Mr.Grey back again: Theft of 1.2 billion log-in credentials

Mr. Grey, not again! A Reuter report has confirmed that the famous hacker Mr. Grey’s involvement in stealing 1.2 billion internet credentials.

Mr. Grey, who had got the access to user account information for websites like Facebook (FB.O) and Twitter (TWTR.N), now linked by the FBI through a Russian email address to the theft of a record 1.2 billion Internet credentials.

According to the documents, which were made public by a federal court in Milwaukee Wisconsin, the hacker was associated with a cybsecurity firm that announced in August 2014 that it had determined an alleged Russian crime ring was responsible for stealing information from more than 420,000 websites.

The investigation started last year when Milwaukee-based cybersecurity firm obtained information that a Russian hacker group it dubbed CyberVor had stolen the 1.2 billion credentials and more than 500 million email addresses.

After that the FBI subsequently found lists of domain names and utilities that investigators believe were used to send spam.

It also discovered an email address registered in 2010 contained in the spam utilities for a "mistergrey".

Further, it found out posts of 2011 by the hacker stating that if anyone wanted account information for users of Facebook, Twitter and Russian-based social network VK, he could locate the records.

Alex Holden, Hold Security's chief information security officer, told Reuters this message indicated mr.grey likely operated or had access to a database that amassed stolen data from computers via malware and viruses.

Bug in MetroPCS website allowed hackers to steal 10 million subscribers’ data

Eric Taylor and Blake Welsh, security researchers from Cinde, have shared via Motherboard about a bug presented in MetroPCS, a prepaid wireless service that provides nationwide talk, text, and data depending on the plan services using T-Mobile US' GSM, HSPA, HSPA+ and 4G LTE networks, website that could have allowed hackers to get information of more than its 10 million subscribers.

As per many news reports and security experts, with a little programming knowledge, the hackers could have just run an automated script and harvested the personal data of many, if not all, MetroPCS customers. And for this, they would not even need someone's phone number.

The hackers could get a person's home address, phone serial number and more.

However, the flaw has been fixed.

A spokesperson for T-Mobile, which owns MetroPCS, told Motherboard the flaw had been fixed, so the data was not exposed anymore.

The researchers found the bug in mid October and once the Motherboard verified the flaw, it notified T-Mobile on October 22.

“We held the story until the bug was fixed to protect MetroPCS’ customers’ data,” the Motherboard wrote in a blog post.

“I needed to find out her data was use a Firefox plugin to send an HTTP request to MetroPCS’ website using her phone number. Once I did that, I saw her full name, home address, the model and serial number of her phone, as well as how much she was paying a month for her subscription. My friend confirmed that the data was accurate, and I tested this with the number of a Twitter follower who also agreed to be part of the experiment,” the blog post added.

Taylor told Motherboard that by using social engineering, a malicious hacker could have used this information to carry out other attacks “that would all end up in a terrible situation for the customer.”

Till now, there is no evidence that anyone found the flaw on MetroPCS’ website and stole customers’ personal information. And now, nobody will be able to abuse the bug for such nefarious purposes.

Cyber Caliphates hack Twitter accounts of heads of Security Agencies of America

A group called ‘cyber caliphates’ setup by British ISIS fighter Junaid Hussain hacked about 54,000 Twitter accounts and posted personal details of heads of America’s security agencies on November 01.

The personal details posted online included passwords and phone numbers of CIA, FBI and NSA heads.

The attack was initiated in retaliation for the drone attack that killed Hussain in August.

Hussain led IS's computer hacking division and was killed by a US drone in a joint operation with the UK. His widow, mother-of-two Sally Jones who is popularly known as 'Mrs Terror' is on a Government list of the most dangerous British recruiters for IS.

Since their leader’s death, Cyber Caliphate, which briefly took control of a Pentagon-owned Twitter account in January, has kept a low online profile.

Experts described it as a worrying escalation of the global cyber war.

The group also tweeted that they had details of members of the Saudi royal family, although this could not be verified.

Having spent several months apparently harvesting sensitive data, the details of the hot shots of security agencies were posted at 9 pm (GMT 1530 hours) on Sunday and till 11 pm (GMT 1730 hours) when Twitter was contacted by a security agency, it had suspended Cyber Caliphate’s account.

Among those affected are mostly believed to have Saudi Arabia orgins but some are feared to be British nationals as well.

It was not immediately clear how the hacked accounts were used. Victims were also unaware they had been hacked.

