The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: Downloads

Gang Behind Fireball Malware that Infected 250 Million PCs Busted by Police

Gang Behind Fireball Malware that Infected 250 Million PCs Busted by Police

July 26, 2017Mohit Kumar
Chinese authorities have recently initiated a crackdown on the operators of a massive adware campaign that infected around 250 Million computers , including Windows and Mac OS, across the world earlier this year. The adware campaign was uncovered by security researchers at Check Point last month after it already infected over 25 million computers in India, 24 million in Brazil, 16 million in Mexico, 13 million in Indonesia and 5.5 million in the United States. Dubbed Fireball , the infamous adware comes bundled with other free legitimate software that you download off the Internet. Once installed, the malware installs browser plug-ins to manipulate the victim's web browser configurations and replace their default search engines and home pages with fake search engines. Far from legitimate purposes, Fireball has the ability to spy on victim's web traffic, execute malicious code on the infected computers, install plugins, and even perform efficient malware dropping, cr
90% of pirated games are infected with Malware

90% of pirated games are infected with Malware

April 15, 2013Wang Wei
If you've ever been tempted to download a 'hack' for your favorite game to accelerate your progress, or to download a pirated copy of the latest title through a torrent or file-sharing site, watch out ! Anti-virus company AVG has today warns that over 90% of hacked or cracked games downloaded via torrent or file-sharing sites are infected with malware or malicious code. It claimed that a lot of these hacks didn't just contain malware, but were simply malware programs in disguise. " Even if we assume that just 0.1% of the gamer playing the top five titles go looking for a hack - a highly conservative estimate - that means 330,000 people are potentially at risk of falling victim to game hack malware, " said AVG. The prevalence of cracked games, key generators, patches, cheats and more indicates that this is a highly organised, crime based, initiative. " This could lead to the loss of any legitimate, paid-for gaming assets, as well as sensitive persona
Intercepting Traffic of widerange frequencies with HackRF Radio

Intercepting Traffic of widerange frequencies with HackRF Radio

October 22, 2012Mohit Kumar
At the ToorCon hacker conference in San Diego Saturday, Ossmann and his research partner Jared Boone plan to unveil a beta version of the HackRF Jawbreaker , the latest model of the wireless Swiss-army knife tools known as software-defined radios. It grants any computer programmer the ability to develop new ways to interact with radio waves. HackRF, a software radio peripheral. Software radio or Software Defined Radio (SDR) is the application of Digital Signal Processing (DSP) to radio waveforms. It is analogous to the software-based digital audio techniques that became popular a couple of decades ago. The device has the ability to transmit and receive over a wide range of frequencies, covering a huge number of commercial devices. Once can Intercepting and Reversing engineer received  frequencies. Just like a sound card in a computer digitizes audio waveforms, a software radio peripheral digitizes radio waveforms. It's like a very fast sound card with the speaker
Getting Started: Your Guide to Windows 8

Getting Started: Your Guide to Windows 8

October 21, 2012Mohit Kumar
Back in 1991, Microsoft released their first version of Windows, a mouse-driven graphical user interface that revolutionized the way we use computers, both at home and in the workplace. Microsoft's newest operating system has a whole new interface and loads of new features. Windows 8 introduces a new type of application: the Windows Store app. Windows Store apps have a brand new look and feel, run on a variety of devices, and you sell them on the Windows Store. Here is a quick Guide for getting up to speed quickly and getting the most out of Windows 8. Whichever device you end up running Windows 8 on, you'll need to know a few things. How are you going to get the data from your current operating system to the new one? You'll probably be wondering where the famous Microsoft desktop has gone. You might be wondering just what is going on: why did Microsoft discard the Start menu, and why does its replacement look like it was designed for children? Downlo
Think Like a Hacker for Better Security

Think Like a Hacker for Better Security

October 15, 2012Mohit Kumar
Computer hacking is truly an epidemic. It's not enough to apply the latest patches to your servers and workstations or otherwise defend yourself reactively. If you're in charge of your network's security, you must understand how hackers minds work and what tools they're using for their attacks.  Also one of the best ways to protect yourself is to think like a hacker. Evil hackers aren't just a threat to national security. They're a threat to your privacy and even your livelihood. Your personal information? Nothing more than a commodity in their billion-dollar black-market enterprise. There's no product that can prevent hackers from plastering passwords and usernames on the Web. But some white hat hackers are not only chasing these cybercriminals but also thwarting the attacks before they can be launched. Vulnerabilities appear in your environment every day. For example, everyone wants to use their tablet or smart phone to conduct business. A
Beacon : A new advance payload for Cobalt Strike

