistan Haxor Crew have once again hacked the website of the Indian Railways. The group was able to upload a defacement page to the Executive Director Rail Movement (EDRM) section of the website. In early April 2013 another Pakistani hacker was able to deface the Indian Railways website in the same manner, and it remains to be seen if the Indian Railways administrators are aware of the vulnerability. At the time of this writing the defaced page is still active.
Chief Rabbinate of Israel Hacked
January 28, 2014 – Members of the Anonymous collective are reporting the Chief Rabbinate of Israel website has been hacked and defaced. The attack is part of the Operation Israel campaign, a coordinated cyber-attack by anti-Israel groups on Israeli cyberspace. It is unknown at the moment who is responsible for the attack on the website. At the time of this writing the website has been restored and is functioning properly.
Hasbro Website Hacked
January 27, 2014 – The website of American toy company, Hasbro, has been hacked by cybercriminals and is being used to distribute malware onto visitors' computers. Visitors of the website are redirected to a site serving a Java exploit. The malicious software has been found on numerous occasions on the site. Research experts have also stated that normal antivirus programs are not capable of detecting the threat, and advise users to avoid visiting the Hasbro website.
Documents Stolen From Microsoft During Email Hack
January 27, 2014 – Microsoft has issued a statement saying that documents "associated with law enforcement inquiries" have been stolen. The announcement comes just a few days after the Syrian Electronic Army (SEA) hacked Microsoft emails and social media accounts. Microsoft has confirmed that SEA did hack employee email accounts. Microsoft also stated, "We have learned that there was unauthorized access to certain employee email accounts, and information contained in those accounts could be disclosed. It appears that documents associated with law enforcement inquiries were stolen." At this time SEA has only leaked internal email conversations.
Nigerian Ministry of Police Affairs Website Hacked
January 27, 2014 – Members of the Nigerian Cyber Army are claiming to have hacked and defaced the official website of the Ministry of Police Affairs of Nigeria. In a message posted on the defaced page, the hackers blame police officials and the government for being corrupt and allowing corruption to continue in the country. The hackers write, "Every offense should have a fair punishment. People have committed greater offenses and nothing was done to them. Police officers collecting bribes only confirms how corrupt our society has become. It is also a sign of a failed government." The website is currently offline.
Colombian Hospital Website Defaced By Moroccan Hackers
January 27, 2014 – The Moroccan Islamic Union-Mail have hacked and defaced the official website of Our Lady of Las Mercedes Hospital, which is operated by the government of Colombia. The hackers left a message which reads, "We do not want muscle-flexing. Just want to get our message across the world to discover the truth…" In addition to the message the hackers also added a video to the defaced website depicting the life of the Prophet Muhammed as written in the Bible. At the time of this writing the website is still defaced.
Pakistani Hackers Target Websites Of Indian Celebrities
January 27, 2014 – Hacker, Haxor 99 of the MadLeets hacking team has hacked and defaced the websites of Indian celebrities, Poonam Pandey and Daler Mehndi. The website of Pandey, who is a famous Indian model and actress, has been defaced with a message that reads, "Your site security is compromised. Nothing Delete(d) or Harmed. Rise a Voice for Justice of Kashimr. Patch Your Site." The other victim, Daler Mehndi, an Indian musician, songwriter and author has the same pro-Pakistan message posted to his website as well. At the time of this writing both websites are still defaced.
CNN Accounts Hacked By Syrian Electronic Army
January 24, 2014 – The Syrian Electronic Army (SEA) has hacked several blogs and Twitter handles belonging to CNN. The group has stated the motive behind these attacks is because CNN is, “reporting lies aimed at prolonging the suffering in Syria. CNN used its usual formula of presenting unverifiable information as truth, adopting a report by Qataris against Syria. Instead of any actual journalism, CNN turned into a loud horn calling for the destruction of Syria.” The group also added, “US media strategy is to hide the fact that the CIA controls and funds Al Qaeda by blaming Syria instead for their terror. The SEA will not stop pursuing liars and will expose them and their methods for the world to see.” On the hacked accounts SEA has posted fake news articles as well as a message which reads, “Syrian Electronic Army was here.” The impacted CNN blogs are Security Clearance, The Lead, Political Ticker, Crossfire and The Situation Room. CNN has removed all fake posts made by SEA and has stated, “Some of our organization's social media accounts were compromised. We have secured those accounts and deleted unauthorized tweets.”
Anonymous Announces New Campaign: OpAreva
January 24, 2014 – The Anonymous global hacker collective has released a new video outlining a new campaign dubbed OpAreva. Anonymous has targeted Areva, a French public multinational industrial conglomerate specializing in mining and energy. Members of the collective have stated they are unhappy with the large amounts of money the company makes through its operations in countries such as Niger, Gabon, Kazakhstan and the Central African Republic, while doing very little to help the people of these countries. The hacker collective has urged journalists to investigate Areva's activities and expose the company's wrongdoings. The group has not outlined the types of attacks they will launching against Areva in the coming weeks.
Neiman Marcus Provides Details Of Data Breach
January 24, 2014 – Representatives of Neiman Marcus are reporting that some 1.1 million credit card and debit card information was obtained by cyber criminals in the data breach which occurred earlier this month. In a statement posted on its website, Neiman Marcus said that the malware had been “clandestinely” put into its system and had stolen payment data off cards used from July 16 to October 30. MasterCard, Visa and Discover have all reported to the company that about 2,400 cards used at Neiman Marcus and its Last Call outlet stores have since been used fraudulently. Like Target, Neiman Marcus will be offering those impacted a free one year free credit monitoring service.
Indian Authorities Launch International Operation Against Cybercriminals
January 24, 2014 – Last December representatives of the Indian and American police set up a new cybercrime portal which would enable the two groups to cooperate more efficiently with one another on investigations. Now this new portal has led to the arrest of one individual as part of an international law enforcement operation targeting cybercriminials. India's Central Bureau of Investigation (CBI) has searched several locations in Pune, Mumbai, and Ghaziabad after receiving information on suspects from the U.S. Federal Bureau of Investigation (FBI). In addition to the U.S., law enforcement agencies from Romania and China are also said to be involved in the international operation. No details have been provided regarding the targeted cybercriminals as the investigation is still ongoing.
Snapchat's CAPTCHA System Hacked
January 23, 2014 – Security experts are reporting that they have successfully hacked the CAPTCHA system on Snapchat's website. The newly introduced system is designed to prevent bots from registering accounts. Soon after Snapchat announced the new system, a security expert was able to write code that hacked the system. Other researchers have since announced that they too have hacked the system. Snapchat recently suffered a data leak and had promised to focus more on security.
Brazilian City Website Hacked
16 Million Accounts From Germany Compromised By Hackers
January 23, 2014 – The Federal Office for Security in Information Technology (BSI), Germany has confirmed a recent data breach, which effects more than 16 million accounts from Germany. BSI was made aware of the breach by law enforcement and research institutions which were analyzing botnets and malware. In addition to the emails, social media accounts and shopping portal accounts being compromised, hackers were also able to infect users with malware. Tim Griese, a spokesman for BSI, confirmed that about half the accounts have the .de domain name denoting it to be German-based accounts. BSI has set up a website where users can check if their accounts have been compromised and have asked infected users to run an antivirus program to remove any malware.
Armenian Government Ministries' Websites Hacked
January 23, 2014 – Members of the Anti-Armenia Team hacking group have breached and defaced sixty-four Armenian government ministries' websites. The defacement pages included a video with an anti-Armenia message. The targeted websites include the Ministry of Education, Artsakh State University, Youth For Achievements Educational NGO and the Football Federation of Armenia. The hackers are from Azerbaijan, which is currently involved in a conflict with Armenia. At the time of this writing all of the sites have been restored and are operating normally.
Authorities Arrest Man Alleged To Be Hacker Guccifer
January 22, 2014 – The Romanian Directorate for Investigating Organized Crime and Terrorism (DIICOT) is claiming to have arrested the man alleged to be the notorious hacker, Guccifer. Romanian authorities have arrested 40 year old, Marcel Lazar Lehel of Arad county and have searched his home for evidence. Authorities suspect that Lehel, "accessed, without authorization, and bypassed security measures to obtain email accounts belonging to public figures from Romania, with the purpose of obtaining confidential information found in their electronic mailboxes." Guccifer has previously hacked several US government officials and celebrities. DIICOT representatives have stated that the law enforcement organization is working with US authorities on the case.
Syrian Electronic Army Targets Microsoft Again
January 22, 2014 – Last week after breaching Microsoft's corporate email and leaking employee information online, the Syrian Electronic Army (SEA) stated that this would not be the last attack on Microsoft. The SEA has kept their word and have now hacked the official Microsoft Office blog. Members of the hacker collective were able to access the WordPress panel of the official blog and posted an article titled, "Hacked by the Syrian Electronic Army." This is the fourth time SEA members have targeted Microsoft, earlier this month the collective also hacked the official Twitter and Skype accounts of Microsoft, as well as the Microsoft XBOX Twitter and Instagram accounts. SEA posted a message to Microsoft after this latest attack. "Dear Microsoft, changing the CMS will not help you if your employees are hacked and they don't know about it." Microsoft has not yet made an official statement on this latest attack by SEA.
Cambodia's Royal Gendarmerie Website Hacked
January 22, 2014 – Members of Team Khmer-Shadow collective have hacked and defaced several domains of Cambodia's Royal Gendarmerie. The group has also hacked the site of Cambodia's Development Program, and a local news website. Team Khemer-Shadow has stated Cambodian websites were targeted as part of its "pentesting" program. The hacking occurred shortly after 11 political activists were arrested by police for protesting outside the US Embassy in Phnom Penh, Cambodia's capital city. Members of Anonymous Cambodia have clarified that Team Khmer-Shadow is a "friend".
Islamic Cyber Resistance Hacks Official Perl Blog
January 22, 2014 – The official blog of Perl has been breached and defaced by members of the Islamic Cyber Resistance. Perl is a family of high-level, general-purpose, interpreted, dynamic programming language created by Larry Wall. In addition to defacing the blog, the group has also leak the credentials of 3,000 users. The information is said to contain user names, email addresses, account passwords, and other data. The hackers have stated the attack on the blog is in support of the Syrian people, as well as the Syrian Electronic Army.
Anonymous Provides Update And Announces New Operation
January 21, 2014 – Members of the Anonymous hacking collective have announced a new operations dubbed, "OpPhDPounds" which will target government supported academic institutions. The new campaign is aimed at institutions that are employing PhD students to conduct research on Anonymous. The types of attacks that will be carried out is unclear at the time. The global collective has also released a video declaring the start of Phase 2 of Operation Killing Bay, warning Japan that if it does not end the slaughter of dolphins in Taiji, they will target government officials, businesses, and media outlets.
Officers Involved In Kelly Thomas Case Targeted By Anonymous
January 21, 2014 – Following the acquittal of two Fullerton, California police officers who beat a homeless man to death in 2011, Anonymous has released the personal details of the officers involved. The hackers also leaked the personal details of the officers' family members as well. The leaked data includes addresses, phone numbers, social media accounts and birth dates. Other hackers have stated this is not the end of their operation against the Fullerton Police Department.
Ubuntu Domains Hacked By Indonesian Hacker
January 21, 2014 – Hacker SultanHaikal of the Gantengers Crew hacking group has hijacked 6 domains belonging to Ubuntu One. Ubuntu is a Debian-based Linux operating system based on a free and open source software. The hacker has added a defacement page to each of the 6 domains that have been hacked, and left the message, "You say that you are a hacker, Defacer, but you are proud? it turns out that you are proud, you are a newbie." It is unclear who this message is directed towards and at the time of writing, the defacement pages are still active.
Monsanto Korea Website Hacked By Anonymous
January 21, 2014 – Members of the Anonymous hacking collective have hacked and defaced the website of Monsanto South Korea as part of the on going Operation Green Rights. Monsanto is a multinational chemical, and agricultural biotechnology company, and is the leading producer of genetically engineered seed. Anonymous hackers stated, "Monsanto: Anonymous thinks you're responsible, in front of mankind, for genocide, environmental disaster, and mass contamination."The hackers were able to deface a page from the "news releases" section of the website, as well as leaking some of its database information online. This past weekend the hackers of Operation Green Rights also launched several distributed denial-of-service attacks against a number of websites belonging to Monsanto.
Personal Information Of Puerto Rican Doctors Stolen
January 20, 2014 – Eduardo Ibarra, President of The Puerto Rican College of Physicians and Surgeons, has revealed that the personal details of thousands of licensed medical doctor in Puerto Rico has been stolen by cybercriminals. The hacking was discovered when medical doctors began receiving harassing emails. It is uncertain what type of information has been compromised, however reports suggest that close to 10,000 physicians could be impacted. The FBI and the Puerto Rico Justice Department are investigating the incident.
Massive Data Leak Of 20 Million South Koreans
January 20, 2014 – The information and personal data of at least 20 million bank and credit card users in South Korea has been leaked. In a statement made by the Financial Supervisory Service (FSS), "the stolen data includes the customers' names, social security numbers, phone numbers, credit card numbers and expiration dates. Reports suggest that an employee from personal credit ratings firm, Korea Credit Bureau, has been arrested and accused of stealing the data from customers of three credit card firms while working as a temporary consultant. The data was then sold by the employee to phone marketing companies, whose managers were also arrested.
Linode Suffers Data Breach
January 20, 2014 – Christopher Aker, founder and CEO of Linode, a web hosting and cloud computing company, has stated the company has suffered a second data breach in less than a year. The compromised server plays no role in the infrastructure of Linode, unlike the server attacked in April 2013. The attackers managed to gain access to the database stored on the old server by using forum credentials used in the April 2013 attack. One report suggests that a user with the moniker n0tryan, has posted the credentials for a Linode server online. The database leak is said to include some invalid credit card numbers, user names, email addresses and encrypted passwords, and appears to be for the phpBB forum. Cybercriminals also made a false report and had the offices of Linode evacuated and searched by Galloway Police Department's SWAT team.
LeakSec Releases Data As Part Of OpFunKill
January 20, 2014 – Hacking group LeakSec has stated they have attacked the monthly newsletter for hunters, The Hunting Report. The group has gained access to its database and have provided a portion of its information as a “sneak peak” as part of the OpFunKill campaign. In a press release by Anonymous, OpFunKill was, “created to hunt and expose hunters. We are opposed to trophy hunting, and any form of hunting for entertainment...OpFunKill has been engaged to attack and expose animal abusers.” At the time of this writing the details of the full leak have not been provided by LeakSec.
Alleged Stolen Data Leaked From DHS Fusion Centers
January 17, 2014 – Several systems of the U.S. Department of Homeland Security (DHS) Intelligence Fusion Centers have been breached by hackers of TeamBeserk. The group has leaked 60MB of documents from the systems. TeamBeserk has stated they are publishing a, "selection of documents" that proves there are, "real threats out there against all Americans and the United States. The security of our Nation needs to be inspected and made better without hurting the rights of Americans." The hacker group has not reveled which Intelligence Fusion Center were targeted, however they have stated they first breached the California Intelligence Fusion Center, before gaining access to other centers in the Midwest.
Anonymous Announces Operation Walmart
January 17, 2014 – The Anonymous global hacker collective has released a new video outlining a new operation planned for Black Friday 2014 and 2015. The new operation is dubbed Operation Walmart and is in response to Walmart Corporation's claims they are unable to pay its workers a living wage. Anonymous states, "In the spirit of solidarity with our fellow activists and the working poor, Anonymous is prepared to use the full might of the collective in defense of the working class, until Walmart is willing to give its workers fair pay for fair work. We demand that the Walmart Corporation change its labor practices, so that all full time workers get minimum pay of eleven dollars an hour and basic health benefits." The collective has provided a list of Walmart locations for protest with the ultimate goal of blocking the entrance of Walmart locations in order to disrupt Walmart's profits.
Pakistani Hackers Deface 1400+ Indian Websites
January 17, 2014 – Pakistani hacker group Team MaXiMiZerS has hacked and defaced 1,448 Indian websites. The hacked websites were left defaced with a short message over the Kashmir issue. Kashmir is a former princely state which is now a disputed territory, now administered by three countries: India, Pakistan, and the People's Republic of China. At the time of this writing many of the websites have been taken offline, while some are still active and defaced.
RedHack Disrupts Website Of Turkish Central Bank
January 17, 2014 – Members of the RedHack hacking group have disrupted the official website of the Central Bank of Turkey. The distributed denial-of-service attacks were launched against the financial institution to protest the Central Bank allowing the Turkish Lira to lose its value against foreign currency. At the time of this writing the website is back online and operational.
Microsoft's Corporate Email Breached By Syrian Electronic Army
January 16, 2014 – The Syrian Electronic Army (SEA) has targeted Microsoft for a third time, this time hacking corporate email accounts belong to employees. Microsoft confirmed the breach in a statement stating the cyber attack was carried out using a phishing campaign and resulted in a small number of Microsoft employee social media and email accounts being impacted. According to a Microsoft spokesperson, "These accounts were reset and no customer information was compromised." It is not immediately clear how many accounts were targeted during the recent attacks, or how much data SEA was able to obtain. A SEA representative says that the attacks were designed to be a distraction, indicating there could be further compromises in the future. Moments after defacing several Saudi Arabian government websites, the group posted a message stating, "We didn't finish our attack on Microsoft yet, stay tuned for more!"
Syrian Electronic Army Hacks Saudi Government Websites
January 16, 2014 – Pro-Syrian hacker collective, Syrian Electronic Army, has hacked several websites belonging to the Saudi Arabia government. The attacks were conducted in an attempt to expose the alleged terrorism being done by the Saudi government. In total, SEA hackers were able to successfully hack and deface 16 websites. A majority of the websites defaced by the hackers belonged to various Principalities across Saudi Arabia.
Cyber Attack On Israel Announced For April
January 16, 2014 – Hacker collective AnonGhost has announced the launch of a new attack on Israeli cyberspace planned for April 7, 2014. The new attack is dubbed Operation Israel Birthday and is in support of Palestine, while also celebrating the OpUSA, OpPetrol, and OpIsrael of 2013.
Public Safety Communication Agency Hacked
January 16, 2014 – It is being reported that in mid-December 2013, the North East King County Regional Public Safety Communication Agency (NORCOM) systems were compromised. Hackers were able to obtain information such as social security numbers, date of births, medical response records and email addresses. NORCOM is a Washington based company which provides 911-type emergency service communications for emergency fire, police and medical service agencies. The server which was targeted contains detailed information of around 6,000 individuals. NORCOM has clarified that the compromised server has been taken offline and is advising those affected to place a fraud alert with all three major credit service bureaus.
Italian Weather Website Hacked
Syrian Electronic Army Website Hacked By Turkish Group
January 15, 2014 – Turkish hacker group, Turkguvenligi has defaced and leaked the subdomain of a website belonging to the Syrian Electronic Army (SEA). The hackers were able to compromise the website through its hosting provider. The attack comes in response to SEA's recent attacks against Turkey. The hackers stated, "You imbeciles will attack our country with fake phishing emails and we'll accept your lies and not do anything? That is the end you deserved: 'And never think Allah is unaware of what the wrongdoers do. He only delays them for a Day when eyes will stare.'" SEA has responded to Turkgivenligi by stating they are unfazed by the attacks.
Hackers Claim To Have Leaked Apple Database
January 15, 2014 – Two hacker groups, European Cyber Army and 1775Sec, are claiming to have breached and leaked information from Apple. They originally leaked data two days ago with a message saying, "We repeatedly warned you Apple, Inc. . . . You thought because we faked some Drop Box leaks, that we actually didn't hack you? You made a foolish move Apple! We are the 1775Sec and the European Cyber Army!" There was no response to this leak, so now the hackers leaked more information from the database. They say they are leaking data for the "lulz" and to send a message.
Anonymous Re-Launches Operation Fullerton
January 15, 2014 – Members of the Anonymous hacking collective have announced the re-launch of Operation Fullerton after two police officers were found not guilty of beating a homeless man with schizophrenia to death. The collective has called on supporters to occupy and protest at police stations throughout Fullerton, California. The group has provided addresses of local precincts.
Hackers Expose Wrongdoings Of Turkish Mayor
January 15, 2014 – Members of the RedHack hacking group have breached the systems of the General Directorate of EGO, an organization which servers as the public transport department for the municipality of Ankara, Turkey. Hackers say that they discovered that employees of the public transport department are registering fake twitter accounts to "hike follower numbers and spread misinformation about the public demand for justice." The hackers have provided screenshots indicating they have access to the email addresses, user names and passwords of department employees.
LeakSec Breaches Database Of Promat Romania
January 15, 2014 – Hacker group LeakSec has claimed to have breached the database of Romanian fire protection systems supplier, Promat Romania. The hackers have released the stolen information to the Internet. The leak is part of Operation Down With Romania, which is protesting the killing of stray dogs as well as the negligence and corruption within the government. LeakSec members stated in a message to the Romanian government, "You disgust us. You shall reap what you sow, your servers shall fall to the teeth and claws of our KRAKEN and your data well be leaked, published, and lost."
Sentencing Postponed For Fifth Time For LulzSec Member
January 14, 2014 – The sentencing of former LulzSec member-turner-FBI-informant Hector Xavier Monsegur, better known as Sabu, has been postponed for a fifth time for unknown reasons. Monsegur's cooperation with the FBI led to the arrests of several high ranking LulzSec members, including Jeremy Hammond the hacktivist who took part in leaking the internal emails of Stratfor employees and its clients. Hammond was sentenced to a maximum of ten years in prison on November 15, 2013. The delay of the sentencing of Monsegur was confirmed by the office of the presiding Judge Loretta Preska.
Yemen Embassy's Emails, Passports Compromised
January 14, 2014 – Members of the AnonSec hacking group have compromised 1,565 emails and passports of the Yemen Embassy. The leak contains the emails, names, passport numbers, dates of birth, gender information, place of birth and phone numbers of individuals impacted. The same group was responsible for leaking 11,000 email accounts and defacing 250 websites two weeks ago as part of a New Year Event. No explanation has been given as to what the motive was for the attack.
Anonymous Targets Website Of Granada Archbishop
January 14, 2014 – Members of the Anonymous hacker collective have breached and defaced the official website of the Archbishop of Granada, Spain. The website has been littered with various satirical messages and adult images. This latest attack is part of the Operation Opus Dei campaign which was launched in mid-December 2013. At the time of this writing the website is operational, however it is unknown if the vulnerabilities exploited by the hackers have been fixed.
Official Blog And Twitter Of Microsoft Hacked By Syrian Electronic Army
January 13, 2014 – Members of the Syrian Electronic Army have breached Microsoft's Official Blog as well as the Twitter handles of MSFTNews and Xbox. This new attack comes a week and a half after the group targeted Microsoft's Skype social media properties on New Year's Day. Members of the group left several messages, including repeating their claim that Microsoft is selling user data from its email services to the U.S. Government. Microsoft has released a statement saying they are aware of the targeted cyberattack, and that the accounts were quickly reset. Microsoft has also confirmed no customer information was compromised in this latest attack.
