Latest Post

Bitcoin Creator Satoshi Nakamoto's Email Hijacked

A hacker using the name of Jeffrey is claiming to be having control of the email of the Bitcoin founder Satoshi Nakamoto. He also stated that he obtained information about Nakamoto that could be used to identify him. Jeffrey posted a pastebin document where it was written that he is offering to trade Nakamoto’s personal data for 25 Bitcoins. He provided his Bitcoin address for those interested and also added two screenshot of the inbox of the email hijacked.
 
Message on pastebin:
Releasing the so called "gods" dox if my address hits 25 BTC.
And no, this is not a scam, you can see the below screenshots for proof of inbox ownership and a little teaser.
BTC:[account removed]
Same one posted on p2pfoundation^
Teasers:[images link removed]

It is still unclear how Jeffrey took over the email of Satoshi Nakamoto. Through this email address, the hacker seems to have taken control of different other accounts. On Monday he posted a message on the P2P Foundation forum where the following was written,
Dear Satoshi. Your dox, passwords and IP addresses are being sold on the darknet. Apparently you didn't configure Tor properly and your IP leaked when you used your email account sometime in 2010. You are not safe. You need to get out of where you are as soon as possible before these people harm you. Thank you for inventing Bitcoin.

On Monday itself, the head administrator of Bitcointalk discussion forum stated that he received a message from an old email of Satoshi which led him to believe that the account had been compromised.
Today I received an email from satoshin@gmx.com (Satoshi's old email address), the contents of which make me almost certain that the email account is compromised. The email was not spoofed in any way. It seems very likely that either Satoshi's email account in particular or gmx.com in general was compromised, and the email account is now under the control of someone else. Perhaps satoshin@gmx.com expired and then someone else registered it.
Don't trust any email sent from satoshin@gmx.com unless it is signed by Satoshi. (Everyone should have done this even without my warning, of course.)
I wonder when the email was compromised, and whether it could have been used to make the post on p2pfoundation.ning.com. (Edit: I was referring here to the Dorian Nakamoto post. After I posted this, there was another p2pfoundation.ning.com post.)

Pastebin Document: http://pastebin.com/7gbPi8Qr
P2P Foundation Forum Message: [Click Here!]
BitcoinTalk Forum Statement: [Click Here!]

Source: WIRED
 

5 Million Google Accounts Leaked

A database containing 5 millions of Google account was leaked on a Bitcoin Security board late on the 9th September 2014.These accounts gives access to  Gmail mail service, G+ social network and other products of the US-based internet giant. The forum user, tvskit, who published this database, stated that 60% of these credentials were still valid.
Users who want to check if their account's credential has been leaked can visit isleaked.com, a service which will check whether your account is in the list. Any user who's fallen victim of the leak is advised to change his/her password immediately and to turn on the TWO-FACTOR ATHENTICATION service on their account.

Source:[RT]
 

Adobe Flash Player 15 Fixes 12 Vulnerabilities

Adobe Flash Player 15.0.0.152 which was released on Tuesday fixes a total of 12 vulnerabilities. Many among these could be exploited for code execution. These flaws affect Flash Player 14 and all previous versions for Windows and Mac.

These updates resolve memory leakage vulnerabilities that could be used to bypass memory address randomization (CVE-2014-0557)
These updates resolve a security bypass vulnerability (CVE-2014-0554).
These updates resolve a use-after-free vulnerability that could lead to code execution (CVE-2014-0553).
These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0555).
These updates resolve a vulnerability that could be used to bypass the same origin policy (CVE-2014-0548).
These updates resolve a heap buffer overflow vulnerability that could lead to code execution (CVE-2014-0556, CVE-2014-0559).

We advise our readers to update their Flash Player as soon as possible.

Source:[Adobe Security Bulletin]
 

37 Cape Verde Government Websites Defaced By Bangladesh Grey Hat Hackers

After defacing McDonald website last week, Bangladeshi hacker of Bangladesh Grey Hat Hackers, Ablaze Ever, defaced 37 Cape Verde Government Websites this time. The US Embassy, National Police of Cape Verde, and National Portal of Cape Verde were included.
At the time of publishing, all the websites were under construction. A list of all the website and mirrors is available below.
List of all websites defaced: [Click Here!]
 

Mauritian Government Sub Domain Compromised

Hacker using the codename of Maniak k4sur defaced a sub-domain of the Mauritian Government website. The hacker uploaded a defaced page on which the following message was written,
"« Maniak k4sur w4z here !! »"

At the time of publishing, the webpage was edited on which  "This page is under construction" message was seen. The news came as a comment on Mauritian Linux enthusiast Ish Sookun blog around 19hr.

