European Cyber Army leaks 60k credentials compromised from Syrian sites


More than 60,000 accounts details have been leaked by a hacker from European cyber army(ECA) going by handle "Zer0Pwn".

The database dump is said to be compromised from two syrian websites : job.sy and realestate.sy.

Hacker posted a sample data in a paste(http://pastebin.com/7Y13ULux) entitled "ECA vs. Assad" along with a link to full database dump.  The dump contains names, email ids, passwords, phone number and other details.

While the passwords compromised from job.sy are encrypted, the passwords from realestate.sy are in plain text format.

Lee J from Cyber War News analyzed the full database dump and reported that database dumps from realestate.sy contain more than 4000 unique login credentials and database dumps from jobs.sy contains more than 50,000 login credentials.

Some other members from ECA has attacked syrianmonster.com and compromised admin's login credential.


Vegastripping.com hacked, database leaked


A hacker with the twitter handle @zVapor has claimed to have hacked VegasTripping website(Vegastripping.com), a website providing guide for Las Vegas Hotel & Casino.

Speaking to E Hacking News, the hacker told a SQL Injection vulnerability in the Board section allowed him to compromise the database server.  The vulnerability has been fixed at the time of writing.

The hacker leaked all user information compromised from the target server in pastebin(http://pastebin.com/raw.php?i=ujgVuvX1).

The database dump contains usernames, hashed passwords, email address, country and other details.  It includes the credentials of admin account.

The hacker also doxed the admin account and published the personal info(address, phone number) of the admin.

If you ever have signed up for this website and used the same password anywhere else, you are recommended to change it now.

JPMorgan Chase & Co's UCard website hacked, 465,000 users affected

JPMorgan Chase & Co, an American multinational banking and financial services holding company, has issued warning to around 465,000 card users regarding a security breach that might have allowed hackers to steal personal information.

According to the Reuters, the cyber attack happened back in July on their UCARD website "www.ucard.chase.com". However, the breach was only detected in the mid-September.

The company says the personal info of customers are encrypted. However, during the cyber attack, some data temporarily "appeared in plain text in files the computers use to log activity".

Though small amount of data was accessed, the company found no evidence showing that sensitive data such social security number, email id,date of birth were compromised.

Only Ucard users are affected by this security breach, others are not affected. Affected customers are being offered free credit-monitoring services for one year.

The company says it has fixed the issued and FBI & Secret service are investigation the incident to find out the attackers behind the breach.

E! Online website hacked by Tesla Team


TeslaTeam, one of the infamous hacker group from Serbia, claimed to have hacked into one of the most famous celebrity fashion sites E!NEWS.

E! News is one of the high profile website that has alexa rank around 600, provides entertainment news, celebrities, celeb news, and celebrity gossip.

The group has discovered a SQL injection vulnerability in one of the subdomain of E News(br.eonline.com), the poc for this vulnerability has been provided along with the database dump(pastebin.com/2c28RJDe)

The database dump contains the list of tables, username and password phone of admin and other users.

The same group recently hacked into the Vevo website and leaked the database.

Simple Machines Forum website hacked & Users passwords compromised


Simple Machines Forum(SMF), one of the top free open Source forum software, has revealed that its official website was compromised by intruders on the 20th of July.

Hacker compromised one of the admins account password that allowed him to gain access to the database server which contains the users' data.

SMF admitted that user data has been compromised by saying "we are 100% sure that our user database has been stolen".   The stolen data includes password, personal messages and other info.

"This is !!NOT!! a security issue with the SMF software. If you are running the latest SMF version you have nothing to fear from this hack if you use different passwords." SMF said in their community page.

Users are urged to change the passwords.  If you have used the same password anywhere else, it is recommended to change the password there also.

According to the SMF report, the attackers get the admin password by hacking into another website where the admin is one of the member.  The admin is reportedly used the same password in their website also that helped the attackers to take advantage of.

This is just an example of why you shouldn't use the same password on multiple websites. We are thankful to one of EHN's Greek reader "IGuru" to inform us about the announcement .

Philippines Navy website hacked by Pr3 H4ck3r


A Hacker with handle "Pr3 H4ck3r" from Philippine Cyber Army has claimed to have hacked into the database of the Navy website.

