London hackers may be behind ransomware attack on Lucknow hotel

In a first-of-its-kind ransomware attack in Lucknow, cybercriminals breached and blocked the computer system of The Piccadily, a five-star hotel in the capital of Uttar Pradesh, and demanded a ransom to allow data access. Ransomware is a malware unleashed into the system by a hacker that blocks access to owners till ransom is paid.

The hotel management lodged an FIR with the cyber cell of police and also roped in private cyber detectives to probe the crime and suggest a remedy.

The hotel’s finance controller in Alambagh, Jitendra Kumar Singh, lodged an FIR on March 9, stating the staff at the hotel was unable to access the computer system on February 27 around 11:45 pm when they were updating monthly business data. This was followed by screen pop-ups which read — Oops, your important files are encrypted. The staff initially ignored the pop-ups and rebooted the system following which it crashed. Later, the hotel management engaged a software engineer to track down the malfunction after which it came to light the system has been hit by ransomware.

Nodal officer of the cyber cell deputy superintendent of police (DySP) Abhay Mishra said the case happens to be first of its kind of ransomware attack in the city. The demand for ransom in such cases are also made through ‘Bitcoin’, he said. “They are investigating into the matter, but are yet to make any breakthrough,” Singh told TOI. The staff initially ignored the pop-ups and rebooted the system following which it crashed.

The cyber cell of Lucknow police believes the ransomware attack could have been made from London. Sleuths of the cyber cell made these claims after authorities of the Piccadily said they had been getting frequent phone calls from London-based number after the attack.

Singh said, “We received for calls from the same number a day after the attack. The callers inquired about the ransomware attack and asked about the progress in the case. Later, they also agreed to offer assistance.”

Hackers use stolen Apple prototypes to break into iPhone


Apple's production lines are so massive that it's easy to imagine iPhones being smuggled out of there.

We all know the story of the prototype iPhone 4 that was left at a bar, spoiling what could have been one of the biggest surprises in Apple history. But have you heard the one about the stolen prototype iPhones that are still winding up in unintended hands — in this case, hackers bent on finding ways to break into Apple’s operating system?

As per a report, some of the most prominent iOS hackers have made use of prototype iPhones to break into iOS.

Just like every smartphone maker, Apple also develops a prototype or 'dev-fused' iPhone for testing different technologies, modems, chips.

If you are an iPhone user, chances are that you know about Cydia, the jailbroken app store for iPhone and iPads. While Jailbreaking is a type of hack that is mostly used to sideload paid apps for free, there are other types of hacks as well. Hacks that are either much more problematic or useful, depending on which side of the hack one is in. Apple phones come with a Secure Enclave Processor (SEP) that encrypts sensitive data on the phone and is set-up as a separate entity. Motherboard investigated how some of the best hackers were able to get study the chip and the answer is said to be a “dev-fused” iPhone, which is an iPhone that was lifted before finishing the production process.

As per the report, these dev-fused iPhones are pre-jailbroken devices in which many security features are disabled. This is so that researchers can test them easily but these devices were never intended to get out of Apple’s reach.

The Motherboard report says there’s now a gray market for “dev-fused” iPhones and each product sells for thousands of dollars. Why? Because they help hackers, security researchers crack iPhones and find critical vulnerabilities in them.

Gaining root access to these pre-production iPhones is said to be much easier than doing the same on a commercially available iPhone.

Can AI become a new tool for hackers?

Over the last three years, the use of AI in cybersecurity has been an increasingly hot topic. Every new company that enters the market touts its AI as the best and most effective. Existing vendors, especially those in the enterprise space, are deploying AI  to reinforce their existing security solutions. Use of artificial intelligence (AI) in cybersecurity is enabling IT professionals to predict and react to emerging cyber threats quicker and more effectively than ever before. So how can they expect to respond when AI falls into the wrong hands?

Imagine a constantly evolving and evasive cyberthreat that could target individuals and organisations remorselessly. This is the reality of cybersecurity in an era of artificial intelligence (AI).

There has been no reduction in the number of breaches and incidents despite the focus on AI. Rajashri Gupta, Head of AI, Avast sat down with Enterprise Times to talk about AI and cyber security and explained that part of the challenge was not just having enough data to train an AI but the need for diverse data.

