The Hacker News Logo
Subscribe to Newsletter
CrowdSec

The Hacker News - Cybersecurity News and Analysis: Search results for russian

Mr. Grey Hacker (Wanted by FBI) Steals 1.2 BILLION Login Passwords

Mr. Grey Hacker (Wanted by FBI) Steals 1.2 BILLION Login Passwords

November 26, 2015Swati Khandelwal
That's a lot of Login credentials fetch by a single hacker. The FBI believes a single hacker who goes by the moniker Mr.Grey has stolen login credentials for over 1.2 Billion online accounts – apparently the biggest heist of log-in credentials the FBI has investigated thus far. Yeah, that's not Fifty, but 1.2 Billion Shades of Grey . The information came from the court documents the federal agents submitted to support its search warrant request in 2014, Reuters reported . The cyber security firm ' Hold Security ' initially reported the theft of the credentials last year. It found out that Russian hacking group CyberVor has stolen 1.2 Billion login details and an additional 500 Million email accounts. Botnet Breach These data were said to have been harvested from over 420,000 websites via botnets looking for SQL injection flaws ; the same technique recently used to hack TalkTalk . Botnets are usually employed to attack an individual targ
Russian ATM Hackers Steal $4 Million in Cash with 'Reverse ATM Hack' Technique

Russian ATM Hackers Steal $4 Million in Cash with 'Reverse ATM Hack' Technique

November 25, 2015Mohit Kumar
Russian hackers have discovered a novel technique to rip off Millions of dollars from banks and ATMs. Criminals in Russia used a technique, called " Reverse ATM Attack ," and stole 252 Million Rubles ( US$3.8 Million ) from at least five different banks, according to the information obtained by Russian digital intelligence firm Group-IB . What is Reverse ATM Attack? According to the intelligence firm, an attacker would deposit sums of 5,000, 10,000 and 30,000 Rubles into legitimate bank accounts using ATMs, and immediately withdraw the same amounts right away with a printed receipt of the payment transaction. The details included in the receipt, containing a payment reference number and the amount withdrawn, would then be transferred to a partner hacker, who had remote access to the infected POS terminals, usually located outside of Russia. Also Read: German Bank ATMs vulnerable to Hackers The partner hacker would then use these details to perform a reversal
THN Weekly Roundup — 15 Most Popular Cyber Security and Hacking News Stories

THN Weekly Roundup — 15 Most Popular Cyber Security and Hacking News Stories

September 14, 2015Mohit Kumar
We are once again here with our weekly round up based on last week's top cyber security threats and challenges. I recommend you to read the entire thing ( just click ' Read More ' because there's some valuable advice in there as well ). Here's the list: 1. Reminder! If You have not yet, Turn Off Windows 10 Keylogger Now Microsoft is very powerful in tracking every single word you type or say to its digital assistant Cortana using its newest Windows 10 operating system. The keylogger that Microsoft put in the  Technical Preview of Windows 10  last fall made its way to  Windows 10 Free  public release first rolled out back in July. Besides various  Windows 10 privacy issues , there is a software component that is a bit more complicated than you thought. It tracks your inputs using: Keyboard Voice Screen Mouse Stylus Information about your Calendar and Contacts If this keylogger, which is more than just a keylogger, makes you feel creepy then need
Russian Hackers Hijack Satellite To Steal Data from Thousands of Hacked Computers

Russian Hackers Hijack Satellite To Steal Data from Thousands of Hacked Computers

September 10, 2015Swati Khandelwal
A group of Russian hackers, most notably the Turla APT (Advanced Persistent Threat) is hijacking commercial satellites to hide command-and-control operations, a security firm said today. Turla APT group, which was named after its notorious software Epic Turla , is abusing satellite-based Internet connections in order to: Siphon sensitive data from government, military, diplomatic, research and educational organisations in the United States and Europe. Hide their command-and-control servers from law enforcement agencies. Despite some of its operations were uncovered last year, Turla APT group has been active for close to a decade, while remaining invisible by cleverly hiding from law enforcement agencies and security firms. Now, security researchers from Moscow-based cyber security firm Kaspersky Lab claim to have identified the way Turla APT group succeeded in hiding itself. The researchers said the group disguised itself by using commercial satellite Internet
Microsoft Windows Zero-Day Vulnerability "CVE-2014-4114" Used to Hack NATO