Beacon : A new advance payload for Cobalt Strike

September 30, 2012Mohit Kumar
Raphael Mudge (Creator of Cobalt Strike ) announced Another Advance Payload for Cobalt Strike called " Beacon ". In a conversation with The Hacker News  Raphael said " A big gap in the penetration tester's toolbox are covert command and control options, especially for long engagements. Beacon is a new feature in Cobalt Strike to remedy this problem ." Cobalt Strikes's graphical user interface offers direct control of the 700+ exploits and advanced features in the open source Metasploit Framework. Beacon is a Cobalt Strike payload for long-term asynchronous command and control of compromised hosts. It works like other Metasploit Framework payloads. You may embed it into an executable, add it to a document, or deliver it with a client-side exploit. Beacon downloads tasks using HTTP requests. You may configure Beacon to connect to multiple domains. For extra stealth, Beacon may use DNS requests to check if a task is available. This limits the comm
Security in a Serious Way - The Hacker News Magazine September 2012 Edition

Security in a Serious Way - The Hacker News Magazine September 2012 Edition

September 16, 2012Mohit Kumar
Hey faithful readers and people interested in Internet Security! Enjoy our - The Hacker News Magazine  September 2012 Edition , Issue #14 packed full of computer security issues and a great interview with a young hacker who defines the world of hacking and the future. Let us know what you think and many thanks for following our website!
BlackHole Exploit Kit 2.0 released with more latest Exploits

BlackHole Exploit Kit 2.0 released with more latest Exploits

September 14, 2012Mohit Kumar
According to release announcement on Pastebin by unknown developers in a Russian-language BlackHole Exploit Kit 2.0 released with more latest Exploits. BlackHole is one of the most dominant exploit toolkits currently available in the underground market. It enables attackers to exploit security holes in order to install malicious software on victim's systems. The new variant doesn't rely on plugindetect to determine the Java version that's installed, thus speeding up the malware download process. Old exploits that were causing browsers to crash and "scary visual effects" have been removed. The exploit kit is offered both as a "licensed" software product for the intrepid malware server operator and as malware-as-a-service by the author off his own server. Some interesting claims by developer about new version: prevent direct download of executable payloads only load exploit contents when client is considered vulnerable drop use of PluginDetect library (performance jus
Eject any WiFi device from network using Android

Eject any WiFi device from network using Android

September 13, 2012Mohit Kumar
If you want to disable any ip address which use same router to connect internet. Now you can used your android application, WifiKill use as can disable internet connection for a device on the same network. May be you ever use " NetCut " tool in your windows to eject any WiFi device from network with one click. NetCut have ability to scan the network for all connect devices with their MAC address and then with one click you can disconnect anyone from Network using ARP SPOOF attacks. This application mostly used by students to save bandwidth in colleges or in any network where they want to disconnect all other users and use complete bandwidth for better speed or by some Network admins. But NETCUT comes for Windows only. A Android application released called " WiFiKill  v1.7 " , this is alternate version of NETCUT for Android. Simply allows you to scan your wifi network for devices, see their vendor and cut network connection for specified devices. This way you can g
Gauss Malware Detection Tool released by Iranian CERT

Gauss Malware Detection Tool released by Iranian CERT

September 08, 2012Mohit Kumar
Iranian National Computer Emergency Response Team releases a tool for Gauss malware detection . Cyber surveillance virus has been found in the Middle East that can spy on banking transactions and steal login and passwords, according Kaspersky Lab, a leading computer security firm. Gauss primarily infects 32-bit versions of Windows, though a separate spy module for USB drives can collect information from 64-bit systems. Infections are mainly split between Windows 7 and Windows XP, although some of the Gauss modules don't work against Windows 7 Service Pack 1. Mac and Linux machines appear to be safe. Multiple modules of Gauss serve the purpose of collecting information from browsers, which include the history of visited websites and passwords. Detailed data on the infected machine is also sent to the attackers, including specifics of network interfaces, the computer's drives and BIOS information. The Gauss module is also capable of stealing data from the clients of several Leb
BackTrack 5 R3 Released - Download Now !

BackTrack 5 R3 Released - Download Now !