This is where many new entrants into the market are challenged. They can train an AI on small sets of data but is it enough? How do they teach the AI to detect the difference between a real attack and false positive? Gupta talked about this and how Avast is dealing with the problem.

During the podcast, Gupta also touched on the challenge of ethics for AI and how we deal with privacy. He also talked about IoT and what AI can deliver to help spot attacks against those devices. This is especially important for Avast who are to launch a new range of devices for the home security market this year.

AI has shaken up with automated threat prevention, detection and response revolutionising one of the fastest growing sectors in the digital economy.

Hackers are using AI to speed up polymorphic malware, causing it to constantly change its code so it can’t be identified.

Anonymous hackers taken down Canadian government websites

Anonymous hacking group hacked the several Canadian government websites and servers on Wednesday, in retaliation for a new anti-terrorism law passed by Canada’s politicians.

The sites which were affected by this cyber attack includes general website for government services, canada.ca, Canada’s spy agency, the Canadian Security Intelligence Service (CSIS).

According to the cabinet minister, Tony Clement, who is responsible for the Treasury Board, the attack has affected the email and the internet access. He confirmed this on his Twitter account.

 A video  has been posted on YouTube by Anonymous citing that the anti-terrorism law violated human rights and targeted people who disagree with the government.

The new Bill C-51, or the Anti-terrorism Act, 2015, would give new powers to CSIS and federal agencies to increase surveillance and share information about individuals.

Talking to the reporters of the guardian, the public safety minister, Steven Blaney, denounced the cyber attacks, “there were many other democratic ways for Canadians to express their views, and  the government was implementing efforts to improve its cyber security.”

Two Anonymous hackers arrested by Australian Police

After a lengthy investigation, two people believed to be members of Anonymous hacker group have been arrested for allegedly hacking into government and corporate websites.

Police says a 40-year-old man from Western Australia has been charged with hacking into Melbourne IT Ltd's computer network in Brisbane and Indonesian government web servers, Australian Broadcasting Corporation reports.

The 18-year-old man from Penrith was charged with hacking into NetSpeed ISP located in Canberra and ACT Long Service Leave Authority.

These two were reportedly involved in several cyber attacks which includes modifying the content of websites and disrupting access to many websites by launching Distributed Denial of service(DDoS) attacks.  These attacks date back to 2012.

A number of computer hard drives and other computer equipments from the suspects' house have been seized by Police.  

#OpWorldCup: Brazil Government websites hacked by DK Brazil Hackteam


An anonymous affiliated hacker group called as "DK Brazil Hackteam & An0nнat" targeting Brazil government and defaced several Brazil Government websites in recent days.

The hack is part of an ongoing operation called "#OpWorldCup" which.  The operation is appeared to be a protest against the upcoming 2014 FIFA World Cup that is scheduled to take place in Brazil.

The group has defaced two Brazil government websites www.saobento.ma.gov.br and Brazil's Barro Municipality (barro.ce.gov.br/).

The group has defaced plenty of Brazil Government sites at the end of last month.  They hacked the following the websites so far: www.novaluzitania.sp.gov.br/, indaial.sc.gov.br/, igarapedomeio.ma.gov.br/, procon.sp.gov.br.

Anonymous hacker charged for hacking Singapore PM website


 A 27 year old Singaporean has been charged for hacking into the Singapore Prime minister's website and deface it.

Mohammad Azhar bin Tahir, charged for modifying the contents of PM's website (www.pmo.gov.sg) on Nov 7, causing it to display a message with an Anonymous mask picture.

The hacker also faces nine other unrelated-charges which includes hacking into and changing the Wireless network password belong to a person Nadia Binte Ali Khan.

In fact, the Prime Minister's website is not actually hacked; the hacker just exploited the 'Reflected' XSS vulnerability and managed to display the defacement message.  It is non-persistent that means visitors of the site won't be able to see the defacement, only those who visit crafted-link.

Defacement exploiting Reflected XSS vulnerability

Azhar's 21-year-old brother, Mohammad Asyiq Tahir, also faces 6 charges under Computer Misuse and Cybersecurity Act. One was for hacking Ridhwan's ex-girlfriend's facebook account.

