Tag Archive: Hackers


A Google Site Meant To Protect You Is Helping Hackers Attack You

 

 

 

 

 

” Before companies like Microsoft and Apple release new software, the code is reviewed and tested to ensure it works as planned and to find any bugs.

  Hackers and cybercrooks do the same. The last thing you want if you’re a cyberthug is for your banking Trojan to crash a victim’s system and be exposed. More importantly, you don’t want your victim’s antivirus engine to detect the malicious tool.

  So how do you maintain your stealth? You submit your code to Google’s VirusTotal site and let it do the testing for you.

  It’s long been suspected that hackers and nation-state spies are using Google’s antivirus site to test their tools before unleashing them on victims. Now Brandon Dixon, an independent security researcher, has caught them in the act, tracking several high-profile hacking groups—including, surprisingly, two well-known nation-state teams—as they used VirusTotal to hone their code and develop their tradecraft. “

 

Read more at Wired

 

 

 

 

 

 

 

 

 

 

 

About these ads

Hackers Hit 25,000 Homeland Security Workers

 

 

USIS Hacked

 

 

 

 

” The internal records of as many as 25,000 Homeland Security Department employees were exposed during a recent computer break-in at a federal contractor that handles security clearances, an agency official said Friday.

  The official, who spoke on condition of anonymity to discuss details of an incident that is under active federal criminal investigation, said the number of victims could be greater. The department was informing employees whose files were exposed in the hacking against contractor USIS and warning them to monitor their financial accounts.

  Earlier this month, USIS acknowledged the break-in, saying its internal cybersecurity team had detected what appeared to be an intrusion with “all the markings of a state-sponsored attack.” Neither USIS nor government officials have speculated on the identity of the foreign government. A USIS spokeswoman reached Friday declined to comment on the DHS notifications. “

 

” We’re in the best of hands ” … read more

 

 

 

 

 

 

 

 

 

Feds: Sailor Hacked Navy Network While Aboard Nuclear Aircraft Carrier

 

 

 

” A former sailor assigned to a US nuclear aircraft carrier and another man have been charged with hacking the computer systems of 30 public and private organizations, including the US Navy, the Department of Homeland Security, AT&T, and Harvard University.

  Nicholas Paul Knight, 27, of Chantilly, VA, and Daniel Trenton Krueger, 20, of Salem, IL, were members of a crew that hacked protected computers as part of a scheme to steal personal identities and obstruct justice, according to a criminal complaint unsealed earlier this week in a US District Court in Tulsa, Oklahoma. The gang, which went by the name Team Digi7al, allegedly took to Twitter to boast of the intrusions and publicly disclose sensitive data that was taken. The hacking spree lasted from April 2012 to June 2013, prosecutors said.

  At the time of the alleged hacks, Knight was an active duty enlisted member of the Navy assigned to the nuclear aircraft carrier USS Harry S. Truman, prosecutors said. He worked as a systems administrator in the carrier’s nuclear reactor department. He is accused of conducting some of his unlawful hacking while aboard. The “self-professed leader of Team Digi7al [and] the primary publicist and Twitter poster,” Knight was discharged after trying to hack into a Navy database while at sea, according to court documents. There are no allegations that he hacked any of the carrier’s systems. Krueger, meanwhile, was a student studying network administration at an Illinois community college. The two men were allegedly aided by three unnamed minors who were not charged in the complaint.”

 

Ars Technica

 

 

 

 

 

 

 

 

 

 

 

 

Attackers Use Microsoft Security Hole Against Energy, Defense, Finance Targets

 

Internet Explorer zero-day vulnerability actively being exploited in the wild

 

 

” By the time Microsoft warned customers of a nasty security hole in its web browser Saturday, a sophisticated group of attackers were already using the vulnerability against defense and energy companies, according to FireEye, the security company.

  Things went from bad to worse over the weekend. FireEye’s researchers watched as the attackers shared their exploit with a separate attack group, which began using the vulnerability to target companies in the financial services industry, according to Darien Kindlund, the director of threat intelligence at FireEye.