Microsoft Windows Zero-Day Vulnerability "CVE-2014-4114" Used to Hack NATO

October 14, 2014Swati Khandelwal
Once again a Russian cyber espionage group has gained media attention by exploiting a Zero-day vulnerability in Microsoft's Windows operating system to spy on the North Atlantic Treaty Organization ( NATO ), Ukrainian and Polish government agencies, and a variety of sensitive European industries over the last year. ZERO-DAY VULNERABILITY IN MICROSOFT WINDOWS Researchers at cyber intelligence firm iSight Partners have discovered a zero-day vulnerability that impacts desktop and server versions of Windows, from Vista and Server 2008 to current versions. They also uncovered a latest cyber-spying campaign - suspected to be based in Russia - that uses this Zero-day vulnerability ( CVE-2014-4114 ) to target government leaders and institutions for nearly five years. The recently detected Russian hacking group is dubbed as " Sandworm Team " by iSIGHT Partners because it found references to the Frank Herbert's " Dune " science fiction series in the malici
5 Million Gmail Usernames and Passwords Leaked online, Check Yours Now

5 Million Gmail Usernames and Passwords Leaked online, Check Yours Now

September 11, 2014Swati Khandelwal
Gmail credentials leaked online? Oh my God! Again I have to change my password…!! Yes, you heard right. Millions of Gmail account credentials (email address and password) have been stolen and made publicly available through an online forum, causing a large number of users worldwide to change their Gmail password again. The website that published the email addresses with matching passwords is Russian. The credentials seem to be old and likely sourced from multiple data breaches. It is believed that the leaked passwords are not necessarily those used to access Gmail accounts, but seem to have been gathered from other websites where users used their Gmail addresses to register. 5 MILLION GMAIL CREDENTIALS LEAKED ONLINE The news broke when a user posted a link to the log-in credentials on Reddit frequented by hackers, professional and aspiring. But the archive file containing nearly 5 million Gmail addresses and plain text passwords was posted on Russian Bitcoin secur
Dragonfly Russian Hackers Target 1000 Western Energy Firms

Dragonfly Russian Hackers Target 1000 Western Energy Firms

July 02, 2014Swati Khandelwal
Gone are the days when cyber criminals focuses only on PCs to spread malwares and target people, whether it's ordinary or a high profile person. Nowadays, organizations in the energy sector have become an interesting target for cyber minds. Few days ago, security researchers uncovered a Stuxnet-like malware, " Havex ", which was also programmed to infect industrial control system software of SCADA systems , with the capability to possibly disable hydroelectric dams, overload nuclear power plants, and even shut down a country's power grid with a single keystroke. RUSSIAN HACKERS HIT 1000 ENERGY FIRMS Recently, a Russian group of hackers known as ' Energetic Bear ' has compromised over 1,000 European and North American energy firms with a sophisticated cyber weapon, similar to Stuxnet, that gave hackers access to power plant control systems, said a security firm. The group of hackers also known as ' Dragonfly ', an eastern European collective that has been active since
Hackers behind iPhone Ransom Attacks Arrested in Russia

Hackers behind iPhone Ransom Attacks Arrested in Russia

June 12, 2014Mohit Kumar
A cyber campaign that was targeting iPhone and iPad owners with a sophisticated Ransomware in Australia and New Zealand last month, drawn special attention of online media and security analysts. Russian Authorities have arrested two young hackers from Moscow for their alleged involvement in compromising Apple ID accounts and then using ' Apple's Find My iPhone ' service to hold iOS devices for ransom. A Russian man aged 23 and a teenager aged 17 had been taken into custody in the Southern Administrative District of Moscow for their part in " blocking of Apple devices to extort funds ," claims the press release on the Russian Interior Ministry's website on Tuesday. According to the authorities, one of the suspects used phishing websites to trick victims into giving up their Apple ID username and password. The second suspect's activities are exactly same of the ' Oleg Pliss attack '. " The first involved gaining access to the victim's Apple ID by means of the c
Dutch Court Accepts to Extradite Russian Hacker involved in Biggest US Hacking Case

