Subscribe to our newsletters
Sign Up

The Hacker News — Cyber Security, Hacking, Technology News

Wednesday, August 30, 2017 Wang Wei

wikileaks-hacked
OurMine is in headlines once again—this time for defacing WikiLeaks website.

The notorious hacking group, OurMine, is known for breaching into high-profile figures and companies' social media accounts, including Facebook CEO Mark Zuckerberg, Twitter CEO Jack Dorsey, Google CEO Sundar Pichai, HBO, Game of Thrones and Sony's PlayStation Network (PSN).

According to screenshots circulating on Twitter, the official website of WikiLeaks has reportedly been defaced by the OurMine hacking group, who left a message on the site, as shown above.

WikiLeaks is a whistleblowing website that since March, has been revealing top CIA hacking secrets under Vault 7, including the agency's ability to break into different mobile and desktop platforms, security camera live video streams, air-gap computers and many more.

There is no indication of WikiLeaks servers and website been compromised, instead it seems their website has been redirected to a hacker-controlled server using DNS poisoning attack.

In DNS poisoning attack, also known as DNS spoofing, an attacker gets control of the DNS server and changes a value of name-servers in order to divert Internet traffic to a malicious IP address.

Shortly after the defacement, the site administrators regained access to their DNS server and at the time of writing, the WikiLeaks website is back online from its official legitimate servers.

OurMine is a Saudi Arabian group of hackers which claims to be a "white hat" security firm.

The group markets itself by taking over social media accounts of high-profile targets and then encourages them to contact the hacking group to buy its IT security service in an effort to protect themselves from future cyber attacks.

Tuesday, November 01, 2016 Mohit Kumar

The Hacker News (THN) Celebrates 6th Anniversary
Can you believe that it's been 6 years since we first launched The Hacker News?

Yes, The Hacker News is celebrating its sixth anniversary today on 1st November.

We started this site on this same day back in 2010 with the purpose of providing a dedicated platform to deliver latest infosec news and threat updates for Hackers, Security researchers, technologists, and nerds.

Times flies when you are having fun!

The Hacker News has become one of the World's popular and trusted Hacking News channel that went from ~100,000 readers to more than 10 million monthly readers — all because of THN readers high enthusiasm.

In this short span of time, The Hacker News has achieved a series of milestone:
What's more? The Twitter Account of The Hacker News became officially verified (yes, that blue tick) by Twitter.

We don't cover everything, never did, never could, we just cover the things that are important to our readers and impact a large audience. That's the actual difference between The Hacker News and a full-fledged News Outlet.

Most importantly, The Hacker News thanks all of its readers for the support and trust, as it continues to grow and serve this community.

Regardless of how frequent you visit our site, whether you are a regular reader who reads every since article or just occasionally comes, whether you support our site by sharing articles, or being a silent reader, THN would not be there and probably have never achieved these milestones, if you were not there.

THN Deals Store Launched

hacking-deals
In the special occasion of this year's Anniversary, The Hacker News also launched THN Deals Store last week, which is packed with great deals on everything from Online Cyber Security and Hacking Courses to gear and gadgets, downloadable Security Products, privacy services, IT Certification Preparation Courses, programming courses and even drones.

So, if you are searching for a great deal for anything you need, The Hacker News welcomes you to THN Deals Store where you can get incredible discounts on anything you need.

  • Deal 1 — You can save 96% on a Computer Hacker Professional Certification Package, which offers you the content of over 60 hours to help pass any of five professional hacker certifications, including CEH, CISSP, CHFI, CISM and CISA.
  • Deal 2 — Another such great deal is Lifetime subscription for Windscribe VPN. You can now protect your online privacy, unblock unwanted websites, hide your identity, and access geo-blocked content from anywhere. THN Deals offers our readers 1-year Pro subscription of Windscribe VPN at 82% discount and Windscribe VPN Lifetime Pro Subscription at a massive 94% discount.

What Next?

We at THN are working on a new platform that will completely transform the way we report and deliver Hacking and Cyber Security updates today.

As things are changing so quickly on the Internet, THN's new platform will provide not only hacking and cyber security updates but also technology news, and knowledgeable content to our readers.

This is just the beginning, as there are many, many more exciting years ahead!

Friday, October 09, 2015 Swati Khandelwal

The Guy Who Accidently bought Google.com Got a Huge Reward, But he Donated it to Charity
Sanmay Ved – the man who actually managed to buy Google.com got a huge reward from Google, but he donated all money to charity.

Last week, an ex-Google employee and now-Amazon employee managed to buy the world's most-visited domain Google.com via Google's own Domains service for only $12.

However, Ved owned Google.com for one whole minute before the Mountain View company realized it was a mistake and cancelled the transaction.

After acknowledging the mistake, Google rewarded Ved with some unknown amount of cash, but when Ved generously suggested donating his prize money to charity instead, Google just doubled the reward.

Google Rewarded Ved with More than $10,000


Ved believed that his real reward was just being the person who bought Google.com for a whole minute.
"I do not care about the money," Ved told in an interview with Business Insider. "It was never about the money. I also want to set an example that [there are] people who [wish] to find bugs that it's not always about the money."
Ved donated his reward to "The Art of Living India," an Indian foundation that focuses on providing education to poorer areas of the country.

