Latest Posts

Fake Google Chrome Update Delivering Malware

Security researchers from Zscaler came across a malware posing as Google Chrome update which fools user into lowering their smartphone defenses so that they can steal credit card details.

When the APK file is executed after downloading, the fake Google chrome update asks for administrative right. As most users will think this is from Google, they will grant the permission. Once the malware is given such permission, it will start its malicious behavior by first registering the device with a C&C server, then check antivirus installed on the phone and terminate their process. The malware can monitor SMS and call on the infected device and can also steal SMS by sending it to the C&C server.

The most dangerous thing the malware does is, stealing credit card credentials. Each time the user of the infected device opens Google Play Store app, a popup appears asking the user to enter his/her credit card details. If by mistake the user enters the details, this is sent via SMS to a phone number in Russia (+7926XXXX135).

We advise our readers to update their applications only through Google Play Store.

Source:[Zscaler]

#OpAfrica: 1TB of Kenya's Ministry of Foreign Affairs’ Document Leaked By Anonymous

Anonymous hackers in Kenya leaked data of the Kenyan Ministry of Foreign Affairs online. This is part of the operation called OpAfrica which started some months back. The data dump, which consists of PDF and Docx files, contained no sensitive information of employee’s details or credentials. The operation OpAfrica was started to fight against government corruption, child abuse and child labour in African countries. According to a document posted on ghostbin, OpAfrica will not stop here and the hackers listed a series of other government which they are targeting, namely,

Government of Burundi
Government of Togo
Government of Kenya
Government of Burkina Faso
Government of Central African Republic
Government of Ethiopia (repeat, but was overlooked during phase 1)
Government of Somalia
Government of Algeria
Government of South Africa



More can be read from the Ghostbin document:  [Click Here!]

Qatar National Bank Suffers Data Breach

1.4GB of data has been stolen from the Qatar National Bank. The data containing contain files such as QNB customer accounts, passwords, PINs, payment card data, home addresses, emails, and other PII (Personally Identifiable Data) data has been dumped online by an unknown hacker on the Cryptome website.
Several security firms and journalists, who have analysed the data have confirm the validity of the data. These dumped data contain enough information to commit financial fraud by using the name of the affected clients. The bank has not issued any official statement and stated that they do not comment on speculation. They also added that there is no financial impact on its customers.

The data dumped also contained intelligence information and internal bank documents. Data on Qatar's Royal Family, the Qatari Ministry of Defence, and various intelligence agencies from Qatar (Mukhabarat), the UK (MI6), France and Poland can be found in the a folder named as SPY. Details on Al-Jazeera reporters were included.

French Defense Ministry Website Hacked By Anonymous

Anonymous hackers have penetrated into a web portal of the French Defense Ministry Website and leaked the database online. The motivation of this cyber-attack is to protest against the country's intensive foreign arms trade operations.
A smaller site, the Centre d'Identification des Materiels de la Defense, has published a communique stating that the portal was under maintenance after the incident was published by Anonymous. The database leaked contains sensitive data such as FTP client usernames, website accounts, PHP sessions and information on army suppliers and partners.
Along with these leaks, Anonymous also provided links to press articles regarding France's weapons industry and its lucrative arms trade sector.

Link to leaked database has not been provided for security reasons.

Link to Article 1
Link to Article 2

OpAfrica: Anonymous leaks Details of South African Government Employees

Anonymous hackers hacked V-Report, a job portal website, and leaked information of South African Government employees. The data leaked contains full name, email and ID number.This was carried out under and operation dubbed as OpAfrica which was launched at the start of February 2016. Anonymous hacktivists are trying to raise awareness against child labour, for which the government has not taken any action.

"We had information about +33.000 Job Seekers. But we just prefer to publish government officers data."

Anonymous also released a video one week ago

Anonymous Operation Africa #OpAfrica from @AnonymousVideo on Vimeo.

Anonymous hackers have also leaked data which they acquired after hacking the South African Government Communication and Information System (GCIS). These consist of real name, username, hashed passwords and phone numbers.

Link to database document has not been provided for security reasons.

Hacker Leaked Details of 9000 DHS and 20000 FBI Employees

A hacker using the codename DotGovs has released details of 9,000 US Department of Homeland Security (DHS) and 20000 FBI employees via his Twitter account. In an exclusive interview he had with Vice, the hacker gave detail how he breached the DHS computer system. The hacker stated that he was able to get access to one email address of a DHS employee. From there, he tried to log into a DOJ web portal but that did not work. He phoned the person in charge.

“So I called up, told them I was new and I didn't understand how to get past [the portal],” the hacker told Motherboard. “They asked if I had a token code, I said no, they said that's fine—just use our one.”

The hacker posted a picture of the computer he had access to:


 After getting access to the portal, the hacker saw a portal containing around 1TB of data, he stole only around 200GB of them. After the interview with Vice, the hacker leaked the details of 9000 DHS employees on Twitter. After some time, he tweeted about the 20000 FBI employees details. These consists of names, telephone and fax numbers, department, state, email addresses and work titles. 
The hacker's last tweet goes as follows:

 Read More From Vice: [Click Here!]

Visitors

Free counters!

Receive all updates via Facebook. Just Click the Like Button Below...

Powered By MauriHackerS

Translate

MauriHackerS - Providing Latest IT Security and Hacking News !