Anonymous | Breaking Cybersecurity News | The Hacker News

Tor network offers users browse the Internet anonymously and is mostly used by activists, journalists to conceal their online activities from prying eyes. But it also has the Dark side, as Tor is also a Deep Web friendly tool that allows hackers and cyber criminals to carry out illicit activities by making themselves anonymous. Kaspersky security researcher reported that Tor network is currently being used to hide 900 botnet and other illegal hidden services, through its 5,500 plus nodes i.e. Server relays and 1,000 exit nodes i.e. Servers from which traffic emerges. These days, Cyber criminals are hosting malware's Command-and-control server on an anonymous Tor network to evade detection i.e., difficult to identify or eliminate. Illegal use of the Tor network boosted up after the launch of the most popular underground Drug Market - Silk road  that also offered arms and malware to their users against Bitcoin , one of the popular crypto currency . ChewBacca , a po...

U.S. Prosecutors decided not to pursue crucial criminal charges against journalist and activist Barrett Brown , and dismiss a majority of charges related to sharing a link to a dump of credit card numbers connected to the breach of intelligence firm Stratfor. Supporters say Brown just copied the hyperlink from an the Internet chat room and then reposted the link on his own internet chat room, Project PM , that linked to stolen documents from the US government contractor, Stratfor Global Intelligence , included 860,000 e-mail addresses for Stratfor subscribers and 60,000 credit card details. Just hours after Brown's lawyers filed their comprehensive argument, the DOJ has filed a motion to dismiss all 11 charges, on Thursday.  Apart from computer fraud charges, Brown is also facing prosecution for allegedly threatening an FBI agent and for alleged obstruction of justice. The Electronic Frontier Foundation (EFF) , a non-profit organization defending civil libertie...

We are living in an era of Mass Surveillance,  conducted by the Government Agencies like the NSA and GCHQ, and we ourselves gave them an open invitation as we all have sensors in our pockets that track us everywhere we go i.e. Smartphone. Encryption and security are more important today than any other time in our history. So, the best proactive way to keep your tracks clear is - Always use only trusted privacy tools and services . The same folks behind the Anonymity Tool, Tor Browser Bundle is currently working on a new Privacy tool called ' Tor Instant Messaging Bundle ' (TIMB), that will help you with encrypted communication to keep your online conversations private. The Tor is the free software that lets users browse the Internet anonymously and mostly used by activists, journalists and to conceal their online activities from prying eyes. Tor Instant Messaging Bundle, or TIMB is a real time anonymous chat system, that will simply route all of your chat da...

Using Tormail Email service for being Anonymous online while conversations and mail exchange?? There is a very disappointing news for all   current and past users, US Federal Bureau of Investigation (FBI) has a complete copy of Tormail server and they are using it to catch the Criminals & Hackers. According to court documents that recently surfaced, the FBI  have cloned the entire email database while investigating Freedom Hosting. In August 2013, when the FBI seized the Tor network's top web host, Freedom Hosting , that gave the feds access to every record of every anonymous site hosted by Freedom Hosting , including TorMail , a service that allowed to send and receive email anonymously . New evidence uncovered by Wired suggests those archives are now being used in completely unrelated investigations, but possibly now the FBI is mining the information from that database to track cyber criminals. Remember the shutdown of the Silk Road bl...

Tor is one of the best and freely available privacy software that lets people communicate anonymously online through a series of nodes that is designed to provide anonymity for users and bypass Internet censorship. When you use the Tor software, your IP address remains hidden and it appears that your connection is coming from the IP address of a Tor exit relay or nodes , which can be anywhere in the world. An exit relay is the final relay that Tor traffic passes through before it reaches its destination. According to a recent report ' Spoiled Onions: Exposing Malicious Tor Exit Relays ', published by security researchers Phillip Winter and Stefan Lindskog revealed that almost 20 exit relays in the Tor anonymity network that attempted to spy on users' encrypted traffic using man-in-the-middle techniques. Both Researchers spent more than four months studying on the Tor exit nodes using their own scanning software called " exitmap " and detected su...

Privacy is "workings of your mind". We share our personal moments captured in images, credit card details, thoughts that are personal or professional with a person or a certain group at different instances of time and want it to be safe and secure. We use an electronic gadget to share something trusting blindly the service provider company which may have to obey some unveiled laws of that country to which it belong and our data might be at risk. The surveillance programs can force these companies to store the information and share it with the Government and can even sniff all the data passing through the channels i.e. Wire or Air, and hence compromise our privacy. Though surveillance programs were in existence before Snowden's leaks, but after the revelation of NSA's surveillance programs, we need to think twice when it comes to our privacy. 28% of all Internet users, i.e. 415 Million people say that they use some sort of privacy tool for their Internet browsing sessio...