August 13, 2012Mohit Kumar
The latest version of Backtrack is out! Check out Backtrack 5 R3! " The time has come to refresh our security tool arsenal – BackTrack 5 R3 has been released. R3 focuses on bug-fixes as well as the addition of over 60 new tools – several of which were released in BlackHat and Defcon 2012. A whole new tool category was populated – "Physical Exploitation", which now includes tools such as the Arduino IDE and libraries, as well as the Kautilya Teensy payload collection. " Backtrack Team have released a single VMware Image (Gnome, 32 bit), for those requiring other VM flavors of BackTrack. Download BackTrack 5 R3
zAnti Pentester’s Worldcup tournament open for Hackers

zAnti Pentester's Worldcup tournament open for Hackers

June 24, 2012Mohit Kumar
zAnti Pentester's Worldcup tournament open for Hackers Today is a great day to be a security enthusiastic since Zimperium kicked off the first ever penetration testing tournament. — Welcome to the Pentester's Worldcup ! Zimperium , a mobile security software start-up was founded by Itzhak " Zuk " Avraham, a world-renowned white-hat hacker, in 2011. The Pentester's World Cup is part of Zimperium's efforts to increase awareness about mobile security, and simultaneously enhance the security of its range of award-winning products. You may recall Anti, The first comprehensive Penetration Testing software offered on Smartphones, Zimperium created a killer mobile app that is so simple to use, any technical person is able to perform pentest on his network to get status of which devices that are attached to the network are vulnerable, what ports are opened and additional information that is a must have for anyone who cares about the safety on his network. Last year at DEFCON, Avraham, also
Call for Articles - July Edition | The Hacker News Monthly Magazine

Call for Articles - July Edition | The Hacker News Monthly Magazine

June 20, 2012Mohit Kumar
Call for Articles - July Edition | The Hacker News Monthly Magazine Attention Readers!! We know there is a writer in all of you and we invite you to submit your best work on the subject of BOTNETS for our July The Hacker News Monthly Magazine . Give us all your expertise and knowledge on the subject and we will give it a top priority! We'd like to thank our readers and supporters and know that we take your loyalty seriously and with great appreciation. See you in July! Ann Smith Executive Editor, The Hacker News
MALWARE - June 2012 | The Hacker News Magazine Released

MALWARE - June 2012 | The Hacker News Magazine Released

June 14, 2012Mohit Kumar
MALWARE - June 2012 | The Hacker News Magazine Released Welcome readers, techies working in the darkness of night and any other internet security minded folk. June finds us exploring the new "F" word: Malware . You will learn lots from our regular author, Perluigi Paganini as he takes you through the history of malware and its consequences. We introduce two new authors, Charlie Indigo who will get your mind to thinking about the future of internet security and just what kind of world we will be living in. Gerald Matthews gives us an overview of malware and how the FBI, of all people, helped us out. Our founder, Mohit Kumar writes about the topic in general and Ann Smith ,Our Executive Editor, of course, will wow you with a thorough provoking editorial. Thanks again for your readership......we hope to hear from you soon. Download MALWARE - The Hacker News Magazine
CVE-2012-2122 : Serious Mysql Authentication Bypass Vulnerability

CVE-2012-2122 : Serious Mysql Authentication Bypass Vulnerability

June 11, 2012Mohit Kumar
CVE-2012-2122 : Serious Mysql Authentication Bypass Vulnerability A serious security bug in MariaDB and MySQL Disclosed, According to Advisory All MariaDB and MySQL versions up to 5.1.61, 5.2.11, 5.3.5, 5.5.22 are vulnerable. This issue got assigned an id CVE-2012-2122. " When a user connects to MariaDB/MySQL, a token (SHAover a password and a random scramble string) is calculated and comparedwith the expected value. Because of incorrect casting, it might'vehappened that the token and the expected value were considered equal,even if the memcmp() returned a non-zero value. In this caseMySQL/MariaDB would think that the password is correct, even while it isnot. Because the protocol uses random strings, the probability ofhitting this bug is about 1/256 ." " Which means, if one knows a user name to connect (and "root" almostalways exists), she can connect using *any* password by repeatingconnection attempts. ~300 attempts takes only a fraction of second, s
Orion Browser Dumper v1.0 released

Orion Browser Dumper v1.0 released

May 12, 2012Mohit Kumar
Orion Browser Dumper v1.0 released Jean-Pierre LESUEUR (DarkCoderSc) releases another Browser Forensic tool for Community called " Orion Browser Dumper v1.0 ".  This software is an advanced local browser history extractor (dumper), in less than few seconds (like for Browser Forensic Tool) it will extract the whole history content of most famous web browser, Actually Internet Explorer, Mozilla FireFox, Google Chrome, COMODO Dragon, Rockmelt and Opera. You can download the tool from Official Website of DarkCommet . Video Demonstration: Last week he also release " Browser Forensic Tool v2.0 " - Its is also an advanced local browser history search engine, in less than few seconds it will extract the chosen keywords of most famous web browser, actually Internet Explorer, Google Chrome, Mozilla FireFox, RockMelt, Comodo Dragon and Opera.
Hacktivism - The Hacker News Magazine - May 2012 Issue