Payment Card Data Stolen From Systems Of Neiman Marcus
January 13, 2014 – Representatives of Neiman Marcus, a retailer which specializes in luxury goods, have confirmed that their systems have been breached by cybercriminals. As a result of the breach, customer payment data information has been compromised. Neiman Marcus first learned of the breach in mid-December after their credit card processor informed them. The company has stated it is not sure how the cybercriminals gained access to the payment card information or for how long they had access to their systems. At the moment there is no evidence suggesting that individuals who made purchases on Neiman Marcus' website are impacted. The company issued a statement saying, "We informed federal law enforcement agencies and are working actively with the U.S. Secret Service, the payment brands, our credit card processor, a leading intelligence and risk management firm, and a leading forensics firm to investigate the situation."
MIT Subdomain Hacked By Anonymous
January 13, 2014 – Members of the Anonymous collective have defaced the MIT subdomain for the Cogeneration Project (cogen.mit.edu). The MIT subdomain was defaced by hackers to mark the one year anniversary of Aaron Swartz's death. Swartz committed suicide shortly after being charged by MIT Police for thirteen counts of felony after systematically downloading academic journals from JSTOR. The attack is part of Operation Last Resort, the campaign initiated in retaliation of the suicide shortly after Swartz's death on January 11, 2013. Anonymous has directed visitors who land on MIT's Cogen site to the website of "The Day We Fight Back," a protest against mass surveillance planned for February 11, 2014.
RedHack And Anonymous Issue Message To Turkish Government
January 13, 2014 – Members of the RedHack and Anonymous have sent a second video message to the Turkish government urging the country to bring an end to censorship. In a video made available to the public, the hacktivists are demanding the Turkish government not only end censorship in Turkey, but also the use of violence during peaceful protests. The video message was released shortly after Turkish prosecutors charged 36 people with acts of terrorism after participating in the Gezi protests. The hacktivists state, "We suffered from the mainstream media blackout about what is really happening in Turkey. This is a peaceful popular revolt. It is a movement that spans all levels and sectors of society. This is a movement that requires only freedom, justice, and democracy."
Argentina's National Rehabilitation Service And Other Government Sites Hacked
January 10, 2014 – The Syrian hacker known as Dr.SHA6H has targeted various government websites from Argentina. The motivation for the attacks is to convince the US and other countries to intervene in Syria. The latest targets include the National Rehabilitation Service (snr.gov.ar) website, and various subdomains of the official website of Argentina's Catamarca Province (catamarca.gov.ar). At the time of this writing most of the sites remain defaced, with the website of the National Rehabilitation Service being taken offline. In addition to the Argentinian government websites, DR.SHA6H has also published his message on the front page of the Mongolian Agency for Standardization and Meteorology's website.
Arrest Warrants Suggest More FBI Moles In LulzSec
January 10, 2014 – Members of the Anonymous collective have leaked FBI search warrants indicating that Hector “Sabu” Monsegur was not the only hacker-turned-FBI informant responsible for bringing down the LulzSec group of international hackers. The new leak indicates two unnamed LulzSec members were arrested on June 29,2011 and turned informants, specifically giving up information on core LulzSec members. Documents do not reveal the identity of the second informant, however LulzSec members have accused M_nerva of cooperating with authorities, alleging that he provided information that led to the arrest of a British LulzSec member in June of 2011. Anonymous has also leaked nine other warrants, one which dates back to the same day Monsegur was arrested. As a result of Monsegur's cooperation numerous senior-level officials and the remaining top-ranking members of the LulzSec group were arrested or hit with additional charges Tuesday morning.
Website of Peruvian Congressman Hacked by Argentinian Group
January 10, 2014 – The Team Hack Argentino hacking group is claiming to have breached and defaced the official website of Peruvian Congressman Jamie Delgado (jamiedelgado.pe). The hackers haven't defaced the website's main page, instead they've added an HTML to the page. The Congressman has yet to make any official statement regarding the incident, however the website has been taken down by its administrators. The hackers have also defaced several other sites from Peru, including the subdomain used by the police of the San Jamie municipality, which is currently offline. Team Hack Argentino has also revealed they will be “targeting Mexicans tomorrow.”
1775Sec Breaches Ford As Part Of OpTrollSec
January 10, 2014 – The hacking group 1775Sec is claiming to have breached and leaked a database from Ford Motor Company. The leak contains user names, phone numbers, emails and car types from Ford. The leak is part of the group's OpTrollSec campaign, which aims to leak data and disrupt various websites. As part of the campaign, 1775Sec has also launched distributed denial-of-service attacks on websites of nko.navy.mil and infinity.disney.com. At the time of this writing 1775Sec has stated they will be targeting various websites over the next few days as part of OpTrollSec. The website of infinity.disney.com is back online and functioning properly.
Islamic Cyber Resistance Group Hacks Systems Of Israel Airports Authority
January 9, 2014 – Hackers of the Islamic Cyber Resistance Group are claiming to have breached the computer systems of the Israel Airports Authority (iaa.gov.il), the group responsible for the management of the country's civil airports and land-to-land border terminals. The hackers have said they gained access to the organization's internal networks and stole sensitive files, including information on domestic and international flights, details on management and flight routing software, weather condition maps and flight briefs used by the control towers and pilots. The attack is part of a campaign dubbed OpIsrael, and the hackers claim they could have caused service disruptions but haven't, “due to humanitarian considerations.” They have however wiped the data found on the compromised server, which they claim they've had access to for months. In a statement published by the hackers the attack on Israel was because, “ [As] the world knows, killing women, children and innocent people is a profession exclusive to Israel and its neophytes, and we, as ordered by Islam, do condemn such moves and, thus, find it sufficient to release sensitive information to prove that we have had the access to the servers and downed the website.” At the time of this writing the Israel Airports Authority is yet to issue an official statement.
Malware Steals Data From Computer At Japanese Power Plant
January 9, 2014 – On January 2nd researchers identified a piece of malware on a computer in the reactor control room at the Monju nuclear power plant in Japan. The malware is said to have stolen private information from the infected machine. It appears that one of the facility's employees wanted to update a video playback program, which turned out to be malware. The computer which was infected is used by employees to file paperwork and the damage caused by the malware is limited. However, the cybercriminals controlling the malware could have accessed sensitive documents, including emails, training records and employee data sheets. The infected device was accessed more than 30 times during a five-day period after the worker performed the video software update and it is being reported that over 42,000 documents were stored on the device. Researchers have stated that the malware is apparently communicating with a server in South Korea possibly identifying the location of the attacker.
Scam Emails Distribute Malware That Steals Bitcoins
January 9, 2014 – Bitcoin users are reporting that they have received suspicious emails that are designed to steal their Bitcoins. Security researchers say the attack begins with an email that carries the subject line “Wallet Backup”. The email message asks users to visit a link which is attached to the email to redeem 30 BTC, however the link points to a website that is set up to serve an archive named “backup.zip”. When the file is executed a Notepad document containing a password is opened while a malicious executable is launched in the background. The malware then waits for victims to open his/her Bitcoin Wallet using the Bitcoin-Qt software and begins stealing the Bitcoins. It has been determined that the URL in the email was clicked by at least 1,674 people, with most of the victims located in the United States.
The Straight Dope Forum Hacked, User Passwords Stolen
January 9, 2014 – Popular online question and answer newspaper column, The Straight Dope, is advising users of its forum to change their passwords because the information may have been compromised in a recent attack on the bulletin board. The company has posted a notice on its forum but has provided very little details. The breach was discovered by the Straight Dope security team, but they have not revealed when and how long the attackers had access to their systems. The information compromised includes usernames, email addresses and passwords. The Straight Dope has stated that it is working with law enforcement as well as conducting an internal investigation to resolve the issue.
AnonSec Claims Release Of US Government Server Files
January 8, 2014 – Hacking group AnonSec is claiming to have accessed the File Transfer Protocol Server belonging to nine US government websites. The group has provided a list of the targeted websites which include the US National Institute of Health, US Securities and Exchange Commission, and the US Department of Agriculture. At the time of this writing the motive for the attack is not know, however, AnonSec has stated they will continue releasing sensitive information.
T-Mobile Customer Data Hacked
January 8, 2014 – A T-Mobile supplier had a server hacked that contained names, addresses, social security numbers and driver's license numbers. The breach was discovered by T-Mobile in November 2013, and the company believes that the cybercriminals were after customer credit card numbers, which were not found in the compromised files. Affected individuals are being offered free identity protection services for one year. The supplier whose systems were breached says they have taken measures to ensure that such incidents are avoided in the future. The exact number of impacted individuals has not been disclosed, however the incident has been reported to the California Attorney General indicating that at least some of the victims are from the state of California.
OpFunKill Continues With Attack On Namibian Government Portal
January 8, 2014 – Yesterday we reported on OpFunKill, the Anonymous led campaign protesting the killing of animals; now the hacker collective has taken action against Namibian government websites and sites related to hunting. The hackers issued a statement in response to the Dallas Safari Club's auction of killing a rhino, saying, “The trophy hunting of vulnerable and/or endangered species in Africa has to stop. For years, this unethical sport and tourism has hidden behind the ridiculous South African laws that allow it.” The collective was able to disrupt Namibia's main government portal, gov.na, however, currently the website appears to be working properly. Hackers were also able to breach the systems of The Namibian, an independent newspaper, claiming to have stolen sensitive information from the newspaper's database. Namibia's Deputy Minister of Environment and Tourism, Phamba Shifeta, says that the government has no plans of abandoning the auction because it could generate a lot of money for conservative initiatives.
DailyMotion Serving Malvertisment To Unsuspecting Users
January 8, 2014 – Security researchers are warning users of popular video sharing website DailyMotion, of fake antiviruses being served through malicious ads. According to researchers, users who visit the website are served fake antivirus ads which falsely inform victims of malware infections and asks them to register the product in order to remove the Trojans, Downloaders, Backdoors, and Rootkits. The threat was discovered by researchers on January 7th, and at the time of this writing it is uncertain if the website has been cleaned up. Users are advised to avoid visiting the website until a statement is released from DailyMotion.
Guccifer Returns With More High Profile Attacks
January 7, 2014 – The hacker known as Guccifer is claiming to have hijacked online accounts of several high-profile individuals. In the past, Guccifer has compromised the accounts of several celebrities and government officials, including members of the Bush family. The most recent victims include the CEO of MetLife, Steven Kandarian; former Air Force Secretary, George Roche; head of the Romanian Intelligence Service, George-Cristian Maior; author Kitty Kelley; DHS official Laura Manning Johnson; actress Mariel Hemingway, fitness instructor, Denis Austin; members of the Council on Foreign Relations; members of the UK's House of Lords and comedian, Steve Martin. Guccifer did not reveal details about how he managed to breach these accounts. He claims to have stolen bank statements, payment card data, financial documents, personal photographs, phone records and correspondence. All of this information has allegedly been given to an unnamed reporter. The hacker says he has intercepted communications between his victims and the authorities. However, he said, “I am not concerned.”
Amateur Poker League Admits To Being Hacked
January 7, 2014 – Last week hacker smitt3nz leaked the email addresses and clear text passwords of more than 175,000 World Poker Tour Amateur Poker League users, including some US government workers. Officials of the World Poker Tour are downplaying the impact of the attack with CEO Kurt McPhail stating that the information stolen is, "pretty much worthless." According to McPhail around 50,000 of the leaked accounts are still active. Some of the leaked email addresses appear to belong to employees of the US government, including the Centers for Disease Control and Prevention, the Department of Health and Human Services, US Courts, the US Federal Bureau of Prisons, the House of Representatives, the Department of Energy, and the Department of Labor. Impacted users are being notified and the vulnerabilities exploited by the hacker are being patched.
Payment Card Data Compromised In Sandwich Company Breach
January 7, 2014 – The computer systems of sandwich chain 'wichcraft have been breached and payment card data has been stolen. Payment card details of customers who made purchases between August 11 - October 2, 2013 at locations in San Francisco and New York may have been compromised. The information accessed by the cybercriminals included names, payment card numbers, expiration dates and security codes. 'witchcraft is notifying affected customers; and working with law enforcement agencies and credit card issuers in investigating the incident.
Anonymous Threatens Government of Namibia
January 7, 2014 – Anonymous affiliated hacking group, Team Defiant, is threatening the government of Namibia after it allowed the US-based Dallas Safari Club to auction the chance to kill a black rhino from the country's Mangetti National Park. At this time there has been no action taken against the government. The attacks to date include the defacement of the America Made Outdoors website, a major supplier of hunting, fishing, and camping gear; and the website of Just Holidays, Namibian travel company. The hacktivists are referring to the campaign as OpFunKill.
2.5 Million European Yahoo! Users Hacked And Possibly Infected With Malware
January 6, 2014 – Millions of Yahoo.com users from Europe may have had their computers infected with malware served via malicious advertisements. The attack was discovered on December 30, 2013. Cybercriminals compromised ads.yahoo.com with malicious iframes which redirected users to domains hosting the Magnitutde Exploit kit. Users do not have to click on the ads in order to have their devices infected with malware. The exploit kit leverages Java vulnerabilities to push various pieces of malware, including ZeuS, Andromeda, Dorkbot, Tinba and Necurs. Yahoo has stated that only users from Europe are impacted, with the most infections in Romania, the UK and France. Yahoo has cleaned the infection, however, as many as 2.5 million users may have been impacted.
Financial Data Of Over 93,000 StaySure Customers Stolen
January 6, 2014 – British travel insurance company StaySure has suffered a data breach. In a statement from the company, hackers broke into its server in the second half of October 2013, however, the breach was not detected until mid-November. In a notice published on its website, StaySure has revealed that the attackers have stolen names, addresses, encrypted payment card details, and CVVs of customers who had purchased insurance before May 2012. According to StaySure around 93,000 people may have been impacted. The company is sending out notification letters to affected individuals and is confident that the vulnerabilities exploited by the cybercriminals have been patched.
24 Mexican Government Websites Hacked
January 6, 2014 – Members of the Anonymous collective have breached and defaced websites hosted on the Mexican government domain. The sites targeted are from the cities of Angangueo, Villa Guerrero, Capulhuac, Aporo, Nahuatzen, Ocoyoacac, Langunillas and Tejupilco. On the homepage of each website the hacktivists have posted images of the Anonymous logo and messages that read, “We Are Anonymous.” The attack was announced around three hours ago, and at the time of this writing all of the websites are still defaced. It is not known what the motive is behind the defacements.
Anonymous Sends Message To Turkish Government
January 6, 2014 – The Anonymous hacking collective has published a video message addressed to the government of Turkey. The collective is demanding that the government puts an end to corruption and the use of violence against peaceful demonstrators. The hacktivists wrote, “You have created a system which ensures the poor remain poor and the wealthy remain wealthy. It is now very clear to us that you have no intention of running the country for the people but you will continue to run it for your own personal interest.” The statement was released shortly after 36 Gezi protestors were charged with acts of terrorism by prosecutors. The hacktivists have stated they will continue to target the Turkish government, however, no immediate plans have been announced.
Brazilian Government Sites Hacked In Protest of World Cup
January 6, 2014 – Brazilian hackers have continued the hacking and defacing of several Brazilian government websites as part of the OpWorldCup campaign. Over the last several days the DK Brazil Hack Team, the Insanity HackTeam and other Anonymous affiliated groups have hacked the website of various Brazilian states, including Ceara, Santa Catarina, Bahia and Sao Paulo. The hacktivists are hacking and defacing websites in protest of the 2014 FIFA World Cup which they feel is having a negative impact on Brazil and its people. At the time of this writing some of the websites have been restored, however, many have been taken offline.
Nationalist Movement Website Hacked By Anonymous
January 3, 2014 – The official website of the Nationalist Movement has been hacked and defaced by members of the Anonymous collective. The attack is part of OpAntifa, a campaign against nationalists, racists and fascists. The group has also left a message on the website writing, "We will take all actions to eradicate white pride from every corner of our world, physical and virtual. We will strike at all who support, promote, spread or hold fascist ideals, and we will do so with all of our strength, which is a great strength." At the time of this writing the website is still defaced. This is the second attack in the past 3 weeks against the website of the Nationalist Movement. Anonymous hacktivists first attacked the website on December 15, 2013.
Hackers Steal Money From European ATMs
January 3, 2014 – Hackers in Europe are now reportedly targeting ATM machines using malware-loaded USB drives to steal money. Most of the world's ATMs are running on the Windows XP operating system, which is highly vulnerable to malware attacks, and just like desktop/laptops, some ATMs also have USB sockets which is hidden behind the ATM. Researchers found that hackers are now exploiting this vulnerability by cutting holes into the ATM to access the USB port and uploading malware into the machines. The malware allows thieves to create a unique interface on the ATMs by typing in a 12-digit code, this interface then allows withdrawals and also shows the amount of money and bill denomination inside the machines. The malware does not appear to harvest customer PINs or other sensitive data, however, some banks have began upgrading the ATMs to prevent them from booting from external USB devices.
Hackers Leak Data From Financial Services Online
January 3, 2014 – The Pakistani hacking group known as Pakiz Cyber Squad, have leaked user data stolen from the systems of Financial Services Online, an Australian company that provides insurance, finance, superannuation, and investment services. The leaked data was published to the Internet, and included user names, names, addresses, phone numbers, email addresses, passwords and in some cases Pay Pal email addresses. The data belongs to affiliates of Financial Services Online, a total of 527 record sets have been released.
86,369 User Credentials Leaked By Hackers
January 3, 2014 – The HitlerSec hacker group is claiming to have breached and leaked data from the website of MMMOOO, a mobile phone application owned and operated by Shanghai Jibiao Info Tech Co., Ltd. The hackers posted the leaked information, including Pay Pal email addresses, full names, encrypted passwords, and user email addresses, to the Internet. At the time of this writing the motive for the breach is unknown, MMMOOO is yet to officially release a statement.
SnapChat Hacked, 4.6 Million Usernames And Phone Numbers Published Online
January 2, 2014 – Photo messaging application SnapChat has been hacked and the personal information of about 4 million users has been leaked. At this time it is not known who is responsible for the attack. The leaked information, which includes user names and phone numbers, was posted to a website called SnapChatDB. On SnapChatDB, it says that the hackers accessed the data by exploiting a vulnerability which has now been fixed. The hackers removed the last 2 digits from the usernames and phone numbers to avoid putting user privacy at risk. The data was available online for a few hours, however the SnapChatDB website has now been suspended. The reason for the attack was to raise awareness and pressure SnapChat administrators to fix the vulnerability.
Supreme Court of Bangladesh Attacked
January 2, 2014 – Hacker group, IzzahHackers is claiming an attack on the Supreme Court of Bangladesh as part of the ongoing OpBangladesh campaign. According to the hackers they have breached the database of the Supreme Court and have posted the information to the Internet. The hackers have stated the purpose of this attack was to stop the unlawful executions being conducted in Bangladesh. At the time of this writing the website has been restored, however the leaked data is still available.
Hunting Magazine Data Hack
January 2, 2014 – The hacker known as L3pRec0N has allegedly hacked the website of Bear Hunting Magazine. The hacker claims to have hacked the database of the website and leaked credit card information. The attack is part of the OpHuntTheHunter campaign led by animal activists protesting the hunting of wildlife for sport.
Anonymous Announces Upcoming Campaign Against The U.S.
December 31, 2013 – Members of the Anonymous collective have released a video announcing, “a special project” which is planned to launch on January 1st, 2014. The campaign is targeting the United States, however, Anonymous has clarified the campaign, “will not be about hacks, leaks, or occupying specific locations of a special city.” At the time of this writing no attacks related to this campaign have been reported.
Israeli Bank Websites Taken Down By Anonymous Tunisia
December 31, 2013 – Hacker group, Anonymous Tunisia, a sub-group of Anonymous, is reported to have taken down 11 Israeli Bank websites via distributed denial-of-service attacks. According to the hackers the attacks are in support of Palestine. In a message by Anonymous Tunisia they said, “This is just the beginning, this is just phase 1. There is a lot (more) to come.” It is unclear what the next target will be for the hackers, however, they have announced that the second phase of the attack will be launched soon. At the time of this writing several of the websites have been restored.
December 31, 2013 – Boston Restaurant Group Computer System Hacked
Boston Restaurant group, Briar Group is informing its patrons that their computer system was hacked and credit card data may have been accessed by the attacker. The group started an investigation after learning that their visitors were victims of credit card data theft. The breach is said to have occurred between October 2013 and early November 2013. In a statement released by the group, “We have been working closely with law enforcement officials and are providing them with all available information to support their effort to identify the criminals who undertook this act." Representatives of the group have apologized for the security breach and are urging customers to monitor their credit card statements for any fraudulent charges.
Hacker Defaces Eight Nepal Government Websites
December 31, 2013 – The hacker known as DR.SHA6H has breached and defaced a total of eight websites belonging to the government of Nepal. The targeted websites includes the National Development Volunteer Service, the Department of Cottage and Small Industries, the Nepal Law Commission, the National ID Management Center, a district office, and some county educational offices. DR.SHA6H, has been defacing various high-profile websites in an effort to raise awareness of the situation in Syria, urging other countries to intervene. At the time of this writing most of the websites have been taken offline.
Colorado Medicaid Data Breach
December 31, 2013 – Information belonging to at least 1,918 Colorado Medicaid patients was breached after a temporary employee from an outside contractor sent the information to his or her own personal email address. According to The Colorado Department of Health Care Policy and Financing, the information may have been intended for the employee's use in another business. The information which was sent included patient names, date of births, addresses, telephone numbers, health conditions, and Medicaid identification numbers. Affected patients are being notified by mail, as the department continues its investigation of the incident.
Anonymous Leaks Email And Credit Card Credentials Of Officials
December 30, 2013 – Earlier this month members of the Anonymous collective stated their intent of hacking the websites of SeaWorld and the World Association of Zoos and Aquariums as part of OpKillingBay, the Anonymous led initiative protesting the killing of dolphins and orcas in Taiji, Japan. In this recent attack, the hacker group has leaked the credit card data of SeaWorld's board members along with their private emails, as well as the email information belonging to members of the World Association of Zoos and Aquariums. According to Anonymous the organizations were targeted due to their enabling of the killings in Taiji Japan. At the time of this writing the post containing the sensitive information has been removed.
United Nations Population Fund Websites Defaced
December 30, 2013 – Syrian hacker Dr.SHA6H has breached and defaced websites belonging to the United Nations' Population Fund (UNFPA). The websites targeted by the hacker belong to the United Nations' websites of El Salvador and the Republic of Mali. According to the message left by the hacker he is, “...unhappy with the fact that other countries don't intervene to help Syria.” In particular he has named the US, but claims the message is for the entire world. Over the past year, DR. SHA6H has breached several websites belonging to governments across the world. At the time of this writing the websites are still defaced.
