The Hacker News Logo
Subscribe to Newsletter

The Hacker News — Cyber Security and Hacking News Website: free hosting

Peru Domains Registrar hacked and 207116 Domain panel credentials leaked

Peru Domains Registrar hacked and 207116 Domain panel credentials leaked

October 20, 2012Mohit Kumar
A huge hack carried out today ! One of the biggest Peru Domain registrar company (punto.pe) hacked by Lulzsecperu (declared by a tweet ) and Complete database of 207116 websites has been leaked on internet.  Leaked database include Domain panel username, encrypted password, Company descriptions. Hacked domains include all .PU domains ie. Banks , Institutes, computer security companies, corporates, colleges, government, personal websites. " We clarify that we have no malicious purposes, only prove that the security of PERU is bad and should be corrected. Greetings to the computer crimes division of the National Police of Peru from March 2012 is nil activity and fail or be close to where we are now ASBANC for trying. " Hacker said in an statement . He upload the database here :  https://anonfiles.com/file/e14504f5033d2a53457af667b686340f Password for file: lulzsecperu 2-3 Hours after  Lulzsecperu hack,  another hacker " @passfile " come up w
Swedish authorities raid on PRQ prompts new cyber attack from Anonymous

Swedish authorities raid on PRQ prompts new cyber attack from Anonymous

October 03, 2012Mohit Kumar
Computer hackers claiming to be from the Anonymous network took over the official website of Sweden's National Board of Health and Welfare. The attacks come just days after police on Monday raided a Stockholm-based webhosting company, PRQ, and a video was posted on YouTube - allegedly made on behalf of the hacker group Anonymous - warning Swedish authorities of repercussions. Hacktivist network Anonymous has warned that Sweden’s Riksbank will suffer a cyber-attack on Wednesday night.  “ It’s come to our attention that Swedish government raided PRQ servers in order to shut down numerous file sharing and torrent websites ,” “ This has gone too far. This is unacceptable. Anonymous says this stops right now. You don’t fuck with The Internet… Today we hit their wallets hard. ”  wrote the Anonymous group on 4chan. The Riksbank is taking the threat seriously: “ We recognize this as a public threat against websites and we are always trying to keep the web as safe as possible. We have
Ankit Fadia site again Hacked and Suspended by Hosting provider

Ankit Fadia site again Hacked and Suspended by Hosting provider

September 11, 2012Mohit Kumar
Another Funny news, today India’s most popular but Self Claimed Hacker - Ankit Fadia's website just got hacked by a 17 Year old kid Kul Verma. His official Website http://ankitfadia.in/ got hacked and seems like his Hosting Provider has suspended his website on noticing something not correct with his site. Hacker hacked by a kid, this Questions the capability of Mr. Ankit Fadia once again. We all know that, its not the 1st time Fadia's Website got hacked. In past several young hackers claim to hack and deface his Website. Hacker claim the responsibility on the Facebook Fanpage , says “ 17 years old.Love to Hack ” and statement “ Come Catch if You Can ”. If you want to see deface page, please have a look to the Mirror link .
Anonymous Hacker take down GoDaddy with IRC Bots

Anonymous Hacker take down GoDaddy with IRC Bots

September 11, 2012Mohit Kumar
GoDaddy.com, which hosts millions of websites mostly for small businesses, said Monday it was investigating an outage that had knocked some of its customers offline. A hacker using the " Anonymous Own3r " Twitter account claimed credit for the outage, " Hello http://godaddy.com/ now yes! all servers #tangodown by @AnonymousOwn3r ," a tweet said. We talk with  Anonymous Own3r to find out the way he used to take down this giant server. Hacker said," I am using thousand of Hacked server as bots to perform the attack. Sending dos attack commands using IRC  to all of them together. I just upload IRC connect on each server to control my every slave by commands ." On further talk, we came to know that he use  DDOS IRC Bot script , available on Pastebin . Its really easy to use, hack randomly hundreds of Servers online and upload your Script. Now just via IRC you can control your slaves to perform a huge DDOS attack. Email services from the company, and GoDaddy
FireEye spotted Critical 0-day vulnerability in Java Runtime Environment