Today is January 11, 2014 and the last year on the same day a 26-year-old, young hacker, Reddit cofounder and the digital Activist, Aaron H. Swartz committed suicide. He found dead in his Brooklyn, New York apartment, where he had hanged himself. Swartz was indicted by a federal grand jury in July 2011, accused of hacking the MIT JSTOR database and stealing over four million documents with the intent to distribute them. He could have prison for 50 years and $4 million in fines by the Court, but before that he committed suicide in fear. Swartz's father, Robert, later blamed the MIT and the judiciary system for his son's death. On the first Anniversary of Aaron Swartz , today the Anonymous group of hackers defaced the sub-domain of the Massachusetts Institute of Technology (MIT) website ( https://cogen.mit.edu/ ) for about an hour as part of #OPLASTRESORT. Defacement page was titled ' THE DAY WE FIGHT BACK '. The message posted on it, " Remember The Day We Fight Back,...

The Senate Judiciary Committee Chairman ' Patrick Leahy ' reintroduced a revamped version of the " Personal Data Privacy and Security Act " for tough criminal penalties for hackers, that he originally authored in 2005. During last Christmas Holidays, a massive data breach had occurred at the shopping giant  Target,  involving hack of 40 million credit & debit cards, used to pay for purchases at its 1500 stores nationwide in the U.S. Reason: "Target Data Breach? Seriously"?  In a statement, as published below, the Senator wrote: "The recent data breach at Target involving the debit and credit card data of as many as 40 million customers during the Christmas holidays is a reminder that developing a comprehensive national strategy to protect data privacy and cybersecurity remains one of the most challenging and important issues facing our Nation" It seems that the  TARGET Breach  was scheduled, as the best opportunity to ramp u...

Cyber Criminal activity associated with the financial Trojan programs has increased rapidly during the past few months. However, the Tor -based architecture is the favorite one with online criminals, to hide their bots and the botnet's Command-and-Control real location from the security researchers. Security Researchers at anti-virus firm  Kaspersky Lab have discovered a new Tor-based  banking trojan , dubbed " ChewBacca " (" Trojan . Win32 . Fsysna . fej ")  , that steal banking credentials and hosted on a Tor . onion domain. This protects the location of a server as well as the identity of the owner in most cases. Still there are drawbacks preventing many criminals from hosting their servers within Tor. Due to the overlay and structure, Tor is slower and timeouts are possible. Massive botnet activity may influence the whole network, as seen with Mevade, and therefore let researchers spot them more easily. ChewBacca   malware is not first that adopt To...

Sheep Marketplace , one of the leading anonymous websites, after Silk Road 's closure by U.S. Prosecutors, allegedly selling drugs, has gone offline claiming it was robbed of $6 million worth of Bitcoins . Like Silk Road , Sheep Marketplace was a Deep Web site accessible via the Tor network and quickly grew into a replacement of other popular underground Bazaars. Weeks ago, the Administrator of the Sheep Marketplace announced that withdrawals  from online Wallet would be closed for a few hours as a new feature was being implemented, however deposits were still allowed. Recently, The market's administration left a short message for users, which reads: We are sorry to say, but we were robbed on Saturday 11/21/2013 by vendor EBOOK101. This vendor found a bug in the system and stole 5400 BTC – your money, our provisions, all was stolen. We were trying to resolve this problem, but we were not successful. We are sorry for your problems and inconvenience, all of the current BTC w...

Researchers at Trusteer   spotted a new banking malware program on the underground Russian cybercrime market , that communicates with attackers over the I2P anonymity network is for sale on underground Russian cybercrime forums. Dubbed ' i2Ninja ', malware has most of the features found in other financial malware including the ability to perform HTML injections and form grabbing in Internet Explorer, Firefox and Chrome. i2Ninja can also steal FTP and e-mail credentials. It also has a PokerGrabber module feature that targets poker sites. The traffic between the malware and the command server cannot be easily blocked by intrusion prevention systems or firewalls because it's encrypted and transmitting over the Invisible Internet Project (I2P). Everything from delivering configuration updates to receiving stolen data and sending commands is done via the encrypted I2P channels. I2P communication can make it much harder for security researchers to fin...

