Hacker Donates $11000 to Help Kurds in Rojava

A hacker going by the codename HackBack or Phineas Fisher, has donated $11000 in bitcoins to Rojava – a Kurdish region in northern Syria, located at the borders of IS (Daesh) controlled territory.On his twitter account, he described them as "one of the most inspiring revolutionary projects in the world today.

The hacker stated that the money comes from a heist but refused to reveal more details. He also revealed that a much bigger cyber-heist is been work on. The donation was done online though a campaign which the Rojava is running to get fun to feed its region.

Source:[Click Here!

Hacker Selling 117 Million LinkedIn Accounts On Darkweb

A hacker using the code name of Peace is selling 117 million LinkedIn user information on darkweb for 5 Bitcoins(around $2200/£1,500).LeakedSource, the paid search engine for hacked data managed to get a copy of the stolen data stated that there are around 167 million hacked account and 117 million have both emails and encrypted passwords.
LeakedSource commented about the password sasying,
"Passwords were stored in SHA1 with no salting. This is not what internet standards propose. Only 117m accounts have passwords and we suspect the remaining users registered using Facebook or some similarity."

Additionally, security researcher Troy Hunt Tweeted that as the passwords are encrypted with SHA-1, it will be easily cracked.

Source:[Click here!]

444 School Websites Shut Down By Teen Hacker

A 16 year old student has been charged with obstruction of justice for having launched DDoS attacks on 444 school websites in Japan. The incident took place in November 2015 and is considered to have made history in Japan for having targeted a local governmental organisation. According to the local police, the boy launched the attack to teach his educators a lesson.

"I hate how the teachers talk down to us and never let us express ourselves. So, I thought I would remind them of their own incompetence. It felt good to see them have problems. I did it several times,"

Police seized the boy's computer and some hacking book. He downloaded tools which sent large volumes of data to the Board of Education servers, causing it to be unreachable for about one hour. The boy also told the police that he wanted to join the hacking group Anonymous.

Japanese law punishes such crimes with a maximum of a three-year prison term or a fine of ¥500,000 (£3204, $4,598). Taking the boy's age into consideration, it is not sure that he will face the maximum sentence.

Source:[Click Here!]

Commercial Bank of Ceylon Hacked

Commercial Bank of Ceylon, Sri-Lanka published a notice stating that they were hacked.

"There was a hacking attack on our website and the Bank took immediate corrective steps. Our systems are fully secure and operational. The hacking attack was also immediately communicated to the relevant authorities. We confirm that no sensitive customer data were lost due to this intrusion. We are taking every measure to protect the privacy of our customers and have engaged external parties to review all our systems to ensure that no vulnerabilities exist. Commercial Bank of Ceylon PLC is committed to provide safe and reliable systems and is at the forefront of providing secure banking services."

No more details concerning when and how this happened. But recently, according to an article on Bank Info Security, published on May 13, 2016,  it is believed that a hacking group going by the name of Bozkurtlar hacking group posted data of the Commercial Bank of Ceylon online. Researchers said that the dumped files contains the entire content of the corporate website, 158276 files in 22901, which when uncompressed is about 6.97GB.

Commercial Bank of Ceylon Statement: [Click Here!]
Read More From Source: [Click Here!]

Nulled.io Database Leaked

The well known underground hacking forum Nulled.io suffered massive data breached on 6th May 2016. 500,000 members' email addresses, private messages, password and IP was leaked in a 1.3GB tar archive file. When expanded, the size of the data is 9.45 db.sql file and also contains over 5500 purchase record and 12,600 invoices of buying, selling and sharing of stolen credentials.

The breach was discovered by the security firm Risk Based Security. The firm was unable to track the hacker and stated "When services such as Nulled.IO are compromised and data is leaked, often it exposes members who prefer to remain anonymous and hide behind screen names. By simply searching by email or IP addresses, it can become evident who might be behind various malicious deeds. As you can imagine, this can lead to significant problems for forum users."

Source:[Click Here!]