Last month, James Raj Arokiasamy who is said to be the Anonymous hacker with handle "The Messiah", charged for hacking into Ang Mo Kio Town Council website.

14 alleged RedHack and Anonymous hackers referred to court


A total of 14 alleged members of Turkish hacktivist RedHack and Anonymous hacktivists have been detained.

The Word Bulletin reports that suspects were referred to the Ankara Courthouse on Monday.  The operation is against the RedHack group which is being labeled as a criminal organization by Turkish Government.

The Ankara Police Department's Cyber Crime Units arrested alleged hackers from various locations including Ankara, Kahramanmaraş, Bursa, Mersin.

The suspects are accused of being part of hacking attacks against Government and individuals and disclosing confidential information.

However, the RedHack group says none of the arrested people are part of their group.

"All those arrested are not known to us. Every single one in our team is safe. Fascist gov't of Turkey continues it's scaremongering to + "The tweets posted by the hacker group reads.

"they are trying new tactics to cut the support to RedHack. But what they don't realise is that #RedHack have become the RedPeople Now"

*UPDATE: The suspects released by court 
14 Turkish people including one actor "Barış Atay" who are accused of being member of Redhack hacker group have been released by the Ankara Court, according to the Turkish local news report.

#OpTurkey - Fox Turkey & VodaSoft hacked by Anonymous

Anonymous hacktivists continue their cyberattack against Turkey.  Today, they have breached Fox turkey and Vodasoft Call Center Solutions websites.

The security breach is part of the ongoing operation "#OpTurkey" which was kicked off in response to the government's violent attempt to suppress Turkish protests.

Unfortunately, the Government fails to know the violence against protesters will get the attention of Internet activists.

Hackers leaked more than thousands data from the Fox Turkey website(fox.com.tr) which contain ip address, email ids and name : http://nopaste.me/paste/208744166651b10f0ba7d44

The Vodasoft's leak comprise of username, email address, name and password details :http://nopaste.me/paste/126630249651b1068f3ee4c

Recently hacktivists breached the Prime minister website, Ministry of Interior and more Turkey websites as part of the operation.

ANON_0x03 invade Argentina military website


The hacker group "ANON_0x03" affiliated with Anonymous hacktivists has invaded the website belong to Infantry branch of Argentina Army (infanteria.mil.ar).

The website has been defaced and notified in the zone-h mirror page by a hacker with the handle "voldem0rt".

Unlike other hackers, they didn't left any messages in the defacement.  They leaked the compromised database in the defacement instead.

The data leaked by Anon 0x03 includes email addresses, usernames, hashed passwords and other information.

We are still able to see the defacement page at the time of writing.  But the security breach was done 24 hours ago.

Mirror:
http://www.zone-h.org/mirror/id/19658987

They also leaked login credentials belong to few Peru government websites along with the link to login panel.

The Daily Star website hacked by Anonymous hacktivist


Anonymous Hacktivists hacked into The Daily Star website and upload articles with title "Anonymous Continues Struggle For Justice".

According to Daily Start News report, around one hour after admin removed the post, the hacker once again uploaded the same article with different title "Anonymous Steps It Up".

"Anonymous continued its bid for true democracy and freedom today, when they started on a new path to bring to an end the corruption and oppressive regimes of todays governments. In a call for a truely open society Anonymous has started to raise its public profile the world over," The hacker said in the defacement message.

"Anonymous is calling for media transparency on all sides, particularly to do with world-issues such as Iran/Israel and the USA/UK arms deals in the middle east. As with all arguments, there are two sides, and single sided reporting must stop. War criminals should be tried for their crimes and in the case of state sponsored terrorism, the public should be fully aware of the acts governments commit in order to fight their injustice."

United States Sentencing Commission(ussc.gov) hacked and defaced by Anonymous


Anonymous hacktivists breached the website belong to United States Sentencing Commission (ussc.gov) and defaced the site under the operation called "#opLastResort"

" Two weeks ago today, a line was crossed. Two weeks ago , Aaron Swartz was killed. Killed because he faced an impossible choice. Killed because he was forced into playing a game he could not win -- a twisted and distorted perversion of justice -- a game where the only winning move was not to play." The defacement message reads.

