Digital Constitution hacked, to promote online gambling

Digital Constitution, the Microsoft web site which protects online privacy in a digital world, was hacked to promote online casinos.

According to ZDNet, which first reported about the hacking, the Digital Constitution was running an older version of WordPress when the spammy links were discovered.

Though the links were removed from the front page in the hours following the ZDNet report, a variety of other pages continued link to the gambling sites.

The news reports says that it is unknown how long ago the site was hacked to promote online gambling, whether other Microsoft websites were hacked or not. It is still not clear who was behind the attack.

Ars Technica noted that it was not unusual for hack-by-numbers exploit kits to automatically inject malicious links into vulnerable pages that when viewed by vulnerable computers, perform drive by download attacks.

However, when the company was asked, the Microsoft answered not more than "it's fixed."

According to the news report, the attacker had injected text with keywords like "online casino," "poker, "craps," "roulette," and "blackjack." New pages were added to inject to show content that embeds content from other casino-related websites. 

Lithuanian Military Website hacked to post false information

If we had to believe what we saw on Lithuanian Armed Forces website on Thursday morning, then the North Atlantic Treaty Organization (NATO), an alliance of countries from North America and Europe committed to fulfilling the goals of the North Atlantic Treaty signed in 1949, is preparing for the annexation of Kaliningrad, Russia’s seaport city which is sandwiched between Poland to the south and Lithuania to the north and east.

However, Victoria Cemenite, spokesperson at the Lithuanian Defense Ministry, confirmed that the website had been hacked and that the false information has since been removed by the security experts from the National Cyber Security Centre.

And an investigation has been launched.

The ministry said a private company, which provided server for the Army website, is responsible for its maintenance and security.

Baltic country's National Defence Minister Juozas Olekas says that the hacking attack was aimed to harm the reputation of Lithuania and the NATO. Similarly, security measures will be taken to avoid vulnerabilities.    

“We are carrying out an investigation to identify what measures are necessary to avoid such incidents in the future. The contents was provocative and aimed at discrediting Lithuania and NATO," Olekas told journalists on Thursday.

“It is undoubtedly an initiative of people or institutions unfriendly for Lithuania and NATO. Now, both the sides are improving, hackers and institutions in charge of cyber security. It will be a good lesson for future considerations of additional security measures.”

Arizona’s department website shuts down after hacking attack


One after another, Middle East Cyber Army, a hacking group, is attacking government websites of various countries.

After Myanmar’s Ministry of Mines, the hacker group has hacked the website of Arizona’s Department of Weights and Measures’. As a result, the website has been shut down for the last one week.

The hackers left a message on the website, “Hacked by Middle East Cyber Army” and slogans like such as, “In Allah we trust. For Allah we work. Death to Israel. Free Palestine. Jerusalem is ours” along with a masked figure in front of the Dome of the Rock.

Andy Tobin, director at the department, confirmed that the department’s website was hacked on Sunday.

Today, the department’s website is still down for maintenance.

“The web-site you were attempting to access is currently undergoing maintenance activities. We apologize for the inconvenience. Please retry again later. Thank you for your patience,” the website read.

According to Tobin, soon after they got to know about the hacking attack, they shut down their website and database.

He said that the agency got its backup database running on Tuesday so its investigators can continue their work.

Tobin said the agency is investigating the matter collaborating with the Arizona Department of Administration. Similarly, they have also informed the U.S. Department of Homeland Security about the hacking attack.

The department is still trying to sort out the issue. It has yet to be determined whether the department to resume its website or shift its components over to the Arizona Department of Agriculture, which is scheduled to take over many of the department’s duties next year.

The hacking group had hacked many other websites like in December the group hacked the website for a school district in Little Rock, Ark. It took over the website for the small Quebec town of Terrasse-Vaudreuil in January. Similarly, in May, it targeted Auckland University in New Zealand. And in April, it hacked Art and Sol, a Scottsdale-based performing arts program for children.

Pro Syrian group hacked US Army's official website

 
The US Army's official website was hacked  by the "Syrian Electronic Army", and posted a message on its twitter account, criticizing the training of rebel fighters inside Syria.

According to the army officials, no personal or classified data has been stolen. The army has decided to temporarily shut down the website.

One of the messages reads as, "Your commanders admit they are training the people they have sent you to die fighting."

This pro-Syrian group has been blamed for various hacking and denial of service attacks of  numerous news media sites, including the Twitter account of AFP's photo service.

Army spokesman Brigadier General Malcolm Frost said in a statement, "Today an element of the Army.mil service provider's content was compromised. After this came to our attention, the Army took appropriate preventive measures to ensure there was no breach of Army data by taking down the website temporarily."

This is not the first time they have hacked website, in 2013 they created confusion in the stock market briefly by putting  out a fake media tweet falsely claiming the White House was under attack.

But officials said “It was possibly the first time a US military website had been penetrated, as previous hacking had targeted Twitter accounts.”

Hackers hijack Tesla automaker's website, Twitter account

(PC- Google images)
The website and Twitter account of high-tech automaker Tesla were hacked over the weekend as part of a prank by angry rival hackers. Tesla CEO Elon Musk’s personal twitter account was also hacked around Saturday night (US Standard Time).

The first sign of hijacking was noticed around 1:52 p.m., when the company’s Twitter account had a tweet that declared it being under the control of attackers and the name changed from “Tesla Motors” to  “#RIPPRGANG”. The tweet posted on the carmaker’s account said, “This Twitter is now run [sic] by Henry Blair Strater [sic] from Oswego Illinois, call me at [number redacted]”. 


A few minutes later, the account began promising free Teslas to those who followed certain accounts or to those who called a certain phone number. The number belonged to a repair shop in Illinois which was flooded with calls.

Nearly at that time, Tesla’s website was hacked by the same attackers. Visitors were redirected to a website with ISIS in the URL, a Laden-ranting video and a picture of a man resembling Osama Bin Laden.
(PC-google images)

The Twitter account war restored around 2:45 p.m., an hour after it was uncompromised and the website was back to its usual state at around 6:30 p.m.

Elon Musk’s Twitter account was hijacked by miscreants who claimed to be from the infamous Lizard Squad Hacking crew, known as Autismsquad.

Indexeus.org website hacked by Pernicious Developers 2014

A day after Security blogger Brian Krebs published an article entitled "Even Script Kids Have a Right to Be Forgotten", hackers breached the Indexeus website(indexeus.org)

Yesterday, Krebs wrote an article about "Indexeus" which is a new search engine containing database of stolen user names and passwords from more than 100 data breaches.

According to KrebsOnSecurity, the database contained stolen credentials from the recent Yahoo and Adobe breaches.


The site also contained databases of few hacker forums that have been hacked. It seems to have ticked off many hackers.  Today, the website was defaced by hacker group Pernicious Developers.

"This is the Original Pernicious Developers, we're still here. Even if you don't know which version of the group who did this." The defacement message reads.  At the time of writing, the website shows a blank page. 

Owner of the Indexeus has replied in one of the threads in HackForums about the hack:



Mirror:
http://www.zone-h.org/mirror/id/22702440

*Update:
The hacker group have provided a screenshot that shows they uploaded a backdoor shell to the affected website.