The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: investigation

Korean Cyber espionage attack Targets Russia

Korean Cyber espionage attack Targets Russia

December 17, 2012Anonymous
Ask an expert on cyber espionage and he for sure he will speak of China, the most active and advanced country in this sector, this time a clamorous campaign apparently originated from Korea has been discovered. Security company FireEye collected evidences of a cyber espionage campaign, named " Sanny ", attributable to Korea. FireEye hasn't revealed the real origin of the offensive, it's a mystery which Korea is responsible between North or South Korea, but it confirmed that 80% of victims are Russian organizations and companies belonging to space research industry, information, education and telecommunication. According Ali Islam, security researcher at FireEye declared " Though we don't have full concrete evidence, we have identified many indicators leading to Korea as a possible origin of attack."   The following are the indicators we have so far: 1. The SMTP mail server and CnC are in Korea 2. The fonts "Batang" and "KP CheongPong" used in the
Accused UGA Hacker committed suicide

Accused UGA Hacker committed suicide

December 13, 2012Mohit Kumar
A former University of Georgia (UGA) student under investigation for allegedly hacking into the school's computerized personnel records system committed suicide last month. Stell attended classes at UGA between 2005 and 2007. The Data breach was carried out around two months back near 15th October and that may have led to compromised Full names and Social Security numbers, along with additional sensitive data of 8,500 current and former school employees. According to reports , an investigation into the security breach was ongoing when the suspect, Charles Staples Stell , 26, was found dead at his home in Athens on Nov. 7. The UGA Police Department's computer forensics team was investigating the hack. They said, There is no evidence that the compromised data were used to commit additional crimes. The employee files involved in the security breach were found under the control of Stell during the ensuing forensic evaluation of evidence obtained during the course of the investigati
Hackers Hit Former U.S. Military Chief

Hackers Hit Former U.S. Military Chief

December 07, 2012Mohit Kumar
According to reports, the hackers targeted personal computers retired Admiral Mike Mullen , the former chairman of the Joint Chiefs of Staff. The FBI is hunting for foreign hackers. Mullen is currently teaching WWS 318: U.S. Military and National and International Diplomacy and will teach an unnamed graduate seminar in the spring. According to Mullen's aides, however, he did not save or view classified information on his personal computers. Agents from an FBI cyber-security unit contacted Mullen in late October or early November, and asked that he surrender his computers in connection with the ongoing inquiry. Mullen agreed, and in early November at least one FBI agent collected the computers at his office at the U.S. Naval Institute. One official said that evidence gathered by the FBI points to China as the origin of the hacking, and that it appeared the perpetrators were able to access a personal email account of Mullen. Officials said that Mr. Mullen has had acce
Russian Web proxy with backdoors, Distributing malware

Russian Web proxy with backdoors, Distributing malware

October 09, 2012Mohit Kumar
Antivirus company Symantec has detected a malicious campaign in which hackers managed to deceive thousands of people allegedly signed by a paid proxy service. They expose that hundreds of thousands of users signing up for a cheap and supposedly legitimate proxy service have ended up downloading malware and being ensnared into a botnet. Three months ago, Symantec researchers started an investigation into a piece of malware called Backdoor.Proxybox that has been known since 2010, but has shown increasing activity recently. " The malware is Backdoor.Proxybox, and our investigation has revealed an entire black hat operation, giving us interesting information on the operation and size of this botnet, and leading us to information that may identify the actual malware author ," Symantec. The service - ProxyBox - supposedly provides access to its entire list of thousands of proxies for only $40 a month, which is obviously too cheap a price for the provider to break eve
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.