The incident came after the Government announced that the internet activity of everyone in Britain will have to be stored for a year under new surveillance laws.

 Cyber Caliphate is a group of hackers which is directly linked to ISIS.

In May, the hackers linked to the group who were involved in hijacking of social media accounts belonging to the US CENTCOM published a video threatening crippling cyber attacks against Europe, United States, Europe and Australia. The terrorists claimed to have the necessary cyber capabilities to spy on Western communications.

Another cyber attack, Fin5 hacking group steals 150000 credit cards !

An un-named casino has lost 150,000 credit cards in a cyber attack. The group responsible behind it- Fin5, a new hacking group that hacked the payment systems of the casino. 

 Researchers Emmanuel Jean-Georges and Barry Vengerik of Mandiant and FireEye uncovered the group.

The casino that had no security, even lacked the basic firewall around its payment platforms. It also didn’t had a proper logging.

(pc-google images)
Fin5  is linked to numerous payment card breaches including Goodwill. According to Emmanuel Jean-Georges, Fin5 has caused a breach in 12 firms. It is expected that even 6 more firms would have been affected by this group. “It was a very flat network, single domain, with very limited access controls for access to payment systems,” Emmanuel told the Cyber Defence Summit in Washington, DC.

Barry Vengerik  explained that the attackers have targeted at least two payment systems and the un-named casino is one of them.

In the specific attack against the Casino, the experts discovered that the Fin5 gang used a backdoor codenamed Tornhull and a VPN dubbed Flipside to maintain the control over the compromised system. 
Fin5 also has a tool called GET2 Penetrator, which is a scanning tool that searches for remote login and hard-coded credentials, and a free tool called EssentialNet that is used to scan the target network.

Hackers target 'Internet of Things' to launch various attacks

Today, most of the insecure embedded devices connected to the Internet like CCTV cameras, routers and often called as Internet of Things (IoT) are being targeted or hacked in any cyber attacks.

Imperiva Incapsula, a security firm, has revealed about a DDoS (distributed denial of service) attack. The attack was a traditional HTTP flood aimed at overloading a resource on a cloud service, but the malicious requests came from surveillance cameras or closed-circuit television (CCTV) cameras protecting businesses around the world instead of a typical computer botnet.

The researchers from the security firm posted in its blog informing about the attack which peaked at 20,000 requests per second and originated from around 900 CCTV cameras running embedded versions of Linux and the BusyBox toolkit.

All compromised devices were running embedded Linux with BusyBox—a package of striped-down common Unix utilities bundled into a small executable, designed for systems with limited resources.
“Further investigation of the offending IPs showed that they belonged to CCTV cameras, all accessible via their default login credentials. And that's not all. Looking through the camera lens we also spotted a familiar sight—a storefront in a mall located not five minutes away from our offices,” they said in the blog post.

The researchers said that they were able to meet with the store owners, showed them how their CCTV cameras were abused to attack our clients and help them clean the malware from the infected camera's hard drive.

They claim in the blog post that among the 245 million professionally installed surveillance cameras operating around the world. However, there are more than million that were installed by unqualified professionals, with even fewer security precautions.

“Even as we write this article, we are mitigating another IoT DDoS attack, this time from an NAS-based botnet. And yes, you guessed it, those were also compromised by brute-force dictionary attacks,” they added.

So, whether it is a router, a Wi-Fi access point or a CCTV camera, default factory credentials are there only to be changed upon installation. 

31-year-old hacker arrested for stealing data from a Polish bank

A news report broadcast and published in Radio Poland confirms that a 31-year-old hacker has been arrested who ‘stole’ data from the servers of an unnamed bank in Poland.

According to Katarzyna Balcer, spokesperson of police, the hacker, named as Tomasz G. under Polish privacy laws, had received several charges relating to computer fraud and money laundering. He would face up to 10 years imprisonment.

 The investigation has been led by the District Prosecutor's Office in the Praga district of Warsaw.
The ongoing investigation has shown that many hackers were collaborated in order to broke into the bank.

"The suspect worked with dozens of individuals and entities. The hackers have led to losses of more than PLN four million. We were able to prevent the theft of another PLN 3.5 million," Balcer added.

It was found out that the chap allegedly went by the online handle ‘Razor4’.

According to a news report published in The Register, in June Polish tech security news website Zaufana Trzecia Strona was contacted by a person using the email address, who claimed he had exploited an unspecified vulnerability to access the bank's public-facing servers "for a few weeks."