"With Aaron's death we can wait no longer. The time has come to show the United States Department of Justice and its affiliates the true meaning of infiltration. The time has come to give this system a taste of its own medicine. The time has come for them to feel the helplessness and fear that comes with being forced into a game where the odds are stacked against them."

The full defacement message can be found here:
http://pastebin.com/Fbx3k2pX


Few days back, Anonymous defaced a Massachusetts Institute of Technology(MIT) website to denounce the charges against him and urge computer crime law reform and more support for open access initiatives.

Aiplex India website taken down by Anonymous India

 Indian Anonymous hacktivists launched Distributed denial of service attack against Aiplex Software Pvt. Ltd.

Aiplex is a company based in Vijayanagar, Bangalore, India contracted by the MPAA to deliver copyright notices to websites that they deem violate copyright laws, and distributed denial-of-service attacks (DDoS) to said sites if they fail to remove the offending content.

"We just showed Aiplex India is no one to to deliver copyright notices to websites. " Anonymous said in the twitter.

Feds charge Anonymous spokesperson Barrett Brown for sharing link to stolen credit card data


Is it crime to share a link to data leaks? The Today indictment of Anonymous spokesperson shows sharing link to data leaks is crime.

Barrett Brown , the former spokesperson for the Anonymous hacktivist, has been charged of one count of trafficking stolen authentication features, one count of access device fraud, and ten counts of aggravated identity theft.

The charges are related to the Stratfor hack carried out by hacktivists at the end of 2011.

Brown isn’t charged with committing the stratfor hack but for posting links to file contains the 5,000 credit card details that were stolen in the incident.

" By transferring and posting the hyperlink, Brown caused the data to be made available to other persons online, without the knowledge and authorization of Stratfor and the card holders." The Feds says.

From the story, We can come to a conclusion that all Journalist who covers the hacking incident and links to data leaks are making crime.

At that time of stratfor hacking incident, links to the stolen credit card details were widely shared on twitter - are all the users who shared the links going to be rounded up and arrested, too?

Anonymous #AutumnStatement to the tax avoiding rich and corrupt politicians



The Anonymous hacktivists have hacked into a number of websites and defaced them with "Autumn statement" to the tax avoiding rich and corrupt politicians.

The list of hacked websites includes SABA Consulting(sabaconsulting.eu) ,Maxwells Spanish Holiday Villas (maxwellsvillas.com), EF Medispa (efmedispa.com), Arena Wealth(arenawealth.com)



"While the UK continues to demonise and punish the poor, the sick and the unemployed for the corruption of the financial and political systems, we would like to remind all of the British tax-avoiding Monaco dwellers, the super-rich and politicians that:

We are watching you.

You will be held accountable for your greed.

Expect Us." The defacement page reads.

At the time of writing , most of the sties still displays the defacement message. After few minutes, users are being redirected to The defaced page redirects to HM Revenue and Customs website(hmrc.gov.uk).



Once again, Kapil Sibal's official website hacked by Anonymous India

Indian Anonymous hacktivists

Once again, Indian Anonymous hacker group has breached the official website of India's Communication and Information Technology Minister Kapil Sibal(www.kapilsibalmp.com).

On August 2012, they break into the website and published a number of screenshots on the social media website Facebook to demonstrate that they gained access to the site’s backend.

Now, they have defaced the website and left the following message:

Kapil Sibal is the world’s biggest retard. Born with a below 60 IQ he thought he could mess with the Internet and let the elite of his party suppress freedom of speech. Although a retard, he somehow formed the rules in such a way, that everyone can censor everyone there by hiding behind everyone to be able to censor when really hurt him and his party. Confusing isnt?

The hack was announced via the Anonymous India twitter account @opindia_revenge. The hackers said they hacked the website because "He (Sibal) had used the words 'Victims of freedom of Expression'. He is hiding the fact that #66A is breaking the internet media."

Besides the hack of Minister website, they have also hacked into the official website of Government of Mizoram, India and defaced the site with a protest message.



Anonymous declares Cyberwar on Syrian government sites - Syrian Embassy in China under attack

anonymous hackers

The hacktivist group Anonymous has announced a cyber war against Syrian Government websites hosted outside the country.