Ved did not disclose the exact sum of cash Google had awarded him, but he did say that the amount was more than of $10,000.

That is a lot for just a few clicks!

Monday, October 05, 2015 Swati Khandelwal

THN Weekly Roundup
We are back with our last week’s top cyber security threats and challenges, just in case you missed any of them (ICYMI).

THN Weekly Round Up is The Hacker News efforts to help you provide all important stories of last week in one shot.

We recommend you read the full story (just click ‘Read More’ because there’s some valuable advice in there as well).

Here's the list:

1. Quantum Teleportation — Scientists Teleported Quantum Data over 60 Miles


While the world is battling between Quantum computers and Encryption, the NIST Scientists have set a new record in the field of "Quantum Teleportation"...

…by successfully Teleporting a small amount of data (qubit) inside light particles over a distance of 60 Miles (100 km) through a network of optical fiber – the record which is four times faster than previous one.

To know how the Quantum Teleportation works and how the researchers able to reach this record, Read More

2. Pirate Bay co-founder Gottfrid Svartholm is a Free Man Again


Pirate Bay co-founder Gottfrid Svartholm Warg, also known as Anakata, has been released from a Sweden prison following 3 years behind bars for copyright and hacking offenses in both Sweden and Denmark.

The Pirate Bay is one of the world's most popular file-sharing websites predominantly used to share copyrighted material, like pirated software, pirated video files, and other stuff, free of charge.

For more information on Svartholm his release, Read More

3. Microsoft Responds by Not Addressing Windows 10 Spying


Microsoft finally responded to the growing privacy concerns around its newest operating system to regain the trust of users who are concerned about their online privacy related to Windows 10, But…

The company did admit that the operating system does regularly phone home by default.

According to the company, Windows 10 doesn't collect two types of data – communications (including e-mail and Skype) and File Contents – but the company collects everything else from Cortana and Bing searches to store purchases.

For detailed information, Read More

4. Microsoft's Love for Open Source


Last month, Microsoft surprised us by announcing that it has built a Linux kernel-based operating system Azure Cloud Switch (ACS) for developing software products for Network Devices.

Once again the company surprised us by choosing Ubuntu as the operating system for their Cloud-based Big Data services.

For in-depth information on "Azure HDInsight" for Linux users, Read More

5. Unpatched WinRAR Flaw Affects 500 Million Users


A Very Big Number Indeed! A highly critical unpatched Zero-day vulnerability discovered in the latest version of WinRAR affected hundreds of Millions of its users worldwide.

The remote code execution vulnerability in the stable version of WinRAR 5.21 for Windows computers can be used by any attacker to insert a malicious HTML code inside the "Text to display in SFX window" section when the user is creating a new SFX file.

To know more about the zero-day flaw in WinRAR, Read More

6. TrueCrypt Encryption Software Affected by Two Critical Flaws


If you are among those privacy-conscious people who are still using 'no longer available' TrueCrypt Encryption Software, then it’s time for you to move on.

Despite going through audits, researchers have found two highly critical security vulnerabilities in TrueCrypt that could expose your data to hackers if exploited.
  • CVE-2015-7358: Allows attackers to gain access to a running process and get full administrative privileges.
  • CVE-2015-7359: Allows attackers to impersonate as an authenticated user.

For detailed information on both the vulnerabilities, Read More

7. One Billion Android Users are at Risk of Stagefright Bug 2.0


Android users must pay attention to the newly discovered Stagefright Bug.

Yes, Android Stagefright bug is Back with a Bang. More than 1 Billion Android smartphone devices are vulnerable to hackers once again – Thanks to, not one, but two newly disclosed Android Stagefright vulnerabilities.

This time, the bug allows attackers to hack your Android smartphones just by tricking you into visiting a website that contains a malicious multimedia file, either MP3 or MP4.

For in-depth information on Android Stagefright Bug 2.0, Read More

8. Amazon Employee bought 'Google.com' Just for $12


This was one of the last week's trending news. Amazon employee Sanmay Ved, who was an ex-Google employee, managed to buy the world's largest search engine website Google.com just for $12 from Google itself.

However, soon Ved received an order cancelation email and refund from Google Domains, but the experience of owning the search engine giant for one whole minute indeed sounds great.

For detail information and screenshots, he took while purchasing Google.com, Read More

9. Data Breach Week


This week, we saw 3 high-profile data breaches, compromising personal and sensitive details of millions of people.
  • Telecommunication giant T-Mobile – Over 15 Million Users Affected
  • Crowdfunding website Patreon – Over 2.3 Million Users Affected
  • US brokerage firm Scottrade – Nearly 5 Million Users Affected
T-Mobile's credit application processor Experian was hacked, potentially exposing highly sensitive details of 15 Million users who applied for its service in the past two years.

In Patreon's case, hackers managed to steal almost 15 gigabytes' worth of data including names, shipping addresses and email addresses of 2.3 Million users, and then made it available to various online locations for anyone to download.

US brokerage firm Scottrade also suffered a massive data breach in which hackers managed to access one of its servers in late 2013 and early 2014, stealing names and street addresses for 4.6 million of their clients.

For in-depth information, Read More

10. Design Flaws Make Drones Vulnerable to Cyber-Attacks


Researchers have discovered a method that can be used to hack and hijack Unmanned Aerial Vehicles (UAVs), better known as DRONES.

