The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: Search results for Security

Operation Windigo: Linux malware campaign that infected 500,000 Computers Worldwide

Operation Windigo: Linux malware campaign that infected 500,000 Computers Worldwide

March 18, 2014Mohit Kumar
In late 2013, Security Researchers identified thousands of Linux systems around the world infected with the OpenSSH b ackdoor trojan and  credential stealer  named Linux/Ebury ,  that allows  unauthorized access of an affected computer to the remote attackers. Antivirus Firm ESET's Reseacher team has been tracking and  investigating the operation behind Linux/Ebury and today team  uncovers the details [ Report PDF ] of a massive,  sophisticated and organized  malware campaign called ' Operation Windigo ', infected more than 500,000 computers and 25,000 dedicated servers. ' We discovered an infrastructure used for malicious activities that is all hosted on compromised servers. We were also able to find a link between different malware components such as Linux/Cdorked, Perl/Calfbot and Win32/Glupteba.M and realized they are all operated by the same group. '  ESET reported. Malware used in Operation Windigo: Linux/Ebury –  an OpenSSH backdoor use
MtGox Hacker tricks people to install Bitcoin Stealer

MtGox Hacker tricks people to install Bitcoin Stealer

March 15, 2014Swati Khandelwal
This News will blow everyone's mind! If you are a bitcoins holder then you might be aware of  MtGox , Once the World's biggest Bitcoin exchange .  MtGox  filed for bankruptcy last month after saying it lost some 8,50,000 Bitcoins to hackers and suddenly went dark with no explanations. A few days ago, some unknown hacker breached into the personal blog and Reddit account of MTgox CEO,  Mark Karpeles  to level charges of fraud. But, Hackers are very clever to avail every eventuality they get. After compromising the MtGox CEO's blog, the hacker posted a 716MB ZIP file, MtGox2014Leak.zip , which contains the data dump and specialized software tools for remote access to MtGox data, but these software tools turned out to be a Bitcoin wallet stealing malware , according to the research carried out by the Kaspersky Lab Expert , Sergey Lozhkin. The application was actually a malware, which was created to search and steal Bitcoin wallet files from the victims' computer.
Mark Zuckerberg frustrated; Obama irritated and Finally NSA Stated

Mark Zuckerberg frustrated; Obama irritated and Finally NSA Stated

March 14, 2014Swati Khandelwal
The US intelligence agency NSA ( National Security Agency ) broke the Silence on the claim that it has reportedly  'infected millions of computers around the world with malware' and that it is 'impersonating U.S. Social media or other websites ', emphasized the claim as inaccurate. The document provided previously by NSA whistleblower Edward Snowden , analyzed by Glenn Greenwald from  The Intercept claimed that the NSA is spreading surveillance malware on computers and networking devices around the world that are capable to spam out millions of pieces of sophisticated malware at a time on a large scale.  Moreover, the report also claimed that the NSA could silently masquerade as legit websites, such as Facebook, or other sites and therefore intercepting victims' online activities, but the agency denied the claims issuing a statement on Thursday. The statement released by the agency notes: " Recent media reports that allege NSA has infected millions of computers
Police Ransomware threat of huge Fine forced Family to Commit Suicide

Police Ransomware threat of huge Fine forced Family to Commit Suicide

March 13, 2014Swati Khandelwal
Till Now we all have heard about the Ransomware Malware that encrypts your files or lock down your computer and ask for a random amount to be paid in a specified duration of time to unlock it, but this cyber threat has forced somebody for the terrible murder and suicide. It's true! This could be an extent of Ransomware that has marked its history by someone's blood. Marcel Datcu , a 36 year old man, living in the village of Movila Miresii , who was married in 2013 and living happily with his family, killed his 4 year old baby and then himself committed suicide after his computer got infected with " police ransomware ," a Romanian Newspaper, Braila24 reports. Ransomware is one of the most blatant and obvious criminal's money making schemes out there, from which Cryptolocker threat had touched the peak, and cyber criminals have developed many Cryptolocker versions ( prisonlocker, linkup, icepole, cryptobit ) by which you have to safeguard your system. According t
Symantec discovered Android Malware Toolkit named Dendroid

