European Cyber Army leaks 60k credentials compromised from Syrian sites


More than 60,000 accounts details have been leaked by a hacker from European cyber army(ECA) going by handle "Zer0Pwn".

The database dump is said to be compromised from two syrian websites : job.sy and realestate.sy.

Hacker posted a sample data in a paste(http://pastebin.com/7Y13ULux) entitled "ECA vs. Assad" along with a link to full database dump.  The dump contains names, email ids, passwords, phone number and other details.

While the passwords compromised from job.sy are encrypted, the passwords from realestate.sy are in plain text format.

Lee J from Cyber War News analyzed the full database dump and reported that database dumps from realestate.sy contain more than 4000 unique login credentials and database dumps from jobs.sy contains more than 50,000 login credentials.

Some other members from ECA has attacked syrianmonster.com and compromised admin's login credential.


Hacker breaches Johns Hopkins University website

 
A hacker claiming to be part of the Anonymous hackers group has breached the Johns Hopkins University website and leaked the data compromised from the database server.

The database server contains information of current and former biomedical engineering students.  The stolen information includes name, phone number and email id of students.

The University says no information such as Social Security numbers and credit card numbers that would make identity theft a concert, is not involved in the breach.

According to the Baltimore Sun, the so-called anonymous hacker attempted to extort the university for further access to its database server, threatening to leak the stolen data unless university handed over the server password.

The breach reportedly occurred in last November, the vulnerability responsible for the breach has been patched.  The University is currently working with FBI and trying to remove the leaked data from online. 

RedHack claimed to have hacked ISP TTNET, Vodafone and Turkcell


The Turkish hacktivist collective RedHack claims to have breached systems of Turkish ISP TTNet(www.ttnet.com.tr), vodafone and leading Turkish mobile operator TurckCell(turkcell.com.tr).

"Customer data of ISP TTNET, mobile operator Vodafone and Turkcell infiltrated and vast amount of data collected from the systems. +"  Hackers announced the hack earlier today.

Hackers claimed to have compromised millions of records from the servers.

"If we are able to reach these info on their systems with our limited resources imagine what can foreign intelligence agency do. These companies have 90% of the population's data on their systems and they can't protect them." Hackers said.

The have dumped(http://justpaste.it/eaml) some of data compromised from TTNet.  The dump only contains the membership details of Ministries, National Intelligence Agency(MIT),and Security Directorate.  Hackers didn't publish the data belong to general public, "as a matter of principle".

The leak contains information such as names, phone numbers, addresses, email IDs and other information.

Hackers said the reason for these breaches is to prove the fact that no one and no system is 100% secure.

"In the coming days we'll continue with those exploiting the country. No public information will be shared. Our people can be at ease." The group said that they will continue the operation.

Bell Canada website hacked with POST-based SQL Injection vulnerability

Few days back, Nullcrew hackers hacked into Bell Canada website and leaked thousands of customer data.

Bell Canada confirmed Sunday that usernames and passwords of 22,421 and five valid credit card numbers have been leaked by hackers.  However, the organization points finger at Third-party saying the leak "results from illegal hacking of an Ottawa-based third-party supplier's information technology system".

Bell claims its own network wasn't affected by this breach.  Bell has disabled all passwords and notifying all affected users.  They are currently working with law enforcement and government security officials to investigate the matter.

"Quite a laughable claim, Bell actually knows of the breach, they knew the vulnerable section of the website for two weeks."In a response to the Bell's claim, hackers said in their twitter account.

The screenshot provided to DataBreaches shows that the hackers had a chat with Bell Support team.

Nullcrew chatting with Bell support team

Hackers said a POST based SQL Injection vulnerability resides in the password recovery page of Bell's sub-domain( https://protectionmanagement.bell.ca/passwordrecovery_1.asp)

Post-based SQL Injection in Bell Canada

Nullcrew hackers claims to have hacked Bell Canada

The Nullcrew Team is back! After several months, the group returned with a new database leak.  They claimed to have hacked into the Bell Canada website(www.bell.ca) and compromised the database server.

Just few hours before, the group published a link to leak(http://nullcrew.org/bell.txt).  The leak contains thousands of usernames,email addresses and plain-text passwords and even some credit card data.

"Go f****g figure, people who are suppose to provide secure connection to the internet?.. They can't secure themselves, and with that said?" Hackers wrote next to the leak.

"Successful day hacking internet service providers is successful. #NullCrew" Tweet posted by hackers on Jan 14 reads.

It appears the group also had a talk with Bell support team.

"We'd like to give a shout-out to the beautiful people over at twitter.com/Bell_Support.  First of all, asking a hacker their providence made all of us lolololol!" The group said.