FireEye spotted Critical 0-day vulnerability in Java Runtime Environment

August 27, 2012Mohit Kumar
FireEye's Malware Intelligence Lab is making the claim that there is a new zero day vulnerability in the wild that affects the latest version of Java.Researcher. Atif Mushtaq wrote on the company's blog that he spotted the initial exploit on a domain that pointed to an IP address in China. The vulnerability allows computers to be infected by simply visiting a specially crafted web page, and the malware served in the current attacks contacts a C&C server in Singapore. Researchers from heise Security have also created a PoC page using information that is publicly available. A separate post published on Monday by researchers Andre M. DiMino and Mila Parkour said the number of attacks, which appear to install the Poison Ivy Remote Access Trojan, were low. But they went on to note that the typical delay in issuing Java patches, combined with the circulation of exploit code, meant it was only a matter of time until the vulnerability is exploited more widely by other attackers.
Cortana scripting language introduced for Cobalt Strike and Armitage

Cortana scripting language introduced for Cobalt Strike and Armitage

August 07, 2012Mohit Kumar
At DEFCON 20, Raphael Mudge the developer of Armitage released the most significant update to Armitage. Armitage is now fully scriptable and capable of hosting bots in acollaborative hacking engagement. Raphael Mudge is the founder of Strategic Cyber LLC, a Washington, DC based company that creates software for red teams. He created Armitage for Metasploit, the Sleep programming language, and the IRC client jIRCii. Previously, Raphael worked as a security researcher for the US Air Force, a penetration tester, and he even invented a grammar checker that was sold to Automattic.  Raphael talk about Cortana scripting language for Cobalt Strike and Armitage. Cortana allows you to write scripts that automate red team tasks and extend Armitage and Cobalt Strike with new features. This technology was funded byDARPA's Cyber Fast Track program and it's now open source . Armitage a red team collaboration tool built on the Metasploit Framework. Cobalt Strike is Armitage’s commercial b
Android Forums hacked, User Credentials Stolen

Android Forums hacked, User Credentials Stolen

July 12, 2012Mohit Kumar
Phandroid's Android Forums Web site is hacked and user account details stolen, according to a notice posted online. The data includes the user names, e-mail addresses, hashed passwords, and registration IP addresses of the forums' more than 1 million users. If you are one of them, you should change your password: go to your UserCP or use the Forgot your password? . Furthermore, if you use the same e-mail address and password combination elsewhere, you should change it there as well. " I have some unfortunate news to pass along ," the post reads. " Yesterday I was informed by our sever/developer team that the server hosting Androidforums.com was compromised and the website's database was accessed. While the breach is most likely harmless, there are important and potential pitfalls, and we want to provide as much helpful information to our users as possible (without getting too technical). " Phandroid will continue to investigate what happened. The ex
Plesk Zero Day Exploit in the Wild, Thousands of sites got Hacked

Plesk Zero Day Exploit in the Wild, Thousands of sites got Hacked

July 10, 2012Mohit Kumar
Sucuri Malware Labs notify that some zero-day exploits are available to Hackers which are being used to Hack into Parallels’ Plesk Panel (Port Number 8443). These attacks was keep on raising from last few months as you can see in the Graph: At least 4000 new websites were infected each day, Sucuri malware researcher Daniel Cid. On other News Portals , there was a news recently that Some 50,000 websites have been compromised as part of a sustained iframe injection attack campaign. Security analyst found that, The majority of the sites being targeted are running Plesk Panel version 10.4.4 or older versions. Brian Krebs on his blog report that Hackers in the criminal underground are selling an exploit that extracts the master password needed to control Parallels’ Plesk Panel. This zero-day exploit for Plesk is being sold on the black market for around $8,000 per purchase. Many of the queries probed for web hosting software Plesk, a finding backed by the Sans Internet Storms Centr
20-year-old Anonymous Hacker arrested by Bulgarian Police