Symantec discovered Android Malware Toolkit named Dendroid

March 06, 2014Wang Wei
Android platform is becoming vulnerable day by day and hackers always try to manipulate android by applying novel techniques. In this regard, Symantec researchers have found a new android malware toolkit named " Dendroid ". Previously Symantec found an Android Remote admin tool named AndroRAT is believed to be the first malware APK binder. However, Dendroid runs on HTTP with many malicious features. Dendroid toolkit is able to generate a malicious apk file that offers amazing features like: Can delete call logs Open web pages Dial any number Record calls SMS intercepting Upload images, video Open an application Able to perform DoS attack Can change the command and control server The author of Dendroid also offers 24/7 customer support for this RAT and Android users can buy this toolkit at $300 by paying Bitcoin , Lifecoin. Experts at Symantec said that Dendroid has some connection with the previous AndroRAT toolkit . Dendroid being an HTTP RAT offers PHP
Encrypted Chat Service 'Cryptocat' released iOS app

Encrypted Chat Service 'Cryptocat' released iOS app

March 05, 2014Anonymous
Cryptocat , an open source encrypted web-based chat client, is now available for iOS Devices from the  Apple's App store , which was initially rejected by the Apple last December. It is not clear why it was rejected previously, but the good news is that, now ' Cryptocat ' is available for all iOS Devices. So far Cryptocat was only available for Linux and Mac OS X, and as an extension for web browsers Mozilla Firefox, Google Chrome 3, Apple Safari and Opera . Cryptocat has become quite popular in the wake of the NSA Controversy, because of its end-to-end encryption that doesn't allow anyone in the middle to read your messages. Cryptocat for iPhone uses the OTR protocol for private conversations, a cryptographic protocol for secure instant messaging, and perfect forward secrecy, a system that constantly generates new user keys. So, snoops cannot decrypt older messages. It doesn't require any username or account rather just one time nickname makes the
Outernet - Free Global Wi-Fi Service from Outer Space

Outernet - Free Global Wi-Fi Service from Outer Space

February 28, 2014Anonymous
If you are reading this THN Article, then you are the one of those lucky guys who has access to the Internet, but everyone is not as lucky as you. On this planet, about 40% of the population is still not having an access to the Internet services. So, there is good news for all those who are still deprived of Internet services - Free Global WiFi Internet Access called ' Project Outernet '. A Non-profit organization ' Media Development Investment Fund (MIDF) ' based in New York has taken this initiative, regardless of the geographical location, the Outernet will broadcast free, bypassing filtering or other means of censorship and universal Internet all over the globe from high in orbit. A few hundred of  Low-cost mini satellites ( cubesats ) will be sent into the space to create a constellation in the low earth orbit. To widen the range of service area, these Cubesats will utilize universally accepted standard protocols like DVB, Digital Radio Mondiale and  User
Learn How to Hide WhatsApp 'Last seen at' Time and Profile Picture from Other Users

Learn How to Hide WhatsApp 'Last seen at' Time and Profile Picture from Other Users

February 22, 2014Swati Khandelwal
WhatsApp for Android added most awaited privacy option for all who do not want to display information about when they last used the app. This is the first impressive update of the  WhatsApp after acquisition by Facebook , who   has paid a lot of money in cash and stock to acquire it. The Popular Smartphone messaging application  WhatsApp version 2.11.169 will provide you more ability and control over privacy options i.e. Hiding ' last seen at ' time, Profile picture, status updates from others, which are currently visible for all WhatsApp users. Currently, these options are set to  'everyone'  by default, that allows any WhatsApp user to find out exactly when you used WhatsApp for the last time, also reveals your image and Status message. Most of the times we don't want it to be shown to anyone or to non-contact users. How to hide WhatsApp 'last seen at' time and Profile Picture? WhatsApp now allows you to Modify your Privacy settings in three wa
Why Facebook is buying WhatsApp for $19 Billion?

