#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Anonymous | Breaking Cybersecurity News | The Hacker News

Researchers spotted 'Chewbacca', a new Tor-based Banking Trojan

Researchers spotted 'Chewbacca', a new Tor-based Banking Trojan

Dec 18, 2013
Cyber Criminal activity associated with the financial Trojan programs has increased rapidly during the past few months. However, the Tor -based architecture is the favorite one with online criminals, to hide their bots and the botnet's Command-and-Control real location from the security researchers. Security Researchers at anti-virus firm  Kaspersky Lab have discovered a new Tor-based  banking trojan , dubbed " ChewBacca " (" Trojan . Win32 . Fsysna . fej ")  , that steal banking credentials and hosted on a Tor . onion domain. This protects the location of a server as well as the identity of the owner in most cases. Still there are drawbacks preventing many criminals from hosting their servers within Tor. Due to the overlay and structure, Tor is slower and timeouts are possible. Massive botnet activity may influence the whole network, as seen with Mevade, and therefore let researchers spot them more easily. ChewBacca   malware is not first that adopt Tor for
Silk Road alternative 'Sheep Marketplace' shut down after $40 Million in Bitcoin Theft

Silk Road alternative 'Sheep Marketplace' shut down after $40 Million in Bitcoin Theft

Dec 03, 2013
Sheep Marketplace , one of the leading anonymous websites, after Silk Road 's closure by U.S. Prosecutors, allegedly selling drugs, has gone offline claiming it was robbed of $6 million worth of Bitcoins . Like Silk Road , Sheep Marketplace was a Deep Web site accessible via the Tor network and quickly grew into a replacement of other popular underground Bazaars. Weeks ago, the Administrator of the Sheep Marketplace announced that withdrawals  from online Wallet would be closed for a few hours as a new feature was being implemented, however deposits were still allowed. Recently, The market's administration left a short message for users, which reads: We are sorry to say, but we were robbed on Saturday 11/21/2013 by vendor EBOOK101. This vendor found a bug in the system and stole 5400 BTC – your money, our provisions, all was stolen. We were trying to resolve this problem, but we were not successful. We are sorry for your problems and inconvenience, all of the current BTC will be di
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
New Banking malware 'i2Ninja' being sold via underground Russian Cybercrime Market

New Banking malware 'i2Ninja' being sold via underground Russian Cybercrime Market

Nov 21, 2013
Researchers at Trusteer   spotted a new banking malware program on the underground Russian cybercrime market , that communicates with attackers over the I2P anonymity network is for sale on underground Russian cybercrime forums. Dubbed ' i2Ninja ', malware has most of the features found in other financial malware including the ability to perform HTML injections and form grabbing in Internet Explorer, Firefox and Chrome. i2Ninja can also steal FTP and e-mail credentials. It also has a PokerGrabber module feature that targets poker sites. The traffic between the malware and the command server cannot be easily blocked by intrusion prevention systems or firewalls because it's encrypted and transmitting over the Invisible Internet Project (I2P). Everything from delivering configuration updates to receiving stolen data and sending commands is done via the encrypted I2P channels. I2P communication can make it much harder for security researchers to find and take
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
FBI warns that Anonymous Hackers has been hacking US Government for almost a year

FBI warns that Anonymous Hackers has been hacking US Government for almost a year

Nov 17, 2013
The FBI is warning that members of the hacktivist group Anonymous hacking collective have secretly accessed US Government computers and stolen sensitive information in a campaign that began almost a year ago. The Hacktivists have exploited a flaw in Adobe applications to compromise the target systems and install software backdoors to maintain the control of the victims computers over the time, the facts dated back to last December, according to a Reuters report. The hacking campaign affected the U.S. Army, Department of Energy , Department of Health and Human Services, and other government agencies,  FBI reveals.  The Federal Bureau of Investigation memo called the hacking campaign " a widespread problem that should be addressed. " and provided useful information for system administrators that how to determine if their networks were compromised. Government investigators are investigating the scope of the hacking, believed that hackers are still operatin
Singapore police arrested six men for allegedly hacking Prime Minister and President websites