The FBI is warning that members of the hacktivist group Anonymous hacking collective have secretly accessed US Government computers and stolen sensitive information in a campaign that began almost a year ago. The Hacktivists have exploited a flaw in Adobe applications to compromise the target systems and install software backdoors to maintain the control of the victims computers over the time, the facts dated back to last December, according to a Reuters report. The hacking campaign affected the U.S. Army, Department of Energy , Department of Health and Human Services, and other government agencies,  FBI reveals.  The Federal Bureau of Investigation memo called the hacking campaign " a widespread problem that should be addressed. " and provided useful information for system administrators that how to determine if their networks were compromised. Government investigators are investigating the scope of the hacking, believed that hackers are still oper...

A Singaporean hacker calling himself the " The Messiah " was arrested in Kuala Lumpur last Monday for hacking into a Singaporean government website over two weeks ago - from a Kuala Lumpur apartment. James Raj (35) charged with hacking of  Ang Mo Kio town council  website and posting a symbol associated with international hacker group Anonymous. He was charged under the Computer Misuse and Cybersecurity Act. If found guilty, he could be jailed for up to three years and fined S$10 , 000. Police said Raj was also linked to a series of hacking incidents, including penetrating the website of a charity group related to the ruling People's Action Party. Police declined to give details but suggested that Raj was not responsible for defacing the prime minister's office and presidential palace websites on November 7 and 8. Five other local men are being held for allegedly hacking the websites of Singapore's president and prime minister websites i.e.  Muham...

Last week we noticed a rise in cyber attacks particularly - website Defacement attacks on many governments and organizations of different countries by the hackers around the world. Targeted countries include Singapore, Mexico, Philippines, Australia, Egypt, United States, Syria and many more. Out of all these targets, most controversial were Philippines and Australia, hacked by Activist group Anonymous. Last Sunday, Anonymous hackers from Indonesia defaced hundreds of websites belonging to the Australian Government , saying the action was in response to reports of spying by Australia. The websites, defaced with a message reading " Stop Spying on Indonesia ". We have shared the list of all targeted website on a pastebin note . In a separate incident, Anonymous hackers defaced more than 38 Philippine Government websites, and called on the public to support an anti-corruption protest " Million Mask March " at the Batasang Pambansa on Novem...

12-year-old Canadian has pleaded guilty to breaking into multiple major government and police websites in the name of the hacker collective Anonymous . Surprisingly, this Fifth Grade student wreaked computer havoc during the Quebec student uprising in 2012, traded pirated information to Anonymous for video games. He had not just participated in  DDoS attacks , but also stole information belonging to users and administrators. The court estimates he did $60,000 worth of damage by attacking major government websites included those of Montreal police, the Quebec Institute of Public Health, the Chilean government and some non-public sites. His lawyer also described in the Court that buy saw it as a challenge, he was only 12 years old and was no political purpose. According to Montreal police, the boy also taught others how to hack. The 12 year old was among the several hackers arrested over the Anonymous protest. While others have been arrested in connecti...

LeaseWeb , one of the World's largest hosting provider has been defaced by Palestinian hackers, named as KDMS Team . LeaseWeb was also hosting provider for one of the biggest file-sharing website Megaupload in the past. Later Megaupload Founder, Kim Dotcom claimed that  Leaseweb had deleted all Megaupload user data from 690 servers without warning. The hacker group replaced the Homepage of the website for just a few hours with an Anonymous Palestine , homepage titled " You Got Pwned " and the defacement message says: Hello Lease Web Who Are You ? Who is but the form following the function of what and what are you is a hosting company with no security KDMS Team : Well ,, We Can See That :P We noticed that Attacker has just changed the DNS server to point the Domain to another server at 67.23.254.6, owned by the attacker. At the time of writing, Leaseweb team resolved the issue and get their Domain back to the original server . But becau...

Yesterday a new classified NSA document was leaked by Edward Snowden - titled ' Tor Stinks ' in which ideas were being kicked around for identifying Tor users or degrading the user experience to dissuade people from using the Tor browser. The NSA had a very hard time while tracking down all Tor  users and monitoring their traffic, especially since Tor servers are all over the world, but they make tracking easier by adopting  the following techniques: By running their own hostile Tor nodes Using zero-day vulnerability of Firefox browser By tracking user' browser Cookies Tor access node tracking is not new and the Document says that both the NSA and GCHQ run Tor nodes themselves. In order to trace traffic back to a particular Tor user the NSA needs to know the ' entry, relay and exit ' nodes in the anonymizer cloud between the user and the destination website. So for tracking purpose they used self-hosted nodes, that is able to trace a ver...