Why Facebook is buying WhatsApp for $19 Billion?

February 21, 2014Mohit Kumar
Popular Smartphone Messaging app  WhatsApp 's $19 billion acquisition by Social Network giant Facebook  made Headlines this week. While Some are applauding the move, and many other users are worried about WhatsApp's future and their privacy after this acquisition. Why So Serious? WhatsApp currently having 450 million active users and processes 50 billion messages a day. Service charges a nominal service fee of $1/year, that means Facebook is buying at $42.22 per user. $19 Billion / 450 million users  = $42.22 per user These figures show ,  obviously future revenue from WhatsApp can't cover the acquisition cost in the short or mid-term. " You can still count on absolutely no ads interrupting your communication. There would have been no partnership between our two companies if we had to compromise on the core principles that will always define our company, our vision and our product. " WhatsApp founder said in a  blog post . So, What Facebook is
Google and Apple app Store removing all Games with "Flappy" word in Title

Google and Apple app Store removing all Games with "Flappy" word in Title

February 17, 2014Wang Wei
After the developer of Flappy Bird pulled the gaming app from both the Apple and Google app stores, it led to the creation of dozens and dozens of Flappy Bird clones that are trying to cash in on the popularity of the original title. Also Security researchers from multiple anti-malware firms have recently identified a number of malicious versions of Flappy Bird apps. In Order to protect Smartphone users from installing malicious applications that pretend to be the one associated with the previous Flappy Bird app, Google and Apple have finally decided to reject all games and application that contain ' Flappy ' in the title on app Stores. Ken Carpenter, another app developer with Mind Juice Media, posted on his Twitter account that his newly developed app, which he named Flappy Dragon , got rejected from Apple's app Store because the name " attempts to leverage a popular app " According to Ken, 'Flappy' in app title are being rejected by Apple under a violatio
Hacker removed Mark Zuckerberg's Facebook Timeline Cover Photo

Hacker removed Mark Zuckerberg's Facebook Timeline Cover Photo

February 15, 2014Swati Khandelwal
Something unusual happened today, Mark Zuckerberg's Facebook Timeline Cover Photo is removed, as shown in the above Screenshot. Suddenly, after few hours, I got a mail from an Egyptian Hacker with nickname ' Dr . FarFar ', claimed that he has hacked the Mark Zuckerberg's Facebook Profile and removed the Cover Photo using a private exploit. The hacker has not provided any technical details about the vulnerability he used, but it seems that Zuckerberg has not noticed the removed Cover Photo on his profile. It could be possible that Zuckerberg removed his Cover Photo himself, and someone is trying to take responsibility for the changes, but I still have a positive feeling that - May be a Minor, but its a Hack! Previously in August 2013, Palestinian programmer discovered a security flaw in Facebook that allowed him to write a post on Facebook CEO Mark Zuckerberg's personal timeline without his permission. Well, we are trying to get more information from
300000 Android Devices infected by Premium SMS-Sending Malware

300000 Android Devices infected by Premium SMS-Sending Malware

February 15, 2014Swati Khandelwal
Downloading various apps blindly from Google play store may bring you at risk in terms of money.  PandaLabs , the Cloud Security Company, has identified malicious Android apps on Google Play that can sign up users for premium SMS subscription services without their permission and so far it has infected at least 300,000 Android users, although the number of malicious downloads could have reached 4 times higher i.e. 1,200,000 users. The four apps found free in the app store that came packaged with a premium SMS scam that dubbed as "Easy Hairdos", "Abs Diets", "Workout Routines" and "Cupcake Recipes" and are among the malicious apps available for free download on Google Play store . From the above app, say if 'Abs Diet' has been installed on your phone and once the user has accepted the terms and conditions of the service, the app displays a series of tips to reduce abdominal fat and then without the user's knowledge, the app l
iOS vulnerability allows to disable 'Find My iPhone' without password