At that time, the hacker was able to snatch credit card, steal bank account information, make unauthorized transactions, and access the personally identifiable information belonging to the bank's customers, including account histories.

The person claimed that he stole 1m PLN, however, the bank apparently did not notice for several weeks.

Later, Zaufana Trzecia Strona (ZTS), a security firm, notified the bank about the data breach. After informing the bank, the ZTS got an anonymous threat suggesting that a "contract could be taken out on the author of the article if it were published."

The bank responded only in February when Razor4 had stolen 180,000 PLN in a single transaction. After that only the bank warned its customers to be aware of cash-stealing malware on their PCs.
The news report said, Razor4 demanded a ransom from the bank in order to not publish the data he had stolen and JavaScript code to the bank's web-pages that redirected customer transactions through his own systems. He modified the account numbers so they would match that of accounts under his control.

However, it was published in ZTS’s article that Razor4 registered a web domain name that differed by one letter from the bank's domain name, and assigned the dodgy domain name to his own servers through which transaction were redirected.

FBI disrupts a malware designed to steal banking credentials

The United States Department of Homeland Security (DHS), in collaboration with the Federal Bureau of Investigation (FBI) and the Department of Justice (DOJ), has disrupted a malware, which was designed to steal banking and other credentials from infected computers-botnet, dubbed Dridex, a peer-to-peer (P2P) that uses a decentralized network infrastructure of compromised personal computers and web servers to execute command-and-control (C2).

Similarly, charges have been filed in the Western District of Pennsylvania against the alleged Moldovan administrator of the botnet known as “Bugat,” “Cridex” or “Dridex.”

Andrey Ghinkul, aka Andrei Ghincul and Smilex, 30, of Moldova, was charged in a nine-count indictment unsealed in the Western District of Pennsylvania with criminal conspiracy, unauthorized computer access with intent to defraud, damaging a computer, wire fraud and bank fraud.

Ghinkul was arrested on Aug. 28, 2015 in Cyprus.

On February 13 the FBI released a technical alert to provide further information about the Dridex botnet cripple.

The FBI estimates the U.S. businesses have lost $10m to Dridex and has accused Ghinkul and fellow gang members of transferring over $3.5m during two transactions in 2012 from Penneco Oil's US bank account to a bank account in Russia.

“Dridex is a multifunctional malware package that leverages obfuscated macros in Microsoft Office and extensible markup language (XML) files to infect systems. It aims to infect computers, steal credentials, and obtain money from victims’ bank accounts,” the FBI officials said in the announcement.

The malware had infected some 27 nations, including the US, Canada, UK, Ireland, France, Switzerland, Germany, Norway, Austria, Netherlands, Italy, Belgium, Croatia, Bulgaria, and Romania, United Arab Emirates, Qatar, Israel, Indonesia, Singapore, Malaysia, Hong Kong, China, India, Vietnam, Australia, and New Zealand.

“Operating primarily as a banking Trojan, Dridex is generally distributed through phishing email messages. The emails appear legitimate and are carefully crafted to entice the victim to click on a hyperlink or to open a malicious attached file. Once a computer has been infected, Dridex is capable of stealing user credentials through the use of surreptitious keystroke logging and web injects,” they added.

It is said that a computer which has been infected with Dridex, may be employed to send spam, participate in distributed denial-of-service (DDoS) attacks, and harvest users' credentials for online services, including banking services.

In a bid to to remediate Dridex infections, the users are suggested to use and maintain anti-virus software, change their passwords, keep your operating system and application software up-to-date and use anti-malware tools.

E-Trade notifies its 31,000 customers that their contact information may have been compromised

A report published in Washington Post confirmed that E-Trade, a U.S. based financial corporation which provides financial services, informed its 31,000 customers that hackers might have accessed their email and other addresses during a cyber-attack in late 2013.  

However, the company claimed via email that the hackers did not get any sensitive customer account information, including passwords, Social Security numbers, or financial information.

As per the email sent by the company, it got to know about the attack when officials of federal law enforcement alerted to the evidence that customer contact information may have been breached.

The company has announced that it will provide one year of free identity protection services, which includes credit monitoring to those whose information had been compromised.

According to the news report, a person familiar with the investigation who spoke on the condition of anonymity informed that soon after the attack, it launched an internal investigation while it worked with law enforcement.

However, during that time the company did not believe customer information had been compromised, the person added.