Singapore police arrested six men for allegedly hacking Prime Minister and President websites

Nov 12, 2013
A Singaporean hacker calling himself the " The Messiah " was arrested in Kuala Lumpur last Monday for hacking into a Singaporean government website over two weeks ago - from a Kuala Lumpur apartment. James Raj (35) charged with hacking of  Ang Mo Kio town council  website and posting a symbol associated with international hacker group Anonymous. He was charged under the Computer Misuse and Cybersecurity Act. If found guilty, he could be jailed for up to three years and fined S$10 , 000. Police said Raj was also linked to a series of hacking incidents, including penetrating the website of a charity group related to the ruling People's Action Party. Police declined to give details but suggested that Raj was not responsible for defacing the prime minister's office and presidential palace websites on November 7 and 8. Five other local men are being held for allegedly hacking the websites of Singapore's president and prime minister websites i.e.  Muhammad
Rise in website Defacement attacks by Hackers around the World

Rise in website Defacement attacks by Hackers around the World

Nov 05, 2013
Last week we noticed a rise in cyber attacks particularly - website Defacement attacks on many governments and organizations of different countries by the hackers around the world. Targeted countries include Singapore, Mexico, Philippines, Australia, Egypt, United States, Syria and many more. Out of all these targets, most controversial were Philippines and Australia, hacked by Activist group Anonymous. Last Sunday, Anonymous hackers from Indonesia defaced hundreds of websites belonging to the Australian Government , saying the action was in response to reports of spying by Australia. The websites, defaced with a message reading " Stop Spying on Indonesia ". We have shared the list of all targeted website on a pastebin note . In a separate incident, Anonymous hackers defaced more than 38 Philippine Government websites, and called on the public to support an anti-corruption protest " Million Mask March " at the Batasang Pambansa on November 5. " The government,
12-year-old Boy admits to hacking major Government sites for aiding Anonymous Hackers

12-year-old Boy admits to hacking major Government sites for aiding Anonymous Hackers

Oct 27, 2013
12-year-old Canadian has pleaded guilty to breaking into multiple major government and police websites in the name of the hacker collective Anonymous . Surprisingly, this Fifth Grade student wreaked computer havoc during the Quebec student uprising in 2012, traded pirated information to Anonymous for video games. He had not just participated in  DDoS attacks , but also stole information belonging to users and administrators. The court estimates he did $60,000 worth of damage by attacking major government websites included those of Montreal police, the Quebec Institute of Public Health, the Chilean government and some non-public sites. His lawyer also described in the Court that buy saw it as a challenge, he was only 12 years old and was no political purpose. According to Montreal police, the boy also taught others how to hack. The 12 year old was among the several hackers arrested over the Anonymous protest. While others have been arrested in connection with t
World's Largest Web Hosting company 'LeaseWeb' Hacked by KDMS Team

World's Largest Web Hosting company 'LeaseWeb' Hacked by KDMS Team

Oct 05, 2013
LeaseWeb , one of the World's largest hosting provider has been defaced by Palestinian hackers, named as KDMS Team . LeaseWeb was also hosting provider for one of the biggest file-sharing website Megaupload in the past. Later Megaupload Founder, Kim Dotcom claimed that  Leaseweb had deleted all Megaupload user data from 690 servers without warning. The hacker group replaced the Homepage of the website for just a few hours with an Anonymous Palestine , homepage titled " You Got Pwned " and the defacement message says: Hello Lease Web Who Are You ? Who is but the form following the function of what and what are you is a hosting company with no security KDMS Team : Well ,, We Can See That :P We noticed that Attacker has just changed the DNS server to point the Domain to another server at 67.23.254.6, owned by the attacker. At the time of writing, Leaseweb team resolved the issue and get their Domain back to the original server . But because the hac
NSA using Browser Cookies to track Tor Users