According to hacker's statement, he compromised the data by exploiting the SQL Injection vulnerability in the Navy's "BRP Alcaraz blog" page (navy.mil.ph/alcaraz).

However, we are not able to access the given link at the time of writing. It appears the admin has taken down the link.  The news was first reported by local hacking news site PinoyHackNews.

In a pastebin post(pastebin.com/5xhP6zft), hackers leaked the login credentials compromised from the database.  It includes the Admin login credentials.  What's worse is that they are using very weak username and password.

They have used the "userpassword" as password.  Even if there is no bug, hacker could have guessed the password or get the password by brute-forcing. It is sad to know that the Navy website itself has poor security and weak passwords.

Ubuntu Forums Hacked - Millions of Username, password, email address stolen


Canoncial , the company behind the Ubuntu Distro, has announced that their official forum "Ubuntu Forums" has been breached by a hacker with the handle @sputn1k_ . 

The company admitted that the hackers have compromised the database contains all user's username, password and email addresses.

They said that the passwords are not stored in plain text. However, if you are using the same password anywhere else, it is better change it now because it won't take much time for the attacker to crack the hash.


Image Credits: @nuke_99

The hackers left the site defaced with a message saying ""None of this "y3w g0t haxd by albani4 c3bir 4rmy" stuff.  Straight up, you dun goofed.  It's as simple as that"

The company stated in the announcement that "Ubuntu One, Launchpad and other Ubuntu/Canonical services are NOT affected by the breach."

Currently, Ubuntuforums.org displays the splash page saying "Ubuntu Forums is down for maintenance".

Exclusive: Tango App website hacked , more than 1.5 TB daily database backup compromised

Here comes, another security breach update from Syrian Electronic Army.  Today, they have hacked into Tango.me and compromised more than 1.5 TB Daily backup of the servers.

The databases is reportedly contains more than millions of  the Application users phone numbers and contacts and their emails.

"Sorry @TangoMe, We needed your database too, thank you for it! http://tango.me  #SEA #SyrianElectronicArmy" The tweet posted by Syrian Electronic Army.

The Hackers breached the Tango.me with same method- The outdated Wordpress CMS allowed them to gain unauthorized access to the database server.

Exclusive Admin Panel Screenshot provided by Hackers, shows the out-dated version "Wordpress 3.2.1" used by the Tango website :


Speaking to E Hacking News, Syrian Electrionic Army said that Tango has 4- servers for the website : 199.83.168.224, 199.83.168.225, 199.83.168.227, 199.83.168.224. All of the servers has been shutdown , after hackers breached the website.

The website currently redirects to Tango's facebook page.  Hackers said they will provide the compromised data to Syrian Government.

*Update:*
"Tango experienced a cyber intrusion that resulted in unauthorized access to some data. We are working on increasing our security systems." Tango confirmed the security breach in Their official Twitter account.

"We sincerely apologize for any inconvenience this breach may have caused our members."

Hackers also provide the screenshot of the database backup. We have split the screenshot into four images:

Screenshot Provided by SEA , shows Backup of database




UbiSoft website hacked, urges users to change passwords

 
Ubisoft, a French global video game publisher and developer,has confirmed the security breach on their website and sent out email to their customers urging them to change the passwords.

"We instantly took steps to close off this access, to begin a thorough investigation with relevant authorities, internal and external security experts, and to start restoring the integrity of any compromised systems." The company said in the FAQ page.

The company said that the hackers compromised one of their website to gain unauthorized access to the database that contains user names, email addresses and encrypted passwords.

However, the company claimed "No personal payment information is stored with Ubisoft, meaning your debit/credit card information was safe from this intrusion."

The company urges users to change their password on its website as well as on any other website where you use the same or a similar password.

St. Francis Preparatory School website database leaked by Group Hp-Hack


A new hacking group named "Group Hp-Hack" has found a way to break into the database server of St. Francis Preparatory School website and accessed the data.

Today, we received a notification from the team that they have hacked the sfponline.org website and leaked the data compromised from the server.

Talking to EHN, the group also provided a sql injection vulnerable link that gave them access to the server.   The leak contains a list of username and password(plain text format). 