HP Security Researcher Oleg Petrovsky discovered design flaws in the UAV systems that allowed him to capture, modify, and inject a data stream into a telemetry link connection over a serial port, as well as spoof the connection to the ground station to take complete control of Drone.

For detailed information, Read More

11. AdBlock Extension has been Sold to an 'Unknown Buyer'


Yes, your favorite AdBlock browser extension that helps you block annoying online advertising has been sold – and more shockingly – to an unknown buyer.

What’s more bothering is that the 'Anonymous buyer' is turning ON the "Acceptable Ads" feature, which maintains a whitelist of advertisements that are not blocked by default.

This means that AdBlock will now let some advertisements through on by selected websites or by selected companies by default, if those companies pay for showing their ads – the concept entirely contradict the key feature of AdBlock, i.e. blocking ads.

For detailed information, Read More

Sunday, September 27, 2015 Swati Khandelwal

THN Weekly Roundup — 14 Most Popular Hacking Stories
To make the last week’s top cyber security threats and challenges available to you in one shot, we are once again here with our weekly round up.

Last week, we came across lots of cyber security threats like the XCodeGhost malware in Apple’s App Store and lockscreen bypass bug in iOS 9 and iOS 9.0.1 that made us sad, but…

…we were also thrilled by latest developments such as Microsoft’s new Linux-based operating system Azure Cloud Switch (ACS), unhackable MicroKernel "SeL4", and Facebook 'Dislike or Empathy Button'.

I recommend you to read the entire thing (just click ‘Read More’ because there’s some valuable advice in there as well).

Here's the list:

1. Microsoft Developed its Own Linux Operating System


One of the trending news of last week. Microsoft built its own Linux-based operating system known as Azure Cloud Switch (ACS).

The company described ACS as a "cross-platform, modular operating system for data center networking built on Linux," or simply, a "commodity switch software stack for data center networks".

The aim of developing a Linux-based operating system is to make it easier and simpler to control the hardware from multiple vendors (such as Switches) that power their cloud-based services. For working and functions of ACS, Read more

2. D-Link Publishes its Private Code-Signing Keys on the Internet


Taiwan-based networking equipment manufacturer D-Link accidently published its Private code signing keys inside its open-source firmware packages.

As a result, an online user successfully developed a Windows application, which he was able to sign with the D-Link code signing keys, which was valid at the time.

Besides that code signing private keys, the user also discovered pass-phrases into the source code needed to sign the software. For in-depth information, Read more

3. Unhackable Bug-Free MicroKernel – SeL4


Security Researchers, Mathematicians and Aviation gurus from Boeing and Rockwell Collins joined a team of dedicated NICTA researchers to create an open source, unhackable MicroKernel dubbed "SeL4."

SeL4 (Secure Microkernel Project) is a 3rd Generation MicroKernel designed to detect & foil hacking attempts. It supports various L4 microkernels features and promises high-performance with robust Security mechanisms that are even harder to Crack.

For an in-depth explanation, Read more

4. AVG Antivirus Plans to Collect & Sell Your Personal Data to Advertisers


Remember, Nothing comes for Free! "Free" is just a relative term, as one of the world's most famous anti-virus companies has now admitted.

Czech Republic-based antivirus firm AVG updated its privacy policy in which it openly admits to collect and sell your data to online advertisers for the purpose of making money from its free anti-virus software.

The so-called "non-personal data" includes your browser and search history, meta-data, advertising ID associated with your device, Internet Service Provider (ISP) or Mobile Network you use and information regarding other apps you have on your device. For more information, Read more

5. Aw, Snap! This 16-Character String can Crash Your Google Chrome

This 16-Character String can Crash Your Google Chrome
Security researcher Andris Atteka discovered a simple way to crash your Chrome browser — a small string of special characters.

Yes, a small string of 16 characters (http://a/%%30%30) caused your Chrome browser to crash. However, Google patched the flaw now, but the researcher didn’t receive any bounty, as the bug was not a real security threat. Read more

6. WIN $1 Million Bounty For Hacking the New iOS 9 iPhone


Yes, $1,000,000.00 Reward for finding zero-day hacks for iPhones and iPads.

Security firm Zerodium, a startup by the infamous security firm "VUPEN", announced a total of $3 Million ($3,000,000) bounty rewards for exploits and jailbreaks for Apple's latest mobile operating system iOS 9.

To know how you can Win this bounty reward, Read more

7. 4000 Malicious iOS Store Apps Linked to CIA?


With the discovery of 39 malware infected iOS apps, FireEye researchers discovered nearly 4000 compromised iOS apps that were infected with same XCodeGhost malware.

XCodeGhost, a very harmful and dangerous piece of malware, was distributed through legitimate iOS Apps via counterfeit versions of Apple's app developer toolkit called Xcode.

It isn't clear that the attackers of XCodeGhost are linked to CIA, but the technique used by XCodeGhost is similar to that developed by Central Intelligence Agency (CIA) researchers, disclosed by the leaked documents provided by Edward Snowden.

For in-depth information, Read more

8. Here's How Facebook 'Dislike or Empathy Button' Would Look Like


Excited about having Facebook Dislike or Empathy button to your Facebook Profile and News Feed?

Facebook will soon offer you this feature, But if you are thinking that Facebook Dislike button is going to be a thumbs-down, then you are wrong.

