latest articles

Thursday, April 3, 2014

Anonymous hackers claim to have the data of 800 Million Cards, True?


A group calling itself ‘Anonymous Ukraine’ has claimed that it has hacked information related to more than 800 million US credit and debit cards including of those who are at highest seats in the US government and other politicians. A claim that has been doubted by experts both on its merit and enormity. The group’s main reason to do so seems to be to damage relations between US and Ukraine and is believed to be a Russian group. A message from the group stated the following on 24th of March:

“After the USA showed its true face when she unilaterally decides which of the peoples to live independently and who under the yoke of the Federal Reserve, we decided to show the world who is behind the future collapse of the American banking system. We own all the financial information of the Fed. And even more than you think.”

There are two companies, Risk Based Security and Battelle, which are investigating the breach and both say that they have not found any credible proof that the said 800 million accounts have bean breached. The data that hackers have provided as proof is incomplete, outdated and/or fraudulent.
The hacking group announced that it had released details of more than 25 million credit or debit cards. Battelle counted the right amount to be about 10.2 million and only 1% of it is complete. Rest of the accounts have either important details missing, such as full name or expiry date or validation codes, or the information is totally out dated as the expiration dates are from 2012-2014 rather than 2015-2016. The earlier dates of expiration suggests that the information was acquired from an older data dump. For all those credit or debit cards having all the correct and complete information, are believed to be gathered through fake banking websites using phishing, according to Ernest Hampson, technical director for Battelle’s cyber intelligence and counterintelligence group. He added about the threat and sophistication:

“These criminal organizations are acting more like armies every day. They have their own Intel, they’re gathering information about your employees, finding out who your friends are, and they can target attacks directly against you that make it unlikely that you would not click on that email.”
Interestingly, it seems that some of the users started noticing something fishy about these phishing sites and started entering messages like “Bite Me”, “your momma” or “get lost”.

While downloading the data from site, Battelle’s investigators also received a malware which appeared to have been hosted in Ukraine on a server owned by a Ukrainian. The investigators are closely monitoring the activities of Anonymous Ukraine. Hampson said:

“It’s really important to keep an eye on your enemy, find out what they’re interested in, what their motivation is, what their capabilities are.”

SOURCE
Read more

Wednesday, February 26, 2014

Anonymous Philippines defaced Govt. websites for protest against Anti-CyberCrime Law




In the year 1987 when the late former President Corazon Aquino passed the bill 
that gave the Filipino people its right to freedom of speech and expression 
but in the year 2012 politicians and lawmakers came up of the bill
that kills the right of the people to freely express their opinion and 
freedom of speech through the internet.

The 1987 Constitution, Article III, Bill of Rights, Section 4 states,

"No law shall be passed abridging the freedom of speech, of expression, or of the press, 
or the right of the people peaceably to assemble and petition the government for redress of grievances."

We, the citizens of the internet, fight again for this right and for this freedom. 
We fight not only for ourselves but also for others who stand with us against the Cyber Crime Law — 
bloggers, gamers or ordinary internet users.

This is our way to express and oppose the bill that may destroy the future of the internet in the Philippines. 
We believe that together we shall achieve the goal and the purpose of this cause. 
We shall stand and fight for the Filipino Netizens' right to freedom of speech and expression.


Protect our Right to Freedom of Expression!


We Are Anonymous
We Are Legion
We Do Not Forgive
We Do Not Forget

busabos | Anonymous #OccupyPhilippines | PrivateX | #pR.is0n3r
D4rkB1t | Phantom Hackers | Hf Blackrain | Pinoy Vendetta | Anonymous #Philippine CyberArmy


List of other Defaced Websites:

Office of the Vice President
http://www.ovp.gov.ph/

National Telecommunications Website
http://www.ntc.gov.ph/

PNP Command Center
http://noc.pnp.gov.ph/

Technical Education and Skills Development Authority
http://www.tesda11.com/admin/uploads/index.html

Philippine Anti-Piracy Team
http://www.papt.org.ph/

Southern Philippine Development Authority
http://www.spda.gov.ph/admin/web_pics/

DOST Information Network
http://scinet.dost.gov.ph/union/Downloads/

DOST Information Institute Library
http://library.stii.dost.gov.ph/

Philippine Embassy
http://www.philembassy-rome.net/

Mandaluyong Official Website
http://mandaluyong.gov.ph/

City of Cabuyao Website
http://www.cityofcabuyao.gov.ph/

Sto. Tomas Website
http://www.stotomas.gov.ph/index_.html

Davao Regional
http://drhtagum.gov.ph/

Municipality of Talibon, Bohol, Philippines
http://www.talibon-bohol.gov.ph/main/index.html