NSA using Browser Cookies to track Tor Users

Oct 05, 2013
Yesterday a new classified NSA document was leaked by Edward Snowden - titled ' Tor Stinks ' in which ideas were being kicked around for identifying Tor users or degrading the user experience to dissuade people from using the Tor browser. The NSA had a very hard time while tracking down all Tor  users and monitoring their traffic, especially since Tor servers are all over the world, but they make tracking easier by adopting  the following techniques: By running their own hostile Tor nodes Using zero-day vulnerability of Firefox browser By tracking user' browser Cookies Tor access node tracking is not new and the Document says that both the NSA and GCHQ run Tor nodes themselves. In order to trace traffic back to a particular Tor user the NSA needs to know the ' entry, relay and exit ' nodes in the anonymizer cloud between the user and the destination website. So for tracking purpose they used self-hosted nodes, that is able to trace a very small number of To
Anonymous Search engine 'DuckDuckGo' Android app offers Tor integration

Anonymous Search engine 'DuckDuckGo' Android app offers Tor integration

Oct 03, 2013
The world of mobile search is about to get a bit more anonymous. Thanks to the fears over government surveillance and corporate tracking, Anonymous Search Engine DuckDuckGo continues to break its own search records. DuckDuckGo Search & Stories - Android app deliver the same functionality as traditional services such as Google but with the added promise that your IP address and identity will not be recorded.  In June, Anonymous search engine  DuckDuckGo  had launched its app for  iOS  and Android and during recent update, DuckDuckGo's application for Android also integrated the Tor support. " Privacy is perhaps more important on mobile than on the web, and we haven't had many private alternatives ," DuckDuckGo founder Gabriel Weinberg said. To enable Tor with DuckDuckGo android app, user need to Check " Enable Tor " from setting. It will prompt the user to install about application to anonymize the Mobile data communication. As a search
Underground Drugs Market website 'Silk Road' Founder Arrested by FBI

Underground Drugs Market website 'Silk Road' Founder Arrested by FBI

Oct 02, 2013
The FBI had seized a website called ' Silk Road ', that was considered one of the most popular Underground places on the Internet for buying drugs and other illicit goods and services. They arrested the site's alleged founder,  Ross William Ulbricht, known as " Dread Pirate Roberts ," in San Francisco, who reportedly had  26,000 Bitcoins worth $3.6 million. The FBI used information from Comcast in the investigation and collaborated with US Customs and Border Patrol, the Internal Revenue Service, the Drug Enforcement Administration, and the Department of Homeland Security. Ross Ulbricht Ross William Ulbricht, a 29-year-old graduate of the University of Pennsylvania School of Materials Science and Engineering  charged with one count each of narcotics trafficking conspiracy, computer hacking conspiracy and money laundering conspiracy, according to the filing. ' Silk Road '  website, which had operated since early 2011, also offered tut
FBI used Anonymous and Lulzsec Hackers to attack foreign governments

FBI used Anonymous and Lulzsec Hackers to attack foreign governments

Aug 28, 2013
Sentencing for former LulzSec leader Hector Xavier Monsegur , better known as " Sabu " , has again been delayed. Monsegur pleaded guilty to a dozen criminal counts two years prior and stands to face more a maximum sentence of more than 124 years. Another Lulzsec Hacker Jeremy Hammond has claimed that the FBI used Sabu to coordinate attacks against foreign governments, by  Anonymous hackers and Others. The delays indicate that the FBI is not extracting information from Monsegur and this could mean that the hacker may be helping FBI with other covert operations as Jeremy Hammond claims. Jeremy Hammond, released a statement on Thursday accusing the US government of asking Monsegur to encourage fellow hacktivists to infiltrate foreign government entities. " What many do not know is that Sabu was also used by his handlers to facilitate the hacking of the targets of the government's choosing including numerous websites belonging to foreign governments" , Ham
Criminals rapidly migrating to new digital Currency 'Perfect Money' after Liberty Reserve takedown