  Even after Microsoft issued its advisory on Saturday, Mr. Kindlund said, “There was a notable increase in proliferation.”

  Soon, the attackers were using the vulnerability for so-called watering hole attacks, in which hackers infect a popular website with malware, then wait for victims to click to the site and infect their computers.”

 

Read more

 

 

 

 

 

 

 

 

 

 

Report: FBI Warns Of US Govt Breaches Linked To Anonymous Hackers

 

 

 

” In a memo it distributed this week, the FBI warned that a breach of US government systems was “a widespread problem that should be addressed,” according to a Reuters report.

Activist hackers linked to the collective known as Anonymous have secretly accessed U.S. government computers in multiple agencies and stolen sensitive information in a campaign that began almost a year ago, the FBI warned this week.

The hackers exploited a flaw in Adobe Systems Inc’s software to launch a rash of electronic break-ins that began last December, then left “back doors” to return to many of the machines as recently as last month, the Federal Bureau of Investigation said in a memo seen by Reuters.

The memo, distributed on Thursday, described the attacks as “a widespread problem that should be addressed.” It said the breach affected the U.S. Army, Department of Energy, Department of Health and Human Services, and perhaps many more agencies.”

 

We Are Anonymous

We Are Legion

We Do Not Forgive

We Do Not Forget

Expect Us

 

 

 

 

 

Syrian Hackers Target Obama’s Twitter, Facebook Posts

 

SEA Hacks Obama

 

” The pro-Assad group Syrian Electronic Army claims it hacked the Twitter and Facebook accounts of U.S. President Barack Obama.

In an exclusive email to Mashable sent from an account believed to belong to the SEA on Monday, the group notified us of the hack, but would not provide details about how it accomplished it. It appears the SEA did not actually access Obama’s social media accounts, but altered the links in the posts by tampering with the URL shortener service for BarackObama.com.”

 

Earlier we published a report that the SEA claimed responsibility for hacking the donate.barackobama.com page .

 

” The group appears to have had some form of access to BarackObama.com since Sunday night, when a page on the site redirected to a page that read “Hacked by SEA,” as first reported by The Blaze.

In a past interview via the same email address, supposed members of the SEA provided us with information about their goals and past attacks.

The links had not been fixed at time of writing, around 1:20 p.m. ET. This is a developing story and we will update as we learn more.”

 

 

As of 3:30 ET the links appear to be back under the control of OFA . Gizmodo has more about the attacks .

 

 

 

 

Dozens Of ‘Hacktivists’ Plan To Protest Dozens Of Causes

 

 

” Demonstrators involved with Anonymous, a loose collective of online “hacktivists,” will gather on the National Mall in Washington, D.C. on Nov. 5 to march for a vast, nearly innumerable number of causes and issues.

Flyers began appearing around downtown D.C. over the weekend advertising the “Million Mask March,” which will take place on Guy Fawkes Day.

Anonymous members, when they appear in public, are known for donning masks of Guy Fawkes, who unsuccessfully tried to blow up the England’s House of Lords on Nov. 5, 1605, and restore Catholicism to England.

Hundreds of other Anonymous events are scheduled the same day as part of the “Million Mask March.” However, the organizers of the D.C. event say it is not affiliated with the other marches.”

 

 

 

 

 

 

 

 

 

 

 

China Pushes For Drones

 

 

 

” For almost two years, hackers based in Shanghai went after one foreign defense contractor after another, at least 20 in all. Their target, according to an American cybersecurity company that monitored the attacks, was the technology behind the United States’ clear lead in military drones.

I believe this is the largest campaign we’ve seen that has been focused on drone technology,” said Darien Kindlund, manager of threat intelligence at the company, FireEye, based in California. “It seems to align pretty well with the focus of the Chinese government to build up their own drone technology capabilities.”

The hacking operation, conducted by a group called “Comment Crew,” was one of the most recent signs of the ambitions of China’s drone development program. The government and military are striving to put China at the forefront of drone manufacturing, for their own use and for export, and have made an all-out push to gather domestic and international technology to support the program.”

 

 

 

 

 

 

 

 

Hackers Post U.S. Troops’ Personal Details; Collateral Damage From The Korean Cyberwar?