We seized this opportunity to do some further search and discovered that this particular sub domain has been defaced twice. Below are mirrors of each time it was reported defaced,

2014-08-18 09:25:01
http://www.zone-h.org/mirror/id/22796257

 2010-10-01 00:09:45
http://www.zone-h.org/mirror/id/11723437

 

#‎OpIsraelReborn‬: AnonGhost Hacked 130+ Israeli Websites

Mauritania Hackers have defaced over 130 Israeli websites in an operation called #‎OpIsraelReborn. The same defacement page was uploaded on each of these websites. By the time of publishing, many of these websites were restored. Mirrors and the full list of websites defaced have been provided below for our readers.
List of all defaced Websites:
 

McDonalds Indonesia Website Sub-Domains Hacked By Bangladeshi Hacker

Bangladeshi hacker who is a member of the Bangladesh Grey Hat Hackers and using the codename of Ablaze Ever defaced two sub domain of the official website of McDonald Indonesia. The same defacement page was uploaded on each sub-domain on which the following message was written,

"Hacked by Ablaze Ever
McDonald's Indonesia has been Hacked by Bangladesh Grey Hat Hackers
Our message to all stinky Israelis: You were born to go to Hell, you keep attacking our brothers and sisters,We keep attacking on your cyberspace. Last but not Least, "Allahu Akbar"
Gretz To: BD Xtor - Rotating Rotor - Cr4Ck Br41N - Murkho Manob - Ly Ly - Core Tuner - Chy - Dark Fox - Red Core - Sharif - Bokamanus - Asotha - Pakhi - Doremon - Fakessh - Salim - Himel - Dracula And All Muslim Hackers
ablaze_ever@yahoo.com
© BD GREY HAT HACKERS
"

At the time of publishing, both webpage were unavailable.Mirror of how they looked at the time of defacement has been provided below. Along with this, a series of other websites were defaced by another Bangladeshi hacker of the same hacking group.The list has been provided below.

Sub-domains Defaced:
http://order.mcdonalds.co.id/
http://myhappybox.mcdonalds.co.id/

Mirrors:
http://zone-h.org/mirror/id/22853184
http://zone-h.org/mirror/id/22853185

List of all other websites defaced:
http://pastebin.com/iGc26Lzv
 

Mauritian Expert Witness Demonstrated How Data Can Be Stolen From The Biometric ID Card

After granted persmission yesterday by the Judge Eddy Balancy, every eyes were on the Mr Sookun today. He had to do a presentation but this was not projected as State lawyers stated that they do not have an expert to refute his sayings. The Judge therefore confirmed his findings which will be considered as evidence.
Mr Sookun showed how data stored on the Biometric ID Card can be copied to a laptop by using a simple RFID Card reader. The card reader can capture the data from a distance of 5 centimeters, as such, the holder of the card reader does not really need to have the card in hand to get the data.
He added that this type of card reader are easily available for sale on the internet and has been buying one himself. The card reader did get through the custom office without any problem.
He also talked about the vulnerabilities on the MNIC website where he was able to retrieve personal information of 67 people. According to him, the way of coding gives the impression that these were written by script kiddies, that is, those having a very low level of coding experience.
Mr Sookun did not miss this opportunity to talk about the vulnerabilities on the Government website (www.gov.mu) caused by the "mis-managing" of the Sharepoint. As such, the website can easily fall prey to hackers. The Linux enthusiast mentioned that the Government domain name was also registered by a private company, Internet Direct Limited.

The next hearing is due for Monday 8th September 2014 and the Judge said that Tuesday could be the last one.

Thanks to Mr Ish Sookun who provided us with the information for this article
 

Mauritian Linux Professional Granted Permission To Be An Expert Witness In Court

The young Mauritian Linux enthusiast and blogger who discovered vulnerability on the MNIC website, Ish Sookun, was granted the permission by Judge Eddy Balancy to do a presentation as a witness. The State who was represented by Rabindra Namdarkhan, argued that Mr Sookun cannot give his expert knowledge because he has no academic degree.
Mr Sookun stated that he is a Linux Certified Professional and has aquired knowlegde in the field through practical experience. The judge was satisfied with the explanation and agreed that Ish does the presentation on the next hearing, 5th September 2014.

On the other side, a message relating to the last date for registration of the new ID card was posted on the official page of No to biometric data on ID card. The messages go as follows:
"MNIIC is now giving the 30TH OF SEPTEMBER as the last date for registration when being asked today. That date was already stated in court before the Supreme Court went on holiday in August. MNIC seized the opportunity to give false date to pressurize people. We are sorry for those who went to do the card in fear. Follow the news and our group closely because this date can be postponed at any time. All we are asking now is to be patient.

MNIIC nous a informé de la prolongation de la date limite pour le renouvellement de vos cartes; soit jusqu'au 30 septembre 2014. Cette date avait déjà été annoncée lors de l'audience en Cour Suprême en Août avant que celle-ci ne soit en vacances. MNIC a depuis manqué d'informer la population de cette prolongation laissant planer le climat de pression à l'arrivée de la précédente date butoir. Nous sommes désolés pour ceux qui pris de peur sont allés faire leur carte. Nous vous invitons à consulter régulièrement notre page afin de recevoir les dernières informations. Il se pourrait que cette date soit à nouveau revue. Il nous faudra être patient et nous comptons sur vous.
"


 

Apple confirms,iCloud System Was Not Breached

During the weekend, nude pictures of several celebrities were leaked on the internet. The hacker stated that these were obtained from their iCloud account. As soon as Apple came to know about the incident, they gathered all their engineers to find out if there was any vulnerability which has been breached by the hacker.
More than 40hours were spent on investigation and Apple discovered that certain celebrities’ accounts were compromised by attacking on username, password and security question, that is, by techniques like brute force and social engineering.

The statement of the company stated:
"None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud® or Find my iPhone."

The company is still working with law enforcement to identify the hackers behind this attack. The company is also advising its customers to use strong password and enable two-step verification.

Source: [Apple Press]
 
 
Support : MauriHackerS | Personal Template | Smoker
Copyright © 2012. MauriHackers - All Rights Reserved
Template Created by Creating Website Powered by Hackers
Proudly powered by Hackers