Dutch Court Accepts to Extradite Russian Hacker involved in Biggest US Hacking Case

April 19, 2014Wang Wei
In the mid of last year a Group of Russian Hackers were accused for allegedly infiltrating the computer networks of more than a dozen major American and international corporations and stole 160 million credit card and debit card numbers over the course of seven years, which were then resold to third parties buyers. WANTED IN U.S AND RUSSIA A Rotterdam court in Netherlands ruled that simultaneous requests from the U.S. and Russia for the extradition of the Russian hacker  Vladimir Drinkman  were admissible,  who is accused of being involved to lead the largest data theft case ever prosecuted in the U.S history, Bloomberg report . But it's not yet clear why Russia demands Drinkman 's extradition, "It's now up to the minister of justice to decide on the extradition, and to decide which country." court ruled. The investigators identified that the defendants have been infiltrating computer networks across the globe since at least 2007, including firms in New Jer
24-year-old Russian Hacker and Developer of SpyEye Banking Trojan pleads guilty

24-year-old Russian Hacker and Developer of SpyEye Banking Trojan pleads guilty

January 29, 2014Swati Khandelwal
A Russian man has pleaded guilty to conspiracy charges in a federal court in Atlanta on Tuesday for developing and distributing a malicious banking malware ' SpyEye ' that infected more than 1.4 million computers worldwide since 2009. Aleksandr Andreevich Panin , a 24 year old programmer, also known as Gribodemon and Harderman , was the main author of ' SpyEye ', a sophisticated malware designed to steal people's identities and financial information, including online banking credentials, credit card information, user names, passwords and PINs from their bank accounts without their knowledge. The SpyEye secretly infects the victim's computer and gives the remote control to the cybercriminals who remotely access the infected computer through command and control servers and steal victims' personal and financial information through a variety of techniques, including web injects, keystroke loggers, and credit card grabbers without authorization. Between 2009 and
New Banking malware 'i2Ninja' being sold via underground Russian Cybercrime Market

New Banking malware 'i2Ninja' being sold via underground Russian Cybercrime Market

November 21, 2013Wang Wei
Researchers at Trusteer   spotted a new banking malware program on the underground Russian cybercrime market , that communicates with attackers over the I2P anonymity network is for sale on underground Russian cybercrime forums. Dubbed ' i2Ninja ', malware has most of the features found in other financial malware including the ability to perform HTML injections and form grabbing in Internet Explorer, Firefox and Chrome. i2Ninja can also steal FTP and e-mail credentials. It also has a PokerGrabber module feature that targets poker sites. The traffic between the malware and the command server cannot be easily blocked by intrusion prevention systems or firewalls because it's encrypted and transmitting over the Invisible Internet Project (I2P). Everything from delivering configuration updates to receiving stolen data and sending commands is done via the encrypted I2P channels. I2P communication can make it much harder for security researchers to find and take
Russia grants one year asylum to Edward Snowden, The Most wanted man on Earth

Russia grants one year asylum to Edward Snowden, The Most wanted man on Earth

August 01, 2013Mohit Kumar
Edward Snowden , the former U.S. The intelligence contractor wanted for revealing the National Security Agency 's secret program to collect American phone and internet records, left at Moscow airport after Russian authorities granted him temporary asylum for one year. Mr Snowden's lawyer Anatoly Kucherena said, " Snowden has left the Sheremetyevo airport. He has just been given a certificate that he has been awarded temporary asylum in Russia for one year ," " Edward Snowden was granted temporary asylum in Russia for a year and has now left Moscow airport under the care of Wikileaks' Sarah Harrison ," Wikileaks tweeted. He had gone to a secure location which would remain secret. " His location is not being made public for security reasons since he is the most pursued man on the planet. He himself will decide where he will go ," In a statement released by WikiLeaks , Snowden thanked Russia for giving him asylum and critici
Edward Snowden applies for political asylum in Russia