As Facebook’s founder Mark Zuckerberg says, "We did not want to just build a Dislike button [as] we do not want to turn Facebook into a forum where people are voting up or down on people’s posts."

Instead of thumbs down to express disapproval or pity, it could be Emojis. How? Read more

9. How to Access Private Photos and Contacts in iOS Device Without a Passcode

How to Access Private Photos
Last week, iPhone user Jose Rodriguez found a new and quite simple way of bypassing the lockscreen of an iOS device running Apple's latest iOS 9 operating system, allowing you to access the device's photos and contacts in 30 seconds or less.

Few days after, Apple released its first update to iOS 9 mobile operating system that addressed several bugs but, unfortunately, the latest update iOS 9.0.1 didn't fix the lockscreen bypass vulnerability.

To prove this, Rodriguez published a new video that detailed a step-by-step explanation on how to bypass the passcode on iOS 9 as well as iOS 9.0.1 device, using the benevolent nature of Apple's personal assistant Siri.

For detailed explanation, Read more

10. Fingerprints of 5.6 Million Federal Employees Stolen in OPM Hack


Few month ago, a massive data breach in the US Office of Personnel Management affected more than 21 Million federal employees, who had their personal, and highly sensitive private information hijacked.

However, now the US officials are admitting that more than 5.6 Million Fingerprints of its federal employees were also stolen in the data breach took place in April this year. The number is bigger than previously reported that some 1.1 Million Fingerprints were taken. Read more

11. Lenovo Caught Pre-Installing Spyware on its Laptops


Lenovo has once again been caught pre-installing spyware on its laptops and workstations from Lenovo ThinkPad, ThinkCentre, and ThinkStation series without the user's permission or knowledge.

Lenovo embedded a tracking software program, called "Lenovo Customer Feedback Program 64," categorized as Spyware, into its laptops and workstations that operate daily on these systems.

For more details on What this software does?, and How to Remove this software, Read more

12.China developed a Linux OS that totally Looks Like Windows XP


Yes, China has created its own Desktop Operating System, dubbed "NeoKylin", tagged as a substitute to Windows XP by Quartz, who got an opportunity to have a hands-on experience of its 'community version' OS.

NeoKylin is developed by Shanghai-based China Standard Software Company, and the operating system is already running on more than 40 percent of commercial units sold in the country by Dell.

How NeoKylin looks like and similar is NeoKylin to Windows XP, Read more

13. The World's First $9 Computer has Started Shipping

The World's First $9 Computer has Started Shipping
C.H.I.P.Computer Hardware in Products – a $9 Linux-based, super-cheap computer has started shipping.

Dave Rauchwerk, CEO of Next Thing Co., said that the first run of CHIP computers is beginning to be distributed to early backers within few days.

For specifications and capabilities of C.H.I.P., Read more

14. North America Runs Completely Out of IPv4 Internet Addresses


The American Registry for Internet Numbers (ARIN) announced the final exhaustion of their free pool of IPv4 (Internet Protocol version 4) addresses.

The free pool of IPv4 addresses has reached zero, i.e., the availability of IPv4 addresses no more exists.

This is just the start of an era of IPv6, which was first invented in about two decades ago, and features much longer addresses (e.g. FE80:0000:0000:0000:0202:B3FF:FE1E:8329).

This simply means that IPv6 (Internet Protocol version 6) could offer a total available pool of 340 Trillion Trillion Trillion addresses, providing capacity for a very long time. Read more

Saturday, September 19, 2015 Swati Khandelwal

website-logout
My usual bed routine is to check comments under my articles before I go to sleep. The same I was doing last night, but something weird happened to me.

Someone posted a mysterious short link without any text below one of my articles on our official 'The Hacker News' Facebook Page, and with the curiosity to check that link I visited that website. And what I saw…

One by one my every single account I logged in into my web browser got automatically logged out just in few seconds in front of my eyes.

This is exactly what Super Logout does.

Log Out All Your Accounts in Just One Click


Yes, Super Logout – a website that logs you out of over 30 major Internet services just in one click.

You can visit 'Super Logout' here. (Note: Once clicked, this will log you out instantly from all your online accounts and don't worry it is neither harmful, nor malicious)

This is a great tool for people who:
  • Usually visit Internet Cafes for surfing Internet
  • Surf the Internet using public Wi-Fi
  • Use computers in office, libraries or PCs other than their own
  • Have an odd habit of logging out of all their online accounts at the end of each day
Superlogout website is one that will make your logging out process very simple if you use multiple accounts in one browser and want to simplify the process.
logout
Going through the source code of the web page, I found that the website is using a simple JavaScript code that loads the logout URLs of all below mentioned Online Services and deletes your login sessions.

Here's the List of Online Services Super Logout Logs Out  

super-logout-account
As soon as you visit Superlogout, it will automatically start logging you out one by one of a few dozen major services including:
  • Amazon
  • Google
  • GitHub
  • Gmail
  • YouTube
  • DropBox
  • WordPress
  • Skype
  • Dozons more…
Despite the Superlogout developer has not included Facebook and Twitter in the list, it is a quick way to logout of many websites at once. And we hope to see Facebook and Twitter in a future update.

Monday, September 07, 2015 Khyati Jain

Brutal Cyber Attacks
In Part I of this two-part series from The Hacker News, the First Four list of Top Brutal Cyber Attacks shows that whoever you are, Security can never be perfect.