Hacktivism - The Hacker News Magazine - May 2012 Issue

May 05, 2012Mohit Kumar
Welcome cyber space readers and internet junkies from around the world. May brings us into an in-depth look at our favorite topic: Hacktivism Our fearless leader, Mohit Kumar , founder of The Hacker News opens the discussion with a look at the meaning of Hackitivism and what it means for society today. Our regular writers, security specialist Pierluigi Paganini , and Mourad Ben Lakhousa bring us their perspective on this most interesting and thought provoking topic. As editor, I truly enjoyed Keith H. DeBus 's article on cyber war. I found myself wrapped up in excitement and worry as he takes us into the what's and where's of cyber war. Also, Dominque C Brack does an excellent job discussing the topic. Your executive editor, Patti Galle, brings you to question just what anonymous needs to look like in the future and don't miss our fun pokes at current news. Thanks for your faithful readership and thanks to those who contribute in so many, many ways! Mohit Kumar, Editor-in-ch
Browser Forensic Tool v2.0 - Advanced browser history search engine

Browser Forensic Tool v2.0 - Advanced browser history search engine

May 05, 2012Mohit Kumar
Browser Forensic Tool v2.0 - Advanced browser history search engine Browser Forensic Tool v2.0  , Developed by DarkCoderSc (Jean-Pierre LESUEUR) ,is an advanced local browser history search engine, in less than few seconds it will extract the chosen keywords of most famous web browser, actually Internet Explorer, Google Chrome, Mozilla FireFox, RockMelt, Comodo Dragon and Opera. BFT will attempt to find the keyword(s) in the history title and search, if the keyword is present or suspected to be, it will be display in the result list with his URL and Title. The software also give you the possibility to edit the default keywords and of course add / modify your own keywords, to separate keywords subject you can create your own keywords categories and only scan for some keywords in the chosen category . The program is fully asynchronous so it won't affect your work during the scan time nor it will block the customization of keywords and keylist and can be canceled at anytime. D
Skype Vulnerability Exposing User IP Addresses

Skype Vulnerability Exposing User IP Addresses

May 01, 2012Mohit Kumar
Skype Vulnerability Exposing User IP Addresses Skype is warning users following the launch of a site devoted to harvesting user IP addresses.The Skype IP-Finder site allowed third-parties to see a user's last known IP address by simply typing in a user name. A script has been uploaded to Github that offers these options. According to the page, it can be used to lookup IP addresses of online Skype accounts, and return both the remote and the local IP of that account on a website. The script is for instance available on this site . Just enter the user name of a Skype user, fill out the captcha, and click the search button to initiate the lookup. You will receive the user's remote IP and port, as well as the local IP and port. Adrian Asher, director of product Security, Skype " We are investigating reports of a new tool that captures a Skype user's last known IP address. This is an ongoing, industry-wide issue faced by all peer-to-peer software companies. We are committed to the
oclHashcat-plus v0.08 Released - fastest password Cracker

oclHashcat-plus v0.08 Released - fastest password Cracker

May 01, 2012Mohit Kumar
oclHashcat-plus v0.08 Released - fastest password Cracker oclHashcat-plus is Worlds first and only GPGPU based rule engine and Worlds fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. Features Free Multi-GPU (up to 16 gpus) Multi-Hash (up to 24 million hashes) Multi-OS (Linux & Windows native binaries) Multi-Platform (OpenCL & CUDA support) Multi-Algo (see below) Low resource utilization, you can still watch movies or play games while cracking Focuses highly iterated, modern hashes Focuses single dictionary based attacks Supports pause / resume while cracking Supports reading words from file Supports reading words from stdin Integrated thermal watchdog 20+ Algorithms implemented with performance in mind ... and much more Algorithms MD5 Joomla osCommerce, xt:Commerce SHA1 SHA-1(Base64), nsldap, Netscape LDAP SHA SSHA-1(Base64), nsldaps, Netscape LDAP SSHA Oracle 11g SMF > v1.1 OSX v10.4, v10.5, v10.6 MSSQL(2000) MSSQL(2005) MySQL
Exclusive Offers

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.