"Security is a top priority, and we focus significant time and energy to help keep E-Trade customer data and information safe and secure," a company spokesperson said in a statement. "We take these matters extremely seriously, and in all instances we continuously assess and improve upon E-Trade’s capabilities. We have also contacted any customers we believe may have been impacted."

Phones on Drones all set to Hack Wireless Printers

If you think, your office is secured because it’s on the top floor of a skyscraper building, then you may need to rethink as in this day and age, pretty much nothing is unhackable—not even office printers locked at the top floor.

Yes! A group of security researchers from Singapore has built a drone that along with a smartphone and custom applications can be used to automatically steal documents from printers with open Wi-Fi connections. The technology was developed by researchers from iTrust, a cyber security research center at the Singapore University of Technology and Design.

The researchers used a standard drone from a Chinese firm, DJI and used it to transport a Samsung Smartphone to an area where a wireless network with wireless printer was located. 

The researchers used two applications that they developed:

▬The first app establishes a bogus access point once the open wireless printer is detected.  The access point mimics the printer and tricks computers in the internal wireless network to send sensitive documents to it.

▬The second app is Cyber security Patrol, which is designed to scan the air searching for open Wi-Fi printers and automatically notify the organization’s IT department. This app has been designed to improve the security of the target organization. It looks for unsecured printers in the target organization accessible via the drone, but rather launching the attack, it took photos of the compromised printers and reports it to the internal staff.

Once a document is intercepted, the app can send it to an attacker’s Dropbox account using the phone’s 3G or 4G connection, and also send it on to the real printer so a victim wouldn’t notice the hack.

The attack zone is limited to 26 meters in radius. But with dedicated hardware, an attacker could generate a stronger signal which can extend that range further. Any computer inside the attack zone will opt to connect to the fake printer over the real one, even if the real printer is closer in proximity to the rogue one.

A drone hovering outside an office building would be obviously spotted, but the goal of the project intended to help companies so that they could be taught how easily accessible Wi-fi printers can be which can be stolen by hackers to steal data or get into their networks.

The project was part of a government-sponsored cyber security defense project.

Student researchers Jinghui Toh and Hatib Muhammad developed the method under the guidance of Professor Yuval Elovici of Department of Information Systems Engineering at Ben-Gurion University of the Negev.

The system targets wireless printers because wireless printers are supplied with the Wi-Fi connection open by default, and many companies forget to close this hole when they add the device to their Wi-Fi networks. This open connection potentially provides an access point for outsiders to connect to a network and steal a company’s sensitive data.

The researchers also demonstrated that the attack could also be carried out by hiding a cellphone inside an autonomous vaccum cleaner, after which the device will continuously scan for organisation’s networks for printers with unsecured connections.

The project conducted by the researchers demonstrated once again the close link between physical and logical security. 

Any person can simply install the Cybersecurity Patrol app on a smartphone and attach it to a drone to and send it upwards. Though the same method can be used by organizations to check for unsecured printers and other wireless devices.

It’s true that every invention and development comes with both pros and cons but if the cons have greater risk, then it’s time to approach physical security in a different way.

Negligence of Experian puts T mobile’s 15 million records at stake

Third biggest mobile company in U.S, T mobile’s CEO, John Legere is angry again and for a very obvious reason as this time highly personal records of some 15 million users have been leaked through one of the largest credit agency data brokers in the world, Experian.

The information exposed names, addresses, and social security, driver’s license and passport numbers of the customers. The license and passport numbers were in an encrypted field, but Experian said that encryption may also have been compromised.

The massive security breach was first discovered on September 15, 2015 which impacted customers who registered for T mobile between September 01, 2013 and September 16, 2015.

Legere broke the sad news in a post on the company's website which displayed his frustration over the incident.

The post read as below:
“Obviously I am incredibly angry about this data breach and we will institute a thorough review of our relationship with Experian."

Experian took immediate action upon finding the breach. It secured the server, initiated a comprehensive investigation and notified U.S. and international law enforcement.

In the most obvious manner in which the companies react on their security being breached; Experian too is offering those impacted by the break-in two years of free credit monitoring and identity theft resolution services.

There have been a series of high-profile hacks of businesses and other organisations in recent years impacting millions and sometimes tens of millions of records, including adultery website Ashley Madison, Sony Pictures, and retailers such as Home Depot, Target, and eBay.