iOS vulnerability allows to disable 'Find My iPhone' without password

February 08, 2014Wang Wei
Smartphone manufacturers are adding ways for owners to track and manage their phones if they ever get lost or stolen. Find My iPhone is a service that comes with every iOS device that allows you to track your iPhone, whether it was lost or stolen. Normally, the iPhone requires a password if you want to deactivate " Find My iPhone ", but it isn't entirely perfect and thieves are now smart enough to disable ' Find My iPhone ' on devices running iOS 7.0.4 and lower version, without having to enter a password. The exploit was discovered and demonstrated security researcher ' Bradley Williams ' and performing a successful bypass means you won't be able to locate, make sound and wipe out. The vulnerability could put the devices at risk, and the exploitation method involves a few simple steps that involve making changes in the iCloud settings, even if they don't know the password. Steps to hack 'Find My iPhone': Navigate to iCloud in the settin
LINKUP - First Ransomware trojan that modifies DNS settings to mine Bitcoin forcefully

LINKUP - First Ransomware trojan that modifies DNS settings to mine Bitcoin forcefully

February 07, 2014Swati Khandelwal
Till now we all have heard about the Ransomware malware that encrypts your files or lock down your computer and ask for a ransom amount to be paid in a specified duration of time to unlock it. Emsisoft has detected a new piece of malware called " Linkup ", dubbed as " Trojan-Ransom.Win32.Linkup " that doesn't lock your computer or encrypts files; rather it blocks your Internet access by modifying the DNS settings, with the ability to turn your computer into a Bitcoin mining robot.  Sounds Interesting?? Once the Linkup Trojan is installed in your system, it makes a copy of itself and disables the selected Windows Security and Firewall services to facilitate the infection. Injected poisoned DNS Server will only allow the malware and Bitcoin miner to communicate with the internet. It display a bogus notification on the victim's web browser, which is supposed to be from the Council of Europe , that accuses you of viewing " Child Pornography " and only returns th
Google Chrome added pop-up warning to prevent users from Browser hijacking

Google Chrome added pop-up warning to prevent users from Browser hijacking

February 03, 2014Anonymous
GOOGLE, one of the most trusted brands continuously trying to keep its products more robust and secure for keeping its users safe. Google honors vulnerability hunters under its Bug bounty program and not only that, the company also offer a huge amount of reward to hackers in ' Pwnium ' hacking competition for finding critical vulnerability. Google Chrome , Browser from Google product family, has been added with a new feature that it will warn the user whenever browser's setting get altered by any malware . Browser hijacking is the modification of browser's settings, and the term " hijacking " is used when the changes performed without the user's permission. A browser hijacker may replace the existing home page, error page, or search page with its own. These are generally used to force hits to a particular website, increasing its advertising revenue i.e. Click jacking and Adware . A hijacker uses malicious software to change your internet s
800,000 Customers' detail stolen in Data Breach at French Telecom 'Orange'

800,000 Customers' detail stolen in Data Breach at French Telecom 'Orange'

February 03, 2014Swati Khandelwal
One of the world's largest mobile operator ' Orange ' has been hit by data breach. The French multinational telecommunication company announced recently, it was targeted by unknown hackers on 16th January 2014, who allegedly gained access to the accounts of up to 800,000 customers of Orange website. According to a report published on the PC INpact website, the company warned their customers in an email that their Client Area website orange.fr was hacked and personal data of 3% customers have been stolen, but the passwords are not affected. The hacker has successfully stolen customers' names, mailing address, email, landline and mobile phone numbers. The company warned, with the information lost in this attack, hackers can perform phishing attacks, allowing them to steal personal data, including bank account details and passwords by sending emails that look as if they have come from official sources. Orange has confirmed the data breach, and afte
NSA allegedly hacked Belgian Cryptography Expert with spoofed LinkedIn Profile