As attackers employ innovative hacking techniques and zero-day exploits, the demand for increased threat protection grows.

In this article, I have listed another three cyber attacks, as following:

#5 Car Hacking


Driving a car is a network’s game now!

'Everything is hackable,' but is your car also vulnerable to Hackers?

General Motors’ OnStar application and cars like Jeep Cherokee, Cadillac Escalade, Toyota Prius, Dodge Viper, Audi A8 and many more come equipped with more advanced technology features.

These cars are now part of the technology very well known as the “Internet of Things”.

Recently two Security researchers, Chris Valasek and Charlie Miller demonstrated that Jeep Cherokee could be hacked wirelessly over the internet to hijack its steering, brakes, and transmission.

The OnStar application is an inbuilt unit attached to the interior, rearview mirror of the car with features such as remotely unlocking cars and starting the engines.

Similarly, Jeep manufactured Jeep Cherokee’s latest model is the fourth generation car fully equipped with the latest technology advancements.

In the recent incidents, Jeep Cherokee, as well as OnStar's application, were hacked leaving the cars as the slaves of the hackers and prone to accidents.

A security flaw in the car's entertainment system was compromised by two white hat hackers: Charlie Miller and Chris Valasek. The flaw allowed the hackers to inject malware into the system for remote control from miles away.

The hackers were able to turn up the music volume to the maximum and start the windshield wipers remotely while they were ‘10 miles away’.

An outrageous act they did was cutting off the transmission and disconnected the brakes that led the car crash into a ditch.

Reports say that both Jeep Cherokee and Escalade have an inherent security flaw. This is such:

The cars' apps, Bluetooth and telematics connecting the car to a cellular network like OnStar are on the same network as the engine controls, brakes, steerings and tire pressure monitor system.

Miller and Valasek said a car’s networked system could be an easy gateway for the hackers to come in with just the use of their mobile phones and a laptop.

What they need to do is just know the car’s IP address, and they can break into its system through a wireless internet connection.

#6 Data Breach at US Government Office of Personnel Management


United States Office of Personnel Management (US OPM) is an independent agency of the United States that works to recruit, retain and honor a world-class workforce for the American people.

The US OPM became a victim of a cyber attack twice that led to a data breach, compromising personal information of some 21.5 million related to current and former federal workers.

Hackers accessed sensitive data of US government officials that could be used for identity theft and cyber-espionage.

The stolen data included Social Security Numbers, employment history, residency and educational history, criminal and financial history, fingerprints, information about health, personal and business acquaintances.

Some stolen records also include findings from interviews conducted by background investigators that discussed sexual assaults and drug, mental health treatments and alcohol addictions.

Investigations reveal that China-based hackers were behind the data breaches at the Office of Personnel Management (OPM).

#7 Anthem Data Breach


Anthem Insurance Inc., previously known as WellPoint Inc, was a victim of a massive cyber attack in February.

Back in February, Cyber attackers executed a very sophisticated attack to gain unauthorized access to the company’s IT systems that had database of some 80 million people and obtained personal identifiable information (PII) relating to its consumers and employees.

The information accessed included:
  • Names,
  • Birthdays,
  • Social security numbers,
  • Email addresses
  • Employment information, including income data
The hackers gained access to Anthem's data by stealing the network credentials of at least five of its employees with high-level IT access.

The path may have been "Phishing", in which a fraudulent e-mail could have been used to trick employees into revealing their network ID and password, or into unknowingly downloading software code that gives the hackers long-term access to Anthem’s IT environment.

The company informed millions of its affected customers of the massive data breach that potentially exposed the personal information of its former as well as current customers.

Anthem appointed Mandiant, world’s leading cyber security organization, to evaluate the scenario and provide necessary solutions.

This is just the beginning...


These are just seven; there are many more! And it could reach you too.

The power of the cyberspace and the criminals hovering over it should not be underrated.

Chucking such happenings where your personal data is at risk and being irrational is not the solution rather it is the beginning of activities that will bother you big time in the future.

The cyberspace is like a dope that is capable of psychoactive effects. A proactive thinking and approach will take you ahead of the people on the other end.

Take the time to ponder over the incidents and respond wisely is all we have to say!

Monday, September 07, 2015 Khyati Jain

top-cyber-attacks-1
If you believe that your organization is not at real risk of cyber attack, then you are absolutely wrong.

Incidents of massive data breaches, advanced cyber attacks coming from China, groups like Syrian Electronic Army, Hacking Point of Sale machines at retailers such as Target have splashed across the news in the last one year.

Whether a Government Agency or Private Company, Small or a Large Tech Company....

...It’s no secret that No one is Immune to Cyber Attacks.

This article is the first in a two-part series from The Hacker News, listing first four out of  Top 7 Brutal Cyber Attacks.

And here we go...

#1 "Hacking Team" Data Breach


Hacking Team, the controversial spyware company, recently been hacked by some unidentified hackers that exposed over 400 gigabytes of its internal sensitive data on the Internet.

Milan (Italy) based IT firm ‘Hacking Team’ sells intrusion and surveillance software solutions to Governments and Law Enforcement agencies worldwide.