20-year-old Anonymous Hacker arrested by Bulgarian Police

June 22, 2012Mohit Kumar
20-year-old Anonymous Hacker arrested by Bulgarian Police Bulgarian police authorities have arrested an alleged member of the loosely associated Anonymous hacktivist group. The 20-year-old suspect has allegedly attacked the website of Prophon, a Bulgarian music licensing company. The reason - Mitko was against paying for music and movies, like to draw at will from the network. The attack he made on February 5, 2012 as able to penetrate into account the site administrator. Following the intervention of Mitko, entering the address www.prophon.org is appeared a message that "Anonymous" seize the site. " PROPHON Hello, We are Anonymous. We learned that you are greedy and another 12 organizations have signed an open letter in support of the so-called. Agreement ACTA. This is unacceptable and this angered us. You are first, not last. This should be a lesson to all who support ACTA. We are Anonymous. We are legion. We do not forgive. We will not forget. Expect us , "the
Trojan.Milicenso Print Bomb - Printer Trojan cause massive printing

Trojan.Milicenso Print Bomb - Printer Trojan cause massive printing

June 22, 2012Mohit Kumar
Trojan.Milicenso - Printer Trojan cause massive printing A Trojan that sends printers crazy, making them print pages of garbled nonsense until all the paper has been used up, has seen a spike in activity.Symantec detected the Trojan.Milicenso across various countries, but the worst hit regions were the US and India followed by regions in South America and Europe, including the UK. According to a blog post published Thursday by researchers from antivirus provider Symantec, Dubbed “ Trojan.Milicenso ” it has been described by security researchers as a malware delivery vehicle ”for hire” through its repeated use since it was first discovered in 2010. The Milicenso Trojan is actually a backdoor that is used to deliver other malware on the affected machines. The infection vectors are links and malicious attachments in unsolicited emails, as well as websites hosting malicious scripts that trigger the download of the Trojan. “ Depending on the configuration, any files, including binary
Human Rights organisation website Serves Gh0st RAT Trojan

Human Rights organisation website Serves Gh0st RAT Trojan

May 11, 2012Mohit Kumar
Human Rights organisation website Serves Gh0st RAT Trojan According to the company’s Security Labs blog , Amnesty International’s United Kingdom website was compromised and hosting the potent Gh0st RAT Trojan earlier this week. Malicious Java code was planted on the site in a bid to push the Gh0st RAT Trojan onto vulnerable Windows machines. If successful, the attack plants malware onto machines that is capable of extracting the user's files, email, passwords and other sensitive personal information. The vulnerability for the infection stemmed from a popular Java exploit, CVE-2012-050. Hackers exploited that hole and used it to inject the Amnesty International site’s script with malicious code. The Java hole was the same used by Flashback, the much buzzed-about Mac OS X Trojan in recent months. The exploit code used in this attack appears to have been copied from Metasploit, an open source penetration testing framework popular among security professionals, Giuliani said. The i
Google Sent Hacked Notification Messages to Millions of Webmasters

Google Sent Hacked Notification Messages to Millions of Webmasters

April 18, 2012Mohit Kumar
Google Sent Hacked Notification Messages to Millions of Webmasters Google’s head of the webspam team, Matt Cutts, announced on Twitter that they have sent out new message notifications to 20,000 web sites that are hacked. Specifically, Google sent these messages to sites doing “ weird redirects .” Weird redirects means the hack is where the hacker gains access to your HTACCESS and only redirects users who click from Google to your web site. Otherwise, if they type in the domain name directly, there will be no redirect. A year ago, Google began labeling hacked sites and sites with malware as sites that may compromised in the search results snippets. If a site has been hacked, it typically means that a third party has taken control of the site without the owner's permission, Hackers may change the content of a page, add new links on a page, or add new pages to the site. The intent can include Phishing to tricking users into sharing personal and credit card information or spam
Anonymous vs Britain's Home Office - Operation Trial At Home