A Former Executive Suspected of Hacking the National Transport Authority (NTA) Database

A former top executive of the National Transport Authority (NTA) is suspected of hacking the database of the NTA. It is believed that the former employee was helped by insiders.

A source at the Ministry of Public Infrastructure told le Defi Media Newspaper:
"The police and the Cybercrime Unit are investigating to determine who are the people who could benefit from this hacking,". The same source also added that the accomplices of the former NTA executive will face sanctions and very soon the investigation will reveal the impact of the hack.

To mention, this hacking case was first revealed by the minister of Public infrastructure himself, Mr Nando Bodha, at the opening ceremony of a workshop on cybercrime, at the Westin Hotel, Balaclava, Monday, March 21 2016. He also mentioned that the alleged hacker was getting access to the database from his home (remotely), he modified the database and also made a copy of it.


Complete Panama Papers Database Now Available Online

The Panama Papers scandal came into light last April when German newspaper Süddeutsche Zeitung and the International Consortium of Investigative Journalists (ICIJ) published a summary of their investigation into the 2.6TB of dump data of the activities of Mossack Fonseca.

These data covers nearly 40years of the law firm's activities, ending in 2015. Investigators claimed these data contained important information on important companies and people from more than 200 countries.

ICIJ launched a website where internet users can search for both individuals and companies and get neatly organized results. Details about each person is available, their connection to offshore institution, along with information on that shell corporation, current jurisdiction, incorporation details, and the searched person's role.

ICIJ Website: [Click Here!]

Google Brings HTTPS to All BlogSpot Domain Blogs

In a blog post published on the 3rd May, Google has announced that it has rolled out HTTPS for all BlogSpot, even for those having a private domain. Launched in September last year, this feature was an option which users could turn on. But now the feature is set by default.
Another option has been added, one that says "HTTPS Redirect". If this feature is turned on, automatically all visitors will be redirected to the HTTPS URL instead of the old insecure HTTP link.

Google also stated that mixed content may cause some of the blog's functionality no to work with the HTTPS version. This is usually caused by incompatible templates, gadgets, or post contents and they are working on these issues but there are some setting that blog owners only will be able to do so that these works.

Source:[Google Security Blog]

Fake Google Chrome Update Delivering Malware

Security researchers from Zscaler came across a malware posing as Google Chrome update which fools user into lowering their smartphone defenses so that they can steal credit card details.

When the APK file is executed after downloading, the fake Google chrome update asks for administrative right. As most users will think this is from Google, they will grant the permission. Once the malware is given such permission, it will start its malicious behavior by first registering the device with a C&C server, then check antivirus installed on the phone and terminate their process. The malware can monitor SMS and call on the infected device and can also steal SMS by sending it to the C&C server.

The most dangerous thing the malware does is, stealing credit card credentials. Each time the user of the infected device opens Google Play Store app, a popup appears asking the user to enter his/her credit card details. If by mistake the user enters the details, this is sent via SMS to a phone number in Russia (+7926XXXX135).

We advise our readers to update their applications only through Google Play Store.


French Defense Ministry Website Hacked By Anonymous

Anonymous hackers have penetrated into a web portal of the French Defense Ministry Website and leaked the database online. The motivation of this cyber-attack is to protest against the country's intensive foreign arms trade operations.
A smaller site, the Centre d'Identification des Materiels de la Defense, has published a communique stating that the portal was under maintenance after the incident was published by Anonymous. The database leaked contains sensitive data such as FTP client usernames, website accounts, PHP sessions and information on army suppliers and partners.
Along with these leaks, Anonymous also provided links to press articles regarding France's weapons industry and its lucrative arms trade sector.

Link to leaked database has not been provided for security reasons.

Link to Article 1
Link to Article 2

Hacker Leaked Details of 9000 DHS and 20000 FBI Employees

A hacker using the codename DotGovs has released details of 9,000 US Department of Homeland Security (DHS) and 20000 FBI employees via his Twitter account. In an exclusive interview he had with Vice, the hacker gave detail how he breached the DHS computer system. The hacker stated that he was able to get access to one email address of a DHS employee. From there, he tried to log into a DOJ web portal but that did not work. He phoned the person in charge.