Criminals rapidly migrating to new digital Currency 'Perfect Money' after Liberty Reserve takedown

Aug 12, 2013
There are so many ways to move money anonymously on the Internet and US Justice Department has declared war on currencies widely used by cyber criminals . Just after the Law Enforcement in 17 countries shuts down ' Liberty Reserve ', a $6 billion digital money laundering operation, now the criminals is switching to another online currency called " Perfect Money ".  Perfect Money, another private digital currency that has emerged to meet the demand of Criminals and hackers, those buying and selling kit anonymously and being used by people selling stolen credit cards in Internet hacker forums recently. Fraudsters are rapidly migrating to Perfect Money and  it allows users to transfer money anonymously by purchasing and exchanging the proprietary currency for dollars, euros and gold. These virtual currencies are often linked to bitcoin because it has also been used by criminals. It was thought Bitcoin would be a handy replacement for Liberty Reser
On 10th Anniversary 'The Pirate Bay' Releases Its Own uncensored Web Browser 'PirateBrowser'

On 10th Anniversary 'The Pirate Bay' Releases Its Own uncensored Web Browser 'PirateBrowser'

Aug 10, 2013
No matter how much effort an ISP puts in or the government does, censorship always gets a backdoor . One of the biggest Controversial File Sharing site ' The Pirate Bay ' is censored in various capacities in some countries around the world, but Pirate Bay is celebrating its 10th birthday in Stockholm sponsored by an energy drinks maker. On their 10th anniversary the site is releasing its " Pirate Browser ," a custom Firefox browser that skirts Internet censorship and lets you access the Pirate Bay from anywhere.  However, Its founders recently served jail time for their activities, with one of the founders going back to prison in an unrelated Swedish hacking case. PirateBrowser is meant to focus more on unrestricted access to the Internet than it is about being able to download new episode of Breaking Bad without paying for them, but one tends to be a function of the other. According to the Pirate Browser website, It's a customized Firefox 23 and inclu
Anonymous hackers exposes details of U.S FEMA contractors

Anonymous hackers exposes details of U.S FEMA contractors

Jul 18, 2013
Anonymous hackers claimed yesterday that they have broken into a server used by the Federal Emergency Management Agency (FEMA) and leaked the database  ( password : fema ) includes - names, addresses and other information of FEMA contractors, private defense contractors, federal agents and local authorities. Hack was performed in response to Homeland Security training exercises that centered on a fictional version of the hacker collective.FEMA, under the Department of Homeland Security, conducts an National Level Exercise (NLE) each year. " This is a message from some of us, to FEMA, to various world governments and to their complicit corporate lackeys who dwell in the shadows as well as to the 2.5 billion regular people who use the internet and have found that their right to privacy has been utterly destroyed. " hackers said. The dump contains a table of user IDs and MD5 hashes of corresponding passwords and leaked mailing addresses connected to some of the
Facebook temporarily blocked access from TOR, but not Intentionally

Facebook temporarily blocked access from TOR, but not Intentionally

Jun 20, 2013
Tor has become a tool of free expression in parts of the world where citizens can not speak freely against their government. On Tuesday, a number of users have noticed that Facebook is blocking connections from the Tor network. Tor is a free tool that keeps Web browsing sessions private and anonymous . For activists and political dissidents who use the Internet to communicate with the outside world in countries where doing so is a crime , being unable to login to Facebook using TOR posed a huge problem. Later, Facebook resolves the Tor issues and said that A high volume of malicious activity across Tor exit nodes triggered Facebook's automated malware detection system, which temporarily blocked visitors who use the Tor anonymity service to access the social network . The role that Tor and Facebook played in facilitating the dissemination of information under restrictive regimes cannot be underestimated. Security researchers are also frequent users of Tor, for instan
Anonymous Hacker outs wanted Edmonton men for child exploitation