MGB CAR
http://mgbcar.ph/
Read more

Friday, February 14, 2014

Anonymous threat: GCHQ Website disrupted by DDoS


Tomorrow GCHQ’s website www.gchq.gov.uk was suffering from downtime and it could be a denial of service attack, some of the noticeable performance issues yesterday:
GCHQ stats
About GCHQ:
The Government Communications Headquarters (GCHQ) is a British intelligence agency responsible for providing signals intelligence (SIGINT) and information assurance to the British government and armed forces.
Last Week, it was revelaed by the documents from the NSA Leaker Snowden’s documents that the British Spy Agency GCHQ used DDoS Attack against the Anonymous hackers during the operation Payback which was used to take down some high profile websites like: MasterCard, Visa, Amazon, Moneybookers, and PostFinance.
Upon searching more about the Snowden documets we find that DDoS Attacks are illegal in the UK under the Police and Justice Act 2006, yet the leaked secret slides shows that GCHQ may have used such techniques against Anonymous.

SOURCE
Read more

Monday, February 10, 2014

Anonymous threatening to leak Singapore Govt. Employees’ details

Anonymous

Anonymous group of hackers targeting the Singapore Government, In a report published on ZDNet -writer ‘Ryan Huang’ writes that a small amount of data provided to them, hacktivists threatening to leak more data.
Actually, the data was stolen from a Singaporean security company that  “does much business with the government.”
Why hacktivists stolen the Data and threatening to leak ?
Leak is in the protest against the recent arrests of some Anonymous members, view report.
What is inside the Leak?

  • Name
  • Email Addresses
  • Date of Birth
  • Nationalities
  • Phone Numbers
  • Passport Numbers
  • In the meantime, database for 10 individuals have been leaked.
  • Data is said to be from the different organizations such as:
  • Central Narcotics Bureau
  • The Prison Service
  • Immigration and Checkpoints Authority
  • The National Water Agency
  • The National Environment Agency
  • The National Library Board
  • The Ministry of Manpower

According to report by ZDNet- some of the information provided either outdated or inaccurate.
At Last, Anonymous hackers threaten to leak the details of thousands of people if Government doesn’t Justice.

SOURCE
Read more

Sunday, January 12, 2014

Tribute to Aaron Swartz: MIT website page hacked by Anonymous



Summary: belatedly evening Friday, January 10 the hacktivism unit Anonymous hacked as well as defaced MIT letting the organization know Anonymous will not disregard the catastrophic suicide of the hacker Aaron Swartz.
On the centenary of young hacker as well as digital activist Aaron Swartz’s bereavement, Anonymous has re-employed its Operation Last alternative to hack MIT’s website, captivating over the system for its Cogeneration scheme.
The website has been vandalized for one hour. The page is now titled THE DAY WE FIGHT BACK.
The disfigurement states “REMEMBER THE DATE WE FIGHT BACK REMEMBER” and continues as of this lettering, with the SSL-permitted description of the site forwarding to the site on load.
Reddit, Creative Commons in addition to Demand Progress co-originator Aaron Swartz entrusted suicide in New York City scheduled Friday, Jan. 11.
MIT until that time claimed to have cooperated a neutral responsibility in the tribunal of Aaron Swartz, on the other hand information later recommended that MIT likely took part in an active responsibility in the prosecution.
final weekend, his father Bob Swartz attributed in the widely-interpreted editorial Losing Aaron where a great deal ground was laid to put the guilt for the young hacker’s bereavement directly at the feet of MIT, which as an organization stated it would play a middle-of-the-road role — yet willfully helped the tribunal, alongside Swartz’s lady love at the time Quinn Norton.
The Operation Last Resort movement is retaliation for the bereavement, which many – as well as the Swartz family – suppose was a result of overzealous action by the Department of Justice as well as what the relations deemed a “bullying” use of out-of-date computer transgression laws.
Anonymous has expressed visitors who land resting on MIT’s Cogen website to the web page for “The Day We Brawl Back,” a remonstration on February 11, 2014 in opposition to surveillance.
“The Day We Fight Back” is a remonstration day in reputation of Aaron Swartz, in addition to to draw attention to the activist’s function in the victory above bring to an end on the Online Piracy Act. Participants take in the Electronic Frontier Foundation, Demand Progress, Fight for the Future, Mozilla, Reddit, and additionals.
Either unidentified is doing several pre-press for the occasion, or it is symptomatic of there might be added in store on February 11.
This is not the opening time Anonymous as well as its Operation Last alternative has hacked MIT in the forename of Aaron Swartz.
The original time was shortly subsequent to Swartz’s suicide taking place January 11, 2013, along with the subsequent hack lying on MIT — a huge humiliate happened on the day of January 22, 2013.
In the month of September 2012, Aaron Swartz was accused with thirteen reckonings of felony hacking following a July 2011 apprehend for allegedly grazing 4 million MIT credentials from the JSTOR online academic journal archive.
JSTOR’s educational paper database was freshly made in public available.
Swartz’s relatives issued tough statements after the catastrophe stating that they sensed MIT furthermore an overzealous subdivision of Justice Prosecution led to Swartz’s self-murder.
The initial hack on MIT’s official web page was claimed by unidentified and contrary to several of Anon’s other destructive hacks, the desperate hacktivists left a announcement calling for a modification to computer crime decrees and incorporated an apology to MIT for captivating over its site.
very last year, the Anonymous Operation Last resort movement was commenced with the transcribe of the centralized U.S. Sentencing Commission site on January 25, in addition to the allocation of what the Anonymous termed “warheads.”
Anonymous located links to encrypted folders mirrored on various web pages on the ussc.gov site. The contents of these records are still mysterious.