Venezuela, Turkey, Indonesia And Saudi Arabia Government Sites Hacked
December 30, 2013 – The Bangladesh Grey Hackers hacking group have breached websites belonging to the governments of Venezuela, Indonesia, Vietnam, Saudi Arabia and Turkey. According to the hackers they are protesting, “the killing of innocent Muslims around the world.” The group has defaced the main domain and several subdomains of the Ciara Foundation and the Permanent Secretariat of the National Council of Universities in Venezuela. The group has also hacked the websites of Kien Giang Customs Department in Vietnam, the municipal council of the Saudi Arabian city of Zulifi, a religious organization in Turkey, as well as the subdomain of the Polewali Mandar Regenecy's site in Indonesia. At the time of writing most of the websites have been restored.
Ukrainian Journalist Attacked, Anonymous Retaliates
December 30, 2013 – Members of the Anonymous collective are claiming to have hacked two websites of the Ukrainian government in retaliation for the attack on Tetiana Chornovol, a Ukrainian civic activist and journalist who was brutally beaten on December 25th. Reports state Chornovol was dragged by a group of men from her car outside Kiev and beaten.. On Thursday, the U.S. Embassy in Kiev condemned the attack in a statement calling for an investigation, “which unlike previous such incidents must result in those responsible being held fully accountable under the law.” The hacktivists did not name the sites that they allegedly attacked.
Prime Minister Of Bangladesh Website Targeted By Anonymous
December 30, 2013 – The Anonymous hacker group has resumed the anti-government campaign dubbed, Operation Bangladesh, and over the past few hours have targeted at least three government websites in Bangladesh. The hacktivists have launched distributed denial-of-service attacks against the websites of the Prime Minister's Office, the Election Commission Bangladesh, and the country's government portal. At the time of this writing, the website of the Election Commission appears to be functioning properly, however, the government portal and the Prime Minister's website are still inaccessible. While hacktivists are protesting in cyberspace, Bangladesh opposition supporters are preparing for mass marches in protest against the controversial upcoming elections.
Russian Hacker Attempts To Sell Access To BBC Server
December 30, 2013 – A Russian hacker has managed to gain access to a BBC server and has attempted to sell the access to other cybercriminals. A Russian hacker by the handle name, “Hash” and “Rev0lver” was found attempting to sell access to the BBC server on Christmas day. Researches have found no evidence that led to a deal or that data was stolen from the BBC server. At the time of this writing the BBC security team has reportedly fixed the issue in question.
LulzSec Leaks Data From Ministry Of Interior
December 27, 2013 – Members of the LulzSec hacking group have targeted the network of the Peruvian Ministry of Interior. The hackers published various files, including documents, e-mails and screenshots, which appear to be classified. LulzSec Peru has stated the attack was aimed at demonstrating the vulnerabilities in the governments computer systems. The Ministry of Interior has released a statement confirming that the attackers had access to emails sent and received by authorities, however there is no evidence that the contents of the leaked files is accurate.
Malware Distributed Via Fake Retail Emails
December 27, 2013 – Authorities are warning customers of Costco, Walmart and Best Buy, of fake emails being sent out to distribute a variant of the Kuluoz malware. In each case, the scam email notifies recipients that if they fail to reply within one week, they will get their money back, however, a certain percentage will be deducted. The links from these emails do not point to a form, rather, they lead unsuspecting users to compromised websites used by the cybercriminals. Authorities are asking those effected to update their antivirus solutions and avoid opening any email they do not recognize.
Brazilian Government Site Hacked
December 27, 2013 – The website of Brazil's Igarape do Meio municipality has been hacked by the DK Brazil HackTeam, a group affiliated with Anonymous. As part of the campaign dubbed, OpWorldCup, the hackers targeted the government website in protest against the upcoming 2014 FIFA World Cup, which will be hosted by Brazil. Visitors of the website are redirected to a defacement page that displays a short message and video called, "Expect us on 2014 FIFA's Cup." The hackers have not deleted any information from the website aside from the logs. Reports suggest the hackers have also defaced the subdomain of the Sao Paolo website as well.
English Defence League Database Erased By Hackers
December 27, 2013 – The hacker, ZHC_GAZ, is claiming to have attacked and erased the database of the English Defence League (EDL) in the UK. The English Defence League is a far-right nationalist movement opposing what they consider to be the spread of Islam, Sharia law and Islamic extremism in the United Kingdom. At the time of this writing the website is currently offline.
Anonymous Claims Attack On Dolphin Quest
December 26, 2013 – Members of the Anonymous collective are claiming to have breached the website of Dolphin Quest Theme Park. Following the breach, the hackers leaked part of the site's database. Dolphin Quest is a popular tourist attraction with locations in Hawaii, the Bahamas, and Bermuda in which tourists can swim with dophins. The attack is part of the ongoing OpKillingBay, which is protesting the killing of dolphins in Taiji, Japan. The hacking collective is also threatening to attack the website of Sea World, who according to Anonymous is enabling the killings of dolphins and orcas in Taiji. At the time of this writing Dolphin Quest is yet to formally acknowledge the data leak.
Bangladesh Ministry Of Civil Aviation And Tourism Database Leaked
December 26, 2013 – The hacker group, AnonSecHackers has hacked the website of Bangladesh's Ministry of Civil Aviation and Tourism. The hackers have also posted information from the site's database on the Internet. This is the second reported attack this week on Bangladeshi cyberspace; earlier this week we reported that hackers were also able to breach and leak the data of Bangladesh's state owned petroleum company. At the moment the hackers have not stated the reason for the attack on the Ministry's website.
Iran Revolutionary Guard Corps Hack Opposition Websites
December 26, 2013 – The Islamic Revolutionary Guard Corps (IRGC) of Iran's Kerman province have hacked nine websites and portals of anti-regime forces. According to reports the nine websites targeted are: Nedaye Sabze Azadi, Sabzname, Norouz, SizProxy, Ostaban, Nogam, Degarvage, Iran Opinion, and Symail. On December 4th the IRGC also arrested 16 cyber-activists accused of having ties to foreigners, cooperating with Western news networks and helping to update and design websites to educate anti-regime reporters.
New Malware Targets Syrian Activists
December 26, 2013 – A new malware campaign is targeting Syrian activists, journalists, and non-government organizations, in which the attackers are employing a variety of tactics, including a new OS X Trojan which could be part of a “false flag” operation. The malware is mailed out to users in Syria and despite heavy media speculation, researchers say, there is no connection between the Trojan and the Syrian Electronic Army. Researchers have stated, “the groups behind these attacks are using a wider variety of tools to compromise their targets, including several remote-access Trojans and the OS X malware. Opposition groups continue to be targeted with phishing and malware attacks by pro-Assad hackers...”
Anonymous Announces Holiday Operations
December 24, 2013 – Hacker group Anonymous is gearing up for the festive season as it plans to launch three global operations over the holidays. The operations are: SolsticeSolidarity, a UK-led effort which started on December 21 aiming to build social media presence for donations, OpRingMyBell a US-led effort which is planned for December 25, to boycott and antagonize the Salvation Army for its discrimination of LBGT individuals, and OpSafeWinter planned for December 26, a global effort to raise awareness and donations for the homeless.
South African Department of Health Website Hacked
December 24, 2013 – The hacktivist group, Moroccan Islamic Union-Mail (MIUM), has hacked and defaced the website of the South African National Department of Health. The hackers left a short message offering condolences to the people of South Africa for the death of Nelson Mandela, as well as asking South Africans to support the Polisario Front in Morocco. The Polisario Front is a Sahrawi rebel national liberation movement working to end the Moroccan occupation of Western Sahara. This is not the first time the website has been hacked, a few days ago the hacker known as Dr.Silnt HiLL uploaded a defacement and last month another Moroccan hacker group, Moroccan Agent Secret, defaced the page as well. At the time of this writing the website is offline.
Hackers Try New Ways to Use Stolen Card Data
December 24, 2013 – Last week we reported on a massive data breach affecting more than 40 million Target customers, now it is being reported that hackers have begun using a new technique which can slow down the detection of card misuse. Compromised cards are being marketed online with information on the state, city, and zip code of the Target store in which they were used. Experts say the location information will allow buyers of stolen data to use spoofed versions of the cards issued to people in their immediate vicinity. One expert elaborated, “This lets crooks who want to use the cards for in-store fraud avoid any knee-jerk fraud defenses in which a financial institution might block transactions that occur outside the legitimate card-holder's immediate geographic region.” This is the first time security experts have observed hyper-localized selling of stolen credit and debit card information following a retail breach. Researchers also stated, “whoever is behind this breach appears to have a tremendous amount of not only technical, but also retail operations and payment industry knowledge.”
OpGreenRights Targets Three Italian Energy Companies
December 24, 2013 – The Anonymous subgroup, OpGreenRights, has claimed they have attacked three Italian energy companies, as part of the ongoing OpGreenRights campaign. The group has allegedly stolen and released account details of Italian electricity companies, ENEL, ENI, and SAIPEM. According to a video released by the hacker group, OpGreenRights was initiated when several of the Arctic-30 activists were arrested by Russian security forces on September 18. In the video the hackers state that OpGreenRights was, “designed to target high-level communication assets of the Russian Federation worldwide.” This new attack is one of several over the past few weeks which targeted the oil industry in Angola, Kenya, and Mexico.
Bangladeshi Petroleum Company Hacked
December 23, 2013 – The official website of Padma Oil Company Limited (pocl.gov.bd), the largest and oldest petroleum company in Bangladesh, has been hacked and defaced by the hacker known as z3r0c0000l. This is not the first time an attack has been launched on the state-owned company's website; in 2011 the website was hacked by Algerians, by Pakistanis in 2012, and last month by a group of Indian hackers. Once z3r0c0000l had defaced the website, another hacker group called, Gllok Hackers, posted their own defacement page on the websites homepage. It is still not certain if the hackers are finding new vulnerabilities on the website, or if webmasters are restoring the website without fixing the vulnerabilities. At the time of this writing the website is still defaced.
Anonymous Attacks Cambodian Government Websites
December 23, 2013 – Over the weekend, hackers of Anonymous Cambodia, launched distributed denial-of-service attacks against over two dozen government and government related websites. The attacks occurred just as thousands of people marched on the streets of Cambodia's capital, Phonom Penh, demanding new elections, and asking the prime minster to step down. According to a report the targeted websites belong to various ministries, the police, educational institutions, and other organizations with ties to the government. At the time of this writing all websites have been restored to their full working conditions.
Mauritania's Ministry of Justice Hacked and Defaced
December 23, 2013 –Mauritania Hacker team have breached and defaced the website of Mauritania Ministry of Justice (justice.gov.mr). The hackers defaced the website leaving a simple message, which reads, “Hacked by Mauritania HaCker Team.” No reason for the attack has been given. At the time of this writing the website is still down.
High School Students Hacking Computers To Change Grades
December 20, 2013 –According to a new report, at least a dozen students of the Corona del Mar High School in Newport Beach, California, are suspected of hacking in to school computer systems in an effort to change grades and gain access to tests. It is believed that the students were helped by a private tutor who showed students how to use a keylogger. Both the students and the tutor have been identified by local authorities, and could face criminal charges. At the time of this writing authorities are asking the public for help in identifying the tutor, Timothy Lance Lai, whose whereabouts are currently unknown.
Anonymous Compromises Several Serves As Part Of OpUkraine
December 20, 2013 –Hacker group, Anonymous, is claiming to have compromised several servers belonging to the Ukrainian government. The Anonymous led campaign, OpUkraine, is protesting the, 'brutal crackdown on journalists and media...' by Ukrainian President, Viktor Yanukovych. According to a report, over 50 journalists were targeted and injured at a demonstration by Ukrainian special forces. In retaliation for Ukraine's crackdown on pro-EU protesters and journalists, Anonymous has asked that financial support to the police and government be halted.
Cybercriminals Using German Copyright Scandal To Distribute Malware
December 20, 2013 –According to a new report, earlier this month, a German law firm began sending out threatening letters, on the behalf of copyright holders, to German users who had been surfing a popular adult website. Researchers now say they are leveraging this story to distribute malware. The case is controversial because it is uncertain how the German law firm obtained the information on the websites visitors. The report goes on to say that cybercriminals have started sending out fake emails in an effort to trick users into downloading a piece of the malware. The fake notifications inform the recipients that they will face fines and even imprisonment for unlawfully streaming copyrighted content, and instruct the users to download the attachment for more information. Once the file infects the device, the threat downloads additional pieces of malware. The German firm is aware of the fake emails and has posted a notice on its website to warn users.
Dutch Politician Targeted By Hackers
December 20, 2013 –Controversial Dutch politician, MP Geert Wilder, is in the cross-hairs of hackers who are targeting the politician after he released an anti-Islam sticker that said, “Islam is a lie. Mohammed is a crook. The Quran is poison.” Anonymous-affiliated hackers have already set their sights on Wilder's website, 'geertwilders.nl' and are apparently planning on launching a distributed denial-of-service attack against it. The hackers have also posted a link to a web-based DDoS tool that anyone can access to launch an attack against the politicians website. At the time of writing Wilders' website appears to be working properly. Many Dutch officials have come forward to condemn the offensive sticker.
Target Admits 40 Million Payment Cards Compromised
December 19, 2013 –Retail giant, Target has released a statement saying they just learned that the payment card details of almost 40 million customers from all over the United States have been stolen in a data breach. People who have made purchases at Target stores between November 27 – December 15 are impacted. Target has confirmed that names, credit and debit card numbers, card expiration dates, and CVVs have been stolen. Target has began providing customers with advice on what to do to protect themselves from potential misuse of their payment card information. The retailer is also working with law enforcement, including the US Secret Service, and financial institutions. As of now there is no mention of identity protection services being offered to customers, instead Target recommends customers periodically obtain credit reports from Equifax, Experian, or TransUnion.
Hackers Threaten To Sell Bank Details Of Customers
December 19, 2013 –According to a report coming out of Israel, a group of hackers are attempting to blackmail three Israeli banks. The group claims to have stolen the details of some 3.7 million customers, and are threatening to sell the information on the underground market unless the banking institutions pay them. The three banks being targeted are said to be, Yahav, Discount Bank, and First International Bank of Israel. The hackers claim to have obtained the information with the aid of a massive Botnet that stole the credit card details and passwords from the computers of Israeli users. The banking institutions have alerted the authorities, but have decline to comment on the allegations. Unnamed officials are claiming that the threat is not considered serious.
ZeuS Trojan Targets BTC China Customers
December 19, 2013 –Researchers have identified a new version of the ZeuS malware, dubbed Gameover designed to target BTC China and other Bitcoin exchanges. According to researchers, the malware waits for the owners of infected computers to visit the website of BTC China, once they do the malware steals their usernames, passwords, and hijacks their accounts. Researchers note that the Trojan steals the credentials and then suspends the session temporarily and a fake window is injected into the session instructing the user to enter their one-time password for security measures. Cybercriminals are increasingly using Bitcoins to launder their criminal proceeds, using the crypto-currency as the middleman for laundering funds without leaving any tracks.
Airline Spam Used To Distribute Malware
December 19, 2013 –According to a new report, cybercriminals have launched a new campaign in which they send emails purporting to be from an airline company. Researchers say the notifications appear to come from airline companies such as, American Airlines, US Airways, Delta Airways, and British Airways. The email usually informs the recipients that an electronic ticket has been purchased on their behalf, however the file attached is not a e-ticket, rather a variant of the Kuluoz malware. This particular malware is designed to download and execute other pieces of malware, such as ZeroAccess or fake antiviruses. The spam messages are distributed with the aid of the Cutwail botnet, which experts believe cybercriminals may have started using due to the large number of people traveling during this period. Researchers have also stated the new Kuluoz malware comes with a new feature, where once the computer is infected, the malware beings collecting system information, including installing antivirus solutions on the device.
Sister Operation To OpKillingBay Announced
December 18, 2013 –Hacker group, R00ts3curity, has announced a sister operation to #OpKillingBay, the Anonymous led campaign protesting the slaughter of dolphins and orcas in Taiji, Japan. The hackers announced the sub operation to #OpKillingBay, via video threatening Peruvian officials that they will "leak and destroy every server" for allowing the slaughter of dolphins in Peru. It is being reported that dolphins off of Peru's Pacific coast are being killed for the sole purpose of use as shark bait. At the time of this writing no attacks have been launched on Peruvian cyberspace. Anonymous has also released its intended target list for the continuation of #OpKillingBay. Anonymous has encouraged its followers to deface and launch distributed denial-of-service attacks on websites such as SeaWorld, World Association of Zoos and Aquariums, and the International Marine Animal Trainers' Association. At the time of this writing no known attacks have been reported.
People's Bank Of China Website Attacked
December 18, 2013 –The People's Bank of China (PBOC), China's central bank, is planning to ban payment companies from working with Bitcoin exchanges, according to a report. In response hackers have launched a distributed denial-of-service attack against the financial institution's website. According to some Chinese media outlets, it is believed that Bitcoin investors may have been behind the attack. Central bank officials have said they are working to get the website back online, however at the time of writing, the website pbc.gov.cn, is still inaccessible. Since the emergence of the ban the price of Bitcoin has dropped considerably.
New Trojan Targets ATMs
December 18, 2013 –According to a new report, researchers have come across a new Trojan designed to steal information from ATMs. The trojan is called 'Trojan.Skimer.18' and targets the devices developed by one of the world's largest ATM manufactures. The malware is loaded onto targeted machines via an infected application, once the ATM is infected the 'Trojan.Skimer.18' creates a log file. Then, when a card holder uses the ATM, it reads the data, namely the payment card number, expiration date, and the card verification value (CVV). Researchers also say the malware is capable of capturing the encrypted PIN of the individual as well. The attacker then simply enters a number associated with a specific command in order to display the statistics of the collected data. Researchers point out that the Trojan is similar to others designed to target ATMs.
Anonymous Re-launch OpGabon
December 18, 2013 –Anonymous has released a video announcing the re-launch of OpGabon. The, Anonymous led campaign, is seeking to draw media attention to the ritual killings occurring in Gabon. The re-launch of the campaign comes as Gabon prepares for the upcoming municipal elections, which according to Anonymous, has led to an increase in the number of ritual killings in the country. Anonymous will be planning distributed denial-of-service attacks against a large number of Gabonese websites, such as Gabonese President Ali Bongo's personal website, the Gabonese Department of Defense, and the Gabonese Department of Justice websites.
Royal Bank Of Scotland Suffers DDoS
December 17, 2013 –The online services of the Royal Bank of Scotland have suffered two outages; one due to a distributed denial-of-service attack, and another due to undisclosed technical issues. Soon after the outages, the banking institution issued a message to users alerting them about the possibility of phishing attacks. Once the outages were over, RBS customers began to receive phishing emails designed to have them give their personal information to the cybercriminals. The emails carried subject lines such as, 'Security Precaution' stating to the user that they must 'Activate My Card' in order for their card to be restored to normal working condition. However, once the user clicks on the activation link they are taken to a hijacked website belonging to a company in Poland. The website has been set up to host a legitimate looking RBS phishing page, where victims are asked to enter their credit card online services username, PIN, password, email address and email password. Once the information is entered the victim is taken to a genuine RBS website. Google has already flagged the malicious page, however it is likely that the cybercriminals are using multiple compromised websites in their scheme.
Hackers Use Government Officials Credit Cards For Donations
December 17, 2013 –The hacker group, TeamBeserk, has announced a new campaign called, OpBeserkChristmas, which will make donations to the less fortunate with the credit cards of government officials, employees and corporations. The hackers have claimed that they will use the stolen payment card information to donate gifts, including toys, blankets, tablets, computers and other items to homeless shelters and children's centers from all over the world. They have allegedly already made a donation to a children's shelter in San Antonio, Texas, at the expense of a Texas judge. According to reports some of the stolen information comes from the systems of Edwards County, Texas, however the hackers are refusing to name any of the other systems they've stolen from.
Cedar Rapids, Iowa High School Website Hacked & Defaced
December 17, 2013 –According to a report, unidentified hackers, have breached the website of Washington High School in Cedar Rapids, Iowa. The hackers have defaced several pages with racists messages. In one reported post, the hackers invited the websites visitors to take part in a 'KKK Klan Appreciation Day' on Christmas Eve. The content was quickly taken down by website administrators; representatives of the school district say they are uncertain who is behind the attack, but they are working to find out how the attackers managed to breach the website. Due to the offensive content authorities have also been called in to investigate the incident.
Las Vegas Hotel & Casino Website Breached
December 17, 2013 –The hacker, zVapor, is claiming he hacked the website of VegasTripping.com, a website providing a guide to Las Vegas hotels and casinos. The hacker stated that a SQL Injection vulnerability in the Board section of the website allowed him to compromise the database server. The hacker leaked all user information from the target server. The database dump contains user names, hashed passwords, e-mail addresses, country and other personal details. The hacker has also published the personal information of the site administrator. The vulnerability has been fixed, however individuals who have signed up for the website are being advised to change their user name and passwords.
University of North Carolina Data Breached
December 16, 2013 – According to a report, the University of North Carolina at Chapel Hill is investigating a personal information data breath that affects more than 6,000 people. According to school officials the files containing information such as names, social security numbers and dates of birth of some current and former employees, vendors and students were accidentally made public. Officials also learned last month that some of these files were accessible on the Internet. Less than two weeks later the files were no longer online anymore. Officials believe some safeguards that protect such files had been accidentally disabled this past summer while a computer was undergoing maintenance. School officials have begun notifying people whose information was affected.
Leak In Response To Hezbollah Commander Assassination
December 16, 2013 – The hacking group known as Islamic Cybe Resistance Group has leaked information allegedly related to Al-Qaeda, Israel and Saudi Arabia. The personal details of 2,014 people working for the Israeli army and 1,000 members of the Saudi army have been leaked online. The published information includes names, email addresses, phone numbers, addresses and military ranks. The hackers also claim they have access to 7 GB of information from the Saudi Binladin Group, which they claim is a major financial supporter of Al-Qaeda. The hackers have obtained 5 million 'secret documents' from the company's internal communications, however, to date only 2,200 documents have been leaked. The attack comes in response to the assassination of Hezbollah commander, Hassan Lakkis, in Beirut. The message left by the hackers claims they will avenge the assassination of Lakkis and warns Al-Qaueda and Mossad that their next operation will be 'much more damaging.' The leaks, as well as the attacks, are dedicated to the children of Lakkis.
Moroccan Hackers Deface Ministry of Finance Website
December 16, 2013 – The hacker group known as Moroccan Ghosts has hacked the official website of the Nigerian Federal Ministry of Finance. The hackers left a message on the defaced page explaining the reason for the attack on Nigerian cyberspace, stating, “Moroccan Ghosts! Website Hacked ! Coz you support the Algerian Front of Polisario ! Dedicated to All Moroccans..” The Polisario Front is a Sahrawi rebel national liberation movement working for the independence of Western Sahara from Morocco. This is the second attack on a high profile Nigerian government website by Moroccan Ghosts. At the time of this writing the official website has been fixed and is operating normally.