Israel Aviation Agency website hacked

A Hacker group calling itself 'The Islamic Cyber Resistance Group' claimed to have hacked into the Israel Aviation Authority (iaa.gov.il) website and gained access to its Internal network.

The group claimed to have obtained sensitive information regarding domestic and international flight maps, FarsNews reports.

The group said that they had ability to cause disruption in services such as flight routing, communications between plane and ground stations.

"By the grace of God, we could gain access to iaa.gov.il LAN and in addition to obtaining sensitive information, seized full control over the management panel." The group said in a statement.

"But as the world knows, killing women, children and innocent people is a profession exclusive to Israel and its neophytes, and we, as ordered by Islam, do condemn such moves and, thus, find it sufficient to release sensitive information to prove that we have had the access to the servers and downed the website. "

Hackers said they had access to the server for months and downloaded a huge amount of data.  They also claimed to have wiped the whole server data.

The leaked information includes 'Domestic and international flight information Database', 'Some of the flight briefing files which are only provided to pilots and control towers', 'Management and flight routing software information', 'Weather condition maps'.

World Poker Tour Amateur Poker League website admits to security breach

Recently a hacker using twitter handle "@smitt3nz" hacked into the World Poker Tour Amateur Poker League(WPTAPL) website and leaked a database containing email addresses,clear-text passwords of more than 170k users.

WPTAPL Officials have now confirmed the security breach to SC Magazine.  However, they are trying to downplay the impact of the breach.

Kurt McPhail, president and CEO of WPTAPL claimed the leaked information are pretty much worthless and most of the compromised data was old.

They also said that only 50k of leaked accounts are still active and information can't even be used to log into their website because players use different separate username to log in.

I can't agree with their point that the leaked info are worthless.  The listed email ids and passwords may not allow attackers to log in the WPTAPL.  But, most of people normally use the same password for their email ID.  An attacker can use the info to compromise the email account.

 The vulnerability in question is reportedly being fixed and members are being notified about the breach.

World's Largest Bitcoin poker SealsWithClubs website hacked

 
It appears any websites that do Bitcoin transactions are coming under the radar of Hackers.  SealsWithClubs is the latest victim.

Online Poker service SealsWithClubs which is claimed to be the world's largest bitcoin poker site has admitted their database server containing user credentials compromised by the hackers.

They said the stolen passwords are hashed and salted but urged users to change their password. If you used the same password anywhere else, you are recommended to change there also as precaution.

Ars Technica pointed out a link to the InsidePro forum's post in which an user with online moniker "StacyM" has asked other users to crack 42,000 hashed passwords.

StacyM is offering $20 in Bitcoins for every 1000 unique cracked passwords. Thousands of passwords have already been cracked. He didn't mention the source of those hashes. However, some cracked passwords such as "sealswithclubs", "pokerseals" is appeared to be from the SealsWithClubs website.

SealsWithClubs promises to improve the security measures in the near future including 'ability to permanently lock withdrawal address', 'lock accounts account access except for certain IP addresses'

Vegastripping.com hacked, database leaked


A hacker with the twitter handle @zVapor has claimed to have hacked VegasTripping website(Vegastripping.com), a website providing guide for Las Vegas Hotel & Casino.

Speaking to E Hacking News, the hacker told a SQL Injection vulnerability in the Board section allowed him to compromise the database server.  The vulnerability has been fixed at the time of writing.

The hacker leaked all user information compromised from the target server in pastebin(http://pastebin.com/raw.php?i=ujgVuvX1).

The database dump contains usernames, hashed passwords, email address, country and other details.  It includes the credentials of admin account.

The hacker also doxed the admin account and published the personal info(address, phone number) of the admin.

If you ever have signed up for this website and used the same password anywhere else, you are recommended to change it now.

Government websites hacked, database leaked by TeslaTeam

 The infamous Serbian hacker group called as "Tesla Team" is targeting government websites belong to various countries.  The group has managed to find SQL Vulnerability in the target websites.

Affected websites includes Albanian Ministry of Economy Trade and Energy(mete.gov.al), Ministry of Finance and Economic Planning of Ghana(mofep.gov.gh),   Court of Bosnia(sudbih.gov.ba) and qashqadaryo.gov.uz.

The hacker didn't deface any of the hacked websites.  He managed to extract the data from the target database servers and leaked them instead.

The dump contains username and password credentials stolen from the database.  The group also provided the proof-of-concept link along with the database dump.

E! Online website hacked by Tesla Team


TeslaTeam, one of the infamous hacker group from Serbia, claimed to have hacked into one of the most famous celebrity fashion sites E!NEWS.

