The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

A Chinese malware campaign called ' Beebus ' specifically targeting the aerospace and defense industries has been uncovered by FireEye security researchers. Beebus is designed to steal information, and begins its infiltration, as so many attacks do, with spear-phishing emails. Operation Beebus very related to Operation Shady RAT and was first detected in April 2011. The attacks carried out by  spear phishing attack and drive-by downloads as a means of infecting end users. malicious Whitepapers or PDFs were mailed to targets and by using known flaws, malware was able install Trojan backdoors on vulnerable systems. The malware communicates with a remote command and control (CnC) server. FireEye discovered the attacks on some of its customers in the aerospace and defence last March and the Vulnerability in the Windows OS known as DLL search order hijacking was used to drops a DLL called ntshrui.DLL in the C:\Windows directory.  It has modules ...

A Trojan that attacks Russian Internet users using a new trick to spread itself. Known as " Bicololo " was first discovered in October 2012 and specially designed to steal login credentials from users.  For this, the malware modify the system Hosts file (i.e etc/hosts) to host perfect phishing sites via DNS poisoning to collect social networking and email credentials. In a recent post from Avast antivirus,  Bicololo  continued to evolve and spread even further. Because it is difficult for a user to determine that he is redirected to a phishing site the attack going smoothly. In Oct, They found that all these phishing sites were resolving via servers located at 69.197.136.99, 94.249.188.224 and 178.63.214.97, 94.249.189.21 , which originally were hosted on afraid.org servers. But now this malware spreading via standard 404 Error webpage error of hacked sites. The most frequent phishing clones of vk.com , odnokl...

A Dutch hacker was sentenced to 12 years in a US prison on Friday for trafficking over 100,000 credit card numbers stolen in a computer hacking conspiracy. David Benjamin Schrooten , 22,  known as “Fortezza” in the hacker world, pleaded guilty in November to criminal charges related to hacking, bank fraud, and identity theft, according to Western District of Washington US Attorney Jenny Durkan. At sentencing U.S. District Judge Ricardo S. Martinez asked him, “ I don’t think you would ever consider walking into someone’s home, pulling out a gun and robbing them… Did it ever occur to you that you were doing that to all your victims? ” Investigators estimate that tens of thousands of people were affected. The damage amounted to more than 63 million dollars. He is Sentenced to 12 years in prison for a computer hacking and credit card fraud scheme that victimized people around the world. A California man is set to go on trial by the middle of the year for his purp...

The Computer networks of Energy Department were attacked by unknown hackers in a major cyber attack two weeks ago and personal information on several hundred employees was compromised. The Washington Free Beacon reports that, FBI agents are investigating the attacks and 14 computer servers and 20 workstations reportedly were penetrated during the attack. Officials are working to determine the exact nature of the attack and the extent of potential damage. " They believe the sophisticated penetration attack was not limited to stealing personal information. There are indications the attackers had other motives, possibly including plans to gain future access to classified and other sensitive information ." The security breach resulted in the unauthorized disclosure of employee and contractor Personally Identifiable Information (PII) of several hundred people. Department is in the process of notifying employees whose information was stolen. However, Chinese ...

PKNIC, The Pakistan domain registrar of .com.pk, .pk, org.pk and others domains has been reportedly hacked again yesterday. A hackers group named PakBugs has claimed that they have successfully penetrated PKNIC servers and gained control of around 23,000 domains which included some of the most popular pakistani media websites also. This is not the first time that PKNIC servers have been compromised. Earlier a Turkish hacker successfully managed to penetrate PKNIC servers and redirected 284 .pk domains. Hacker redirect / deface many websites by changing the DNS records (DNS spoofing) of the websites which are maintained by PKNIC. However, it took the hacker 5 hour to submit all his defacement’s on zone-h to make mirror’s.