Official Website of Bangladesh Police Attacked By Hackers
December 16, 2013 – The hacker group know as, Izzah Hackers, was able to launch a successful distributed denial-of-service attack on the official website of the Bangladeshi police. The attack is part of the ongoing Anonymous campaign, OpBangladesh a response to Bangladeshi police arresting and killing protesters in Bangladesh. The attack comes as unrest in Bangladesh continues after the execution of top opposition leader, Abdul Quader Molla. Molla was the assistant secretary general of the Bangladesh Jamaat-e-Islami party. At the time of this writing the website is still down and has been down for over 20 hours. Izzah Hackers are also planning more attacks on websites from Bangladesh, Burma, and Myanmar.
Russian Hackers Steal Details of 54 Million Turkish Citizens
December 16, 2013 – According to a new report, Russian hackers may have stolen the personal details of around 54 million Turkish citizens. A general manager of a research company has revealed that the ID numbers, addresses, and father's names of 54 million voters has been stolen from political parties. Turkey's Supreme Election committee has been sharing the information with political organizations. It is also reported that some of these organizations didn't have protections in place to stop the hackers, making it even easier to steal the data. A recent report from Turkey's State Audit Board also revealed that some government institutions share citizen's personal information online with other organizations without ensuring the content is properly protected.
Anonymous Announces OpFoxBlackout
December 13, 2013 – Hacker group AnonymousFL_US has announced a new operation targeting Fox News. According to a message from AnonymousFL_US the attack is in response to Fox News' “right wing propaganda, racist over tones, and a lack of respect for the truth.” The hackers are calling upon other Anonymous members to join in the attack, as they plan to hijack 'their news feed with our own message and take down their site and replace it with information and links to various #Anonymous #Ops and our own message for the people.” At the time of this writing their is no proposed date for the planned attack.
Anonymous Attacks Japanese-American Embassy Phone Lines
December 13, 2013 – Members of the AnonymousOpsUSA hacking group launched a distributed denial-of-service attack on the phone lines of the Japanese/American Embassy in Washington, D.C. Yesterday. Plans for the attack were first seen earlier this week when AnonymousOpsUSA posted the main office phone number of the Embassy. The motivation behind the attack is in support of OpKillingBay, the operation by Anonymous protesting the killing of dolphins and orcas in the town of Taiji, Japan. AnonymousOpsUSA also stated they will be attacking the phone lines of the White House Tuesday, December 17.
Real Estate Website Hacked by TeamHackArgentino
December 13, 2013 – The hacker group TeamHackArgentino, a subgroup of Anonymous Argentina, has hacked and defaced the Interior Administrations website of Argentinian real estate company, Sergio Villella. According to a message from the hacker known as HackerArgentino the group has hacked the 'database of tenants and guarantors'. The group has also left a message on the website stating, 'No more Corruption in my country, more security please.' At the time of this writing the website is still displaying the defacement message.
Four Embassies In Japan Targeted As Part Of OpKillingBay
December 13, 2013 – The websites of the Taiwanese, Indonesian, Argentinian, and Russian embassies in Japan are all down due to a distributed denial-of-service attack by members of the hacker group, Anonymous. The attacks are part of the on going OpKillingBay operation by Anonymous. At the time of this writing several websites are still down.
Cyber Criminals Using Database Cloud Services
December 12, 2013 – A new botnet has been discovered that is using database-as-a-service platforms to steal commercial online banking credentials. Researchers are calling it a warning sign for possible future targeted attacks on databases by outside attackers. It is being reported at least 370 machines have been infected within the last five days via the banking Trojan. According to researchers the malware will begin targeting internal enterprise databases very soon and infection is “inevitable, and comprise of a portion of workstations within a network should be considered an inherent condition.” The research concludes that any enterprise database platforms running in the cloud, can be vulnerable to cloud-borne attacks.
Syrian Ministry Of Health Website Taken Down
December 12, 2013 – According to the hacking group known as An0ymousLulz, the Syrian Ministry of Health website was brought down by a distributed denial-of-service attack. The motivation of the attack is said to be in support of the Syrian revolution and part of the greater OpSyria campaign. The Ministry of Health is responsible for supervising the health sector in the Syrian Arabic Republic, as well as providing Syrians with health directories, statistics, and drug and nutrition information. At the time of this writing the website is restored and functioning properly.
30 Government Websites Hacked in India
December 12, 2013 – More than 30 government websites in the Indian state of Rajasthan have been hacked and defaced by Pakistani hacker, H4x0r HuSsY. The defacement message reads, “Proved to be Hell For India! I might Opt Out of the Cyber World As I don't get much time. But Here's a Peace Message. To All Indian Hackers etc etc U Gotta Look at my Zone-H Archive Whenever you have Intentions of hacking (.PK) Sites." At the time of this writing several of the websites have been taken down.
Nepal College Website Hacked By Anonymous Afghanistan
December 12, 2013 – The website of the Namuna College of Fashion Technology in Nepal has been hacked and defaced by Anonymous Afghanistan. At the time of this writing the website is still defaced with the message, “Hacked by Anonymous Afghanistan” with the name of the attacker, Zishan Rider, telling the website Administrator to patch the vulnerability.
Canada Spying For The US
December 11, 2013 – According to a newly released document, the Communications Security Establishment Canada (CSEC) has worked with the NSA in "approximately 20 high-priority countries", some of which are trade partners to the U.S. The document also claims that, "CSEC shares with the NSA their unique geographic access to areas which are unavailable to the U.S.” Former NSA official turned whistle-blower, Thomas Drake, said it comes as no surprise that the two agencies are working together. The relationship between the two intelligence agencies is described as being close and co-operative with both sides looking to expand and strengthen.
NSA Tracking Targets With Google Cookies
December 11, 2013 – According to a new report the NSA and GCHQ, are using 'cookies' which advertising networks place on computers to identify people browsing the Internet. In particular the intelligence agencies are using the part of the Google-specific tracking cookie known as "PREF." Though the cookies do not contain personal information, they can uniquely identify a person's browser using the numeric codes that enable Web sites. According to leaked documents the cookies are used to 'enable remote exploitation.' This technique is used to let the NSA hone in on individuals already under suspicion and suggests that the agency is using these tracking techniques to help identify targets for offensive hacking operations.
LA Gay & Lesbian Center Hacked
December 11, 2013 – The Los Angeles Gay & Lesbian Center is notifying 59,000 people that their personal information was compromised in a hack of their computer systems. The stolen information includes names, contact information, payment card details, medical or health care information, dates of birth, social security numbers and health insurance account numbers. A piece of malware was loaded onto the Center's systems and was stealing information between September 17 and November 8. Authorities are currently investigating the incident.
RootSecurity Announces Support Of OpKillingBay
December 11, 2013 – Members of the RootSecurity hacking group have posted a video announcing their support of the OpKillingBay campaign. OpKillingBay is the Anonymous operation that is protesting the killing of dolphins and orcas in the Japanese town of Taiji. The hackers said in the video, “We will kill servers and leak every database we can get our hands on until you realize the wrong you're doing, we are done playing around, it is time for the games to stop.” So far they have leaked information from three Japanese websites, however the sites have nothing to do with dolphins.
Black Hole Found In The Internet
December 10, 2013 – In 2008 two security researchers at the DefCon hacker conference demonstrated a massive security vulnerability in the worldwide internet traffic routing system. The vulnerability is so severe that it may allow intelligence agencies, corporate spies, or cyber criminals to intercept massive amounts of data. At the time of the conference no real threat came from it, however earlier this year someone began using their technique to hijack internet traffic headed to government agencies, corporate offices and other recipients in the U.S. This traffic was redirected to Belarus and Iceland before sending it on its way to its legitimate destinations. It has not been determined who is behind the hijacking or their motivation.
TeamBerserk Announces Return
December 10, 2013 – The hacking group known as TeamBerserk have announced they are returning to hacking. After several months of inactivity, the hackers released a statement saying, “After many days at port, days filled with rum, women and lulz – which have recovered us. We have again united for an explosive several weeks of exploitation, mayhem and LoLz.” To mark their return, the hackers have leaked 23 documents they allegedly stole from Edwards County, Texas Judge Souli Shanklin. They are also claiming to have breached Shanklin's Amazon account.
Alleged Skynet Botnet Creator Arrested In Germany
December 10, 2013 – The German Criminal Police Office has reported that they have arrested the cyber criminals responsible for creating the Skynet Botnet. Skynet is a variant of the infamous Zeus malware. When the Skynet Botnet infects a system it downloads Bitcoin miners, exploits computational resources of the victim's system and uses them in the mining process. According to a press release from the German police they have arrested two individuals suspected of illegally generating Bitcoins worth nearly $1 million using the malware. It is not yet clear whether or not the Skynet servers were taken down by the German police.
United Nations Ethiopia Site Defaced
December 10, 2013 – The Turkish hacking group known as Ayyildiz Tim are claiming to have breached and defaced the United Nations in Ethiopia website. The defacement message says that the hackers will start a virtual war with anyone that is against their country or religion. At the time of this writing the site is still defaced. In addition, the hackers also defaced several other sites from Italy, Brazil, Thailand, Vietnam and Honduras. Many of these sites are also still defaced.
French Government Spoofing Google Domain Certificates
December 9, 2013 – Google has reported that France's cyber defense division, ANSSI, has been detected creating unauthorized digital certificates for several Google domains. An intermediate certificate authority (CA) issued the certificates, which links back to ANSSI. Google wrote, "Intermediate CA certificates carry the full authority of the CA, so anyone who has one can use it to create a certificate for any website they wish to impersonate." ANSSI released a statement that revealed the intermediate CA is really its own infrastructure management trust administration. In the statement, ANSSI claims that the fake certificates were a result of "human error, which was made during a process aimed at strengthening overall IT security." ANSSI went on to say, "The mistake has had no consequences on the overall network security, either for the French administration or the general public." Google says that this incident is an example for the need for its Certificate Transparency project, which is aimed at fixing flaws in the SSL certificate system that could result in man-in-the-middle attacks and website spoofing.
Radio Free Europe Hit With DDoS Attack
December 9, 2013 – The Radio Free Europe/Radio Liberty website was hit with a distributed denial-of-service attack as it was providing coverage of the ongoing protests in Kiev, Ukrain. Radio Free Europe is a media organization with over 700 journalists in 21 countries. The website was down for about three hours before it was fully restored. No suspects have been identified in this attack. At the same time, Anonymous hackers have been launching DDoS attacks against government websites in support of the protesters. The Anonymous targets included the website of the presidency, the main government portal and the site of the Ministry of Internal Affairs.
20 Million Hotel Reservations Leaked By Chinese Hackers
December 9, 2013 – The Chinese hacking group known as the Harbors of Evil Goods are claiming to have breached the systems of CNWisdom, China's largest wireless Internet service provider for hotels. As part of the breach, the hackers have leaked the details of around 20 million hotel reservations. The leaked information includes phone numbers, email addresses and physical addresses. CNWisdom is saying that the data may not have been from their systems, since some of the information is from hotels that are not their customers.
Syrian Hacker Targets Indian Government Sites
December 9, 2013 – The Syrian hacker known as Dr. SHA6H is claiming to have hacked and defaced eleven websites belonging to the government of the Indian state of Kerala. The defacement message is a protest against the Syrian regime's actions of murder and destruction. Dr. SHA6H wrote, "Is there an international interest with Bashar al-Assad? Or economic interest, or is [it] a political interest? We want answers [from] all the countries of the world, there are children dying, women [abused] and houses destroyed." At the time of this writing all of the sites have been taken offline.
Anonymous Threatening Twitter
December 6, 2013 – Earlier this week it was reported that Twitter had suspended several Anonymous related accounts. In response to this action by Twitter, members of the Anonymous collective have issued a statement. The statement begins, "You have the ability to suspend Twitter accounts . . . We have the power to suspend websites." The hacktivists are calling for Twitter to reinstate the @Anon_Central account, which has been used to distribute news about attacks and plans for future attacks. If the account is not reinstated the hacktivists promise that things will "get very messy." They said, "If the suspended Twitter account @Anon_Central is not returned, you may have to fix a database leak." The statement was signed, "Team AnonymousOpsUSA & various LulzSec entitites."
TeslaTeam Targets Government Sites
December 6, 2013 – The Serbian hacking group, TeslaTeam, has targeted government websites belonging to various different countries. In each of the attacks the hackers have leveraged SQL vulnerabilities to breach the sites. The most recently affected sites include the Albanian Ministry of Economy, Trade and Energy, Ghana's Ministry of Finance and Economic Planning and the Court of Bosnia. None of the sites have been defaced, but the hackers have stolen and leaked data from the targeted database servers. The stolen data includes user names and passwords.
RedHack Demands Release Of Hacker By Turkish Government
December 6, 2013 – Members of the RedHack hacking group have posted a video aimed at the Turkish government, demanding the release of suspected hacker Taylan Kulacoglu. Authorities believe that Kolacoglu is the leader of RedHack, however the other members deny the man has any affiliation with their group. In the video the hackers said, "People practicing their right to freedom of speech and freedom of assembly is threatened with arbitrary arrests and prison. Law has lost its legitimacy and that’s why dictator PM Erdogan openly wages war against people who criticizes his ill-fated politics of divide and rule. We can only win against these evil policies if we can unite and fight." The video did not specify any planned attacks or protests.
Anonymous Responds To Tunisian Internet Censorship
December 6, 2013 – Members of the Anonymous collective have posted a new video with a message for the Tunisian government. The Tunisian government is currently considering implementing a new law that would censor what people post to the Internet. The hacktivists said, "The fact that the Tunisian government is trying to get away with stealing the People’s privacy has shocked us and has driven us to take more precautions. This censorship signifies the comeback of years of oppression and tyranny. To the Tunisian government, We are watching you from very close. We know about the financial , technological and human resources provided by the government. We know that they are financed by the taxpayers and are intended for launching a new dictatorship in the country and the Tunisian cyberspace. We do not tolerate these acts!"
JPMorgan Chase Customer Info Compromised In Server Hack
December 5, 2013 – It is being reported that the personal information of almost 465,000 JPMorgan Chase customers may have been stolen in a breach of the web servers that host the ucard.chase.com website. The breach of the UCard website occurred in July, but was not detected until the middle of September. JPMorgan is saying that there is no evidence that sensitive information has been stolen. They also said that no money was stolen in the attack. JPMorgan is only just now notifying customers because their internal investigation was ongoing since September. The bank has not revealed any information about their investigation. The 465,000 people impacted represents 2% of the 25 million UCard customers.
Customer Information Stolen In Maple Grove Farms Hack
December 5, 2013 – A warning has been issued by B&G Foods North America, which owns the Maple Grove Farms brand, advising customers that their personal and financial information may have been compromised by an attack on the Maple Grove Farms of Vermont website. The stolen information includes names, addresses, phone numbers and payment card numbers. According to B&G Foods, additional technical security measures have now been implemented to prevent future attacks.
Anonymous Threatens Moroccan Government
December 5, 2013 – The Moroccan government is scheduled to sentence the "kissing teens" on December 6. The teens were arrested when one posted a picture of the other two kissing on Facebook. Members of the Anonymous collective have issued a warning to the Moroccan government saying that they are "ready to take action" if the sentence is deemed too harsh. The hacktivists said, "Regardless of the sentence though, Morocco will remain a focus for the Anonymous collective, for human rights violations and corruption heinous and unchecked." To prove that they are serious the hacktivists leaked data that they claim was stolen from a "prominent Moroccan financial institution."
Oregon Cities Hacked By Iranian Hacker
December 5, 2013 – The Iranian hacker known as hossein19123 has hacked and defaced the websites of City of Amity and Sutherlin City, Oregon. The hacker is a known member of the Ashiyane Digital Security Team hacking group. The defacement message on both sites reads, "Your Box Own3z By hossein19123! Ashiyane Digital Security Team! Greats All Ashiyane. Defacers! We are love Iran." At the time of this writing both sites were still displaying the defacement.
Twitter Suspends Over 30 Anonymous Accounts
December 4, 2013 – Twitter has suspended over 30 accounts related to the Anonymous movement. It appears this is a response to a campaign of abuse against feminist campaigners. Anonymous members believe that journalists Caroline Criado-Perez, Hannah Curtis and Caitlin Moran are responsible for the suspensions. One Anonymous member said, "(They) appear to have some direct line to Twitter to get accounts suspended sooner." Criado-Perez responded, "I certainly don't have the power to ban accounts, but I do report accounts that send threats and harass me. Sometimes they get suspended and sometimes they don't."
Two Million Stolen Facebook, Twitter Logins Found
December 4, 2013 – Researchers have discovered a Netherlands-based Pony Botnet Controller Server with almost two million user names and passwords of Facebook, Twitter, Google and Yahoo users. The researchers were able to hack into the Pony Botnet's admin area, which is where they found the stolen information. It is not known how exactly the credentials were originally obtained. The countries with the most stolen credentials were the Netherlands, Thailand, Germany, Singapore and Indonesia. The United States accounted for less than 2,000 stolen logins.
UK Council For Graduate Education Site Hacked And Defaced
December 4, 2013 – The hacker known as smitt3nz has hacked and defaced the website of the UK Council for Graduate Education. The defacement message reads, "So your security wasn't that tight . . . Gr33tz; smitt3nz." The hacker also leaked data stolen from the Council's database. The leaked data includes email addresses and clear text passwords of over 600 users.
Angola Government Sites Taken Down By Anonymous
December 4, 2013 – Members of the Anonymous collective have launched distributed denial-of-service attacks against all Angola government websites. This is a protest against officials accused of being involved in the killing of two political activists last year. The hacktivists have published a list of 70 websites that are targets. At one point earlier today, most of the websites were inaccessible, however most of them were quickly restored and are currently available.
96,000 Bitcoins Stolen From Sheep Marketplace
December 3, 2013 – It is being reported that 96,000 bitcoins have been stolen from the Tor-based underground marketplace, Sheep Marketplace. The site, a replacement for Silk Road, has shut down as a result of the theft. Sheep Marketplace's operators say that only 5,400 bitcoins were stolen, however other sources are reporting much higher amounts. The highest estimate is that a total of 96,000 were stolen, which is valued at almost $100 million. Sheep Marketplace is saying that a vendor found a bug in the site's systems that allowed the theft without being detected. Others, though, say that the site is actually a scam and the owners actually stole the money.
Wisconsin Man Sentenced To 2-Years Probation For Anonymous Attack
December 3, 2013 – Eric Rosol, 38, of Wisconsin has been sentenced to two years federal probation for taking part in the distributed denial-of-service attack against the website of Koch Industries in February 2011. Rosol had pleaded guilty to one misdemeanor count of accessing a protected computer. He is also ordered to pay $183,000 in restitution. Rosol was one of many people that participated in the Anonymous-led attack against Koch Industries. Authorities were able to identify him, even though he only participated in the attack for a little over one minute.
Anonymous Honduras Protests Election Fraud With Hacks
December 3, 2013 – Members of the Anonymous Honduras hacking collective have hacked and defaced several high-profile websites in Honduras. These attacks are a protest against the alleged election fraud that took place during Honduras' presidential election. The targeted sites include a state-owned tourism agency, the Department of Culture, Arts and Sports, the Secretary for Security, Interpol Honduras, the National Police, the Supreme Electoral Tribunal, the Innovation and Unity Party and the Superintendent of Public Private Partnership. The defacement messages accuse officials of manipulating the media, and they urge all citizens to collect evidence of election fraud.
706 Domains Seized For Selling Counterfeit Items
December 3, 2013 – The United States Immigration and Customs Enforcement's (ICE) Homeland Security Investigations (HSI) has partnered with law enforcement agencies from all over the world to seize Internet domain names used to sell counterfeit merchandise. The operation is known as "Project Cyber Monday IV", and has led to a total of 706 domain names being seized. The United States has seized a total of 297 domains and European agencies have seized 393 sites. Hong Kong Customs has taken down another 16 domains. Acting Director of ICE, John Sandweg said, "Working with our international partners on operations like this shows the true global impact of IP crime. Counterfeiters take advantage of the holiday season and sell cheap fakes to unsuspecting consumers everywhere. Consumers need to protect themselves, their families and their personal financial information from the criminal networks operating these bogus sites."
Malware Infects UW Medical Center, 90,000 Patients Impacted
December 2, 2013 – The University of Washington Medical Center is warning patients that their personal details may have been compromised. An employee opened an email attachment that contained malware that has led to almost 90,000 people being impacted by a data breach. The information breached includes names, medical record numbers, dates of service, dates of birth and social security numbers. The FBI is currently investigating the incident.
Israel And Saudi Arabia Working Together To Create Stuxnet-like Malware
December 2, 2013 – It is being reported that Israel and Saudi Arabia are planning to create a piece of malware that will be capable of sabotaging Iran's nuclear program. The aim of the malware is not only to sabotage Iran's nuclear program, but also to gather intelligence. The report says that the countries will be investing about $1 million in the project. The malware is being described as similar to Stuxnet, but more destructive.
70,000 Users Impacted By Vodafone Iceland Hack
December 2, 2013 – The Turkish hacker known as Maxney is claiming to have hacked the systems of Vodafone Iceland. Several of the company's domains have been defaced and details of over 70,000 customers have been leaked. The leaked information includes SMS messages, user names, user IDs, encrypted and clear text passwords, email addresses, financial information and social security numbers. Vodafone took down their website as soon as the defacements were discovered. The company said that they have brought in the country's "most talented professionals in data and network security issues" to investigate the incident.
Anonymous Hacks Venezuelan Government Sites
December 2, 2013 – Members of the Anonymous Venezuela and Anonymous Argentina collectives have hacked and defaced several Venezuelan government websites. The hacktivists left a defacement message that translates to, "This post is dedicated to all Venezuelans. We will not allow this corrupt government to dominate our way of thinking. We are prepared to face them. We will not allow Cuba to dominate our country." Some of the impacted websites have been restored, but several are still defaced. At least 10 government owned sites have been affected.
Report Warns US Army of SEA Attack
November 27, 2013 – A report has been issued by the TRADOC G-2 Intelligence Support Activity's (TRISA) Complex Operation Environment and Threat Integration Directorate (CTID) that warns the United States Army of possible cyberattacks being launched by the Syrian Electronic Army (SEA) hacking group. The report says, "The SEA is clearly a force of disruption, and the long-term implications of its continued presence might very well remain what they are today - primarily a nuisance - or the implications might become more serious if the SEA's message gains greater influence." In addition, the report provides details on past SEA attacks and techniques used by the group.
Time's Person Of The Year Poll Hacked
November 27, 2013 – Two hackers known as Gains and Marek have found a way to bypass the authentication of Time Magazine's Person of the Year poll, and have automatically cast a large number of votes for Miley Cyrus. Voters are supposed to sign in with their Facebook or Twitter accounts, however the hackers developed scripts that allow them to vote on any Facebook user's behalf, without their knowledge. After putting the automating voting script in place, Cyrus went from 15th place to first. Edward Snowden is currently in second place and seems to have a lot of support from Anonymous members. This poll has been hacked before, in 2012 hackers rigged the system to make North Korean leader Kim Jong-un the lead vote getter. Ultimately, Time's editors will select the winner of the award.