E! News is one of the high profile website that has alexa rank around 600, provides entertainment news, celebrities, celeb news, and celebrity gossip.

The group has discovered a SQL injection vulnerability in one of the subdomain of E News(br.eonline.com), the poc for this vulnerability has been provided along with the database dump(pastebin.com/2c28RJDe)

The database dump contains the list of tables, username and password phone of admin and other users.

The same group recently hacked into the Vevo website and leaked the database.

MacRumors Forums hacked, 860,000+ users data compromised


MacRumors forums have been breached by hackers who managed to obtain the information belonging to 860106 users that includes hashed passwords.

"In situations like this, it's best to assume that your MacRumors Forum username, email address and (hashed) password is now known." Editorial Director Arnold Kim wrote.

The hacker who behind the attack also made a post in MacRumors forum regarding the breach saying "We're not 'mass cracking' the hashes. It doesn't take long whatsoever to run a hash through hashcat with a few dictionaries and salts, and get results."

Hackers also claimed that they are not going to use the compromised credentials to log into gmail, apple accounts or any other accounts unless they target users specifically for some reason.

"Stop worrying, and stop blaming it on Macrumors when it was your own fault for reusing passwords in the first place." the hacker added.

It appears hackers have gained access to the database by logging into the forum with the stolen credentials of a single moderator.

Anonymous hacktivists leak Mafia, corruption documents compromised from Italian Government


Anonymous hacktivists has leaked a number of documents which is said to have compromised from the personal computers of regional administrations, mainly presidents of Calabria, Lombardia, Sicilia, Toscana, Campania and Puglia.

The leak is only the first leak in series of leaks targeting Italian regional Government. This first leak contains documents compromised from personal computer and mobile devices of Giuseppe Scopelliti, an Italian politician and a member of The People of Freedom political party.

"Giuseppe did nothing to stop mafia in Calabria spreading like plague,
nor he did anything to at least look like trying." hackers wrote in cyberguerilla website.


The hacktivists have posted a 400MB archive file containing 1000 documents and Gallery of 27 documents.

"This is just a beginning. People of Italia do have the right to know what the government is involved in, especially when it comes to mafia wars and corruption in the region." hackers wrote.

RedHack leaks document about Turkey's Minister for EU Affairs & Chief Negotiator


The Turkish hacktivists RedHack has leaked documents which is said to have details of Egemen Bağış,  the Turkey's Minister for EU Affairs & Chief Negotiator.

The group provided a ".onion" link in their official tumblr page which is said to have contain the documents.  One of the documents contains details about Egemen stay at London Hilton Park Lane.

" When we have checked the bill we have realised that Egemen Bagis was confused between tweeting verses and mixing the wines and whiskeys. These people call themselves devoted believers in religion. Really? " Hackers said in their post.


Another document is claimed to have revealing :the sophisticated details of the lifestyle of  Egemen and Beyhan Bagis, their daily routines and dairy"

The group also is claimed to have leaked a document contains "the list of businessman and their contact details that would join PM Erdogan during his US visit" and more documents has been uploaded in their onion page.

Hackers breach PureVPN website by exploiting a zero-day WHMCS vulnerability


Customers of the Virtual Private network provider "PureVPN" over the weekend started receiving a fake email claiming to be from the founder saying that "due to an incident we had to close your account permanently".

"We are no longer able to run an anonymization service due to legal issues we are facing" The fake email reads.

"We had to handover all customer’s information to the authorities unfortunately. They might contact you if they need any details about the case they are working on. The following information was handed over: your name, billing address and phone number provided during purchase and any documents we had on file (for example scan of your ID or driver’s license if you have provided these to our billing department)."

However, the Co-founder ,Uzair Gadit, said in the official blog post that the email is fake and confirmed the purevpn website hit by a security breach.

Hackers exploited a vulnerability in 3rd party application WHMCS and compromised the email IDs and names of registered users.

"We repeat no billing information such as Credit Card or other sensitive personal information was compromised." The blog post reads.

Loretto Telecom, The West Australian and Moundville Telephone Co websites hacked by TeamBerserk

A Hacker group named TeamBerserk has claimed to have hacked into Loretto Telecom, The West Australian Newspaper and Moundville Telephone Company websites and leaked data.

Hackers claimed to have exploited a SQL Injection vulnerability in The Western Australian website and gained root access to the entire server.  The breach allowed hackers to access all domains hosted in the server including website of Southern Computer Company.