 

 

” Hackers have leaked personal information about 40,000 U.S. troops, including thousands stationed in South Korea, reports said Wednesday, a day after cyberattacks knocked government and news websites offline in Seoul.

Reuters reported the posting, citing an unnamed executive from a South Korean online security form, NSHC. “We have seen the sites where the details were posted and clips that supposedly capture the process of hacking into websites,” the news agency quoted its source as saying.

Reuters said the hackers also claimed to have released the personal details of more than 2 million members of the South Korean ruling political party.

The report came on the heels of what appeared to be a large-scale cyberattack on South Korean government and news websites, that successfully, if temporarily, knocked more than a dozen of them offline.”

 

   Apparently our government is better at mining our personal data than protecting it … Another indicator of the adversarial nature that has been fostered between the people and the STATE.

 

 

 

 

 

 

 

 

Anonymous Infiltrates PRISM, Intercepts Obama’s Skype

 

 

 

 

 Anonymous hackers claimed to have infiltrated PRISM’s network infrastructure after gaining access to the graphical user interface which was intended only for use by federal agents in cases of terrorism. Because the PRISM system has access to a log of all Internet phone calls (voIP via Skype, Google, etc.) and video chats, Anonymous vigilante intelligence researchers quickly unearthed evidence of high-level collusion between corporate executives and government officials. “We have access to President Obama’s Skype,” said a spokesperson for Anonymous, “and we’re only afraid it’s too absurd to be true.”

President Obama has scheduled a press conference for Monday, and the White House has already released a statement condemning Anonymous. “The sad irony is that PRISM doesn’t even exist, but because of hacks like these we need something like it,” said White House Press Secretary Jay Carney. “We will not cooperate with terrorists on any level, and we refuse to comment on illegally obtained confidential information.” “

 

 

 

 

 

 

 

GLOBAL NETWORK OF HACKERS STEAL $45M FROM ATMS

 

 

” The sophistication of a global network of thieves who drained cash machines around the globe of an astonishing $45 million in mere hours sent ripples through the security world, not merely for the size of the operation and ease with which it was carried out, but also for the threat that more such thefts may be in store.

Seven people were arrested in the U.S., accused of operating the New York cell of what prosecutors said was a network that carried out thefts at ATMs in 27 countries from Canada to Russia. Law enforcement agencies from more than a dozen nations were involved in the investigation, U.S. prosecutors in New York said Thursday.

It appears no individuals lost money. The thieves plundered funds held by the banks that back up prepaid credit cards, not individual or business accounts, Lynch said.

There were two separate attacks in this case, one in December that reaped $5 million worldwide and one in February that snared about $40 million in 10 hours with about 36,000 transactions. The scheme involved attacks on two banks, Rakbank in the United Arab Emirates and the Bank of Muscat in Oman, prosecutors said.”

 

 

 

 

 

 

 

Jihadis, Hackers Join Forces To Launch Cyberattacks On United States

 

 

 

 

” Middle East- and North Africa-based criminal hackers are preparing cyberattacks this week against the websites of high-profile U.S. government agencies, banks and other companies, according to the Department of Homeland Security.

The attacks, dubbed #OpUSA, for Operation USA, will begin Tuesday, the department said in a warning bulletin circulated to the private sector last week. The bulletin was first obtained and posted online by blogger and cybercrime expert Brian Krebs.

The attacks are called for in the name of Anonymous, the leaderless coalition of hackers whose trademark Guy Fawkes mask has become a global symbol for their anarchistic spirit.

“OpUSA poses a limited threat of temporarily disrupting U.S. websites,” the homeland security bulletin states, saying the attackers will likely use commercial hacking tools in a variety of “nuisance-level” strikes, defacing websites or temporarily knocking them offline.

“Some of the participants possess only rudimentary hacking skills,” the authors add.

More dangerous, though, is the developing alliance the organization of the attacks seems to presage between criminal hackers and violent Islamic extremists.”