Teen Arrested For Hack Of Sachem, NY School District
November 27, 2013 – A seventeen year old has been arrested for illegally downloading information from the computer systems of the Sachem school district in Long Island, NY. Matthew Calicchio, a student at Sachem North High School, has pleaded not guilty to the charge of computer trespass. The records of thousands of students were illegally downloaded and posted online between July and November 2013. Sachem representatives say that they are confident that their systems were not hacked from the outside. Calicchio has been released on bail and is scheduled to appear in court on December 9th.
Anonymous Korea Plans Protest For December 25th
November 27, 2013 – Members of the Anonymous Korea collective have announced a plan for its own Million Mask March on December 25, 2013. The hacktivists are asking people to join them in an anti-government protest in the Chung Gye Square in Seoul. In the video announcing the protest, the hacktivists say, "We have been deprived of things which they have promised to give. Let us remind the government that fairness, justice and freedom are more than words."
New OpKillingBay Targets Announced By Anonymous
November 26, 2013 – Members of the Anonymous collective have announced that they are extending the list of targets for OpKillingBay. The goal of the operation is to raise awareness of the slaughtering of dolphins in Japan by any means necessary, including cyberattacks, letters and messages on social media networks. The newest targets announced include Sea Life Park in Hawaii, MarineLand in Canada, Hotel Dolphin Resort in Japan, the Dolphinarium in Dubai, Ocean Park in Hong Kong and the Georgia Aquarium in the United States. The hacktivists said, "We are trying to be as transparent and open as we can be in hopes of getting more willing Anons, Hacktivist & Activist to help us out. This should be a global effort. United together to stop this [expletive] inhumane massacre and needless captivity."
Australian Crime Stoppers Site Hacked
November 26, 2013 – Members of the Indonesian BlackSinChan hacking group are claiming to have breached Australia's Crime Stoppers website. The hackers posted what they claim to be encrypted passwords and emails attached to members of various police forces. The attack was "payback for Spying (on) Indonesia!" Crime Stoppers Australia deputy chairman Peter Price said, "We don't know what some of these passwords are - we have never seen them." He did admit that, "Yes, the website was hacked and yes, they published information on the Internet, which was not of any critical relevance." The Crime Stoppers' website has been taken down for 24 hours as a precaution.
Central Bank Of India Website Defaced
November 26, 2013 – Members of the Pakistan Cyber Army and Team MaDLeeTs hacking groups have hacked and defaced a section of the Central Bank of India's website. The attack is a response to Indian hackers targeted several Pakistani sites to commemorate the November 26, 2008 Mumbai attacks. The Pakistani hackers wrote, "This attempt is in response to the Pakistani websites hacked by 'Indian Cyber Army'. We told you before too. We are sleeping but NOT dead!" The Central Bank of India took down the defaced page as soon as it was discovered.
$1 Million In Bitcoins Stolen From BIPS
November 26, 2013 – Bitcoin Payment Solutions (BIPS), a Danish bitcoin exchange, had more than $1 million in bitcoins stolen in a recent hack. In response, BIPS has temporarily shut down its consumer wallet initiative, while they re-architect the security model to prevent future attacks. The company issued a press release saying, "All existing users will be asked to transfer bitcoins to other wallet solutions, and users affected by the security breach will be contacted." This is at least the third bitcoin exchange hack this month.
New York State Government Sub-Domain Defaced
November 25, 2013 – The Indonesian hacker known as Jje Incovers is claiming to have hacked and defaced a sub-domain of a New York State Government information portal. The affected domain belongs to the Hudson River Valley Greenway, which now displays a defacement page. The defacement message says, "Hacked by Jje Invcovers, I'm single Attacker !! - SANJUNGAN JIWA!!" No reason was given as to why this sub-domain was targeted. At the time of this writing the sub-domain has been taken off-line.
Anonymous Leaks Documents On Italy's Lombardy Region Governor
November 25, 2013 – As part of Operation Italy, members of the Anonymous collective have leaked documents belonging to Roberto Maroni, the current governor of Italy's Lombardy region, and former Interior Minister. The hacktivists say that Maroni is "one big corrupted son of a gun." The leak contains a 368Mb archive file that contains almost 500 documents, including a copy of Maroni's passport. Anonymous posted a message with the leaked information saying, "Tell us about your secret affairs with Aiello mafia and all the other nasty things people will find out today without your NOBLE consent. Drink expensive wine, drive expensive car pay no TAX and enjoy life while Lombardy suffers from all kinds of criminal wars and corruption." The hacktivists plan on targeting the presidents of several Italian regions, including Sicily, Tuscany, Campania and Puglia.
370 Israeli Websites Hacked By Tunisian Hacker
November 25, 2013 – The Tunisian hacker known as CapoO_TunisiAnoO is claiming to have breached and defaced 370 Israeli websites. The attacks are a show of support for Palestine. The sites had several different defacement messages, but all had the same theme. One message read, "Israel, we love to smell your fear! Hacked By CapoO_TunisiAnoO 'Tunisien Elite Hacker' Greets to All Hackers that support Gaza case! Message: This is only the beginning . . . To Catch Me, You Must Be Faster Than Lightning. To Trace Me, You Must Be the Smartest People!" The affected sites belong to private businesses in Israel.
Australian National University Hacked By Indonesian Hackers
November 25, 2013 – The Indonesian hacking group known as Gantengers Crew has hacked and defaced a sub-domain of Australian National University. The hackers say this attack is in response to Australian spying against the Indonesian government. The sub-domain belongs to the University's Deepening Histories of Place Project. The defacement message reads, "Hacked by Gantengers Crew! We Are Gantengers Crew." The hackers say they will continue targeting Australian government owned websites until an official apology is issued. At the time of this writing the site is still defaced.
Malware Targeting Apache Tomcat Servers
November 22, 2013 – Servers running Apache Tomcat are being targeted by a back door worm that acts as a Java Servelet, but instead of creating a web page, it acts like an IRC bot that receives commands from the attacker. The malware is designed to scan and infect other Tomcat servers, so users visiting the pages from the compromised server are not in any danger. Researchers believe that the purpose of the attacker is to create DDoS attacks from the compromised servers. The command and control servers have been located in Taiwan and Luxembourg.
Flaws In Google Password Recovery Allow Hackers To Hijack Accounts
November 22, 2013 – Researchers have discovered several vulnerabilities in Google's password recovery process that could have been leveraged by hackers to hijack accounts. Three types of flaws could be exploited: cross-site request forgery (CSRF), cross-site scripting (XSS) and a flow bypass. The researchers showed how combining the vulnerabilities with a realistic looking phishing email could lead to user accounts being hijacked. Ten days after being notified, Google announced that they have fixed the vulnerabilities.
Over 40 Chinese Government Sites Defaced
November 22, 2013 – Members of the Code Newbie hacking group have hacked and defaced over 40 sub-domains belonging to China's Fifth Agricultural Construction Division. The hackers, who are from Indonesia and Malaysia, say that they defaced the sites to simply test their security. The defacement pages were added to the "Images" folder of each sub-domain. Shortly after the hacks were discovered the sub-domains were taken down and fixed. However, the administrators did not patch the vulnerabilities that the hackers used, allowing the hackers to deface the sites a second time once they were back online.
Syrian Secret Police Hacked By Refugee Hackers
November 22, 2013 – A leading member of a Syrian youth opposition movement is claiming to have breached a Syrian government and secret police database. The hacker said, "It was easy to look at the secret police's systems, which were left wide open to public view. The information they held was scary." According to the hacker, the databases contained records of the web traffic for much of the Syrian population, which allowed him to identify the IP addresses of the secret police. "What we found was that agents would watch pornography whilst at work," he said.
GitHub User Accounts Hacked
November 21, 2013 – A brute force attack was launched against GitHub accounts earlier this week. Failed login attempts were seen coming from China, Venezuela, Indonesia, Ecuador and other countries. GitHub has said that some users who use weak passwords have been compromised. GitHub released a statement saying, "While we aggressively rate-limit login attempts and passwords are stored properly, this incident has involved the use of nearly 40K unique IP addresses. These addresses were used to slowly brute force weak passwords or passwords used on multiple sites. We are working on additional rate-limiting measures to address this." Users will be kept posted in case source code or sensitive information is found to have been stolen.
Pakistani Hacker Defaces Indian Radio Site
November 21, 2013 – The Pakistani hacker known as BLACK H3ART has breached and defaced the website of All India Radio Allahabad. The defacement message reads, "Before today I was only giving warning to you Indians but now you have crossed your limits by interfering in our land and killing our men on border now see how we destroy your cyberspace and your country . . . Pakistan Zindabad ALLAH HO AKBAR!!!" The hacker also referenced several other Pakistani, Syrian and Iranian hackers. At the time of this writing the defacement page was still displayed.
Australian Federal Police and Reserve Bank Of Australia Hit with DDoS Attacks
November 21, 2013 – Members of the Anonymous Indonesia collective launched distributed denial-of-service attacks against the websites of the Australian Federal Police (AFP) and the Reserve Bank of Australia (RBA). The attacks were part of the protest against the Australian spying on Indonesian government officials. The AFP says that no sensitive information was hosted on the affected site. "Activities such as hacking, creating or propagating malicious viruses or participating in DDoS attacks are not harmless fun. They can result in serious long-term consequences for individuals, such as criminal convictions or jail time," an AFP spokesman said. A RBA spokesperson said, "There has been no outage but the Bank's website has been experiencing access delays fro some users. The bank's website and systems remain secure." At the time of this writing both websites are operating normally.
Anonymous Defends Moroccan "Kissing Teens"
November 21, 2013 – Members of the Anonymous collective have launched a new campaign in protest of the arrest by Moroccan authorities of two teenagers kissing and their friend who took the photo. The three teens face charges of violating public decency for sharing the photo on Facebook. The hacktivists have hacked Morocco's Department of Water, which is a branch of the Moroccan Ministry of Energy, Mines, Water and Environment. Anonymous issued a statement saying, "Drop the charges against these teenagers. pull back from the brink of the unbelievable two year sentence they could be facing for simply expressing affection for each other and we will also back down." If authorities do not take the warning, the hacktivists say they will "rip through government servers, leaking and deleting." Sample data from the hack of the Department of Water was also released, which included personnel files, bank transfer details and passwords.
Anonymous Declares Global Cyberwar Against US Government
November 20, 2013 – Members of the Anonymous collective have posted a new video declaring "global cyberwar" against the US government. The hackers say they have been driven to this war due to the NSA spying, the Trans-Pacific Partnership and the "unjustified" sentencing of Jeremy Hammond. In the video the hackers say, "We ask the people to be aware, let the war be handled by us." They say that they don't want their supporters to launch any real-world or online protests because that hasn't been effective before.
Dating Website Hack Exposes 42 Million Plaintext Passwords
November 20, 2013 – Earlier this year, the dating website Cupid Media suffered a breach that exposed users' names, email addresses and plaintext passwords for 42 million accounts. The stolen information was found on the same servers that contain tens of millions of records stolen in separate hacks of sites including Adobe, PR Newswire and the Naitonal White Collar Crime Center. A review of the Cupid Media user information showed that more than 1.9 million accounts used the password 123456, and another 1.2 million used 111111. The company says they have notified all affected users, and are in the process of double-checking that all affected accounts have had their passwords reset.
Syrian Ministry Of Electricity Website Hacked
November 20, 2013 – The Bangladeshi hacker known as Albaze Ever is claiming to have breached and defaced the Syrian Arab Republic's Ministry of Electricity website. The defacement message left said, "Hacked by Albaze Ever! Bangladesh Grey Hat Hackers. . . too bad as we have hacked Syrian Ministry of Electricity!" The hacker did not give any reason for the attack. The site was restored, but hacked a second time by an Iraqi hacker known as Abu Abid. Abu Abid left a message in Arabic. At the time of this writing the site has been restored and is operating normally.
OpKillingBay Expands To Target SeaWorld, FedEx And Other Organizations
November 20, 2013 – Members of the Anonymous collective recently launched OpKillingBay, which initially was focused on disrupting Japanese government websites in protest of the killing of whales and orcas in Taiji, Japan. The hacktivists are now expanding the operation to target other organizaitons that are also "responsible for the slaughtering in Taiji, not just the Japanese government." Some of the new targets include the International Marine Animal Trainers Association, the World Association of Zoos and Aquariums, SeaWorld, FedEx and Japan Air. The hackers say that SeaWorld and other aquariums are the "main culprits" because they buy the animals from Taiji and that FedEx, Japan Air and other companies "make a profit from transporting them." The hackers released a statement saying, "They need to know and the public needs to know this is not (expletive) alright. We need to cut off the supply chain and it starts with those airlines who are complicit."
E! Online Hacked By Serbian Hacking Group
November 19, 2013 – Members of the Serbian hacking group, Tesla Team, are claiming to have breached a sub-domain of eonline.com. The E! site provides entertainment news and gossip. The hackers say they leveraged a SQL injection vulnerability in the website. A database containing lists of user names, passwords and phone numbers was posted by the hackers. Tesla Team is the group that recently breached the Vevo website.
AnonGhost Defaces Hillside, Illinois Police Department Site
November 19, 2013 – Members of the AnonGhost hacking group have breached and defaced the website of the Hillside, Illinois Police Department. The hackers left a defacement message against the "governments of the world." There was also an audio message left on the site that criticizes NATO's role in Muslim countries. At the time of this writing the site has been restored and is operating normally.
Website Of Franklin County, Ohio Hacked And Defaced
November 19, 2013 – The official website of Franklin County, Ohio has been hacked and defaced by the hacker known as /Nullroot. The hacker added the defacement page to the site, no other pages were impacted. The defacement message left reads, "Greetings to everyone at /Nullroot. We are coming back #2013!" The hacker did not leave any reason for the hack. At the time of this writing the site is still defaced.
LulzSec Peru Breaches Peru's National Police
November 19, 2013 – Members of the LulzSec Peru hacking group have hacked and defaced the website of Peru's national police. The hackers left a defacement message in Spanish that translates to, "Welcome to the new page of the National Police of Peru (a.k.a. the Delinquent Police of Peru)." Law enforcement is being targeted because the hackers feel they are "useless, corrupt, inefficient and delinquents." The hackers also accuse the authorities of taking bribes without "the slightest sense of shame." At the time of this writing the site has been restored and is operating normally.
FBI Says Anonymous Has Been Hacking Government Systems For The Past Year
November 18, 2013 – The Federal Bureau of Investigation has issued a memo that says members of the Anonymous collective have breached US government computers and stolen sensitive information in a campaign that began a year ago. According to the memo, the hackers leveraged a vulnerability in Adobe Systems' software to launch a series of hacks, then left back doors to return to several of the machines. The hacks affected computers at the Department of Energy, the US Army, the Department of Health and Human Services, the US Sentencing Commission and several other departments. Authorities believe these attacks are still active. Investigators are continuing to gather information on the scope of the campaign. It is believed the stolen data includes personal information on at least 104,000 employees, contractors, family members and others associated with the Department of Energy, along with information on almost 2,000 bank accounts. The FBI wrote, "It is unknown exactly how many systems have been compromised, but it is a widespread problem that should be addressed."
8 NASA Subdomains Hacked And Defaced
November 18, 2013 – Members of the M4STER 1T4L!4N H@CKERS TE4m are claiming to have breached and defaced eight subdomains of NASA's Ames Research Center. No motivation for the attacks was given. The defacement message simply says, "Hacked By M4STER 1T4L!4N H@CKERS TE4M." At the time of this writing the sites are off-line. This is a new hacking group and their normal techniques and targets are not yet known.
Anonymous Targets Russian Sites In Support Of Greenpeace Activists
November 18, 2013 – Members of the Anonymous collective have launched distributed denial-of-service attacks against several Russian websites in a protest against the arrests of 30 Greenpeace activists. The targeted sites include the Ministry of Foreign Affairs, the Embassy of Russia in the United States, the General Consulate of Russia in the United States and energy company Gazprom. The Greenpeace activists are charged with piracy and hooliganism and face up to 15 years in prison. Anonymous released a statement saying, "Anonymous has . . . decided to respond with Operation Green Rights. The operation is designed to target high level communication assets of the Russian Federation world wide." The hacktivists have said that if Russia doesn't release the activists the attacks will intensify.
German Web Hosting Provider Hit With Large DDoS Attack
November 18, 2013 – The German web hosting provider, Hetzner, has suffered a distributed denial-of-service attack. According to the company the first wave of the attack lasted approximately 12 hours, but resumed again a few hours later. The second wave of the attack began last night, there has been no word from Hetzner about the attack being over. They did say, "It appears the attack switches targets." At one point, the attack was running at about 60 Gbps.
Anonymous "Will Destroy" Trans-Pacific Partnership Agreement
November 15, 2013 – Members of the Anonymous collective have issued a statement saying they will do everything in their power to destroy the proposed Trans-Pacific Partnership (TPP) agreement. TPP is a proposed law that is far stronger than the controversial SOPA or ACTA. The hacktivists said, "The TPP would restrict the world's access to knowledge and destroy the Internet as we know it. We will rise up and take back the Internet, reclaim what is ours for the good of the Earth and its people." They did not reveal any targets or dates of attacks.
Anonymous Member Arrested For Singapore Hacks
November 15, 2013 – James Raj, 35, a Singaporean hacker was arrested for hacking the website of the Ang Mo Kio town council. Raj, an admitted member of the Anonymous collective, is accused of defacing the site with the Anonymous logo and a message against Singapore's new Internet laws. The new laws were introduced in June of this year. There has been a great deal of criticism and anger among online communities and bloggers, with many believing these laws are an attempt to sideline online voice and freedom of expression.
Cracked.com Serving Malware
Moroccan Government Site Hacked By Anonymous Arabe
November 15, 2013 – CThe hacker known as kjfido, a known member of the Anonymous Arabe hacking group, is claiming to have hacked and defaced the website of the Moroccan province of El Jadida. The defacement message read, "Hacked by Anonymous Arabe, why we did this? Ask yourself ! Don't close your eyes . . . 'Anonymous Arabe is Everywhere' we hacked your website because its security failed. We are the leaders of the world that act in the shadow. Anonymous Arabe. We do not forgive. We do not forget. Expect us." At the time of this writing the site has been restored and is operating normally.
MacRumors Hacker Says They Won't Use Stolen Passwords
November 14, 2013 – The hacker known as Lol, a member of the group that hacked MacRumors Forum and stole user names and passwords of over 860,000 users, has said that they will not use the stolen information to compromise the accounts of people that use the same login credentials on other sites. The hacker provided information that was not publicly available to prove that he indeed was involved in the breach. MacRumors Editorial Director Arnold Kim confirmed that the information was real. Lol said in a posted statement, "We're not logging in to your gmails, apple accounts, or even your yahoo accounts (unless we target you specifically for some unrelated reason). We're not terrorists. Stop worrying, and stop blaming it on Macrumors when it was your own fault for reusing passwords in the first place." According to the hacker, the breach of MacRumors was simply to test their skills. Lol continued by saying, "Consider the 'malicious' attack friendly. The situation could have been catastrophically worse if some fame-driven idiot was the culprit and the database were to be leaked to the public."
HealthCare.gov Targeted 16 Times By Hackers
November 14, 2013 – An official from the Department of Homeland Security told the House Homeland Security Committee that there have been 16 reports of cyberattacks on the HealthCare.gov website. At least one of these attacks was a distributed denial-of-service, which failed to disrupt the site. An unnamed DHS official has said that the 16 attempts are likely only the documented ones. Security experts agree that the Department of Health and Human Services has most likely only reported significant attacks that could put sensitive information at risk. No details were provided regarding the other attacks, or if any of them caused damage.
Leader Of Anonymous Philippines Arrested
November 14, 2013 – Rodel Plasabas, also known as Reaper, anonymousbutuan and Anon Reaper, has been arrested by officers of the Philippines' National Bureau of Investigation. Plasabas is accused of being involved in attacks against 40 government websites that occurred earlier this month. It is believed that Plasabas is the leader of the Anonymous Philippines collective. An initial investigation turned up evidence of him being involved in online conversations about hacking websites. Officials plan on prosecuting him under the e-Commerce Act.
Anonymous Japan Launches OpKillingBay
November 14, 2013 – Members of the Anonymous Japan collective have launched a new operation, known as OpKillingBay, as a protest against the killing of dolphins and orcas in Taiji, Japan. The operation will focus on attacking Japanese government websites. The hacktivists have announced plans for distributed denial-of-service attacks against the sites of the Ministry of Foreign Affairs and the Prime Minister's office. "An estimated 20,000 dolphins will be slaughtered in Taiji this year alone. If after reading that you still don't care enough to help stop the slaughter then you deserve the same fate as the Dolphins," the hacktivists said in their announcement.
MacRumors Hacked, Data For 860,000 Users Exposed
November 13, 2013 – MacRumors editors have announced that the news website has been breached. It is believed that the hackers have stolen cryptographically protected passwords belonging to all 860,000 users. Editorial Director Arnold Kim posted a statement saying, "In situations like this, it's best to assume that your MacRumors Forum username, e-mail address and (hashed) password is now known." The hacker compromised a moderator account and escalated their privileges with the goal of stealing user login credentials. MacRumors is still investigating how the hacker was able to compromise the privileged account. Kim wrote, "We're not sure how the original moderator's password was obtained, but it seems like they just logged in with it. We are looking into it further to see if there was another exploit, but there hasn't been any evidence of it yet."
Anonymous Hacked British Parliament During Million Mask March
November 13, 2013 – Members of the Anonymous collective are claiming to have hacked the British Parliament during the Million Mask March protests on November 5th. The hackers claim that they used a publicly available password for Parliament's Wi-Fi network to access the network. Once connected the hackers claim to have hijacked several computers and iPads. They are also claiming to have accessed email servers from which they stole user login details. Representatives from Parliament confirm that heavier traffic was seen on November 5th, but Parliament's secure network and applications were not breached.
TeslaTeam Hacks Vevo.com
November 13, 2013 – Vevo.com, a joint venture music video website owned by Universal Music Group, Google, Sony Music Entertainment and Abu Dhabi Media, has been breached by the Serbian hacking group, Tesla Team. The hackers leveraged a SQL injection vulnerability in one of the sub-domains of the website that allowed them access to the Vevo database. The hackers claim that the database contains emails and passwords of admins and other users. Details of the vulnerability were published in a hacker's forum in 2012.
Brazilian Government Sites Serving Fake Flash Player
November 13, 2013 – Over 60 Brazilian government websites have been breached and are now serving malware disguised as Adobe Flash Player. Visitors to the breached sites are redirected to a page designed to look like the official Adobe Flash Player download page. Instead of downloading Flash Player, victims are given a Trojan downloader, which downloads a piece of Banking malware. The fake webpage is in Portuguese, indicating that these attacks are targeting Brazilian users.