"After that we get into SCC client base and f***around with their client computers which are running remote services on Windows machines; and some of these clients are AU Government. Thanks for the additional bots and all the #Data.  We'd like to thank The Western Australian for the SQLi and InterVolve Cloud for a very vulnerable set of boxes."  The hackers said.

The group leaked 1,400+ usernames and passwords compromised from Loretto Telecom website and a link to the login page.

"We worked together quite quickly when we exploited and got root to this box. After we got axx we plundered all of the accounts for tens of thousands of digital monies ($), with these monies we purchased BTC and LTC and ordered lots of ** and pizzas to the FBI and DoJ like we normally do when we get lots of booty (YARR)" Hackers wrote next to the leaked data.

The group also claimed to have breached mound.net and gained access to accounts and "purchased tens of thousands of dollars worth of BTC and LTC. Many bank accounts were also completely penetrated and we still have access to these accounts."

Philippines Navy website hacked by Pr3 H4ck3r


A Hacker with handle "Pr3 H4ck3r" from Philippine Cyber Army has claimed to have hacked into the database of the Navy website.

According to hacker's statement, he compromised the data by exploiting the SQL Injection vulnerability in the Navy's "BRP Alcaraz blog" page (navy.mil.ph/alcaraz).

However, we are not able to access the given link at the time of writing. It appears the admin has taken down the link.  The news was first reported by local hacking news site PinoyHackNews.

In a pastebin post(pastebin.com/5xhP6zft), hackers leaked the login credentials compromised from the database.  It includes the Admin login credentials.  What's worse is that they are using very weak username and password.

They have used the "userpassword" as password.  Even if there is no bug, hacker could have guessed the password or get the password by brute-forcing. It is sad to know that the Navy website itself has poor security and weak passwords.

Exclusive: Truecaller Database hacked by Syrian Electronic Army

It's been long time since we reported news updates on hacking attacks done by Syrian Electronic Army.  Just now, Syrian Electronic Army has posted a tweet saying they have hacked into TrueCaller website(www.truecaller.com)

 "Sorry @Truecaller, we needed your database, thank you for it :) http://truecaller.com  #SEA #SyrianElectronicArmy" One of the Tweet reads.

In another tweet, the group has provided the database host address,database name,  username, and password in plain-text.

Speaking to E Hacking News, the hackers said they have hacked into the TrueCaller's server and downloaded more than 7 databases.  The said the main database is 450GB.

The downloaded database includes truecaller_ugc(459GB), truecaller (100GB),truecaller_profiles( 4GB), truecaller_api(123KB), truecaller_PushMe(2.2KB), tc_admin(7MB), tc_www:(70MB).

The database is claimed to have access codes of more than million facebook, twitter, linkedin , Gmail accounts that will allow hacker to post updates from victim's account.



The group claimed the outdated wordpress allowed them to gain access to the admin panel.

At the time of writing, they shutdown their website and it displays the following error message "We are doing some upgrades. Thank you for your patience."

*UPDATE:
TrueCaller confirmed the security breach in their officail blog. However, they denied the hacker's claim that they had access to the social network's access codes.

Redenet.edu.br & University of Neoliberal Arts hacked by NullCrew

 

The hacker group Nullcrew is back with few University websites' security breaches.  Today, we have received a notification from the group saying they have hacked into the website belong to University of Neoliberal Arts.

The group provided us a link to the database leak of the hacked site : pastebin.com/Az4tqvPQ .  The leak contains the email address, password, name, address and Phone number details.

"To show our support of Anonymous" The hacker group stated as reason for the security breach.  According to the hacker's statement, the hacker exploited a SQL Injection vulnerability to compromise the database.

The crew also hacked into the Institute of Brazil website(redenet.edu.br).  They announced the security breach in their Twitter account: pastebin.com/a7Mt8f95

The leak contains email address, names, contact numbers.  It also includes more than 10 login id and password credentials. 

#OpTurkey - Fox Turkey & VodaSoft hacked by Anonymous

Anonymous hacktivists continue their cyberattack against Turkey.  Today, they have breached Fox turkey and Vodasoft Call Center Solutions websites.

The security breach is part of the ongoing operation "#OpTurkey" which was kicked off in response to the government's violent attempt to suppress Turkish protests.

Unfortunately, the Government fails to know the violence against protesters will get the attention of Internet activists.

Hackers leaked more than thousands data from the Fox Turkey website(fox.com.tr) which contain ip address, email ids and name : http://nopaste.me/paste/208744166651b10f0ba7d44

The Vodasoft's leak comprise of username, email address, name and password details :http://nopaste.me/paste/126630249651b1068f3ee4c

Recently hacktivists breached the Prime minister website, Ministry of Interior and more Turkey websites as part of the operation.