Hacking Team is infamous for its commercial surveillance tool named as Remote Control System (RCS), which is capable of spying activities and remotely accessing target system’s microphone and camera.

However, sometimes even Hackers get Hacked! So same happened with Hacking Team when hackers not only defaced Hacking Team’s own Twitter account but also leaked:
  • Executive Emails
  • Source codes for Hacking and Spyware Tools
  • Zero-day exploits, including for Flash, Internet Explorer
  • Government client list with date of purchase and amount paid
…Marking the attack as one of the biggest cyber attacks on any Company.

One of the aspects of the data breach showed the lack of protection implementations within the organization and using weak passwords.

#2 Ashley Madison Data Breach


TIP: No website can guarantee privacy of your identity, Credit card details, personal photos or any other information. [Read more]

Two months ago, Toronto-based Ashley Madison website, popular as an online Married Dating portal for extramarital affairs with the tagline "Life is Short. Have an Affair," was hacked by ‘The Impact Team’.

Hackers allegedly gained access to millions of its customers information database and posted 10GB of personal data for its tens of Millions of customers, including their names and email addresses.

Frequently followed by another leak, where hackers released another 20GB of company's internal data, including personal e-mails from the CEO of Ashley Madison parent company Avid Life, Noel Biderman, along with the source code for its website and mobile apps.

The breach came just two months after an attack on another scandalous site, Adult Friend Finder where again millions of people’s very personal data were left exposed on the Internet.

The Ashley Madison and Adult Friend Finder hacking cases raise serious questions about what these dating websites are doing to ensure the security of their users' personal information.

#3 The Sony Pictures Hack


Remember last year when you were able to download and watch unreleased movies of Sony Pictures Entertainment?

Annie, Mr. Turner, Still Alice, To Write Love On Her Arms, and Brad Pitt's "Fury”...

...were leaked online on torrent websites, following a massive cyber attack on Sony Pictures last year by the Guardians of Peace (GOP) hacking group.

The hack wasn’t limited to unreleased movies — the unknown hackers leaked about 200 gigabytes of confidential data belonging to Sony Pictures from movie scripts to sensitive employees data, celebrity's' phone numbers and their travel aliases, making it the most severe hack in the History.

The massive cyber attack on the company was in response to the release of "The Interview" — a controversial North Korean-baiting film, where hackers threatened 9/11 Type attack at Theaters showing this movie.

As a result, Sony had to shut down its services for weeks. However, it struggled to solve the issue by pulling “The Interview” from theaters and eventually putting it up on Netflix.

But, things have not changed much for Sony. This was the second time Sony was targeted, and the intensity of the attack was such that even after taking the best measures, a subsequent amount of the company’s data was leaked to WikiLeaks.

#4 'Fappening' and 'Snappening'


When a surge of Nude Photos of Celebrities were leaked and went viral in August of 2014, the Internet had a meltdown.

Unknown Hacker was able to break into third-party applications connected to services like Facebook, Twitter, Instagram and Apple’s iCloud that led to a major incident known as “The Fappening”.

The Fappening mainly attacked female celebrities and leaked very private photographs of them, including Jennifer Lawrence, Kim Kardashian, Kirsten Dunst, Avril Lavigne and many others.

Within a month of “The Fappening,” another similar incident called “The Snappening” happened that leaked more than 100,000 nude videos and images of the Snapchat users.

In The Fappening, the Naked Pictures were allegedly retrieved due to a “brute force” security flaw in Apple’s iCloud file storage service. However, Apple denied it.

In case of The Snappening, Snapchat’s servers were not breached. Instead, the nude pictures of users were compromised due to third-party apps used to send and receive Snaps.

However, both the incidents marked as the biggest hacks of one of its kind.

Friday, July 24, 2015 Swati Khandelwal

smartwatches-security
Do you own a Smartwatch? If yes, then how safe it is? There are almost 100 percent chances that you own a vulnerable Smartwatch.

Computer manufacturer Hewlett-Packard is warning users of smartwatches including Apple Watch and Samsung Gear that their wearable devices are vulnerable to cyber attacks.

In a study, HP's Fortify tested today's top 10 smartwatches for security features, such as basic data encryption, password protection and privacy concerns.

The most shocking part of the study was that – 

Not even a Single Smartwatch Found to be 100 percent Safe


Security experts found that 100 percent of wearable devices contained at least one serious security vulnerability that could make the devices vulnerable to hackers.

With the increase in the adoption of smartwatches, manufacturers need to pay closer attention to the customers' security because these wearable devices could potentially open doors to new threats to personal and sensitive information.
"As the adoption of Smartwatches accelerates, the platform will become vastly more attractive to those who would abuse that access, making it critical that we take precautions when transmitting personal data or connecting Smartwatches into corporate networks," Jason Schmitt, general manager at HP's Security Fortify said in a statement.
The study [PDF], no doubt, had included Smart watches by Apple, Pebble, Samsung and Sony, as it claims to have picked top 10 smartwatches.

Here's the list of issues reported by HP:


1. Lack of transport encryption – Though all products implemented transport encryption using SSL/TLS, 40 percent of devices found to be either vulnerable to the POODLE attack, allowing the use of weak cyphers, or still using SSL v2.

2. Insecure Interfaces – Three out of ten smartwatches used cloud-based web interfaces and all of them were vulnerable to account harvesting. This allowed unlimited login attempts, helping hackers guess passwords.