 

 

 

 

 

 

 

 

LAX Emergency Evacuation Deemed False Alarm

 

 

” Visitors and passengers of Los Angeles International Airport were greeted with a shocking message Monday night when the airport’s flight-status boards accidentally flashed an emergency evacuation message.

Passengers were the first to notify police after the message appeared behind ticket counters at the Tom Bradley International Terminal. Passengers said the message read: “An emergency has been declared in the terminal. Please evacuate.”

The Los Angeles Times reported that airport personnel initially believed the message was the work of a hacker. Authorities investigated the affected computer systems but did not identify any suspects.”

 

 

 

 

 

 

 

 

 

 

 

Reddit Slammed By Massive Online Attack

 

 

 

 

” Reddit suffered a massive distributed denial-of-service (DDoS) attack Friday that stretched into the afternoon.

At 6:02 A.M., the Reddit status twitter account tweeted that the website was working to recover from what appeared to be a DDoS. A DDoS is when a botnet is sent out to cripple a server or to steal information from it. The source of the attack has not yet been announced.

A Reddit admin that goes by the username Alienth stated on an AskReddit thread that the person or people attacking the site have “a lot of time and bandwidth on their hands.” Alienth posted a graph a of Reddit’s server load, claiming that none of the admins had ever seen an attack at this scale.

“All we know is it is blatantly malicious,” says a Reddit representative, according to the Huffington Post.”

 

 

 

 

 

 

 

Anonymous Steps Up Attacks On North Korea

 

 

 

” Hacking group appears to have staged another round of attacks against North Korea.

Hacktivist group Anonymous claims to have launched yet another round of cyber attacks against North Korea, as part of their operation to free the country from online oppression.

The claims come as the group continues to challenge the authority of respective governments across the globe.

Last weekend, they threatened to disrupt Israel’s online access using Distributed Denial of Service (DDoS) attacks, for having allegedly shut off web access to Palestinians in the Gaza strip.

According to The Financial Times, the mere threat of disruption from Anonymous prompted many Israeli websites to shut down for fear of infiltration.”

 

 

 

 

 

 

Hacker Uses An Android To Remotely Attack And Hijack An Airplane

 

Hijack an airplane with your Android

 

 

” The Hack in the Box (#HITB2013AMS) security conference in Amsterdam has a very interesting lineup of talks [pdf]. One that jumped out was the Aircraft Hacking: Practical Aero Series presented by Hugo Teso, a security consultant at n.runs in Germany. According to the abstract, “This presentation will be a practical demonstration on how to remotely attack and take full control of an aircraft, exposing some of the results of my three years research on the aviation security field. The attack performed will follow the classical methodology, divided in discovery, information gathering, exploitation and post-exploitation phases. The complete attack will be accomplished remotely, without needing physical access to the target aircraft at any time, and a testing laboratory will be used to attack virtual airplanes systems.

While keeping an eye on Twitter #HITB2013AMS, greatly interesting tweets started to appear as hackers who attended were excited. I will add some of those throughout this article.

Before his presentation, Teso recommended that people should have a little background knowledge on aviation and aircraft systems to better understand what he was going to explain. Here’s a few important facts: Automated Dependent Surveillance-Broadcast (ADS-B) has no security as was pointed out at Def Con 20 shortly before a hacker was able to inject ghost planes into radar. It is unencrypted and unauthenticated. Teso said, “Attacks range from passive attacks (eavesdropping) to active attacks (message jamming, replaying, injection.” The Aircraft Communications Addressing and Reporting System (ACARS) also has no security; it “is used for exchanging text messages between aircraft and ground stations via radio (VHF) or satellite.” Although his talk did not focus on the vulnerabilities in those two protocols, he used them to find targets.”

 

 

 

 

 

Reuters Journalist Matthew Keys Indicted In Anonymous Hacks

 

 

 

 

” A US Department of Justice Department statement released Thursday says Matthew Keys, 26, a Thomson Reuters social media editor and former web producer for the Tribune Company, was charged in the Eastern District of Calif. for conspiring with Anonymous.

Key’s involvement with Anonymous was revealed by a former Anonymous collective member “Sabu” who became an informant for the FBI following arrest last year.