Over 200,000 Banking Trojans Found In Last Quarter
November 12, 2013 – A recent report shows that the number of online banking Trojans has risen to over 200,000 for the third quarter of 2013, compared to 132,000 in the third quarter of 2012. The most targeted countries were the United States (23%), Brazil (16%), Japan (12%), India (6%) and Australia (3%). The most popular malware spread by spam were ZeuS variants. The report also showed that most mobile threats target the Android platform, however it seems that cybercriminals are beginning to use more malicious applications that are able to target multiple operating systems.
5 Arrested For Hack Of Singapore Prime Minister Website
November 12, 2013 – Five Singapore men have been arrested for allegedly hacking the websites of Singapore's President and Prime Minister. Muhammad Fitri Abu Kasim, 24, Daniel Ryan Salleh, 25, Mohamad Fadzly Aziz, 21, Muhammad Redzwan Baskin, 26 and Muhammad Qamarul Arifin Sa'adon, 22 have been released on bail, but if found guilty will face jail terms of up to three years or fines of up to $2,000. A Home Affairs Ministry spokesperson said, "Such acts can compromise the operation of critical services, cause alarm, damage and harm, and have serious security, economic and social consequences for Singapore and Singaporeans." Three of the suspects are related, while the other two are friends.
Japanese Anti-Nuclear Groups Hit With DoS Attacks
November 12, 2013 – Over 30 Japanese anti-nuclear groups have been hit with millions of spam emails over the past two months in a denial-of-service email campaign. The groups include Women's Active Museum on War and Peace, the Metropolitan Coalition Against Nukes and Fukushima Genpatsu Kokusodan, an organization dedicated to filing complaints about the Fukushima nuclear plant. Some of the emails read, "Unless we kill all of the anti-nuclear believers, world peace will never be achieved."
AXA Insurance Site Defaced By Anonymous Gabon
November 12, 2013 – The website of AXA Gabon has been breached and defaced by members of the Anonymous Gabon collective. The hackers say that this attack is part of Operation Gabon, which is a protest against the Gabonese government. The defacement message said, "With the rise on ritual killings in Gabon and a highly projected increase within the Gabonese economy for the financial & life insurance market, the AXA group has found a perfect position in Gabon with the help of Ali Bongo." At the time of this writing the website has been restored and is operating normally.
Syrian Electronic Army Hacks Vice.com
November 11, 2013 – In August of this year, Vice.com published an article that claimed to identify the leader of the Syrian Electronic Army (SEA). In response to this article, which SEA members say is false and identifies innocent people, the hackers have breached the Vice.com website and deleted the article. The hackers posted a message saying, "Your website was hacked by the Syrian Electronic Army. This time we just deleted the article that you claimed in it that you exposed 'Th3Pro' identity. But you didn’t. You published names of innocent people instead." SEA gained access to the Vice site by breaching several email accounts, including one belonging to the website developer. Two hours after the breach, the Vice.com site was restored and the article was posted again.
Anonymous Leaks Italian Government Documents
November 11, 2013 – Members of Anonymous are claiming to have hacked the personal computer and mobile devices of Giuseppe Scopelliti, an Italian politician and the elected president of Calabria. The hacktivists leaked over 1,000 documents from this hack, which included information related to the mafia, drugs and corruption. The files also include emails that allegedly belong to Scopelliti and other members of his staff. A message was posted with the leaked documents saying, "This is just a beginning. People of Italia do have the right to know what the government is involved in, especially when it comes to mafia wars and corruption in the region." The hackers said their next targets are the leaders of regions such as Lombardia, Sicilia, Toscana, Campania and Puglia. All of these attacks are part of OpItaly.
21 Brazilian Military Sites Hacked By BMPoC
November 11, 2013 – Members of the BMPoC hacking group are claiming to have hacked and defaced twenty-one sub-domains of Brazil's military. The same defacement message appeared on all the sites reading, "The giant awoke and took a rank again durmir again ..Brazil has to stop all at once.Come on Brazil! Our government is now just right? HAHA of course not! I dont just login to facebook and waste time, I know what I do!" The affected sites belong to departments of the Brazilian military's aeronautical directorate including, the aeronautical hospital, aeronautical academy, aeronautical health center and aeronautical training institute. At the time of this writing all of the sites were still displaying the defacement page.
Indonesia Hackers Not Listening To Warning From Anonymous Australia
November 11, 2013 – Last week members of the Anonymous Australia collective issued a warning to Indonesian hackers that were attacking "innocent websites." Anonymous Australia warned the Indonesian hackers to only target government sites or there would be consequences. After a day during which the hackers only attacked Australian government websites, the Indonesians have once again started attacking innocent businesses. It appears that the hackers had difficulty hacking government sites, so they went back to focusing on the individual businesses. Anonymous Australia has issued a "final warning", if the Indonesian hackers do not listen then they will have to face the "wrath of their fellow legion."
Healthcare.gov Targeted By New DoS Attack Tool
November 8, 2013 – Researchers have discovered a new denial-of-service attack tool targeting Healthcare.gov. The tool has not yet succeeded in taking the site down, however it may be making the site inaccessible for some visitors. According to the researchers the program being used to create the attack displays a message saying, "This program continually displays alternate page of the ObamaCare website . . .The purpose is to overload the ObamaCare website, to deny service to users and perhaps overload and crash the system." It appears that the motivation behind this attack is a protest against policies, legal rulings and government actions.
Singapore Prime Minister's Website Hacked By Anonymous
November 8, 2013 – Members of the Anonymous collective have hacked and defaced the website of Singapore Prime Minister Lee Hsien Loong. According to Singapore's Infocomm Development Authority (IDA), the attack exploited a cross-site scripting vulnerability in the search subpage of the website. The defacement message said, "Anonymous SG was here . . . It's great to be Singaporean today." The IDA released a statement saying, "The PMO main website is still working, and we will restore the compromised pages as soon as possible. The matter is under investigation."
Australia's Security Intelligence Organization Site Taken Down By Indonesian Hackers
November 8, 2013 – Indonesian hackers are taking credit for briefly taking down the website of the Australian Security Intelligence Organization (ASIO). The site was only down for 2 - 3 minutes and did not cause any real damage. Earlier this week Anonymous Australia warned Indonesian hackers to only target Australian government sites and leave innocent businesses alone. Anonymous Australia sees this attack as a sign the hackers are listening to their warning. This attack and the earlier attacks against Australian websites are a protest against Australia's spying on Indonesia.
India's Zee TV Hacked By Pakistanis
November 8, 2013 – Members of the Pakistani Cyber Experts hacking group have hacked and defaced three websites belonging to India's Zee TV. The affected sites are Zee TV USA, Zee TV South Africa and Zee TV Canada. The defacement message on each site is a protest against the Indian occupation of Kashmir. The hackers write, "Kashmir does not want militarized governance. They just want freedom! Freedom from the evil of the Indian Military!" At the time of this writing, only Zee TV Canada is still defaced, the other sites are restored and operating normally.
Over $1 Million In Bitcoins Stolen In Hack Of Bitcoin Wallet Inputs.io
November 7, 2013 – The Inputs.io Bitcoin wallet has announced that a total of 4,100 Bitcoins, the equivalent of about $1.1 million, was stolen as a result of two hacks. At this time Inputs.io says it can not pay user balances. The hackers compromised old email accounts in order to breach the hosting account. The hackers were able to bypass the two-factor authentication mechanism by exploiting a server-side vulnerability. Bitcoin back-end code was also stolen and sent to a compromised server. Users of the service are instructed to contact Inputs.io to request a refund.
Anonymous Ukraine Targets NATO With DDoS Attack
November 7, 2013 – Members of the Anonymous Ukraine collective have launched a distributed denial-of-service attack against the website of NATO's Cooperative Cyber Defence Centre of Excellence (CCDCOE). The attack was a response to NATO's hacking of a number of Ukrainian government websites. The hackers posted a statement saying, "On Monday NATO CCDCOE hacked a number of Ukrainian websites including Medical Department of Security Service of Ukraine and Ukraine's Prosecutor General's Office. It's payback time! We've just tango down NATO CCDCOE!" Earlier this week it was determined that NATO was not responsible for the attacks against the Ukrainian government, hackers simply put the CCDCOE logo on pages that were defaced. The CCDCOE website was down for about two hours before being restored.
Anonymous Australia Calls On Indonesian Hackers To Leave Innocents Alone
November 7, 2013 – Earlier this week, Indonesian hackers attacked hundreds of Australian websites in response to news that the Australian government had been spying on Indonesia. Many of the organizations affected by these attacks belonged to Australian businesses that have nothing to do with the government. Members of Anonymous Australia have posted a statement addressed to the Indonesian hackers saying, "Innocent businesses should not be attacked. We all bound together in an effort to bring down tyrant governments to shape our world as a better place. We bid you, as a fellow brother to focus on your main target - governments and spy agencies and leave the innocent bystanders out of this." Anonymous Australia warned that if the Indonesian hackers ignore this request that they will "feel the full wrath of their fellow legion."
Philippine National Police Regional Offices Hacked
November 7, 2013 – Members of the hacking groups Phantom Hackers PH and Pinoy Vendeta have hacked two websites of the Philippine National Police Regional Office 1, and two websites of the Philippine National Police Regional Office 3. The hackers left defacement messages on the sites saying the police have falsely accused people of hacking websites. One of the messages reads, "Don't be so desperate on hunting and shutting down Anonymous Philippines by picking anyone and accusing them of anything." At the time of this writing, only one of the sites has been fully restored.
5 Hackers Added To FBI's Cyber's Most Wanted List
November 6, 2013 – The US Federal Bureau of Investigation has updated it's Cyber's Most Wanted List to include five new hackers, bringing the total to 17 fugitives urgently wanted for computer and data-related crimes. One of the hackers is Andrey Nabilevich Taame, a Russian wanted for involvement with the DNSChanger malware that infected over four million PCs between 2007 and 2011. Two Pakistani hackers, Farhan Arshad and Noor Aziz Uddin, are wanted for hacking business telephone systems and making calls that resulted in $50 million in losses. An El Salvadoran hacker, Carlos Enrique Perez-Melara, is charged with running a spyware-for-hire scheme out of San Diego, before fleeing back to El Salvador. The final addition to the list is Russian, Alexsey Belan, who allegedly remotely accessed the computer networks of three US-based companies in 2012 and 2013 and stole sensitive data as well as employees' identities. FBI spokesman Richard McFeely said, "Throughout its history, the FBI has depended on the public's help and support to bring criminals to justice. That was true in the gangster era, and it's just as true in the cyber era."
Microsoft Warns Of Targeted Attacks
November 6, 2013 – Microsoft issued a warning about a vulnerability in its software that could be exploited by hackers. The vulnerability could be leveraged to allow remote code execution, giving the attacker the same user rights as the current user. In the warning, Microsoft said it is "aware of targeted attacks that attempt to exploit this vulnerability in Microsoft Office products." The vulnerability affects Microsoft Windows Vista, Windows Server 2008, Microsoft Office 2003 -2010 and Microsoft Lync. The flaw is currently being investigated and Microsoft stated, "Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs."
Twitter Vulnerability Allows Hackers To Read DMs
November 6, 2013 – A cross-site request forgery (CSRF) vulnerability was discovered in Twitter's "add mobile device feature". This feature allows users to control their account via SMS. The CSRF vulnerability could be leveraged to gain access to a user's direct messages and post tweets from any account. Twitter fixed the vulnerability the same day they received notification about it from security researchers.
Philippines Disaster Information Project Site Breached
November 6, 2013 – The website for the Philippines' Disaster Information for Nationwide Awareness (DINA) Project has been breached. The hackers changed the configuration on the site so that visitors are redirected to an adult site. The redirection only occurs if someone visits the site from a mobile device. The attack happened just as the National Disaster Risk Reduction and Management Council (NDRRMC) was preparing to launch the DINA Project. No one has taken credit for the attack at this time. The NDRRMC is urging visitors to only use desktop computers and laptops until the problem is fixed.
Harbor Freight Tools Breached
November 5, 2013 – Customers of Harbor Freight Tools have been notified that some of their financial information may have been breached after the company's payment processing system was hacked. Eric Smidt, Harbor Freight Tools' President, said that only customers who made transactions between May 6, 2013 and June 30, 2013 are affected. In most cases credit card numbers, expiration dates and CVVs were exposed. They believe that the cybercriminals obtained cardholder names in only 1% of the transactions. The company has sent out notifications letters to impacted customers and have posted notices in all of their stores and on their website. The investigation into the incident is on-going.
Guilford County, NC Sheriff's Office Site Hacked
November 5, 2013 – Officials from the Guilford County, NC Sheriff's office have confirmed that their website has been hacked. Google has been warning visitors that the "site may be hacked" for the past several weeks. Representatives of the Sheriff's office say that the site has been reinstalled from a clean backup and is now functioning normally. It is believed that the hackers exploited a vulnerability in GoDaddy's system, not a security hole in the website itself.
Smart Calendar App, Sunrise, Hacked
November 5, 2013 – The smart calendar app, Sunrise, has advised their users that the service was hacked over the weekend. Sunrise CEO Pierre Valade sent an email to users saying that they have already taken steps to protect user information. The company says that LinkedIn, Foursquare and Producteev data is safe as those services were not compromised. Also, user emails and passwords are safe as these were all encrypted. Valade does advise users that if they connected iCloud to their account, they should reset their passwords and reconnect the app with Apple's cloud and storage service. In addition, Valade said that no credit card or banking information was compromised.
Romanian Telecom, AdNet, Breached
November 5, 2013 – AdNet Telecom, a major Romanian telecommunications provider, has been breached by the Saudi Arabian hacker known as King of Control. Two sites belonging to AdNet have been compromised: the company's main domain and a domain dedicated to web hosting services. Both sites were initially taken offline, but have now been restored. Security experts have confirmed that this was not a case of DNS hijacking. AdNet has not issued any statement at this time.
Celebs, Execs And Lawmakers Among 850,000 Users Compromised By Limo Company Hack
November 4, 2013 – The hackers responsible for the Adobe and PR Newswire hacks appear to be behind the breach of CorporateCarOnline, which provides software management solutions for limousine companies. The breach resulted in 850,000 user records being stolen. The system stores personal and financial details from reservations, several of which belong to celebrities, executives and lawmakers. The stolen information includes names, addresses, credit card numbers and expiration dates. Some of the affected individuals include LeBron James, Aaron Rodgers, Tom Hanks, Donald Trump, Senator Mark Udall, Senator Tom Daschle and US Representatives Joe Garcia, Gus Bilirakis, Jim Matheson, Lynn Westmoreland and Joe Baca. The stolen file was found on the same server on which the Adobe and PR Newswire files were found. CorporateCarOnline has confirmed that the information has been stolen, but has provided no other details.
Chinese Chamber Of Commerce Data Leaked By Hackers
November 4, 2013 – The hacking group known as Raptor Swag is claiming to have hacked the website of China's Chamber of Commerce. The hackers have released a 7.4Mb file that contains allegedly stolen data from the Chamber of Commerce. A message was released with the data saying, "China is silly. They toss around images of their powerful army and their unstoppable government, yet . . . they do not sufficiently secure their systems from basic attacks." The hackers claim to have hacked a total of 71 Chinese government websites. The members of Raptor Swag are a group of people that used to hack as part of the Anonymous collective, but decided to create their own group because Anonymous "put a restriction on what we feel matters most - self amusement."
"NATO" Defaces Ukrainian Government Sites
November 4, 2013 – Four Ukrainian government websites have been defaced with a message reading, "Website has been suspended. Security policy of the website does not meet the requirements of NATO Cooperative Cyber Defence Centre of Excellence. Steadfast Jazz 2013." The CCDCOE has said that NATO has absolutely nothing to do with this or any other website hacks. Experts believe that this hack is related to Anonymous Ukraine's Operation Independence, which is targeting high-profile websites of the European Union, Ukraine, Poland and Russia.
Singapore Government Preparing For Anonymous Attacks
November 4, 2013 – Several days ago, Anonymous members announced that they would be targeting the Singapore government in protest of the implementation of the Internet licensing framework, which they see as a form of censorship. Since that time several government sites have gone offline, but the Infocomm Development Authority (IDA) has said that the down times are a result of planned maintenance, not Anonymous. The IDA said that they are taking the Anonymous threats very seriously, and government agencies are enhancing their IT security. At this time the only hack reported was of the Straits Times newspaper last week.
TeamBerserk To Stop Hacking Activities
November 1, 2013 – Members of the TeamBerserk hacking group have announced that they will stop their hacking activities, at least for a while. TeamBerserk is known for several hacks including the US Office of Personnel Management, Interactive Data, the Chinese University of Hong Kong, New Mexico ISP Plateau, Loretto Telecom and California-based ISP Sebastian. The hackers posted a message saying, "TeamBerserk is going dark for a while until further notice. MechAnimA has just got out of jail. Gutts and MechAnimA will be working on some other projects together. D0n and other members are too busy with their personal affairs at the moment to be active." There is no concern among team members about law enforcement identifying them, with the hackers saying that the authorities are "not even close."
Finland Accuses China And Russia Of Cyber Espionage
November 1, 2013 – Finland's government communications have been targeted in a four-year long cyber espionage operation, according to the Ministry of Foreign Affairs. Although officials have not assigned blame, China and Russia have been accused by other sources of being behind the operation. The data breaches were first discovered in the spring of this year. The espionage campaign appears to have targeted communications between Finnish and European Union officials. An investigation into the attack is on-going.
Anonymous Targeting Singapore Government
November 1, 2013 – Members of the Anonymous collective have announced that a new campaign targeting the government of Singapore has begun. The first attack of the operation was against The Straits Times', a major Singapore newspaper, website. The hacktivists said the reason for this operation is to show the government that it can't ignore its citizens' problems, and to protest the Internet licensing framework. The hacktivists said in a statement, "No one has the right to tell an individual what he can or cannot read or write. This is a basic fundamental of democracy and we will use everything in our resources to protect it at all costs. We demand you reconsider the regulations of your framework or we will be forced to go to war with you." The main target for this operation will be the Infocomm Development Authority of Singapore, which is in charge of the development and growth of Singapore's information and communications sector.
Indian Television Channel Defaced By Pakistani Hackers
November 1, 2013 – Members of the Pakistani Haxors Crew (PHC) are claiming to have hacked and defaced several websites belonging to Jaya TV, one of India's largest television channels. PHC has a history of protesting against "Indian oppression and Indian occupation." PHC left a message on the defaced sites saying, "Islam Zindabad, Long Live Muslims, Pakistan Zindabad. We are PHC. We Just Want Justice & Peace." At the time of this writing, some of the sites were still displaying the defacement message.
HealthCare.gov Full Of Security Vulnerabilities
October 31, 2013 – Security experts have been studying the new HealthCare.gov website since it's launch on October 1st. The results of these studies has been the discovery of several security vulnerabilities. Experts have found that hackers can easily access user names, password reset codes, email addresses and security questions, without needing any kind of authentication. A memo from September 27th, prior to the site launch, to Center for Medicare and Medicaid Services Administrator Marilyn Tavenner says, "From a security perspective, the aspects of the system that were not tested due to the ongoing development, exposed a level of uncertainty that can be deemed as a high risk . . . the security contractor has not been able to test all of the security controls in one complete version of the system." Several security holes have already been fixed, but several remain that increase the risk of personal information being leaked.
TurkHackTeam Celebrates Turkish Republic Day With 500 Hacks
October 31, 2013 – Members of the TurkHackTeam hacking group claim to have hacked and defaced 500 websites in celebration of Turkish Republic Day. The defacement message on the sites reads, "We will continue and do everything in our power to end the lives of sites that are against the republic of Turkey . . .We wish Turks all around a happy republic day. Tolerance can be endless, but hardiness is limited." The affected sites were from several countries and included hospitals, schools, software houses, real estate businesses and financial institutions. At the time of this writing most of the sites were still defaced or taken offline.
Anonymous Ukraine Launches OpIndependence
October 31, 2013 – Members of the Anonymous Ukraine collective have announced the beginning of OpIndependence, a campaign to promote Ukraine's independence from the European Union, NATO and Russia. The hacktivists posted a message saying, "Ukrainian citizens realize that signing the Association Agreement with the European Union, scheduled in November, will lead to the collapse of Ukrainian economy in the near future. We express our support to the people of our country. We want Ukrainian government and EU leadership to understand that people of Ukraine do not want their country to become a raw material donor to Europe." As part of this operation a distributed denial-of-service attack has been launched against the European Investment Bank website. Other targets of attacks include Poland's Chief Sanitary Inspectorate, Russian portal Russkie.org and Poland's Zieloni RP party.
Three Italian Educational Institutions Defaced
October 31, 2013 – The hacker known as Ammar Liverpool is taking credit for the breaching and defacement of three Italian educational institution websites. All of the sites are hosted on government domains. The affected websites belong to the State High School Eleonora Pimentel Fonseca, the Comprehensive Institute Russo-Montale and the Comprehensive Institute Capaccio-Paestum. Experts are assuming that the hacker was able to compromise the hosting server, which would provide easy access to deface these sites. At the time of this writing, the sites are still defaced.
Twitter Vulnerabilities Allow Arbitrary File Uploads
October 30, 2013 – Security researchers have discovered vulnerabilities in Twitter that could be leveraged by hackers to upload arbitrary files to Twitter's systems. The first vulnerability was discovered on dev.twitter.com, which is a site that allows developers to create applications that integrate with Twitter. The vulnerability allows users to bypass security checks and upload any type of files to the server. Hackers could exploit this to turn the Twitter server into a command and control server since it is a trusted domain. The second vulnerability that was discovered allowed attackers to redirect users to arbitrary websites. Both vulnerabilities have now been fixed by Twitter.
Anonymous Focusing On Syrian Government
October 30, 2013 – Members of the Anonymous collective are continuing their OpSyria campaign and are focused on breaching Syrian government systems. The hacktivists say that they consider all Syrian government systems targets. They posted a statement saying, "Finding documents regarding the use of chemical weapons is a top priority but the hacks are a great way for us to show the Syrian Regime, 'Hey. We're still watching you - and we're going to keep doing this until your people realize that they are our ally.'" Anonymous said that they have several people working full time looking for vulnerabilities in Syrian government websites. The hacktivists want to make sure the Syrian government understands, "We are already inside your databases."
Interpol Indonesia Taken Down As Part Of OpThrowBack
October 30, 2013 – The hacker known as Fu7ion is claiming to have taken down the website of Interpol Indonesia. Fu7ion is a member of the Anonymous collective and said that this attack was a part of OpThrowBack. The hacker used a SYN flood to overwhelm the website's servers. The official start of OpThrowBack is scheduled for tomorrow. At the time of this writing, the website is still down.
Miami Dolphins Cheerleaders Site Hacked
October 30, 2013 – The website of the Miami Dolphins cheerleaders has been hacked. Visitors to the site from mobile devices were being redirected to an adult website. Dolphins representatives said that they rushed to fix the issue as soon as they were aware of it. The team has launched an investigation to find who is responsible for the attack. At the time of this writing the site is operating normally.