The group also claimed to have breached the auto-dress.ru website which is said to be Russian auto company.  The group leaked thousands of user id, name, email and password data.

Pakistan Intelligence job board website defaced by Anonymous



A security flaw in pakistanintelligence.com, a pakistani job portal gave an opportunity to Anonymous hacker to gain access to their server.

Anonymous left the about us page "www.pakistanintelligence.com/text_pages.php?id=1
" defaced with the text "hacked by anonymous "

"You b33n h4ck3d by #F**kYouSec. OHai all....time to look for a job using some other service...we haz ALL UR infoz...Y?... cuz i can...and U b33n sold out by poor security
" The message posted by the hacker.

The hackers also claimed to have leaked 2Gb of logs zipped into 24Mb file, uploaded to anonfiles website.

This is not the first time the site is being under the cyber attack. The same page was defaced in 2011. We are not sure whether the same vulnerability allowed him to gain the access.

 Update:
Cyber War News analyzed the dump and found the leak contains personal data of individuals who registered in the portal which include name, contact info, job type and more. It also includes the login credentials of admin account.

@1923Turkz hits Jharkhand police website

*Update: 1923Turkz is one of the fake claimer.  We have confirmed the leak is fake one.


The attack was announced in his twitter account. He provided an anonpaste link that reportedly contains the database dump of the jhpolice.gov.in.


The leak includes login credentials of more than 20 accounts.  It contains the email addresses and passwords.  I'm not able to believe my eyes when i read the password list. All of them are using "123" as password.

Jharkhand police is the only police dept. in India that recently launched a facility for Responsible disclosure where bug hunters can safely report their vulnerability finding.

*Update*: The hacker didn't provide any valid POC that proves his claim.  It is more likely to be fake one.

Hacker @Reckz0r breached CNN website and posted fake articles

*Update*: Cyber War news reports the leak is fake.


Few days back, a hacker with twitter handle @Reckz0r claimed to have breached the CNN website and leaked data.

The data published in the pastebin (http://pastebin.com/YQLv6t3E) includes server&database details, login credentials of 9 accounts that contain usernames and encrypted passwords.

"because they're a bunch of f**ng faggots trying to spread false news, your 9/11 is our 24/7. I strongly respect the Palestinian brotherhood, and it seems like CNN is on Israel's side. and you do know one thing;" He stated as reason for the attack.

He also claimed to have posted four fake articles on edition.cnn.com. We are not able to verify his claim.


The hacker also provided the screenshot of the fake article he posted : "Bill gates horrifies children by injecting poison into their buttocks". The articles has been removed.

He also said he identified Local File inclusion vulnerability in VeriSign.com

Hacker @1923Turkz breached Federal University of Bahia website


*Update*:  @1923Turkz is fake claimer.  Sorry for this article.  Anyway, This article will be reference for his fake claim. 


A hacker known by his online name @1923Turkz has breached Federal University of Bahia website(ufba.br) - one of the Brazil University, located mainly in the city of Salvador, Bahia.

"Universidade Federal da Bahia DB Hacked http://www.anonpaste.me/anonpaste2/index.php?952af0b8ee517a5f#0i/g1qDaqpzAeg8PloenF3vKMbozGKlU2gSTIxlxw6Y= …" Hacker tweeted about the hack along with a link to the database dump.

The database dump contains hundreds of account details that include name, plain-text password and email address. I had a quick look at the password list, most of them are weak passwords.

We recommend the admin to find and fix the vulnerability and users are advised to change their password.

1923Turkz become more active in recent days and busy in dumping the database from the hacked websites.  Yesterday, he hacked into the Bangladesh Air force website.

Bangladesh Air Force Career website's database hacked by @1923Turkz

*Update*:  @1923Turkz is fake claimer.  Sorry for this article.  Anyway, This article will be reference for his fake claim.

A hacker has managed to gain access to the database server of the official career website of Bangladesh Air Force and leaked the accounts' login credentials.

 "Joinbangladeshairforce.mil.bd", serves as a portal for applying for Air Force, is reportedly breached by the hacker using the online name @1923Turkz.  The SQL injection vulnerability in the website gave him the opportunity to break in.

The database breach was announced in his twitter account along with the link to the accounts leak.