3. Insufficient User Authentication/Authorization – Three out of ten smartwatches completely failed to offer Two-Factor authentication, or the ability to lock accounts after 3 to 5 failed password attempts.

4. Insecure Software/Firmware – 7 out of 10 smartwatches had issues with firmware updates. The wearable devices, including smartwatches, often did not receive encrypted firmware updates, but many updates were signed to help prevent malicious firmware updates from being installed. While a lack of encryption did not allow the files to be downloaded and analyzed.

5. Privacy Concerns – Smartwatches also demonstrate a risk to personal security as well as privacy. All the tested devices collected some form of personal information, including username, address, date of birth, gender, heart rate, weight and other health information.

The experts said it would not disclose the names of smartphone manufacturers whose watches they had tested, but they are working with vendors to "build security into their products before they put them out to market."

Meanwhile, HP urges users to not connect their smartwatches to the sensitive access control functions like cars or homes unless strong authorization is offered.

Friday, June 19, 2015 Wang Wei

This Simple Trick Requires Only Your Phone Number to Hack your Email Account
We all have been receiving spam phone calls and messages on almost daily basis from scammers who want to pilfer your money and personal information, but a new type of social engineering hack that makes use of just your mobile number to trick you is a little scarier.

Security firm Symantec is warning people about a new password recovery scam that tricks users into handing over their webmail account access to the attackers.

In order to get into your email account, an attacker does not need any coding or technical skills. All an attacker needs your email address in question and your cell phone number.

Since the process to reset the password is almost similar to all mail services, this new password recovery scam affects all popular webmail services including Gmail, Yahoo, and Outlook among others.

Symantec has provided a video explanation of how this new hack attack works. The trick is as simple as it sounds: if you want to reset someone’s email account password, all you actually need is their mobile number.

Here's How the Scam Works:


Send a text from an unknown number to the victim’s phone, asking them to verify their account by replying with the verification code they are about to receive in order to ensure their Google account is secure, but in real the code is a password resets code.
  • Send another text message containing an unlock code to the registered phone.
  • The victim receives the code with a text something like this: "This is Google. There has been unauthorized activity on your account. Please reply with your verification code."
how-to-hack-email-account
  • As soon as victim responds with the verification code, the email address is forfeited, and the attacker can log into victim’s Gmail account without detection.
This social engineering trick sounds so easy and requires almost no technical skills to get into anyone’s email account.

Most of us reply to the unknown phone calls and messages thinking it is from the company, as receiving messages and phone calls from companies is not something uncommon.

Always be Defensive to such Scams


Before watching the video, someone would have never thought of such a method to hack someone’s account.

Of course, the untrained mind could easily fall victim to the text asking for a response. But, as Symantec says, "Legitimate messages from password recovery services will only tell you the verification code and will not ask you to respond in any way."

The workaround is not to fall victim for such kinds of scams and always examine the messages you receive.

Thursday, January 16, 2014 Wang Wei

Rakabulle, Advance File Binder from DarkComet RAT Developer
I hope you all still remember the famous and powerful Remote Administration Tool (RAT) called 'Dark Comet', developed by a French computer geek 'Jean-Pierre Lesueur', also known as 'DarkCoderSc'.

However, He had closed the Dark Comet project, when the Syrian government found to be using it to track down and to spy on their people. After that DarkCoderSc started working under a new banner 'Phrozen Software' to develop many new security softwares and penetration testing tools.

Just yesterday, Jean-Pierre and his team-mate Fabio Pinto from French University, have released a new tool called 'Rakabulle', a file binder with some cool features for penetration testers and malware researchers.

File binder is an application that allows a user to bind multiple files together, resulting in a single executable file. When you execute that single application, all previous merged files will be extracted to a temporary location, and will be executed normally.
"The builder Rakabulle application will create a stub and inject in its resource the target files to extract and execute. The stub is the little generate part of the program which is designed to extract from its resource the target files to a temporary location and execute. In our application the stub also got a part to inject in Explorer or Internet Explorer process and load custom made plugins.
Video Demo:
Listed features are:
  • File binder, auto file extractor and executor.
  • REM (Remote Code Execution), Execute code (Plugins) in target process (Explorer or Internet Explorer)
  • Support 32 and 64 Process.
  • The application is a 32bit Application (Soon we will compile the 64bit version)
  • Support UPX compression for the stub (Without compression stub size is about 38KiB using pure Windows API no extra libraries; with compression stub size is approximately 16KiB) The UPX compression doesn’t change the way the application work only the final size.
  • Support Windows startup.
  • Doesn’t require administrative privileges.
  • Plugins and File list support drag and drop.
  • Support plugins with an open source example.
  • The stub and the builder are coded using Unicode encoding.
The file binder application is available for Free to download from Rakabulle website.

Sunday, November 03, 2013 Mohit Kumar

There's an extraordinary malware making rock-n-roll over the Internet and if you are one of the unlucky folks to cross its path, then it could make your computer unusable and you have to pay a few hundred Dollars to retrieve your important data back.

We have warned our readers in many previous articles about a nasty piece of Ransomware malware called 'CryptoLocker', which is targeting computers running the Microsoft Windows operating system.