Syrian Electronic Army Hacks Obama's Social Media Accounts
October 29, 2013 – Members of the Syrian Electronic Army (SEA) have hacked President Barack Obama's Twitter and Facebook accounts. The hackers were able to compromise the accounts by taking advantage of a URL shortening service used for the social media accounts by Organizing for Action, Obama's campaign organization. SEA changed all of the links from Obama's messages to lead to a 24 minute video called "Syria facing terrorism." The hackers said, "We are watching you, Obama Bin Laden. Thank you Obama for redirecting people to the SEA website." They continued, "Obama doesn't have any ethical issues with spying on the world, so we took it upon ourselves to return the favor." The hackers hacked a total of eight email accounts which gave them access to Blue State Digital, a media strategy and technology firm that handled the Obama campaign between 2008 and 2012, and ShortSwitch, the URL shortening service used by Organizing for Action. Once SEA had access to the Blue State Digital and ShortSwitch accounts, they were able to redirected certain links to any website.
Anonymous Plans DDoS Attacks On "High Profile" Sites
October 29, 2013 – Members of the Anonymous collective have announced a new operation called Operation Throwback. OpThrowback will be attacks "to strike back against the oppressors of our freedom." The operation will consist of distributed denial-of-service attacks against high profile websites. They are planning attacks on the sites of the FBI, the NSA, Verizon, Microsoft and AT&T on October 31. The hackers say they will be testing their "firepower" today against the American Nazi Party website.
At Least 38 Million Adobe Users Affected By This Month's Hack
October 29, 2013 – More information is being reported about the hacking of Adobe's systems earlier this month. The attack led to the source code for several Adobe products being stolen, along with user information. Adobe initially said information of 2.9 million customers was stolen, but now they are admitting that the number is much higher. Heather Edell, Adobe spokesperson said, "So far, our investigation has confirmed that the attackers obtained access to Adobe IDs and encrypted passwords for approximately 38 million active users." The company also confirmed that some of the source code for Photoshop was stolen in addition to the source code for Acrobat, Reader and ColdFusion. Edell also said, "We also have reset the passwords for all Adobe IDs with valid, encrypted passwords that we believe were involved in the incident."
UK Man Arrested For Hacking US Government Networks
October 29, 2013 – Lauri Love, 28, of Stradishall, England has been arrested and charged with hacking computer networks belonging to the United States and other countries. Authorities from the US are charging Love with the hacking of systems belonging to the Army, the Missile Defense Agency, the Environmental Protection Agency and NASA, causing millions of dollars in damages. US Attorney Paul Fishman said, "Lauri Love and conspirators hacked into thousands of networks. . . As part of their alleged scheme, they stole military data and personal identifying information belonging to servicemen and women. Such conduct endangers the security of our country and is an affront to those who serve." Love is charged with one count of accessing a US department or agency computer without authorization and one count of conspiracy to access a US department or agency computer without authorization. The sentence for these charges could be five years in prison for each count.
Obama Campaign Site Hacked By Syrian Electronic Army
October 28, 2013 – It appears that over the weekend a website for President Barack Obama's campaign donations was hacked and was redirecting visitors to the Syrian Electronic Army (SEA) website. The hacked site is donate.barackobama.com, which is actually an old site used to collect donations. A different site is currently used by the Obama campaign, contribute.barackobama.com. SEA has made no statement about this hack and it is unclear if they truly are the ones behind it. At the time of this writing the site is operating normally and no longer redirects.
Buffer Hacked, Spam Sent From User Accounts
October 28, 2013 – Buffer, the service that allows users to schedule posts on various social media websites, was hacked over the weekend. The hackers used the access to send spam messages via the social media accounts of Buffer users. Buffer disabled all postings once the breach was discovered. No information was stolen during the hack, and no social media accounts were actually compromised. Facebook is reporting that a total of 30,000 users who have their Facebook accounts linked to Buffer have been impacted by the spam problem. That represents 6.3% of Buffer users on Facebook. Buffer CEO Joel Gascoigne posted a message saying, "We have added encryption of OAuth access tokens and we have changed all API calls to use an added security parameter. Service has resumed with increased security since the incidents." Several security experts have been brought in to investigate the source of the breach.
Turkish Hackers Deface Alexza Pharmaceuticals
October 28, 2013 – Members of the Ayyidiz Tim Turkish hacking group are claiming to have breached the website of Alexza Pharmaceuticals. Alexza is based in California and develops products for the treatment of central nervous system conditions. The Alexza website has been defaced with a message of protest against anyone that insults Islam. The defacement message also had statements of support for Muslims in Turkestan and in Arakan. At the time of this writing the site is still defaced.
Canadian 12-Year Old Admits To Hacking For Anonymous
October 28, 2013 – A 12-year old Canadian boy has pleaded guilty to hacking multiple government and police websites for the Anonymous collective. The boy said he traded the stolen information to members of Anonymous in exchange for video games. Some of the sites he admitted to hacking include the Montreal police, the Quebec Institute of Public Health and the Chilean government. His attacks included distributed denial-of-service, site defacements and stealing user information. According to court documents, it is estimated that the boy did $60,000 worth of damage.
Civil Air Patrol Domain Defaced By Malaysian Hackers
October 25, 2013 – The Malaysian hacking group known as KamiSecTeam is claiming to have breached and defaced the website of the Northern Region Civil Air Patrol of the United States Air Force. The Civil Air Patrol is an auxiliary of the US Air Force that performs 90% of continental US inland search and rescue missions. The hackers defaced the page with the KamiSecTeam logo, but did not give a reason for the attack. At the time of this writing, the site has been restored and is functioning normally.
Anonymous Leaks 80 Mb From Syrian Patent Office
October 25, 2013 – Members of the Anonymous collective have leaked 80Mb of documents and images from the Syrian Patent Office, as a part of OpSyria. It appears that the documents that were leaked do not contain any sensitive information. The documents include memos, information on patents, legislation, brochures and various registration forms. The hackers left a message saying, "Greetings from Anonymous. Lately we've been on a roll, having fun looting everything we can get our hands on. . . we continue to pile on our personal collection of Bashar's property." According to the hackers, they are working in concentrated and effective teams to ensure their operations are carried out "swiftly and properly."
Anti-Virus Company, ESET, Defaced By MrDOx
October 25, 2013 – Four Spanish domains of the anit-virus company ESET have been breached and defaced by the Panamanian hacker known as MrDOx. The defacement on all of the sites said, "D3fac3D By MrDOx." The pages also include a link to the hacker's Twitter handle. The hacker made no mention of the reason for the hack. At the time of this writing all four of the domains and the official ESET domain for Spain were taken offline.
Tunisian Hackers Breach Site Of African Petroleum Producers' Association
October 25, 2013 – Members of the Tunisian hacking group known as Fallaga Team Tunisia have breached and defaced the website of the African Petroleum Producers' Association (APPA). A defacement message was left, saying, "Hacked by TN_X2X, PSO@hotmail.com, Fallaga Team Tunisia Hackers. TN_X2X and we will be back." The APPA is an intergovernmental organization with eighteen member countries including Algeria, Angola, Benin, Cameroon, Chad, Democratic Republic of Congo, Congo, Cote d'Ivoire, Egypt, Gabon, Ghana, Equatorial Guinea, South Africa, Libya, Mauritania, Niger, Nigeria and Sudan. It is unclear if the hackers accessed any sensitive information. At the time of this writing the site has been restored and is functioning normally.
64% Of Energy Companies Face Brute Force Attacks
October 24, 2013 – A recently released report shows that 64% of energy companies were targeted by brute force attacks during a six-month study. Energy companies are a prime target for hackers because of the dependence the population and businesses have on the availability of energy resources. Sixty-one percent of energy companies reported being targeted in malware/botnet infiltration attacks. In comparison, only 34% of companies in the total study experienced brute force attacks and 13% of all companies are targeted by malware/botnet infiltration attacks.
Anonymous Hacks Syria's Higher Commission For Scientific Research
October 24, 2013 – Members of the Anonymous collective have breached and leaked data from Syria's Higher Commission for Scientific Research systems. The hackers say that the breach and data leak are part of OpSyria. The leaked information includes database structure details, user names, hashed passwords, network map data and emails. The breach was of an FTP server, and the hackers say they also have access to Syrian government emails. A message was posted along with the leaked data saying, "Assad, we hope we've made ourselves clear. We REFUSE to tolerate your actions of gassing your own innocent people in a despotic and run-down capital where one cannot walk across the street without taking gunfire. If the Western World won't take action to show you where you went wrong, we certainly will."
Russian Government Targeted By Anonymous
October 24, 2013 – Members of the Anonymous collective have launched a distributed denial-of-service attack against the online portal of the Government of Russia. The hackers say that the attack is a protest against the arrests of Greenpeace activists. A message was posted saying, "This TangoDown is in support of jailed GreenPeace activists who staged a protest against oil exploration in the Arctic Ocean last month." At the time of this writing the website is functioning normally.
North Korea Accused Of Using Free-To-Play Video Games As Cyberweapons
October 24, 2013 – South Korea's National Police are warning online gamers that free-to-play video games are being used by North Korea to infect players with malware that will collect user data and could be used to launch cyberattacks. The Washington Post reports that North Korea has already employed this method to infect 100,000 South Korean computers that were used to launch cyberattacks against Sourth Korea's Incheon International Airport last year. Last year's attack was traced back to North Korea's Reconnaissance General Bureau. Previous North Korean attacks have targeted South Korean television, financial institutions and air and marine traffic controls.
US Department Of State Website Hacked
October 23, 2013 – The Indonesian hacker known as Dbuzz has hacked and defaced the official blog of a US Department of State website that deals with US embassies, consulates and diplomatic missions from across the world. The hacker left a message saying, "Hacked by Dbuzz! Secure Your Box. Cheers To: Black Angels - pH4THOrMOn - Pak RT!" The website provides information regarding US embassies and diplomatic missions in Africa, Europe and Asia. At the time of this writing the blog site is restored and operating normally. Dbuzz is also claiming to have hacked and defaced the Department of State's Our Planet subdomain. The same defacement message appeared on this site. The site is currently offline.
RedHack Leaks Documents From Turkey's Minister For EU Affairs
October 23, 2013 – Members of the RedHack hacking group have posted documents about the candidacy of Egemen Bagis, current minister for EU Affairs and chief negotiator for the Istanbul Metropolitan Municipality. The leaked files include information on Bagis' income, communications with foreign officials, daily activities and official meetings. A total of 18 documents have been published, and the hackers say they will post 18 documents per day over the "upcoming period."
Anonymous Breaches Ukraine's Ministry Of Foreign Affairs, Leak Information
October 23, 2013 – Members of the Anonymous collective are claiming to have hacked the systems of Ukraine's Ministry of Foreign Affairs. The hackers say they were able to breach the systems by hacking a Ukrainian telecom company, EuroTraceTelcom. A large number of documents have been leaked, mostly concerning Ukraine relations with Azerbaijan. The hackers explained, "We started our release from Ukraine Embassy to Azerbaijan because we are very much concerned about state of affairs in UKR AZERI relations in terms of oil and gas trade and we know that much of it has to do with former Prime Minister of Ukraine - Tymoshenko."
OpSerbia Set For November 28, 2013
October 23, 2013 – A newly formed hacking group known as Pentagon Security Team has announced that Operation Serbia will take place on November 28, 2013. The hacking group appears to be made up of Albanian professional hackers from other known hacking groups. OpSerbia is a protest against war crimes carried out by the Serbian Army and government during the war between Kosovo and Bosnia. The hackers say they are also protesting corruption in Serbian government.
Verizon Portal Vulnerability Reveals Users' SMS History
October 22, 2013 – Researchers have discovered a privacy vulnerability on Verizon Wireless's customer portal, which allows anyone to download users' SMS history and numbers of people the user communicated with. The vulnerability is a simple URL exploit that allows any subscriber to extract data using the "Download to SpreadSheet" function. This vulnerability could potentially expose tens of millions of Verizon users' contact lists and texting history. Verizon has not issued a statement about this issue.
Hackers Steal $100,000 From California ISP Users
October 22, 2013 – The hacking group, TeamBerserk, is claiming to have stolen $100,000 by using user names and passwords stolen from California ISP Sebastian. The user names and passwords were used to access the users' bank accounts. The hackers detailed how they used a SQL injection attack against Sebastian to access the customers' database and then using the stolen information were able to access the victims' Gmail accounts, linked PayPal accounts and bank accounts.
International Atomic Energy Agency Infected With Malware
October 22, 2013 – The International Atomic Energy Agency (IAEA) has issued a statement saying that some of its computers have been infected by malicious software. IAEA spokesman Serge Gas said, "No data from the IAEA network has been affected." It is not clear how the malware entered their systems. Initially they looked into if a third-party technician or visitor could have used a USB drive to insert the malware. Gas said, "The (IAEA) secretariat does not believe that the USB devices themselves were infected or that they could spread the malware further." Details of the malware were not disclosed.
Paraguay's National Police Site Defaced
October 22, 2013 – The hacker known as TuNoVaTo has breached and defaced the website of Paraguay's National Police. The hacker let a message on the site saying, "Sorry Admin, you have a security breach. My Crime: Curiosity. Do not accuse me for this, this is just your fault, not mine. Sovereignty is the right of the people to elect their government, its laws and it is respected! Capitalist Government Corrupt! The Revolution has come to stay!" Earlier this year, TuNoVaTo hacked Paraguay's National Secretariat for Housing and Habitat and National Institute of Food and Nutrition.
Syrian Electronic Army Hacks Major Qatar Websites
October 21, 2013 – The Syrian Electronic Army (SEA) has hacked several major Qatar based websites including Google, Facebook, Aljazeera, government and military sites. All of the sites use the .qa extension and the domains are managed by Qatar's Ministry of Information and Communication. It appears that SEA gained access to the Qatar Domain Registrar and modified the DNS entries to redirect the websites to servers controlled by the hackers. When attempting to visit one of the affected sites, the user is redirected to a defacement page that has a picture of Syrian President Bashar al-Assad and the SEA logo.
UK's Daily Mail Hacked By TeaM MADLEETS
October 21, 2013 – The Pakistani hacking group known as TeaM MADLEETS has hacked and defaced the official discussion forum of the UK's Daily Mail website. TeaM MADLEETS member 1337 was the individual that performed the attack. 1337 left a message on the defaced page saying, "Struck by 1337! Daily Mail Stamped by Pakistani Leets! Security is just an illusion . . . We are TeaM MADLEETS!" The Daily Mail uses vBulletin, and it appears that a vulnerability in the software is what allowed the breach to occur.
Over-X Breaches Algeria's Ministry Of Housing And Urban Development
October 21, 2013 – The Algerian hacker known as Over-X is claiming to have hacked and defaced Algeria's Ministry of Housing and Urban Development website. On the defacement page the hacker left a message of protest against the government, and accused several officials of taking bribes. Specifically, Over-X is unhappy with the current lack of housing and jobs. Last week, Over-X hacked fifteen Red Bull websites.
Armenia's National Security Service Hacked By Azerbaijani Hackers
October 21, 2013 – Members of the Azerbaijani hacking group Anti-Armenia Team are claiming responsibility for hacking and defacing several Armenian websites, including Armenia's National Security Service. The hackers have leaked over 1,100 documents stolen from the National Security Service. The documents are all written in Armenian, but it appears that some are identification documents. At the time of this writing most of the websites have been restored and are operating normally.
Red Bull Sites Hacked And Defaced
October 18, 2013 – The Algerian hacker known as Over-X has breached and defaced fifteen domains belonging to Red Bull. The defaced pages simple say, "Hacked by HCN." The hacker also left a link to his Facebook page on the sites. The affected sites include blogs.redbull.co.uk, web.redbullrookiescup.com, redbullworld.at, redbullbedroomjam.com.au, and racingcan.redbull.in. The main Red Bull website was not impacted by the attack. At the time of this writing some of the sites are still displaying the defacement.
Russian Financial Institutions Hit With DDoS Attacks
October 18, 2013 – Several major Russian financial institution websites have been hit with distributed denial-of-service attacks. The targeted institutions include Russia's central bank, VTB, Alfa Bank and Sberbank. Artyom Sychyov, the deputy head of the Central Bank's cyber security department released a statement noting that the attack on his bank was well organized, but not very powerful. Experts believe that the attacks are an attempt to weaken the trust in Russia's banking sector.
Torrent Sites Blocked In Italy
October 18, 2013 – The Pirate Bay and four other file sharing sites will be blocked in Italy due to a recent court order. The court ruled that the sites must be blocked by ISPs due to massive illegal downloading of music, films and other copyrighted digital content. This is the second time in five years that an Italian court has ordered ISPs to block The Pirate Bay. The first block was repealed in 2008, but it was re-instituted in 2010. In early 2013, The Pirate Bay came back online with a different domain name. The other sites blocked by the ruling are 1337x.org, h33t.eu, extratorrent.com and torrenthound.com. Italy's finance police issued a statement saying, "Sharing copyrighted content through the Internet still leads to heavy losses for the legal market and leads to a loss of tax revenue."
Anonymous Targeting Moroccan Government After Teens Arrested
October 18, 2013 – Members of the Anonymous collective have said they will be targeting the Moroccan government in response to the arrest of three teenagers. The teenagers were arrested for posting a picture of two of the teens kissing on Facebook, the third teen arrested took the picture. The Moroccan government arrested the teens for violating public decency laws. The hacktivists said, "This senseless attack on an innocent expression of young love in a country notorious for the domestic abuse of women is a sick and twisted mirror image of what the Moroccan government should be focusing on instead." The hacktivists claim to have already hacked and leaked information from the Department of Water. The leaked information includes login credentials, bank transfer details and personnel files. The Anonymous members say they will be monitoring the situation until the November 22nd trial.
PR Newswire Admits Being Hacked
October 17, 2013 – The press release distribution service, PR Newswire has admitted that they suffered a hacking attack earlier this year. The hackers stole usernames and encrypted passwords belonging to customers that used the service. The stolen information was found on the same server where the source code for several Adobe products was recently found. The stolen information appears to belong to users from India, Europe, Africa and the Middle East. PR Newswire issued a statement saying, "PR Newswire has protocols and redundancies in place that are designed to minimize the risk of distributing fraudulent press releases, including both technological and human safeguards prior to issuing any release." The company has started an investigation and it is in the process of notifying impacted customers.
California State University Breached
October 17, 2013 – Unidentified hackers have breached the systems of the California State University at Sacramento. Information related to 1,800 employees was compromised by the attack. The employee information includes social security numbers and driver's license numbers. At this time appears that the information has yet to be used in any malicious way. The University has started to notify the employees affected by the breach.
Google Video Domain Defaced By H4x0r HuSsY
October 17, 2013 – The official Google Video Cost Rica domain has been hacked and defaced by the hacker known as H4x0r HuSsY. A message was left on the defaced page saying, "Struck by H4x0r HuSsY, We Are Here To F*** You Once More . . . We are TeaM MADLEETS!" This same hacker has hacked several Google domains in Malaysia and Burundi in the past. At the time of this writing the site has been restored and is operating normally.
Anonymous Peru Launches Attack On Peruvian Association Of Authors And Composers
October 17, 2013 – Members of the Anonymous Peru hacking collective have launched a distributed denial-of-service attack against the website of the Peruvian Association of Authors and Composers (APDAYC). The APDAYC is an organization that represents authors from Peru and other countries, and grants licenses for the use of musical works. The hackers said they attacked the site due to the "APDAYC president's huge salary, the unlawful distribution of royalties and abusive charges for music." The APDAYC has said that the accusations are not true and the hackers are just spreading misinformation. At the time of this writing the site seems to be working properly.
Source Of Malicious Internet Traffic Changing
October 16, 2013 – A recent report published by Akamai showed that there was significant changes in the sources of attacks worldwide on the Internet in the second quarter of 2013. The most surprising change is the increase in attack traffic from Indonesia, going from 21% in the first quarter to 38% in the second. The growth was so significant it put Indonesia ahead of China in the number one spot. The top 10 source countries for attacks grew to account for 89% of overall attack traffic, up from 82% in the first quarter. The top countries are Indonesia, China, the United States, Taiwan, Turkey, India, Russia, Brazil, Romania and South Korea.
Ship Tracking System Susceptible To Hacker Attacks
October 16, 2013 – The Automatic Identification System (AIS), which is used to track over 400,000 ships, has been found to be vulnerable to hacker attacks. AIS is installed on commercial ships that are over 300 metric tons, and all passenger ships. The system uses GPS to exchange a ship's position, course and other information with other nearby ships and offshore installations. The vulnerabilities found would allow hackers to take over the communications of the ships, disable the AIS, create fake ships and even create fake SOS or collision alerts. According to experts these vulnerabilities will not be easy or cheap to fix.
Anonymous Leaks Files From Poland's Ministry Of Economy
October 16, 2013 – Members of the Anonymous collective have leaked a large number of files they claim were stolen from Poland's Ministry of Economy. The hackers posted a message saying, "Basically, it's Ministry of Economy that got pwnd . . .In this particular release we deliver Belarus office of this notorious organization which is engaged in industrial espionage through its offices located at Embassies of Poland worldwide." The leaked files include emails, memos and copies of passports and other identification documents belonging to citizens of Moldova and Ukraine. The hackers say that this is just a small preview of the information they sole, and they'll be leaking information from each of the offices one at a time.
Anonymous Venezuela Breaches Military And Government Sites
October 16, 2013 – Members of the Anonymous Venezuela hacking collective have breached and defaced several websites belonging to the Venezuelan military and government. The targeted websites include the Bolivarian Military Technical Academy, the Directorate General of Military Counterintelligence, the Ministry of the Environment, the Municipal Police of Vargas and the Aragua Police. The hackers said that these attacks are a protest against the Venezuelan government. The same hackers also attacked the website of the University of Falcon. On the University's site a web-based DDoS tool was placed, that's built to attack the Currency Administration Commission website.
Anonymous Planning Twitter Storm For Today
October 15, 2013 – Members of the Anonymous collective are organizing a Twitter storm protest for today at 5pm EST. The protest is a part of OpMaryville, which is a campaign to bring pressure to Maryville, Missouri authorities that have dropped charges against two boys accused of molesting a 14-year-old girl. The hacktivists posted a video saying, "Raise Awareness in social media, put pressure on Attorney General Chris Koster to launch an investigation into the lack of charges against Matthew Barnett (despite a confession and evidence of guilt)." A physical protest is also being planned for October 22 at the Nodaway County Courthouse in Maryville.
Israeli Job Portal Hacked, Over 3,000 User Accounts Leaked
October 15, 2013 – The Iranian hacker known as Dr.3v1l is claiming to have hacked an Israeli job search portal and leaked login account information of 3,349 Israeli citizens. Dr.3v1l is a known member of the Black_Devils BOys hacking group. The hacker left a message along with the leaked information saying, "Hacked 3349 accounts Leaked by Dr.3v1l REASON: #AntiMason." The leaked information includes email addresses and clear text passwords.