Anonymous Hacker outs wanted Edmonton men for child exploitation

Jun 11, 2013
A YouTube video posted by a group calling themselves Anonymous is getting a lot of attention online, claims to have outed two men who allegedly tried to lure underaged girls over the internet. In a video posted on Friday, a member of Anonymous describes a sting operation in which two Edmonton-area men were allegedly caught trying to meet up with 13- and 14-year-old girls for sex. Bob Andrews, the head of ALERT's Integrated Child Exploitation unit in Edmonton. "I think it's really important to let the police do their jobs, and not judge someone in a public forum. " Hacker also claims that they contacted Edmonton police about one meeting that was supposed to take place at West Edmonton Mall, but that police did nothing. " There has been no reply. This is unacceptable. Together, we must act, and we must act swiftly to protect our children. For your benefit, we will begin to reveal the identities of the people that were identified ," the video states. The video detai
FBI raided Anonymous Hacker house, who exposed Steubenville Rapists

FBI raided Anonymous Hacker house, who exposed Steubenville Rapists

Jun 08, 2013
Another member of the hacker collective Anonymous has been unmasked this week. FBI raided the home of Deric Lostutter in April. Two laptops, flash drives, CD's, an external hard-drive, cell phones and an Xbox were reportedly seized during the raid. Deric Lostutter, a 26-year-old from Winchester, is also known as KYAnonymous , a member of the hacktivist collective Anonymous who leaked a video showing the young men who raped an unconscious teenaged girl in Steubenville , Ohio, bragging about what they did in a disgustingly proud manner. In March, football stars Trent Mays, 17, and Ma'lik Richmond, 16, were convicted of the rape. They were sentenced to a minimum of one year in a juvenile detention institution with a maximum stay until they are 21. Lostutter, a self-employed IT security consultant and self-described Anonymous member, said that he'd just returned from a turkey hunt when he noticed what appeared to be a FedEx truck in his driveway. " As I open the doo
LulzSec hacker Jeremy Hammond pleads guilty to Stratfor attack, could face 10 years in prison

LulzSec hacker Jeremy Hammond pleads guilty to Stratfor attack, could face 10 years in prison

May 28, 2013
A computer hacker linked to the group known as Anonymous and LulzSec  pleaded guilty on Tuesday to breaking into Stratfor , a global intelligence company.  Hammond, 28, was arrested last March and charged with hacking into the computers of Stratfor. Jeremy Hammond and other members of AntiSec , stole confidential information, defaced websites and temporarily put some victims out of business. Authorities say their crimes affected more than 1 million people. Hammond was charged under the controversial 1984 Computer Fraud and Abuse Act, the same law used to charge the late Aaron Swartz and other cyber-activists. The plea agreement could carry a sentence of as much as 10 years in prison, as well as millions of dollars in restitution payments, though Hammond's official sentence won't be handed down until September. Beyond Stratfor, Hammond took responsibility for eight other hacks, all of which involved either law enforcement, intelligence firms or defense contractor webs
Anonymous Hackers Launch #OpUSA against US Banking and Government Agencies

Anonymous Hackers Launch #OpUSA against US Banking and Government Agencies

May 08, 2013
#OpUSA campaign is officially started, the day has come, today May 7 as announced by Anonymous , a coordinated online attack will hit Banking and government websites. The announcement made by popular group of hacktivists is creating great concerns between US security experts in charge of defense the potential targets. The message passed sent by Anonymous to US authorities is eloquent, " We Will Wipe You Off the Cyber Map "  A new wave of attacks, presumably distributed-denial-of-service attack , is expected to hit principal US financial institutions exactly as already happened in the last months. The hacktivists participating to OpUSA campaign protest against the policy of the US Government blamed to have committed war crimes in foreign states and in its countries. "A nonymous will make sure that's this May 7 will be a day to remember. On that day anonymous will start phase one of operation USA. America you have committed multiple war crimes in Iraq, Afg
Cybersecurity Resources