The leak include login credentials of 19 accounts that contains the email addresses that ends with 'army.mil.bd' and encrypted passwords.

Although the passwords are encrypted , it won't take much time for someone to crack the hash.  We have analyzed the leaked passwords and found most of the passwords are very weak passwords.

A simple google search reveals the decrypted passwords.  We just like to point out one of the worst password used : "password".  We recommend the Bangaldesh government to immediately fix the vulnerability and urge users to change their password.

Lomonosov Moscow State University and Imperial College London hacked by @1923Turkz

*Update*:  @1923Turkz is fake claimer.  Sorry for this article.  Anyway, This article will be reference for his fake claim.

A hacker from Turkey using twitter handle @1923Turkz has breached the Two University websites from Russia and United Kingdom.

The database servers belong to the Lomonosov Moscow State University(msu.ru) and Imperial College London(imperial.ac.uk) are breached by the hacker.

The Database-dump taken from the Lomonosov Moscow State University contains usernames, encrypted passwords and email addresses. It also includes the admin login credentials.

http://www.anonpaste.me/anonpaste2/index.php?2f4fcc3765679814#c+eRCx9jdbRZQzi2m/g45chIpsfsuMnnvX44Cfp/2Tg=


The dump said to be compromised from the Imperial college contains First &Last names, email addresses, phone numbers.  There is no password leaked in this dump.

http://www.anonpaste.me/anonpaste2/index.php?422670bd5aad422f#Yu0o6TXVsy5IeMI1uEGAAEppNPkRURbOjskwkKB9XcQ=

South African Police Service website breached by #Anonymous


The official website of South African Police Service has been breached by the Anonymous hacktivist with online name "DomainerAnon". 

"This action is to serve as a reminder to the government regarding the murders of 34 protesting miners outside the Marikana platinum mine by police. "Hacker stated as reason for the attack.

"To date no officers have been brought to justice... This situation will NOT be tolerated. #OpMarikanaMiners"

The hacker provided a link to the database dump(pastebay.com/1232460) that includes Usernames, hashed passwords, Telephone numbers and few other details.

He also shared a 13Mb size file named "EMAILS.csv" in the DatafileHost which is said to be contain emails.

Bose.cn hacked and database leaked by Ag3nt47


Chinese website of Bose Electronics(bose.cn) has been breached by the hacker known with handle "Ag3nt47".  He managed to gain access to the database server and extracted the data.

The hacker leaked the compromised database in AnonPaste : " http://www.anonpaste.me/anonpaste2/index.php?4cbad9f598e7d75a#77V8WGbQvLhhZZAHZC+Plj79CjDesej7kvzr/WQCmz4= "

The leaked contains the login credentials of admin account.  The password used by the admin apparently shows the admin are not aware of the security measures.

The leak also contains the address, mobile, name,  email address, and few other data.  Most of the data are in chinese language.

The same hacker recently break into the Harvad, MIT, Standford universities, Rutgers, Mazda and Suzuki.

Hayan Petroleum Company of Syria breached by Latin hack team

The hacker group known as "LatinHackTeam" has breached website belong to one of the oil company of Syria - Hayan Petroleum(hpc.com.sy).

The team announced the attack in Twitter and posted a link to the database leak:  "Hayan Petroleum Oli Company of Syria http://www.anonpaste.me/anonpaste2/index.php?dd4cd620a98bb2b0#818/OkWh1Vf1Hf2bKpN38KzuhRJeMswInWsiCSBCG5w= "

The leaked data contains address details, phone number.  The paste also contains more than 100 email addresses and encrypted passwords.


Kirkwood Community College website suffers security breach



Kirkwood community college on Monday announced that cyber criminals has breached the college website(kirkwood.edu) and accessed personal data of students who applied to take credit classes in the last 8 years.

The college said sophisticated hackers originated from an international IP address accessed the website on March 13,2013 and gained access to archived application information from Feb 2005 until March 13,2013.

The accessed information includes applicant names, birthdates, race, contact information and social security numbers.

The college says it has contacted affected individuals to offer free services that will include personal assistance from identity theft and restoration experts who will listen, answer questions and offer expertise regarding concerns from those affected.