Pakistani Hackers Deface Major Indian Telecom Website
October 15, 2013 – Members of the Pakistani hacking group known as P4K-M4D-HUNT3R-Z have breached and defaced two websites belonging to Hathway, a major Indian telecommunications company. The same defacement message was left on both sites, "Boxed By Exploiter-Z, Anon Cop, Ch3rn0by1. P4K-M4D-HUNT3R-Z Arrived. Indian ISP Owned." The same group of hackers also defaced BSNL, another Indian telecommunications company, yesterday.
RedHack Defaces Union Of Turkish Public Enterprises Site
October 15, 2013 – Members of the RedHack hacking group have hacked and defaced the website of the Union of Turkish Public Enterprises. RedHack is known for their many attacks against the Turkish government. The defaced page lists the names of people that have died during recent protests in Turkey. In addition, there is a warning message saying that RedHack will continue targeting government sites as a protest against violence. At the time of this writing, the website has been restored and is operating normally.
GitHub Suffers Large DDoS Attack
October 14, 2013 – Earlier today, GitHub was unavailable due to a large distributed denial-of-service attack. A statement was released by GitHub saying, "We have confirmed GitHub.com . . . (is) undergoing a large DDoS attack and are working to mitigate the attack." This is the fourth attack on GitHub in October alone. The site was under attack for the first 3 days of the month. At the time of this writing, GitHub has mitigated the attack and the site is back up, but hasn't confirmed that all attacks have stopped. The site was down for less than 20 minutes.
KDMS Team Changes DNS Of BitDefender and ESET
October 14, 2013 – The Palestinian hacking group known as KDMS Team has continued to hijack websites by changing DNS records. This time the hackers defaced the websites of BitDefender and anti-virus firm, ESET. Both sites are registered with Register.com, which also is the registrar for all of the other KDMS Team attacks. The message left on the sites is the same message that has been left on the other sites hijacked by the hackers last week. BitDefender issued a statement saying, "We've contacted Register.com and they fixed the issue. All BitDefender customers are and were 100% protected."
Anonymous Leaks 3,700 Documents From Greek Government
October 14, 2013 – Members of the Anonymous collective have leaked over 3,700 documents as part of OpGoldenDawn. The leaked documents were stolen from the A3 Directorate for Southeastern European Countries from Greece's Ministry of Foreign Affairs and the Organization for Security and Co-operation in Europe (OSCE). The hacktivists made the following statement, "Today we deliver the first sucker punch in a series of jaw breaking leaks, to reveal the truth about the Greece government involvement in conspiracy to spy on us with the help of its ENISA and OSCE cybercrime units." Supporters of the operation are encouraged to make copies of the classified documents and post them all over the Internet so that they can't be removed by "government cleaners." The Anonymous members say that more leaks will be coming in the future.
AnonGhost Hacks 65 Israeli Websites
October 14, 2013 – Members of the AnonGhost hacking group are claiming to have breached and defaced 65 Israeli websites as part of Operation Troll Israel. The hackers left a message on the sites saying that on November 20, 2013 they will be attacking Israeli cyberspace. The message also said, "We are AnonGhost and we are everywhere! There is no Israel in this map, no one recognize you because it is Palestine. We are coming soon." The affected sites were private businesses including car dealerships, electronic stores, virtual education institutions, real estate operators, web development companies and private medical centers.
Metasploit And Rapid7 Defaced By KDMS Team
October 11, 2013 – The Palestinian hacking group known as KDMS Team has defaced the websites of Metasploit and Rapid7. The hackers left a message on the Metasploit site saying, "After whatsapp, avira, alexa, avg and other sites we was thinking about quitting hacking and disappear again! But we said: there is some sites must be hacked. You are one of our targets. Therefore we are here." The purpose behind the attacks is to get out pro-Palestine messages. The defacement message continued, "There is a land called Palestine on the earth. This land has been stolen by Zionists." Rapid7 has released a statement saying that the websites were hijacked through the registrar. A Rapid7 representative said, "The attackers have the ability to change ANY Register.com domain." Register.com is owned by the same company that owns Network Solutions, which is the registrar that was compromised earlier this week by KDMS Team.
Hackers Steal Personal Information Of 145,000 Monterey County Residents
October 11, 2013 – Officials from Monterey County, California have announced that hackers breached a computer that contained personal details of 145,000 residents. The attack actually occurred in March 2013, but the details of the attack have just come out. The residents that could be affected are people who received social services assistance between 2002 and 2009. The information that may have been stolen includes names, social security numbers, dates of birth and addresses. State social services officials notified the county about the breach immediately after it happened. The investigation conducted by the county wasn't able to determine if the hackers actually stole the information. Elliott Robinson, director of the county Department of Social Services said, "We deeply regret that this incident occurred and are disappointed that hackers would break into a computer system needed to serve those most in need."
China Targets Mongolia With Espionage Campaign
October 11, 2013 – Researchers have discovered a new cyber espionage campaign targeting Mongolia. It appears that China is behind the campaign and are attempting to learn about Mongolia's relations with the European Union, the United States, South Korea and Japan. Targets are not only Mongolian organizations, but also ones that have economic, diplomatic or military relations with the country. A malicious document is being sent that appears to contain an official unclassified announcement about the Khaan Quest 2014 joint US and Mongolia military exercise. When the document is opened it exploits an old Microsoft Word vulnerability and malware is loaded onto the victim's computer. The infected computer then communicates with a command and control server located in Hong Kong. The malware being used is the same that was used by the Chinese hacker group known as APT1 or Comment Crew.
Pakistani Hackers Deface Google Malaysia
October 11, 2013 – The Pakistani hacking group known as TeaM MADLEETS has defaced the home page of Google Malaysia. The message left on the page reads, "Google Malaysia STAMPED by PAKISTANI LEETS." The hackers used a DNS hijacking attack to accomplish the defacement. A member of the hacking group posted a separate message saying, "We don't hack any country . . . as a result of any kind of hate, We don't hate anyone . . . Whatever the reason is we can't explain except we love all of you." At the time of this writing, the site has been restored and is operating normally.
City Of Mansfield, OH Site Hacked By Dr. SHA6H
October 10, 2013 – The Syrian hacker known as Dr. SHA6H is claiming to have hacked and defaced the website of the City of Mansfield, OH. The hack was done in "support of a free Syria." A message was left on the defaced site saying, "Three years in a row and there is no solution to the blood in Syria? . . . What action from government and human rights organizations!" Dr. SHA6H has hacked several other high profile websites in an effort to bring attention to the situation in Syria. At the time of this writing the website has been restored and is operating normally.
Registrars Ordered To Shutdown Torrent Sites By UK Police
October 10, 2013 – The Intellectual Property Crime Unit (IPCU) of the City of London Police have ordered registrars to suspend domain names of many torrent service sites including MisterTorrent, ExtraTorrent and SumoTorrent. easyDNS is one registrar that has not followed the order saying it sees the request as an abuse of power. The IPCU did not contact the Torrent site owners, instead they sent a letter to their domain registrars, informing them that their clients' activities are breaching copyright law.
UK Hands Down 5 Year+ Sentence for Phishing
October 10, 2013 – Olukunle Babatunde, 27, has plead guilty to conspiracy to defraud UK financial institutions and their customers out of an estimated $1.2M. Babatunde was sentenced to 5 years and 6 months in prison. He is one of two criminals that were arrested for using phishing emails to trick unsuspecting banking customers into disclosing their confidential information. With over 700 victim accounts impacted, the UK courts handed down a sentence meant to deter others from using phishing tactics.
Turkish Government Website Distributing Malware
October 10, 2013 – A website belonging to Turkey's Ministry of National Education has been hacked and set up to serve malware disguised as a DivX plugin. A page has been created that looks like Facebook, where visitors are asked to download a DivX plugin in order to view a video. Once downloaded, the user's computer automatically joins a botnet operated by cybercriminals. At the time of this writing, the malicious page is still on the website.
NSA Wants More Internet Surveillance On Wall Street
October 9, 2013 – General Keith Alexander, Director of the National Security Agency, said, "You have to have the rules set up so you can defend Wall Street." Alexander put forward a scenario where the NSA needs to be in a position to detect "a cyber packet that's about to destroy Wall Street." Experts say that the idea that a single packet could wipe out Wall Street is not realistic. Alexander went on to say that the NSA should not have to wait until an attack happens to take action. The NSA wants to use the same mass-information harvesting systems they currently use on undersea cables, phone calls and Internet activity on the financial information moving in and out of banks, credit unions, investment advisors and stock exchanges. Two years ago, Alexander met with financial industry executives and talked about installing monitoring equipment directly onto the banking networks. It was reported that the executives rejected the proposal.
Cyberattack Resolution Cost And Frequency Rising
October 9, 2013 – According to a study done by the Ponemon Institute, this is the fourth consecutive year in which the cost, frequency and time to resolve cyberattacks continue to rise. The study shows that the average annualized cost of cybercrime incurred per organization was $11.56 million. This is a 78% increase over four years ago, and a 26% increase over last year. Organizations are spending 130% more time working to resolve cyberattacks compared to four years ago, with the average time to resolve an attack being 32 days. Distributed denial-of-service attacks, insider attacks and web-based attacks are the most costly, accounting for over 55% of cybercrime costs. Financial services, energy, defense and utilities sectors have higher cybercrime related costs than retail, consumer products and hospitality.
State of California Website Breached And Defaced
October 9, 2013 – The Filipino hacker known as Shadow Haxor is claiming to have breached and defaced the website of the California Employment Training Panel (EPT). The hacker gained access to the EPT systems by leveraging a ColdFusion vulnerability. The site's homepage was defaced, and the hacker added an additional defacement page that simply reads, "Shadow_Haxor." At the time of this writing, the site is not available.
Anonymous Sends Message To Greece's Golden Dawn
October 9, 2013 – Members of the Anonymous collective have posted a video speaking to the people of Greece and directly to Greece's extremist right-wing party, Golden Dawn. The hacktivists say in the video, "The first part of this message is for . . . Golden Dawn, the one responsible for the death of Pavlov Fyssas . . . We are opposed to such extreme ideologies, and certainly we do not dream to live in such a world. . . Golden Dawn, your website has passed to our possession. All your base belong to Us!" The second part of the message is addressed to the people of Greece and Cyprus and calls on them to "wake up" to what is going on in their country. The video ends with them saying, "Too late to expect us any more, we are already here."
KDMS Team Hacks Avira, AVG, Alexa And WhatsApp
October 8, 2013 – The hacking group known as KDMS Team has followed up their attack on the LeaseWeb website with the defacement of popular sites Avira, AVG, Alex and WhatsApp. All of these sites are registered with Network Solutions. It seems that the hackers compromised the domain provider and changed the DNS data instead of attacking each individual website. At the time of this writing the Avira site still shows the defacement, while the other sites have been taken offline.
Hacker, Paunch, Arrested by Russian Officials
October 8, 2013 – The author of the Blackhole exploit and other well-known exploit kits has been arrested in Russia. The hacker known as 'Paunch' has been detained and no additional details have been released by Russian officials. Paunch, the leader of the Russian Crimeware Gang, has evaded law enforcement for years by using sophisticated measures online to maintain the privacy of his identity. The capture of Paunch is an indication that law enforcement agencies are improving their methods of tracking and capturing elite hackers.
Fall Out from Adobe Breach Continues
October 8, 2013 – New concerns are emerging as details of source code for various Adobe software products have been confirmed to have been stolen. Acrobat, ColdFusion, ColdFusion Builder and other Adobe software products have all been impacted by last week's reported compromise. With access to this source code for up-to two months time--prior to the discovery of the breach--security analysts worry that code modification and release may introduce new zero-day threats. Additionally, the black market resale of the source code may fetch as much as $50,000 per buyer, a significant financial driver for the cyber criminals behind the Adobe breach.
Estimated 8 Out of 10 Global Users Infected by Trojans
October 8, 2013 – A recent report shows that Trojans make up three-quarters of all new malware and infections globally. Trojans are so effective for hackers due to their ability to be continuously modified, allowing it to escape detection by anti-virus software and gateways. The top three countries with infected systems are China (52.4%), Turkey (43.6%) and Peru (42.1%). The lowest infection rates exist in continental Europe with the UK having the lowest overall infection rate at 24.5%.
Leading Hosting Provider, LeaseWeb, Hacked
October 7, 2013 – One of the world's largest hosting providers, LeaseWeb, was hacked by the Palestinian hacking group KDMS Team. The home page of the LeaseWeb website was replaced with an Anonymous Palestine page with the title, "You Got Pwned." The page was up for a few hours before it was restored. KDMS Team posted another message saying, "We owned all of your hosted sites." LeaseWeb issued a statement saying, "No customer data compromised. We continue to investigate."
Wichita City Vendor Site Hacked And Defaced
October 7, 2013 – The vendors' sub domain of the Wichita City, Kansas website has been hacked and defaced by a hacker known as Agent Corporatio. The sub domain that was breached is for businesses to sign up as vendors to the city. Vendor information was leaked including names, user names, vendor ids, vendor names, mixed clear text and encrypted passwords, email addresses, phone numbers and some bank information. Agent Corporatio is a known member of the Turkish Ajan hacking group.
Tom Sawyer Software Breached, Information Leaked
October 7, 2013 – The hacker known as Nairb is claiming to have breached the systems of Tom Sawyer Software. Tom Sawyer Software provides software and services for the development of scalable and flexible data visualization applications. Nairb says that he did not deface the company's website, but he did leak vendor information. The hacker said, "The dump consists of the partially decrypted auth file and company/userlist file in main folder with mostly complete dump of main db and partial of staging db. 2 pieces to da puzzle." The leak contains over 60,000 records that contain user names, email addresses, password hashes, contact information and other account details. There has been no statement given by Tom Sawyer Software at this time.
Anonymous Hacks Latvia's State Employment Agency
October 7, 2013 – The hacker known as W1n5t0n, a member of the Anonymous collective, claimed to have hacked Latvia's State Employment Agency. W1n5t0n says he has leaked the information of over 3,000 users. The leaked information includes user names, email addresses and passwords. Most of the passwords are in clear text, putting the users in danger of having their accounts hijacked. The hacker did not give a reason for targeting the State Employment Agency.
13 Anonymous Members Indicted For Operation Payback
October 4, 2013 – Thirteen members of the Anonymous collective have been indicted by a US Grand jury for allegedly participating in Operation Payback. Operation Payback was an action by Anonymous where a number of websites were hit with distributed denial-of-service attacks in response to the shutdown of The Pirate Bay, the Swedish file-sharing website used to illegally download copyrighted material. The attacks were against the websites of the Recording Industry Association of America, Visa, Mastercard, Bank of America and several others. Those charged were Dennis Owen Collins, Jeremy Leroy Heller, Chen Zhiwei, Joshua Phy, Ryan Russel Gubele, Robert Audubon Whitfield, Anthony Tadros, Geoffrey Kenneth Commander, Austen Stamm, Timothy Robert McLain, Wade Carl Williams and Thomas Bell. The men range in age from 21 to 65 and live in 13 different states. The suspects are charged with conspiracy to intentionally cause damage to protected computers. According to court records the suspects conspired to coordinate DDoS attacks in Internet Chat Relay channels. The attacks caused an estimated $5,000 in damages and affected at least 10 protected computers.
Adobe Systems Breached, 2.9 Million Customer Logins Stolen
October 4, 2013 – Adobe Systems, Inc. has issued a notification to their users that the company has suffered a "massive and sophisticated cyber attack." Adobe believes that the attackers took information relating to 2.9 million customers, including customer names, email addresses, encrypted passwords, encrypted credit or debit card numbers, expiration dates and other information relating to customer orders. In addition to the customer data being accessed, it appears that source code for numerous Adobe products was also accessed. Law enforcement is currently investigating. Chief Security Officer of Adobe, Brad Arkin said, "We value the trust of our customers. We will work aggressively to prevent these types of events from occurring in the future. Again, we deeply regret any inconvenience this may cause you."
Anonymous Plans Monsanto Protest
October 4, 2013 – Members of the Anonymous Americalatina collective are planning an online protest against Monsanto for October 12, 2013. The operation will include distributed denial-of-service attacks and website defacements. The hacktivists are demanding that Monsanto stop contaminating the global food chain, intimidating small farmers, using destructive herbicides and pesticides and bribing officials. In a video announcing the operation, Anonymous says, "Anonymous urges all concerned citizens to stand up for these farmers, fight for the future of your own food, protest, organize, spread info to your friends! Say no to toxic chemicals in your food! Say no to GMO! Say no to Monsanto!"
Afghan Cyber Army Defaces Syrian Investment Agency
October 4, 2013 – Members of the Afghan Cyber Army have hacked and defaced the website of the Syrian Investment Agency. According to the hackers, the attack is a show of support for their "brothers in Syria who fight for freedom." The defacement page includes a picture of Bashar al-Assad with a message saying, "Hold your sword and fight those who have transgressed. With your machine gun enter the battlefield." At the time of this writing the site is still defaced.
Online Black Market, Silk Road, Seized By FBI
October 3, 2013 – Silk Road, the deep web bitcoin-based black market has been shut down by the Federal Bureau of Investigation. In addition, the owner of the site, Ross William Ulbricht, 29, was arrested on charges of narcotics trafficking, computer hacking and money laundering. Silk Road could only be accessed using a secure Tor browser allowing users to purchase illicit goods anonymously using Bitcoins. The FBI released a statement saying, "The government's investigation has revealed that, during its two and a half years in operation, Silk Road has been used by several thousand drug dealers and other unlawful vendors to distribute hundreds of kilograms of illegal drugs and other illicit goods and services to well over 100,000 buyers and to launder hundreds of millions of dollars deriving from these unlawful transactions."
Syrian Electronic Army Attacks GlobalPost Again
October 3, 2013 – For the second time in less than a week, the Syrian Electronic Army (SEA) has hacked the website of the GlobalPost news service. SEA is claiming to have deleted the website, issuing a statement saying, "We hope that you guys enjoy your time looking at your deleted website." GlobalPost released a statement saying, "GlobalPost has apparently been hacked by the Syrian Electronic Army. We are working hard to restore out site as soon as possible." At the time of this writing, the site has been restored. It is unclear if GlobalPost fixed the vulnerabilities that allowed SEA to breach the site.
Bitcoin Forum Breached
October 3, 2013 – Bitcointalk.org, a popular Bitcoin discussion forum has been breached by the hacking group known as The Hole Seekers. The hackers defaced the website with an animated page that played music and displayed rockets and explosions. The site has been taken down as a security precaution and will remain down until investigations into the hack are completed. The administrator of the site, Theymos, said, "There's a good chance that the attackers could have executed arbitrary PHP code and therefore could have accessed the database, but I'm not sure yet how difficult this would be." Users of the forum have been advised to change their passwords.
Iranian Cyber Warfare Chief Killed
October 3, 2013 – It is being reported that Mojtaba Ahmadi, the commander of Iran's Cyber War Headquarters has been killed. His body was found with two bullet wounds to the heart. Iran's "The Telegraph" reported that witnesses saw two people on a motorcycle assassinate Ahmadi with a pistol from close range. The Iranian Revolutionary Guard Corps has issued a statement denying the media reports that Ahmadi was assassinated. They said that "one of its workers," whose name they haven't revealed, has been involved in an "incident." But they reiterated that there has been no assassination. They are now investigating the incident and the intentions of the attackers.
100 Gbps DDoS Attack Reported
October 2, 2013 – It is being reported that an unnamed company has suffered a distributed denial-of-service attack that reached 100Gbps. No amplification techniques were used during the attack, meaning that the attackers have 100 Gb bandwidth available to them. The attack lasted for 9 hours before it was able to be successfully mitigated. The attack on Spamhaus in March 2013, which is considered the largest ever reported, reached 120 Gbps, but it used a DNS amplification technique to reach that level.
AnonGhost Breaches Baseball Canada Website
October 2, 2013 – Members of the AnonGhost hacking group are claiming to have hacked and defaced the website of Baseball Canada. The main domain and fifteen subdomains have been defaced. The defacement page contains a message reading, "Your website has been hacked by AnonGhost. We hacked your website because its security failed." This hack is unusual for the AnonGhost group, normally their hacks are related to anti-Israel messages. At the time of this writing the website has still not been restored.
LulzSec Peru Defaces Ministry Of Women And Vulnerable Populations
October 2, 2013 – Members of the LulzSec Peru hacking collective have hacked and defaced the website of Peru's Ministry of Women and Vulnerable Populations. The site's index page has been replaced with the LulzSec logo and a message reading, "Hacked by LulzSecPeru." No statement has been issued by the Ministry at this time. At the time of this writing the site has been restored and is operating normally. LulzSec Peru has a history of defacing several sites belonging to the Peruvian government and other South American governments.
50 Security Vulnerabilities Fixed In Chrome
October 2, 2013 – Google has fixed a total of 50 security vulnerabilities in the latest version of Chrome. The vulnerabilities include ten high-impact and six medium-impact flaws. Eleven security researchers have been credited with finding the vulnerabilities and were awarded a total of $19,000 for their work. Some of the researchers also worked with Google during the development of Chrome 30.
Syrian Electronic Army Hacks US News Agency
October 1, 2013 – The Syrian Electronic Army (SEA) hacking group has hacked the website and Twiiter account of the US based news agency, GlobalPost. SEA posted a tweet using the hacked account saying, "Think twice before you publish untrusted information about Syrian Electronic Army." GlobalPost Editor Kyle Kim sent out a tweet saying, "We've been hacked." The GlobalPost website was taken down soon after it was breached. The hackers said they attacked GlobalPost because it published "innocent peoples' names in their article and said that they are SEA members."
AnonGhost Returns With Hack Of Israeli Defense Contractor
October 1, 2013 – After just recently announcing that they were disbanding, the AnonGhost hacking group has reappeared taking credit for hacking the website of Israeli Defense Contractor Israel Product Research Co. LTD. (ISPRA). ISPRA develops, manufactures and markets non lethal devices for riot control, crowd management, anti terror equipment and police gear. The hackers left a message on the site saying, "We are AnonGhost and we are everywhere! There is no Israel in this map, no one recognize you because it is Palestine." At the time of this writing the site has been restored and is operating normally.
European Cyber Security Month Starts Today
October 1, 2013 – Today marks the beginning of the first official European Cyber Security Month. Throughout the month, 40 private and public stakeholders from 25 European nations will take part in cyber security activities designed to raise awareness. Activities will include workshops, lectures, fairs, online and outdoor campaigns, meetings and contests. Executive Director of ENISA, Udo Helmbrecht said, "Cyber security is about the possibility to live your digital life. We encourage you to get involved in the campaign: online security requires your active participation!"
Anonymous Defaced Site Of Indian Higher Education
October 1, 2013 – Members of the Anonymous Kashmir collective have hacked and defaced the website of the Board of Higher Secondary Education Delhi. The site's index page and a subdomain have been defaced with the message, "Congratulations India! Your brutality continues in Kashmir. . . You killed Kashmiri youth in hundreds just to prove that there are still militants in Kashmir." At the time of this writing the site is still showing the defacement.