SOURCE
Read more

Saturday, January 11, 2014

LinkedIn files a lawsuit to unmask the anonymous hackers


LinkedIn has filled one lawsuit in order to identify the unidentified hackers who created several thousand fake accounts with the aim of scraping the profile data. As per the court documents, those defendants operated automated bots on the virtual computers which were rented from Amazon in order to harvest the details on social networking site for the professionals.
The lawyers for LinkedIn claimed that it cost $5000 to deal with those hackers-they filed one complaint with the Northern District of California Court after discovering the fake accounts.
In the court submission, LinkedIn said that Since May 2013, some unknown entities or persons employing several automated software programs or bots have registered several thousand fake LinkedIn member accounts and therefore they have copied or extracted data from the profile pages of numerous members.
This practice is popularly known as data scraping and it is explicitly barred by the user agreement of LinkedIn that prohibits the access to LinkedIn through spidering, scraping, crawling or by using any other data or technology to access the data without any express written consent of the LinkedIn members or LinkedIn.
Although, till now the identity of the hackers is unknown, as the hackers had used the Amazon’s Elastic Compute Cloud it, but they are expecting that they would be able to identify those Doe Defendants by serving the third-party discovery on AWS.
While this thing was not clear what these hackers would do with these data, LinkedIn mentioned that irreparable and ongoing harm had caused. As per the complaint of LinkedIn, having several thousands of false profiles decreases the integrity and the accuracy of information on this website, causing possibly the legitimate users to become misled or confused.
LinkedIn said that the mission of this site is to connect the professionals of this world to make them more successful and productive. Therefore this company hosted the CVs of around 259 million members and a number of them are high-level executives.
Recruiters of the 90 of the Fortune 100 companies utilize the website to look for the prospective candidates.
Mike Small-the security analyst at Kuppinger Cole mentioned that the cloud services are quite cheap to build up, very powerful and quite easy to use. They mainly need one credit card to get the access. These features are quite attractive to the cyber criminals and hackers like as to the legitimate users.
The cloud services mainly have some extensive control in the place in order to prevent the use for the illegal or the illegitimate purposes and the cloud service that deals normally, forbid this particularly. The cyber criminals would require searching the way to cloak the identity while utilizing the public cloud service in this way.
This incident demonstrates all the difficulties faced in the world where both law and the law enforcement is organized geographically but the criminal activities that use the Internet cut across the boundaries.
LinkedIn spokesman, Mr. Richard George uttered that they are a members-first organization and they feel that they have the responsibility to protect that control that their members have more than the information that they use on LinkedIn.

SOURCE
Read more

Monday, December 2, 2013

Microsoft websites went down because of Anonymous



Neowin’s reporting that most popular websites belonging to Microsoft services, including microsoft.com, outlook.com, msn.com, office365.com, Microsoft Developer Network, TechNet, SkyDrive, the Windows Store, sites hosted on Windows Azure, xbox.com and Xbox Live broke down.
The Redmond-based tech company has become unavailable on Nov 22, by getting complaints from its users who tried to access Microsoft’ services provided with a “Server not found” error. Later it became clear that the site went down because of attacks initiated by Anonymous group and launched as a part of Operation Killing Bay.
“A couple days ago a DDoS attack was launched at Japanese Microsoft (Domain) Websites and Servers. We are sorry to report that the Japanese Microsoft Websites and Servers did not go down as planned. Although something did go down. We took the pretty much the entire Microsoft domains down,” Anonymous said in their letter.
“We are investigating the root cause of the disruption and will”, the company said.
Operation Killing Bay also known as Taiji. It’s named after a small village in Japan called Taiji. Taiji came into readers’ minds as a place where amount of dolphins slaughter taking place frequently.
Although, Microsoft confirmed that all online services have been restored. And in a very “short statement” that the restoration experienced a lot of problems.

SOURCE
Read more