Theft of personnel records from the U.S. government this year, a 2014 breach on JPMorgan Chase and a 2013 attack on Target Corp's cash register systems were also some of them.

The irony is that a company which handles the personal information of many Americans had not been able to protect the information of customers who applied for T mobile services.
It is the second massive breach linked to Experian.

An attack on the company's subsidiary happened in 2012 which exposed the Social Security numbers of 200 million Americans and prompted an investigation by at least four states, including Connecticut.
Though the security breach will adversely affect both the companies but T Mobile is trying to put all the blame on Experian.
In one o it’s FAQ , it read-

“Experian has taken full responsibility for the theft of data from its server.”
Both the companies had made it clear that no credit card or banking data was exposed. Yet, the hoard of T-Mobile customer data can still be used for assembling profiles for identity theft.

If consumers can’t pressure data aggregators like Experian into securing their secrets, perhaps the consumer-facing companies who collect that information can.

It’s an Indo-Pak Cyberspace WAR!

On Sunday morning, India’s southern Kerala state woke up to the news of the state government’s official website ( being hacked by Pakistani hackers, who posted image of a burning Indian flag.
The hackers had left messages such as "Pakistan Zindabad", "We are Team Pak Cyber Attacker" and "Security is just an illusion". The page also carried the identity of the hacker; “hacked” by Faisal 1337”. The Home Page also contained the website address www(dot)Faisal1337(dot)com.

However, preliminary reports suggested the hackers were could not get past the home page and into the server hosting this website.

This news spread like fire over social media and the issue instead of being a government website being hacked turned into being an attack on India by the neighbouring country. But few expected that within a span of few hours an Indian hacking group with the name of “The Mallu Cyber Soldiers” will payback the favour.
The Indian hacking group had hacked over 100 official websites of Pakistani government and posted message on their websites- “Better stay away from Indian Cyber Space”.

They also posted a message on their facebook page.

" !!Message to Script Kiddies of Pakistan ....Do not touch Indian Websites !!! Now your 46 Pakistan government websites got crashed and 4 educational websites got defaced This is a small payback for hacking "

They also posted a list of websites which were crashed. Few included Pakistan’s government website, and

But the war did not cyber war did not there. In the same message, the group ‘Hell Shield Hackers’ stated that the motive behind this attack was to retaliate against the attack on the Kerala government’s website.
Often gunfire exchanges across the border seem to take place. During the cricket matches also between the two countries, the rivalry of the two nations are frequently seen but now a full-blown hacking and defacement war seems to have simultaneously erupted in cyber space.

This is not the first time that the hacking has taken place between the two nations.

In October 2014, a Malayali actor and producer, Mohanlal Viswanathan Nair’s  website was hacked by a group known as Cyber Warriors, who had posted several "Free Kashmir slogans" and warned Indian Army about their activities in the Kashmir valley.

The Government from both the nations have nothing to do with it.

Hacking the government sites exposes the vulnerability of official websites.

Though it was just a defacement and officials told that the server of Kerala Government’s website is safe. Yet, the incident calls for a better cyber security mechanism.

The Indian public sees this retaliation as ‘revenge’. However, it’s an issue much more than patriotism.
 Hackers mostly target large organisations, government or community websites which store personal information of thousands or millions of users.

While the Modi government talks about digitizing India, incidents like these highlight the importance for improved cyber security which comes foremost and is a much important issue before the digitization of the country.

While the USA and China are entering into a cyber security agreement, the Indo Pak cyber hack games continue unabated which exposes the weak cyber security of both the nations.

Apple cleaning up iOS App Store after first major attack

A news report published in Reuters confirmed that after several cyber security firms reported a malicious iPhone and iPad program that attack on the popular mobile software outlet and was embedded in hundreds of legitimate apps, Apple Inc APPL.O on Sunday said it was cleaning up its iOS App Store to remove the malicious program dubbed XcodeGhost.

According to cyber security firm Palo Alto Networks Inc (PANW.N), it is the first reported case of large numbers of malicious software programs making their way past Apple's stringent app review process. Prior to this attack, only five malicious apps had ever been found in the App Store.

Then, the malicious code was embedded in the apps by convincing developers of legitimate software to use a tainted, counterfeit version of Apple's software for creating iOS and Mac apps, which is known as Xcode.

Researchers said infected apps included Tencent Holdings Ltd's (0700.HK) popular mobile chat app WeChat, car-hailing app Didi Kuaidi and a music app from Internet portal NetEase Inc.