According to the statement by the US Department of Justice, the Reuters web producer was indicted in a California district court for conspiring with hackers affiliated with Anonymous and passing to them between December 10 and December 15, 2010, usernames and passwords to access the computer server of the Tribune Company after he was fired from his job at the Tribune Company owned KTXL Fox 40 in Sacramento, California.

After he had handed over the log-in credentials to the hackers, he urged them to “go f**k some s**t up.”

According to a federal indictment (PDF) obtained by The Huffington Post, Keys, under the username “AESCracked,” used a chat room “InternetFeds” to pass the information to the Anonymous hackers.”

 

 

 

 

—-

A Chinese Hacker’s Identity Unmasked

 

 

 

 

 

Joe Stewart’s day starts at 6:30 a.m. in Myrtle Beach, S.C., with a peanut butter sandwich, a sugar-free Red Bull, and 50,000 or so pieces of malware waiting in his e-mail in-box. Stewart, 42, is the director of malware research at Dell SecureWorks, a unit of Dell (DELL), and he spends his days hunting for Internet spies. Malware is the blanket term for malicious software that lets hackers take over your computer; clients and fellow researchers constantly send Stewart suspicious specimens harvested from networks under attack. His job is to sort through the toxic haul and isolate anything he hasn’t seen before: He looks for things like software that can let hackers break into databases, control security cameras, and monitor e-mail.

Within the industry, Stewart is well-known. In 2003 he unraveled one of the first spam botnets, which let hackers commandeer tens of thousands of computers at once and order them to stuff in-boxes with millions of unwanted e-mails. He spent a decade helping to keep online criminals from breaking into bank accounts and such. In 2011, Stewart turned his sights on China. “I thought I’d have this figured out in two months,” he says. Two years later, trying to identify Chinese malware and develop countermeasures is pretty much all he does.

A big part of Stewart’s task is figuring out how malware is built, which he does to an astonishing level of detail. He can tell the language of the computer on which it was coded—helping distinguish the malware deployed by Russian criminal syndicates from those used by Chinese spies. The most important thing he does, however, is figure out who or what the software is talking to. Once inside a computer, malware is set up to signal a server or several servers scattered across the globe, seeking further marching orders. This is known in the information security business as “phoning home.” Stewart and his fellow sleuths have found tens of thousands of such domains, known as command and control nodes, from which the hackers direct their attacks.”

Hacker Warns Of Zombie Apocalypse

 

 

Zombie Apocalypse Hacker

 

 

 

” A hacker apparently got into the emergency alert system in Maine and issued a warning of dead bodies rising from graves and attacking the living. People in the area called the police to make sure it wasn’t real, lol.

This message did not originate from KRTV, and there is no emergency,” the station said. “Our engineers are investigating to determine what happened and if it affected other media outlets.” “

 

Related:

 

RT report:
http://rt.com/usa/news/zombie-apocalypse-emergency-warning-973/

Winnipeg free press:
http://www.winnipegfreepress.com/breakingnews/tv-stations-emergency-alert-system-hacked-viewers-warned-zombies-rising-from-their-graves-190770721.html

 

Daily Video 1.11.13

Group Claims Hacked Subscriber Database Of NY Newspaper Which Published Gun Permit Map

 

 

 

” The Lower Hudson Journal News, a Gannett newspaper, caused controversy when it published a map of names and addresses of gun permit holders, and announced that it planned to do so again.   The plan for further publication may be in doubt as a neighboring county just announced it was denying the Journal News access to its gun permit database.

In protest, bloggers posted the home addresses and telephone numbers of Journal News editors and staff.  Also cirulating was the personal and family contact information for the Chairwoman of Gannett.

The Journal News has hired armed guards for its offices, according to Politico, because of threats. “

 

 

” One of the tweets (not imaged here) provided a link to a page with this message:

lohud.com was hacked by 2nd amendment supporters in response to the posting of sensitive gun owner information. This database contains user email, name, username, password, name, phone number and address of ~10,000 lohud.com users
Feel free to make maps of Lohud users with this data “

Follow

Get every new post delivered to your Inbox.

Join 6,655 other followers