The CryptoLocker Ransomware encrypts the files on a victim’s computer and issues an ultimatum - Pay up or lose your data. Users who are getting infected with CryptoLocker can see a message informing them that their computer is locked up and their files encrypted. It then asks them to make a ransom payment, which typically ranges between $100 and $700 or 2 Bitcoins, to get their files back.

Just yesterday I noticed on a forum that the criminals behind the CryptoLocker malware has recently launched a dedicated CryptoLocker decryption service website that allows victims to purchase the decryption key for their infected encrypted files.

Interestingly, Malware inside the system is asking for only 2 Bitcoins ($450 USD) for the decryption keys, whereas the newly launched service price has been significantly increased 10 Bitcoins i.e. Approx $2,100 USD.

Service is available on the website http://yocmvpiarwmfgyg.net/ or http://93.189.44.187/ (Russia based hosting server) and also accessible through the Tor network http://f2d2v7soksbskekh.onion/

Why Hackers has launched the Decryption Service ?
Currently almost all antivirus companies are on Red alert about CryptoLocker malware and they have released updates for their users, that can detect and remove the infection or the registry keys from the system which is actually required to pay the ransom and decryption process. So if malware will get deleted, neither victim will get the decryption keys ever, neither criminal will get paid for it.

So the criminal actors behind the CryptoLocker malware has launched the decryption service website, which is designed to look like a customer support site for victims.

CryptoLocker Ransomware Decryption Service

How the Decryption Service works ?
The victim can upload one of its encrypted files on the service website, which will generate an order number. After uploading, a further order status page will display the date-time of infection and victim's public key.

It will then prompt the user to purchase the private key by paying 10 Bitcoins or approximately $2,200 USD. Once a payment is made, just after the confirmation, the website will allow the user to download a decryption private key and a decrypter tool. Which can be used to decrypt all CryptoLocker encrypted files on the system.

Another interesting fact about the service website is that, if the user has already paid the ransom amount, they will provide the private key and decrypter free of cost.

CryptoLocker Ransomware, A Global threat
CryptoLocker infections were found across different regions, including Europe Middle East, North America and Asia Pacific. Almost 64% victims are from the US.

There are different ways an individual or an organization can handle the CryptoLocker threat. Unfortunately, there is no known tool to decrypt the files encrypted by CryptoLocker, so always take Backup of important Files. Always ensure your system softwares and Antivirus product is up-to-date.

Antivirus firm Bitdefender has just released a tool to protect your files from CryptoLocker. You can Download Anti-CryptoLocker here.

Wednesday, September 18, 2013 Anonymous

All supported versions of Internet Explorer are vulnerable to a zero-day Exploit that is currently being exploited in targeted attacks against IE 8 and IE 9, dubbed "CVE-2013-3893 MSHTML Shim Workaround".

Microsoft confirmed that the flaw was unknown before the attacks and that it is already working on an official patch, meantime Microsoft released an emergency software fix for Internet Explorer (IE) Web browser.

Advisory noted that Microsoft is investigating public reports of a remote code execution vulnerability in Internet Explorer.

This issue could allow remote code execution if an affected system browses to a website containing malicious content directed towards the specific browser type. Victims could be infected despite the adoption of all necessary countermeasures due the nature of the flaw previously unknown.

The flaw that has been recently targeted by hackers during attacks is considerable serious and complicated to fix. State-sponsored hacking groups are often willing to pay hundreds of thousands of dollars for zero-day vulnerabilities in widely used software such as Internet Explorer.

In the specific case if the attacker successfully exploited the zero-day vulnerability could gain the same user rights as the current user, due this reason MS confirmed that whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Microsoft's advisory also says that EMET (the Enhanced Mitigation Experience Toolkit) may be used to mitigate against the vulnerability.

Wednesday, August 21, 2013 Mohit Kumar

The Palestinian hacker 'Khalil Shreateh', who broke into the Mark Zuckerberg's Facebook Timeline to expose a security lapse will be awarded nearly $12,000 but not from Facebook, it will come from an online crowdsourced campaign.
The hacker initially used Facebook's whitehat disclosure program, a service that rewards bug hunters for reporting vulnerabilities, to inform the company about the issue. Facebook refused to pay him for finding the bug since he used it to post on Mark Zuckerberg's wall, because Facebook had ignored his earlier warnings. The exploit allows users to post to other Facebook user's timeline while they are not in friend list.

Marc Maiffret, CTO of BeyondTrust, has kicked off a crowd-sourced funding to come up with a reward for Khalil Shreateh, and the results have already been impressive.

'Khalil Shreateh found a vulnerability in Facebook.com and, due to miscommunication, was not awarded a bounty for his work,' Maiffret wrote on the GoFundMe campaign page. 'Let us all send a message to security researchers across the world and say that we appreciate the efforts they make for the good of everyone.'

"He is sitting there in Palestine doing this research on a five-year-old laptop that looks like it is half broken," Maiffret said. "It's something that might help him out in a big way."

Facebook has a bounty program where it pays people to report bugs instead of using them maliciously. "We will not change our practice of refusing to pay rewards to researchers who have tested vulnerabilities against real users," Chief Security Officer Joe Sullivan said. Shreateh has said he is not too disappointed by the response as he has now been inundated with job offers.

Newsletter Subscription

Subscribe to our newsletter and get all latest hacking news, free eBooks delivered to your inbox.

Join Over 450,000 Subscribers!