Tencent said on its official WeChat blog that the security flaw affects WeChat 6.2.5, an old version of its popular chatting app, and that newer versions were unaffected. A preliminary investigation showed there had been no data theft or leakage of user information, the company said.

Chinese security firm Qihoo360 Technology Co (QIHU.N) said on its blog that it had uncovered 344 apps tainted with XcodeGhost.

"We've removed the apps from the App Store that we know have been created with this counterfeit software," Apple spokeswoman Christine Monaghan said in an email. "We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps."
However, it was not clear that what steps iPhone and iPad users could take to determine whether their devices were infected.

Ryan Olson, director of threat intelligence at Palo Alto Networks, told Reuters that the malware had limited functionality and his firm had uncovered no examples of data theft or other harm as a result of the attack.

ReverbNation data breached

ReverbNation, an online platform for musician, has just informed their customer about the data breach. The incident had happened in January 2014, but law enforcement has informed them  recently.

According to the law enforcement, an individual had illegally gained unauthorized access to ReverbNation’s vendor’s computer systems and accessed user’s information in database.

In an email to customers, ReverbNation explained that, “While no credit card data was accessed, some user information included in the database such as e-mail addresses and encrypted passwords, and possibly other user information users provided to us, such as names, addresses, phone numbers, and/or dates of birth may have been accessed.”

Although passwords are encrypted but for precautionary measure they suggested customers to change their ReverbNation password as well as password of any other account or website which share your same ReverbNation password. They also recommended password management tools like 1Password and LastPass.

Lizard Squad disrupt National Crime Agency website

The website of National Crime Agency (NCA), a national law enforcement agency in the United Kingdom which replaced the Serious Organised Crime Agency, was temporarily down on Tuesday morning by attackers.

According to a news report published in The Guardian, the attackers did this as a revenge for arrests made last week. Four days ago before the attack, six teenagers were released on bail on suspicion of using hacking group Lizard Squad’s cyber-attack tool to target websites and services.

They arrests were in an operation codenamed Vivarium, coordinated by the NCA and involving 
officers from several police forces.

Those who were arrested: an 18-year-old from Huddersfield; an 18-year-old from Manchester; a 16-year-old from Northampton; and a 15-year-old from Stockport, were arrested last week, while two other suspects, both 17, were arrested earlier this year, one from Cardiff and another from Northolt, north-west London.

However, all of them have been bailed, while a further two 18-year-olds – one from Manchester and one from Milton Keynes – were interviewed under caution.

“The six suspects are accused of using Lizard Stresser, a tool that bombards websites and services with bogus traffic, to attack a national newspaper, a school, gaming companies and a number of online retailers,” the report reads.

The NCA spokesperson told The Guardian that the NCA website is an attractive target. Attacks on it are a fact of life. DDoS is a blunt form of attack which takes volume and not skill. It isn’t a security breach, and it doesn’t affect our operational capability.

“At worst it is a temporary inconvenience to users of our website. We have a duty to balance the value of keeping our website accessible with the cost of doing so, especially in the face of a threat which can scale up endlessly. The measures we have in place at present mean that our site is generally up and running again within 30 minutes, though occasionally it can take longer. We think that’s proportionate,” he added.

$376,000 for Informer in Ashley Madison hacking case

Avid Life Media (ALM), parent company of Ashely Madison,  is offering a $500,000 (Canadian dollars) as a prize money for any information related to the “identification, arrest and prosecution” of those hackers,who all were responsible in recent hack of the website.

Avid Life Media confirmed that the data Impact Life stole is legit.

The legal investigation has been started. With the help of Toronto police department and “white hat “hackers, they are hoping to find the perpetrators.

During press conference, acting superintendent Bryce Evans said that hackers have "certain techniques to help us and assist us.” He also said that they would lean on its “good working relationship” with the US Security agency FBI and Homeland Security.

The Toronto police and AML motivated to find the hackers responsible for data breach, Evans  referred to  two suicides that appears to be reason related to the Ashley Madison breach, "spin-off crimes and further victimization" from people accessing the hacked data.

$500,000 canadian dollar accounts for $376,000 US dollars.

"Cyber of Emotion" hacks saudi websites

(PC- google images)
Many Saudi websites were hacked by a group that gave warnings that they would be making the attacks.The group known as “Cyber of Emotion” hacked more than 24 government websites over a period of two hours.