“So I called up, told them I was new and I didn't understand how to get past [the portal],” the hacker told Motherboard. “They asked if I had a token code, I said no, they said that's fine—just use our one.”

The hacker posted a picture of the computer he had access to:

 After getting access to the portal, the hacker saw a portal containing around 1TB of data, he stole only around 200GB of them. After the interview with Vice, the hacker leaked the details of 9000 DHS employees on Twitter. After some time, he tweeted about the 20000 FBI employees details. These consists of names, telephone and fax numbers, department, state, email addresses and work titles. 
The hacker's last tweet goes as follows:

 Read More From Vice: [Click Here!]

MalwareBytes Launches Bug Bounty Program

MalwareBytes, a company that provide security products for Windows and Mac has launched its bug bounty program. The company is inviting security researchers to report vulnerabilities they find in their product and rewards will vary between $100 and $1000 per bugs, depending on its severity and exploitability. Adding to that, reporters will also be listed on Malwarebytes' Hall of Fame.
A detail of the program can be read [Click Here!]

Source: [MalwareBytes]

Mauritian Linux Expert Ish Sookun Released On Bail

After spending 10 days in detention, Ish Sookun, the Mauritian Linux expert has been granted bail on Tuesday 2nd February. He was apprehended in the context of the investigation into the anonymous e-mail which was sent to the Prime Minister's Office and which referred to terrorist attacks in Mauritius. He had to provide two sureties of Rs100, 000 and sign an acknowledgment of indebtedness of Rs500, 000.
Mr Sookun animated a press conference yesterday afternoon in the office of his barrister where he has challenge the police to bring evidence which shows he is the sender of the mail in question. He intend to claim compensation to the police.
Source: L'Express

Pastebin.com Suffered DDOS Attack

Pastebin.com, a website where people can store text online has been hit by DDOS attack in the night of 29th to 30th January. This was announced on pastebin official Tweeter and Facebook account. No more details were given concerning the attack.

We contacted pastebin to get more detail concerning the attack and will update the article as soon as we get a reply.

ISIS Hacker Appeared In US Court

Ardit Ferizi, 20, a Kosovo citizen suspected to have supplied ISIS's member, Junaid Hussain, with information on US servicemen has made his first appearance in a US Court on Wednesday. Magistrate Judge Ivan D. Davis charged him with unauthorized access to a computer, aggravated identity theft, and providing material support to a designated foreign terrorist group. If he is found guilty of all three offences, he may face up to 35 years of imprisonment.

The hacker was arrested in Malaysia last October and was detained there on a U.S. provisional arrest warrant. True identity of the hacker also made surface. He was a computer science student in Kuala Lumpur. He is the owner of the Twitter account @Th3Dir3ctorY and is the leader of the Kosova Hacker's Security (KHS) hacking group. He had in the past hacked several companies and government websites. Firizi also stole data from Greek mobile telecom firm OTE and IBM. He is believed to be the one who retrieved all the information about US servicemen. Hussain only published it for others to get access.

Junaid Hussain who was known by the name of Abu Hussain al-Britani, was a British citizen who joined ISIS. He was the leader of ISIS hacking division and was killed last year in a drone strike conducted by the US military.

Source: [Washington Post]

HSBC UK Hit By DDOS Attack

Online banking services was unavailable for customers of HSBC UK this Friday morning. According to the several statements the bank published via their official Twitter account, they suffered a DDOS attack but successfully defended their system.

Another Tweet stated that HSBC is working with law enforcement to find the cyber criminal who conducted this attack.
According to their latest Tweet, IT guys of the bank are monitoring the situation closely. They are still seeing the DDOS attack but they are gradually recovering from it.

Cisco Patches Critical Vulnerability In Firewall Devices

Cisco has released a firmware update for its Wireless Network Security Firewall RV220W to patch a critical flaw that allows remote attackers to get administrative privileges on the device.
An unauthenticated attacker can send specially crafted http requests containing malicious SQL statements to the device and bypass the authentication to get administrative priviledge. This attack can be carried out only if the remote management feature is enable on the targeted device.

