The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: compromised

Take down of fifth most widespread 'Virut Botnet'

Take down of fifth most widespread 'Virut Botnet'

January 19, 2013Mohit Kumar
NASK the domain registrar that operates the " .pl " Polish top-level domain registry has seized multiple domains used for cyber crime activities by spreading Waledac malware distributed by the Virut botnet. According to Poland's Computer Emergency Response Team, Virut was first detected in 2006 and became a serious threat with an estimated size of more than 300,000 compromised computers. NASK said that on Thursday it began assuming control over 23 .pl domains that were being used to operate the Virut network. Virut was responsible for 5.5% of infections in Q3 2012, making it the fifth most widespread threat of the time. They determined that botnet consists of more than 308,000 uniquely compromised machines and that its primary function is to pump out spam and other malicious emails. The most recent take down effort was in December 2012. Unfortunately, the Virut botnet gang managed to get the malicious botnet domain names moved to a new registrar called home.pl quickly.
Hacker leaks Bangladesh Intelligence classified Emails

Hacker leaks Bangladesh Intelligence classified Emails

January 04, 2013Mohit Kumar
Indian hacker, Godzilla once again hit Bangladesh government server . Hacker told us about his latest cyber attack on  Directorate General of Forces Intelligence Bangladesh (DGFI -  www.dgfi.gov.bd ) server . He claimed to back up all confidential mails in the server and list of all their agents around the globe. Hacker taunt Bangladesh govt , " To all stupid Intelligence people of Bangladesh do you know what is security??,  Iam really felling pitty for you." Through a paste  note, hacker leak one sample mail (funny one), which is the conversation between Dewan Mamoon and DGFI Director. Some words from email are, " I love the CIA. I love the DGFI. I love the Bangladesh armed forces. I love America and I love Bangladesh. " and " I know that you are the ones to thank for sponsoring me in Bangladesh and the CIA for sponsoring me in America. " Compromised Intelligence server claimed to be full of sensitive information. In past year, Godzilla h
Child Porn on Indian Government websites

Child Porn on Indian Government websites

December 20, 2012Mohit Kumar
One of the ' The Hacker News ' reader inform us today about porn content on some Indian Government websites. After analyzing such websites, we came across more than 30 sub domains belongs to ' entegramam.gov.in ' . Where ' entegramam' means "My village" and all sub domains of this website are names of the different cities of Kerala state. The websites are in Malayalam language and most of the sites are powered by Joomla and Drupal (older vulnerable versions) with discussion forums on them. On our further analyze we found that time stamp of the Porn articles posted on forum dated back to " 2012/08/30 16:00 ".  That means, Government websites hosting Child Porn content from last four months and authorities or  the moderators of the website are not aware about the issue. On a simple Google search, one can found all such pages : site:gov.in "nude"  for further reports and analyzing. Google also giving notification " This site ma
Detected a malware that steal image files via FTP … Should we be concerned?

Detected a malware that steal image files via FTP … Should we be concerned?

November 09, 2012Anonymous
I have recently found an interesting post of Niranjan Jayanand, a researcher of McAfee and members of Facebook team and customer escalation team. The experts announced that his team has recently detected a Trojan that is able to steal every king of image files form a Windows PC, including a memory dump of the victim machine (.dmp files), and upload them to an FTP server. The activities observed are much suspected, they portend that there is an ongoing attack for cyber espionage or a massive information theft operation by  cyber crime  . This could be just a first stages of the attacks in which information are collected for further and complex initiatives. The stolen image files could be used for blackmailing the victims and demanding a ransom , it's nor first time, let's reminds what happened some months ago when nude pictures of celebrities were stolen. This is not the unique use that I could suppose, images could be also used for other purposes, they could be related to reserved
Peru Domains Registrar hacked and 207116 Domain panel credentials leaked

Peru Domains Registrar hacked and 207116 Domain panel credentials leaked

October 20, 2012Mohit Kumar
A huge hack carried out today ! One of the biggest Peru Domain registrar company (punto.pe) hacked by Lulzsecperu (declared by a tweet ) and Complete database of 207116 websites has been leaked on internet.  Leaked database include Domain panel username, encrypted password, Company descriptions. Hacked domains include all .PU domains ie. Banks , Institutes, computer security companies, corporates, colleges, government, personal websites. " We clarify that we have no malicious purposes, only prove that the security of PERU is bad and should be corrected. Greetings to the computer crimes division of the National Police of Peru from March 2012 is nil activity and fail or be close to where we are now ASBANC for trying. " Hacker said in an statement . He upload the database here :  https://anonfiles.com/file/e14504f5033d2a53457af667b686340f Password for file: lulzsecperu 2-3 Hours after  Lulzsecperu hack,  another hacker " @passfile " come up w
45000 Wordpress blogs hacked on 2nd day of Spam campaign

45000 Wordpress blogs hacked on 2nd day of Spam campaign

October 17, 2012Mohit Kumar
Yesterday I have reported about a huge mysterious hack in wordpress servers, that cause compromise of 15000 wordpress account and hacker managed to post same spam article of " Money making sites " with title - " Im getting paid! " on each blog. We explained how hacker was earning in thousands of dollars by just sharing his Referral link on all these hacked sites. The campaign include some malicious domains where hacker is redirecting all readers and service from a well known email marketing company - Getresponse . Using the same dork -- site:wordpress.com "Im getting paid!" , today we tried to find out number of hacked accounts and once again another shocking number - its 59300 blogs in compromised list on 2nd day of hacking campaign. So many blogs have been compromised without any known method and wordpress team still not in action. As mentioned in last article, yesterday I tried to contact with Getresponse response team whose Email ser
Exclusive Offers

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.