Breaking News »

Latest Hacking News

Lizard Squad disrupt National Crime Agency website

The website of National Crime Agency (NCA), a national law enforcement agency in the United Kingdom which replaced the Serious Organised Crime Agency, was temporarily down on Tuesday morning by attackers.

According to a news report published in The Guardian, the attackers did this as a revenge for arrests made last week. Four days ago before the attack, six teenagers were released on bail on suspicion of using hacking group Lizard Squad’s cyber-attack tool to target websites and services.

They arrests were in an operation codenamed Vivarium, coordinated by the NCA and involving 
officers from several police forces.

Those who were arrested: an 18-year-old from Huddersfield; an 18-year-old from Manchester; a 16-year-old from Northampton; and a 15-year-old from Stockport, were arrested last week, while two other suspects, both 17, were arrested earlier this year, one from Cardiff and another from Northolt, north-west London.

However, all of them have been bailed, while a further two 18-year-olds – one from Manchester and one from Milton Keynes – were interviewed under caution.

“The six suspects are accused of using Lizard Stresser, a tool that bombards websites and services with bogus traffic, to attack a national newspaper, a school, gaming companies and a number of online retailers,” the report reads.

The NCA spokesperson told The Guardian that the NCA website is an attractive target. Attacks on it are a fact of life. DDoS is a blunt form of attack which takes volume and not skill. It isn’t a security breach, and it doesn’t affect our operational capability.

“At worst it is a temporary inconvenience to users of our website. We have a duty to balance the value of keeping our website accessible with the cost of doing so, especially in the face of a threat which can scale up endlessly. The measures we have in place at present mean that our site is generally up and running again within 30 minutes, though occasionally it can take longer. We think that’s proportionate,” he added.


iOS malware steals over 225,000 Apple accounts to create free App Utopia


Researcher from Palo Alto Networks, a computer security firm, have found out that hackers, who have targeting jail-broken iPhones, have raided more than 225,000 Apple accounts, using them for app buying sprees or to hold phones for ransom.

The jailbreak is a tool in iPhones to use additional iThing tweaks available through the alternative Cydia store, and for some to pirate software by installing ripped-off apps for free.

“In cooperation with WeipTech, we have identified 92 samples of a new iOS malware family in the wild. We have analyzed the samples to determine the author’s ultimate goal and have named this malware “KeyRaider”. We believe this to be the largest known Apple account theft caused by malware,” the researchers posted in a blog.

Claud Xiao, a researcher, said that the KeyRaider malware, hidden in jailbreaking utilities, is slurping login credentials and GUIDs from the user's iTunes data, and siphoning them off to remote servers.

"We believe this to be the largest known Apple account theft caused by malware," Xiao said. "The malware hooks system processes through MobileSubstrate, and steals Apple account usernames, passwords and device GUID by intercepting iTunes traffic on the device.”

He confirmed that the purpose of the attack was to make it possible for users of two iOS jailbreak tweaks to download applications from the official App Store and make in-app purchases without actually paying.

It is said that especially the people in China got affected but herald from 17 other countries including France, Russia, Japan, United Kingdom, United States, Canada, Germany, Australia, Israel, Italy, Spain, Singapore, and South Korea from the attack.

Similarly, some people said that they were being locked out of phones and forced to pay ransoms.


According to the researchers, the attack was discovered by a Yangzhou University student known as i_82 who worked with Xiao alongside a group. They exploited an SQL injection vulnerability on the bad guy's server to learn about the attack. They siphoned about half of the stolen accounts before the VXer became savvy and punted the white hats. They have now set up a website for users to check if they are impacted. 

Six teenagers arrested for using Lizard Squad's DDoS service


(PC- google images)
Six teenagers were recently arrested and later bailed on account of using the hacking tools of a certain Lizard Squad to breach softwares and websites, which included gaming companies, school servers and even newspapers.


The teenagers, aged between 15 to 18 and all male, were arrested during an operation by the UK police in search of hackers using the Lizard Stresser tool that allows the user to send spam to system and facilitate the denial of service (ddos) attack, which makes the website unavailable to the real time visitors.

In the past, such ddos attacks have caused both reputational and financial damage to services provided by big business giants like Sony to even government websites, while these attacks interrupt the smooth functioning for a time interval that starts from a few hours and can last till weeks.

This tool was effectively used by the Lizard Squad in December 2014, to interrupt the online gaming services of Microsoft’s Xbox Live and Sony’s PlayStation Network. The tool is available in the market and can acquiring it can make a normal person into a potential hacker who can then select their targets according to their will.
The UK police arrested the teenagers with the help of the National Crime Agency(NCA), while they were trying to pay anonymously for the tool using BitCoin. However, none of the six teenagers have been confirmed to be a member of the Lizard Squad.

Tony Adams of NCA’s cybercrime unit, explained that by a small amount, a person can acquire the Lizard Stresser that can ruin big businesses and make access to information a deliria for the public. He further added that the arrest was made under an operation named ‘Vivarium’, and that the teenagers were operating from all across UK.


A member of Lizard Squad was arrested in Twickenham in December for their involvement in cyber attacks, while a further member was arrested in May for pranking armed police. However, the hacking group’s tool remains available, despite its site being hacked revealing customers’ details.

Uber Hires Security Analysts For Enhancing Car Safety

(PC- GOOGLE IMAGES)
When it comes to vehicle security, Uber has taken a step ahead in making the vehicles safer. The officials have confirmed that the company has hired two top-notch security analysts to ramp up its target of achieving the technology of self-driven cars. Uber promises the joining of Charlie Miller and Chris Valasek who have been working for Twitter Inc. and security firm IOActive respectively.

Uber’s Advanced Technologies Centre, a research laboratory set up by the company in Pittsburgh in February has already hired dozens of vehicle experts from Carnegie Mellon University, and now will be joined by Miller and Valasek.

There appointment was confirmed by a welcome tweet from Raffi Krikorian, head of Uber ATC. Both have started with their new appointments from Tuesday.

Uber at the moment is knee-deep with the target to develop or adapt the self-driving cars technology, and Miller and Valasek will be joining the company to make the vehicles more secure. This can help the company to reduce the man-power it has under the header of the thousands of contract drivers that the company has hired.

In order to develop this technology, the company has also shook hands with the University of Arizona, by providing the students grants in order to research and help developing the technology.

In march, Uber bought digital mapping firm deCarta, a San Jose, California-based company whose technology offers search and turn-by-turn directions.

FCA USA LLC recalled 1.4 million vehicles to install software intended to prevent hackers from emulating the experiment, which used the cellular network to enter the entertainment system and then win control of the engine, brakes and steering.

Vulnerability »

Malware Report »

Defacements »

Spam Report »