Anonymous vs Britain's Home Office - Operation Trial At Home

April 09, 2012Mohit Kumar
Anonymous vs Britain's Home Office - Operation Trial At Home As announced during last days Anonymous has launched a Distributed Denial of Service (DDoS) against several UK government websites. A massive recruiting campaign is started on social media, a call to arm to protest the extradition of U.K. citizens to the United States. The Operation named “ Operation Trial At Home ,” fight the European Arrest Warrant (EAW) that could lead to the extradition of three accused criminals by the U.K.’s Home Office, the government department responsible for domestic security. Anonymous has provided Home Office’s IP address in its announcement to the supporters, Scheduling for April 7 the a DDoS ( with denial-of-service) attacks against the Home Office’s website. During the week I wrote and article on the intent of the famous group of hacktivist and on the possible reasons of the action. The attacks have mainly two motives: to protest against the extradition of Gary McKinnon, Christopher H
#OpTrialAtHome : Anonymous Plans 7 April Attack on British government

#OpTrialAtHome : Anonymous Plans 7 April Attack on British government

April 06, 2012Mohit Kumar
Anonymous Plans 7 April Attack on British government UK hackers linked to the Anonymous group are encouraging supporters to attack the Home Office website this Saturday (7 April) in protest at the extradition of three UK citizens to the US. Called #OpTrialAtHome , the hacktivist group @AnonOpUK posted a warning on its Twitter page that an attack on the Home Office was planned for Saturday, 7 April. An associated photo/poster shows images of Gary McKinnon, Richard O’Dwyer and Christopher Tappin. McKinnon and O’Dwyer are awaiting extradition from the UK to the US. Tappin’s extradition was effected on 24 February when he was flown to El Paso, Texas. Supporters have been encouraged to launch denial-of-service attacks on the Home Office's IP address, which Anonymous has revealed. Those not savvy enough to launch automated attacks on the site could contribute to the effect by simply visiting the site in large numbers. Julian Assange, the editor-in-chief and founder of WikiLeaks,
The Pirate Bay plans Low Orbit Server Drones to beat #Censorship

The Pirate Bay plans Low Orbit Server Drones to beat #Censorship

March 20, 2012Mohit Kumar
The Pirate Bay plans Low Orbit Server Drones to beat Censorship One of the world's largest BitTorrent sites " The Pirate Bay " is going to put servers on GPS-controlled aircraft drones in order to evade authorities who are looking to shut the site down. In a Sunday blog post, The Pirate Bay announced new " Low Orbit Server Stations " that will house the site's servers and files on unmanned, GPS-controlled, aircraft drones. TPB said: With the development of GPS controlled drones, far-reaching cheap radio equipment and tiny new computers like the Raspberry Pi, we’re going to experiment with sending out some small drones that will float some kilometers up in the air. This way our machines will have to be shut down with aeroplanes in order to shut down the system. A real act of war. We’re just starting so we haven’t figured everything out yet. But we can’t limit ourselves to hosting things just on land anymore. These Low Orbit Server Stations (LOSS) are jus
Security holes in Android with apps Advertisements

Security holes in Android with apps Advertisements

March 19, 2012Mohit Kumar
Security holes in Android with apps Advertisements Researchers at North Carolina State University have found privacy and security holes in Android apps because of in-application advertisements. They study the popular Android platform and collect 100,000 apps from the official Android Market in March-May, 2011 and Then they identify the possible 52.1% apps using Advertisements and further developa system called AdRisk to systematically identify potentialrisks. They explain that most of the ad libraries collect private information, some ofthem may be used for legitimate targeting purposes (i.e., the user’slocation) while others are hard to justify by invasively collectingthe information such as the user’s call logs, phone number, browserbookmarks, or even the list of installed apps on the phone. The researchers wrote in a paper to be presented at the 5th ACM Conference on Security and Privacy in Wireless and Mobile Networks in Tucson on April 17th, [ Read Here ] As one host app may
Role of free Hosting in Cyber Crime

