The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

SpyEye Trojan stole $3.2 million from US victims, Android users will be next target ! A Russian cybergang headed by a mysterious ringleader called 'Soldier' were able to steal $3.2 million (£2 million) from US citizens earlier this year using the SpyEye-Zeus data-stealing Trojan, security company Trend Micro has reported and Trusteer reports that an Android variant of Spitmo (SpyEye for mobile) has been discovered. The methodology sounds familiar for those familiar with ZeuS Mitmo and SpyEye Spitmo: infected computers inject a message into targeted netbanks prompting their customers to install software on their phones. Once Spitmo is installed, the SpyEye attacker is able to monitor incoming SMS and to steal MTAN authentication messages. " His botnet was able to compromise approximately 25,394 systems between April 19, 2011 and June 29, 2011. And while nearly all of the victims were located in the US, there were a handful of victims spread across another 90 countries ,"...

GoDaddy websites Compromised with Malware Many sites hosted on GoDaddy shared servers getting compromised today  with a conditional redirection to sokoloperkovuskeci.com .In all 445 cases the .htaccess file (a main Apache web server configuration file) was modified to redirect users to a malware site when they were referred by one of a list of search engines. These redirections attacks are very common on outdated WordPress and Joomla sites, but this time (and for this specific malicious domain), we are only seeing them on GoDaddy hosted sites. So it looks like a compromise on their own servers (similar to what has happened in the past). This is caused by this entry that is added to the .htaccess file of the compromised sites: RewriteEngine On RewriteOptions inherit RewriteCond %{HTTP_REFERER} .*ask.com.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*google.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*msn.com*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*bing.com*$ [NC,OR] RewriteCo...

oclHashcat-plus v0.06 - Worlds fastest md5crypt, phpass, mscash2 and WPA/WPA2 cracker oclHashcat-plus faster than every other WPA cracker. The highly anticipated v0.06 of the Graphics Processing Unit accelerated password cracker tool oclHashcat-plus was released today. What makes it so special about this release is that it now has support for captured Wi-Fi Protected Access handshake cracking on top of all the other algorithms currently supported (MD5, MD5 Crypt, DES Crypt, NTLM, Domain Cached Credentials etc). It cracks WPA at an estimated rate of 0-300% faster than rivals, namely the python WPA cracker pyrit. It is coded in OpenCL so both NVIDIA and AMD devices are supported, however this improvement is more noticeable on AMD GPU devices as well as Multi-GPU system Features Worlds fastest md5crypt, phpass, mscash2 and WPA/WPA2 cracker Worlds first and only GPGPU based rule engine Free Multi-GPU (up to 16 gpus) Multi-Hash (up to 24 million hashes) Multi-OS (Linux & Wind...

WAVSEP   1.0.3 – Web Application Vulnerability Scanner Evaluation Project A vulnerable web application designed to help assessing the features, quality and accuracy of web application vulnerability scanners. This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners. Additional information can be found in the developer's blog . Project WAVSEP currently includes the following test cases: Vulnerabilities: Reflected XSS:   66 test cases, implemented in 64 jsp pages (GET & POST) Error Based SQL Injection: 80 test cases, implemented in 76 jsp pages (GET & POST ) Blind SQL Injection: 46 test cases, implemented in 44 jsp pages (GET & POST ) Time Based SQL Injection: 10 test cases, implemented in 10 jsp pages (GET & POST ) False Positives: 7 different categories of false positive Reflected XSS vulnerabilities (GET & POST ) 10 different categories o...

Balaji Plus Cloud Antivirus  Released - Mix of 32 antivirus Engines for ultra Protection Leo Impact Launch World first Antivirus scanning software which protects your PC from viruses, trojans, spyware, rootkits and other malicious programs (zero day exploits) by using 32+ antivirus on cloud. Most of time you can install and use only 2 to 3 antivirus in one system, not more so virus author bypass top antivirus but Balajiplus is Free service by Leo impact Security for Corporate Social Responsibility to protect your digital life using multiple antivirus scanners on cloud. Collective Intelligence, Balaji Antivirus Plus proprietary cloud-scanning technology that automatically collects and processes millions of malware samples, lies at the core of Balaji Cloud Antivirus. In recent comparative tests conducted by both AV-Test.org and AV-Comparatives.org, Balaji Antivirus Security's detection and protection scores rank consistently amongst the top security solutions. Balajiplus Clou...

THC-HYDRA v7.0 new version released for Download THC-HYDRA is a very fast network logon cracker which support many different services. This tool is a proof of concept code, to give researchers and security consultants the possibility to show how easy it would be to gain unauthorized access from remote to a system. It was tested to compile cleanly on Linux, Windows/Cygwin, Solaris, FreeBSD and OSX. Official change log: New main engine for hydra: better performance, flexibility and stability New option -u – loop around users, not passwords Option -e now also works with -x and -C Added RDP module, domain can be passed as argument Added other_domain option to smb module to test trusted domains Small enhancement for http and http-proxy module for standard ignoring servers Lots of bugfixes, especially with many tasks, multiple targets and restore file Fixes for a few http-form issues Fix smb module NTLM hash use Fixed Firebird module deprecated API call Fixed for dpl4hydra t...

uTorrent & BitTorrent Sites Hacked, Spread Security Shield Malware Attackers hijacked two popular Torrent websites "bittorrent.com and utorrent.com" and tampered with their download mechanisms, causing visitors trying to obtain file-sharing software to instead receive malware. The site reported on its blog  that the attack had occurred at around 04:20 Pacific Daylight Time (11:20 GMT) on Tuesday. Initially, the incursion was also thought to have affected the servers of the main BitTorrent site, but further investigation revealed this site had been unaffected by the attack. Once installed, Security Shield delivers false reports that a computer is infected with multiple pieces of malware and prompts the user for payment before claiming to disinfect the machine. The attack affected only users who downloaded and installed software from bittorrent.com and utorrent.com during the hour-and-fifty-minute window that the sites were compromised. Those who installed software pr...