"Today, at precisely 10:30 AM ET all Internet traffic into and out of Syria ceased. Within a half hour of this sudden shut down, the PBX land-lines were degraded by 90% and Mobile connectivity was degraded by 75%. The nation of Syria has gone dark. And Anonymous knows all to well what happens in the dark places." Hacker said in the press release.

"When your government shuts down the Internet, shut down your government." ~ Anonymous Egypt.

" Beginning at 9:00 PM ET USA Anonymous will begin removing from the Internet all web assets belonging to the Assad regime that are NOT hosted in Syria. We will begin with the websites and servers belonging to ALL Syrian Embassies abroad" Hacker said.

The hacker collective has launched distributed denial of service (DDOS) attack against the  website of the Syrian Embassy of in China(syria.org.cn).

They also hacked and defaced the Syrian Embassy website in Belgium (syrianembassy.be)

*Update* As part of the operation, Anonymous Australia has defaced the Industrial Bank of Syria (industrialbank.gov.sy) and left a message: "Sorry admin but your page was taked by us - Because from Latin America, we are sad seeing destroyed between brother countries. - Please governments."

The press release can be found here:
http://www.anonpaste.me/anonpaste2/index.php?bb2a5f5ea4d78406#Kmh9zezlxKa3262RPC6TtgFwc5Vn2Ur+NEtOud0Q0bo=

Government of Mizoram (Dpar.mizoram.gov.in) site hacked and defaced by Anonymous

Mizoram government site hacked

Anonymous hacktivist has hacked into the Department of Personnel and Administrative Reform(DP&AR) sub domain(Dpar.mizoram.gov.in) belong to Government of Mizoram.

Mizoram  is one of the Seven Sister States listed as in North Eastern India, sharing borders with the states of Tripura, Assam, Manipur and with the neighboring countries of Bangladesh and Burma.

"This is Govt saying, they can still censor you if you speak against them. " Hacker posted the protest message in the defacement webpage.

"Free press is a myth in #India thanks to #ITAct #66A with latest modification the Govt will better control "

" The time to sit silently is gone. Call your friends and get them to protests sites"

The defaced page:
dpar.mizoram.gov.in/components/index.html

At the end of the defacement page, hackers mentioned  that the website is full of malware even before they hacked into the site.

Anonymous Paraguay hacked National Electricity Administration (ANDE.gov.py)


The hacker group Anonymous Paraguay hacked into the official web page of the Paraguay's National Electricity Administration (ANDE.gov.py) and defaced it.

The defaced page presents a Matrix background , over which is the image of a Paraguayan flag with Anonymous logo instead of the National Shield and the words "UNLOCKER_PARAGUAY_SECURITY" above.

The defacement message blasts Canadian miner Rio Tinto Alcan, which he calls "a multinational that has been stripped of its wealth to other peoples of the world, and in Paraguay is about to settle" and accused of funded "civil wars and has managed innocent deaths in other lands and now wants to settle in the hands of the de facto government."

"Rio Tinto Alcan has the same responsibility that these parties that conducted the parliamentary coup, and thus betrayed the will of the people," reads the text.

The message adds that, in protest, the "hackers" decided to temporarily block the site because ANDE "lend themselves to the authorities of this multinational foul play."

"No peace will this government and the judiciary while burning indigenous schools as they did in Yva Poty in Curuguaty " In his Twitter account @ AnonsParaguay, Anonymous said.(translated)

*Update* Hackers still have control of their server. You can see the defacement page here:
http://www.ande.gov.py/webadmin/

Anonymous leaks 1GB of internal Govt emails from the Syrian Ministry of Foreign Affairs



The hacktivist hacker group Anonymous have leaked 1GB of documents that contains internal government emails from Syrian Ministry of Foreign Affairs. Hackers has leaked the data as part of the ongoing operation called "#OpSyria".

The leaked documents contains all sort of information including scanned passports from Syrian ministers (PDF) and details about arms transportation from Ukraine,  and even a report which shows that 200 tons of Syrian bank notes have been shipped from Russia.

"Most of the material is in Arabic and we invite all arabic speakers to look through the mails for interesting documents." Hackers invite arabic speakers to translate the documents.

The files can be accessed via the email viewer set up on par-anoia.nethttp://par-anoia.net/releases.html or by downloading the compressed MBOX archive and importing it into an email client.