NSA allegedly hacked Belgian Cryptography Expert with spoofed LinkedIn Profile

February 03, 2014Swati Khandelwal
Cryptographer Professor Jean-Jacques Quisquater has become the part of a targeted attack by the US National Security Agency (NSA) and its British counterpart GCHQ, first reported on Saturday morning by De Standaard . A few months back in September 2013 it was revealed that, Belgacom , the largest telecommunications company in Belgium was hacked and number of employees on Belgacom's network, including their servers were compromised. Later in November 2013 , it was revealed that the NSA and GCHQ were behind the infiltration of the company's computers, according to the document provided by the former NSA contractor Edward Snowden . The document detailed that the British intelligence agency GCHQ created fake ' LinkedIn ' and ' Slashdot ' pages to spy on computers of Belgacom network engineers. They used a method called " quantum insert ", to redirect employees to fake websites that contained malware using Man in the middle attack to a spoofed server ( codenamed "
Microsoft launching 'Transparency Center' for Source code integrity Check

Microsoft launching 'Transparency Center' for Source code integrity Check

February 03, 2014Anonymous
Last Friday at the 50th Munich Security Conference , Microsoft announced to launch ' Transparency centers ' around the World, where government customers will be able to verify the source code of Microsoft's products and can confirm that there are no backdoors. The recent chain of scandals over US global snooping has seriously damaged the trust in U.S. Government and top U.S. Tech companies, that could cost them billions of dollars over the next several years if international clients take their business elsewhere. German Chancellor Angela Merkel , whose private mobile phone was also allegedly bugged by the NSA , warned earlier that U.S. Spying operations are unacceptable. In an effort to re-gain the trust of its customers and Governments around the world, Microsoft has announced that it will expand encryption across its services, reinforce legal protections for customers' data and will also enhance the transparency of its software code. Encryption proced
eBay and PayPal UK website hacked by Syrian Electronic Army

eBay and PayPal UK website hacked by Syrian Electronic Army

February 02, 2014Swati Khandelwal
A pro-hacker group, aligned with president Bashar al-Assad, very well known as Syrian Electronic Army (SEA) has again gained the media attention by adding the popular sites, i.e. eBay UK and PayPal UK to its victim list. After targeting websites of various media agencies, government organizations and big enterprises, including the latest defaced CNN and Microsoft, today they targeted and defaced the official websites of UK's Ebay ( ebay.co.uk ) and PayPal ( paypal.co.uk ). The group also left a deface page along with a message on the hacked PayPal UK site: " Hacked by Syrian Electronic Army! Fuck the United States Government. " It is clear that the attack on PayPal could put millions of peoples' bank information at risk, but the group said that the attack is not to target account information of people instead was ' Purely a Hacktivist Operation ' with the reason behind is the discrimination of Syrian citizens by PayPal company. " For denying Syrian citizens
Chainfire's Pry-Fi Android App released to defend against NSA Spying under Public Wi-Fi

Chainfire's Pry-Fi Android App released to defend against NSA Spying under Public Wi-Fi

February 01, 2014Anonymous
Turn your face in any direction, someone is always trying to spy on you; doesn't matter who and what you are? Just yesterday we reported that Communications Security Establishment Canada (CSEC) in Canada and NSA are together, running a spying program called ' game-changer '. It was revealed that the agencies are tracking all the travelers who passed through the airport terminal, and could be tracked throughout the country by referencing it with the intercepted information from Wi-Fi in cafes, libraries and other public places. Today XDA Senior Recognized Developer ' Chainfire ' has released a new Android app called Pry-Fi , that allow a user to disable Wi-Fi completely, including the background network scanning.  Pry-Fi will prevent your device from announcing all the networks it knows to the outside world, but it will still allow background scanning and automatically connecting to Wi-Fi networks. ' Retailers, crooks, the government, and other
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.