Edward Snowden applies for political asylum in Russia

July 01, 2013Mohit Kumar
A Russian immigration source informed that the US intelligence agency whistleblower Edward Snowden has applied for political asylum in Russia. Few days back, Russian president Vladimir Putin has said Russia would never hand over Mr Snowden over to the United States but that if Snowden wants to stay in Russia he " must stop his work aimed at harming our American partners. " He initially fled from Hawaii to Hong Kong and then to Russia . The US has annulled his passport, and Ecuador, where he had hoped to get asylum, has been coy over offering him shelter. Sarah Harrison is an employee of anti-secrecy group WikiLeaks , who accompanied Mr Snowden on his trip from Hong Kong. " Snowden is not a Russian agent ", Putin said on Monday, and that Russian intelligence services were not working with the fugitive American, who is believed to remain in the transit area at a Moscow airport eight days after arriving from Hong Kong. Speaking at a news confe
Researchers detected the Malware that targets the Russian stock-trading platform QUIK

Researchers detected the Malware that targets the Russian stock-trading platform QUIK

April 21, 2013Wang Wei
Security Researcher from Group-IB ( Group-IB is one of the leading companies in global cybercrime prevention and hi-tech crime investigations )   has found a new kind of malware   that targets the Russian stock-trading platform QUIK. It was detected during several targeted attacks starting in November 2012 where  Cyber criminals have traditionally targeted private and corporate banking accounts, using malware (such as variants of the ZeuS  cyber-crime  toolkit ) to log key-strokes and extract account information. In the last year, Group-IB has received several incoming incident fraud requests on some famous online trading and stock brokerages where systems were possibly hacked and recently trading fraudsters have diversified tactics and begun to use malware. Group-IB has detected the first professional malware, targeted at a specialized trading software named QUIK (Quik Broker, Quik Dealer) from Russian software developers ARQA Technologies and FOCUS IVonline from
Italian Intelligence agency CNAIPIC steals sensitive data from Indian Embassy

Italian Intelligence agency CNAIPIC steals sensitive data from Indian Embassy

August 02, 2011Mohit Kumar
Italian Intelligence Agency CNAIPIC steals sensitive data from Indian Embassy Sensitive defence information appears to have been stolen from the Indian embassy here by an Italian intelligence agency during the past two years. If the documents released by Anonymous Hackers are to be believed, the Italian cyber police - National Anti-Crime Computer Centre for Critical Infrastructure Protection (CNAIPIC) - was widely hacking Indian embassy's letters with Russian defence firms. Leaked Data which include the letters between the Indian embassy's Air Wing and a local company supplying spares for military aircraft. Izvestia said Italian cyber police had hacked on June 22, 2010 Deputy Air Attache D S Shekhavat's correspondence with Aviazapchast, a company specialising in the supply of aviation spares, complaining about delays in the shipment of 15 helicopter engines. A reply from the Aviazapchast representative in India written on the same day was also hacked by the CNAIPIC
World War C report - Motives behind State Sponsored Cyber Attacks

World War C report - Motives behind State Sponsored Cyber Attacks

October 03, 2013Anonymous
Nation-state driven cyber attacks are routinely conducted on a global scale to defend national sovereignty and project national power. We are living in the cyber era, human conflict is involving also the fifth domain of warfare , the cyberspace . As never before disputes take place with blows of bits, militias of every government are developing cyber capabilities dedicating great effort for the establishment of cyber units . Network security company, FireEye, has released a report titled " World War C: Understanding Nation-State Motives Behind Today's Advanced Cyber Attacks " which describes the effort spent by governments in cyber warfare context, the document analyzes in detail the different approaches adopted by various countries in conducting nation-state driven cyber attacks . Security experts highlight the intensification of state-sponsored attacks for both cyber espionage and sabotage purpose, campaigns such as Moonlight Maze and Titan Rain or the destruc
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.