To read more about the vulnerability and what measures can be taken [Click Here]

Beware of New iPhone Crashing Bug

Pranksters are spreading a URL via social networks which direct people clicking on it to crashsafari.com. This particular website crashes your safari browser and if you're an iPhone user, it will be rebooted. This is not the first time that such a bug is discovered. In May 2015, users were crashing each other's phones by sending a specially crafted message via the iMessage app. This issue was fixed in iOS 8.3.1.

If a person visits the website from an Android or a desktop computer, the bug will only crash the browser, even if it is Chrome or Firefox. Crashsafari.com generates very long and increasing string of characters,all via JavaScript code, which overloads the text string in the address bar.

According to Google's statistics, over 400,000 users have already accessed the link,among which 325654 are iPhone users. [Click Here!]


Mauritian Linux Expert Ish Sookun Arrested

Ish Sookun, the young Mauritian Linux enthusiast has been arrested by the CCID of Mauritius on Saturday evening 23rd January 2016 in relation to an anonymous e-mail on terrorist threats sent to the Prime Minister’s Office. 20 police officers landed at his place around 16.45. During this operation, two laptops, one computer, some drives and a USB stick were seized. The police suspects that the e-mail comes from an Internet café operated by Mr Sookun situated at Curepipe. Mr Kishan Sooklall, the business partner who was operating the cyber cafe has also been arrested.

Both Mr Sookun and his business partner have been presented before the Bail and Remand Court Sunday 24th 2016 and were refused bail. They have been provisionally charged under the Prevention of Terrorism Act and will appear before the Curepipe Court tomorrow. Social workers, Dr Maharajah Madhewoo ,Eddy Sadien and many other member of the No to Biometric ID Card platform along with Mr Sookun's family were present at the Court. Ish retained the service of Mr Sanjeev Teeluckdharry and Mr Eriksson Moneeapillay.

Source: Local News

Apple Fixed Shared Cookie Vulnerability In iOS 9.2.1

Earlier this week, Apple pushed out iOS 9.2.1 which fixed a vulnerability which has been in the wild for nearly 3 years. This vulnerability was discovered by security researchers from Skycure, Yair Amit and Adi Sharabani.

When a user connects to a public network or a captive-enabled network, the iOS device displays a pop-up window that enable the user to use the embedded browser to login the network via HTTP.  The embedded browser shares the same cookie stored with Safari. If a user connect to a rogue network, these cookies, which contains credentials can be stolen by attackers.

The impact of this vulnerability:
  • Steal users’ (HTTP) cookies associated with a site of the attacker’s choice. By doing so, the attacker can then impersonate the victim’s identity on the chosen site.
  • Perform a session fixation attack, logging the user into an account controlled by the attacker–because of the shared Cookie Store, when the victims browse to the affected website via Mobile Safari, they will be logged into the attacker’s account instead of their own.
  • Perform a cache-poisoning attack on a website of the attacker’s choice (by returning an HTTP response with caching headers). This way, the attacker’s malicious JavaScript would be executed every time the victim connects to that website in the future via Mobile Safari.

We advise our readers to update their iOS as soon as possible.


W^X Security Feature Added to Firefox

Developers of Mozilla have added a security feature to Firefox aimed at protecting against buffer overflow and memory corruption. The security feature,W^X (Write XOR Execute), is present in the OpenBSD operating system and was added inside Firefox's JIT (Just-in-Time) code compiler.

This feature affects how code executed inside the browser interacts with the OS's memory. Starting with the latest Firefox 46 Nightly build, WebPages will either be allowed to write code to the memory or execute code in the memory, not both at the same time. By doing so, the W^X prevents some types of buffer overflow attacks and makes sure that when dynamic arbitrary codes are injected into the process execution stack, Firefox will crash. This will prevent it from blindly running these malicious codes.

This feature was added by Jan De Mooij and core can be read from his blog post [Click Here!]


Free counters!


MauriHackerS - Providing Latest IT Security and Hacking News !