Role of free Hosting in Cyber Crime

March 14, 2012Mohit Kumar
Role of free Hosting in Cyber Crime Zscaler experts notice that free hosting and DNS providers abused for hosting Phishing Pages, Spamming, Botnets or Malwares. Many free hosted sites considered as spam. They list " x90x.net " Free hosting Provider which used to host many Facebook Phishing sites. Like Other Blacklisted serviecs ( co.cc, pastehtml.com ) this free hosting can also be blacklisted by Google or Browsers soon.  Few Phishing Pages hosted on x90.net: faceb000k.x90x.net jebemtakra-pisdfa-asdasdsds-ddfs.x90x.net mesnaindustrija-goranovic-m-e-s-n-a.x90x.net dft3.x90x.net/fbcd.html d3xt0pcr3w.x90x.net When you’re on a shared server it’s important to find out if anyone else on your server has been blacklisted for spamming. Why? Because on a shared server you’re IP address and their IP address will be the same, and it does not matter if your domain name is different, you’ll still be blacklisted along with every other person on that server. Not Even this , Due t
ServerPro Web Hosting Defaced by Team L0g!cs

ServerPro Web Hosting Defaced by Team L0g!cs

March 13, 2012Mohit Kumar
ServerPro Web Hosting Defaced by Team L0g!cs Web hosting provider ServerPro has been compromised and completely defaced by hacking group named " Team L0g!cs ". ServerPro boasts to have over 200,000 clients over a 10 year stand. Shown Defacement page that showcases information about the hack and the group behind the attack, along with some nice ambient music. The attackers were even nice enough to leave behind a contact email in case you have any questions. While writing this Post , Google showing " Warning,  found malware on the site " on the homepage, as shown below: If we Proceed by ignoring the warning, Visitors can see Deface Page still on the page.
Irongeek's Shared hosting MD5 Change Detection Script

Irongeek's Shared hosting MD5 Change Detection Script

February 28, 2012Mohit Kumar
Irongeek 's Shared hosting MD5 Change Detection Script Adrian Crenshaw aka  Irongeek  just release another great tool for web admins that will monitor the files on a website, and report any changed via email. Actually " irongeek.com " was hacked few days back which is hosted on a shared hosting. There is an awesome article posted by him on his blog " How I Got Pwned: Lessons in Ghetto Incident Response ". I think after that  Adrian decide to make a handy tool/script to help web admins so that they can easily monitoring there files on a shared server. This simple shell Script user can run on a shared server. Let suppose once hackers get into your website either by exploiting known vulnerabilities in any of the installed programs OR by getting FTP access to your server, the first thing they usually do is to plant backdoor scripts to log them in again at a later date. They need some executable script on the server to gain access to MySQL passwords, installatio
r00tw0rm leak United Nations Environment Programme database

r00tw0rm leak United Nations Environment Programme database

February 27, 2012Mohit Kumar
r00tw0rm leak United Nations Environment Programme database r00tw0rm group of Hackers hack and leak the complete 82.8 MB database from The united nations environment programme ( UNEP ), which is the voice for the environment in the united nations system. Via a tweet, r00tw0rm shout ," United nations environment programme http://pastebin.com/pXXNv2rH @inj3ct0r @AntiSecOp @sanjar_satsura @Oblivi0u5 @AnonymousIRC @OpCensorThis_ " Hackers leaks data on various file hosting sites such as rapidshare . According to leak, 5 databases and 100's of tables with admin logins and users data.  The united nations environment programme ( UNEP ) website is currently down while writing this post. Other Hacks by r00tw0rm can be seen here .
Exclusive Deals

Get Daily News Updates By Email

Join over 350,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.