As reported by Al-Riyadh newspaper, the visitors to the website were directed to a page that read- “We do not want to harm the site. Had it been hacked by enemies, your personal information, emails and registration data would have been compromised."

The hackers said that their team had already warned their administrators that the websites are not properly secured and they should do something about it, but, the warnings were ignored, they claim.

The newspaper reported that the websites hacked included that of government hospitals, municipalities, education departments, social development offices and health departments.

The websites, however, started working properly a few hours after the attack.

Last year, the twitter account of Ministry of Justice was hacked by the same group.

Karnataka State Higher Education Council’s website hacked

The  Karnataka State Higher Education Council’s ( website was hacked by Clinkz4, a group of hackers, on 20 August.

From late Thursday till Friday afternoon the website was non-functional. In the middle of the homepage it  displayed a caricature of a laughing man holding wine and the words “CYBER TEAM ROCKS” and “Hacked by Clinkz48”, and in the end it reads “Your data belongs to me. F*** Your System India, :P Noob!!"

According to the data released by the  National Crime Records Bureau (NCRB), Bangaluru has the highest number of cyber crimes among 53 cities.

The statistic showed that 657 cases were reported in Bengaluru, while 386 in Hyderabad, 317 in Jaipur, and 205 in Lucknow, under the IT Act 2000.

"We will register a police complaint. The National Informatics Centre has fixed the website. We will take safety measures to prevent hacking of our website (in future) and also suggest the same to other departments," said Bharath Lal Meena, principal secretary, higher education department.

‘City of Henderson hacked, no personal data compromised’

A report published in Review Journal has confirmed that the city of Henderson has spent $40,000 to make sure that hackers, who had gained access to its Web server for nine days, hadn’t got access to the government systems. Along with it, the city has decided to launch a law-enforcement investigation.

However, the city has yet to make any public announcement about the data breach.

The city has confirmed with the Review Journal that the hackers were not being able to steal any personal or sensitive information. They only got to see the raw versions of public data that are already searchable through Web forms.

All the Henderson employees were told to change their passwords.

"This is the first time since I've been here, and the first time I'm aware of, that we actually have somebody who got this far," said Laura Fucci, the city's chief information officer, who has been with Henderson since late 2012, told Review Journal.

According to the report, the city had detected the hack on June 29 when a system administrator noticed errors in a "tool" that monitors anonymous activity. Realizing there had been an intrusion, the administrator disabled the server, and the city started trying to determine how far the hacker had gotten.

Fucci declined to discuss how the attacker gained access beyond saying "hacking tools" were used. She said the city quickly decided to hire an outside company to investigate the breach and make sure it had been contained.

The city detention center is offline for more than six weeks. It goes online once the city gets it confirmed   that it is safe.

Today, the website reads, "Inmate Information is temporarily unavailable at this time. We apologize for any inconvenience and appreciate your patience. Please call 702-267-JAIL (5245) for more information."

Carphone Warehouse hacked, personal details of 2.4 million customers stolen

Carphone Warehouse, a British mobile phone retailer, with over 2,400 stores across Europe, has confirmed that its systems had been attacked by hackers during which personal details, which include  bank details, addresses, names and dates of birth, of its 2.4 million customers had been compromised.  

According to a news report published in The Independent, as per a statement from the firm the IT network of one of the firm’s online divisions, was the victim of a “sophisticated cyber-attack” within the last two weeks.

The company also said that 90,000 customers’ credit card details may have been accessed by the hackers.

After the attack, the company sent emails to the customers who may be affected by the cyber-attack asking them to their bank and check for any suspicious activity on their account.

"We take the security of customer data extremely seriously, and we are very sorry that people have been affected by this attack on our systems," Sebastian James, group chief executive of Dixons Carphone, said in a statement.

He added, “We are, of course, informing anyone that may have been affected, and have put in place additional security measures"

The news report said that the Carphone Warehouse, which is owned by Dixons Carphone following a £3.7bn merger, also incorporated Currys and PC World, but the parent firm said that majority of Carphone Warehouse data and that of Currys and PC World is held on separate systems and was not compromised during the attack.

ICANN hacked again, users need to reset their password

Internet Corporation for Assigned Names and Numbers (ICANN), has confirmed that an unauthorized person obtained its account holders’ usernames, email addresses and encrypted passwords for profile accounts created on its public website ( last week.

This is not the first time that the company's website got hacked.

According to a news report published in ZeeSome ten months ago, the company’s website had been hacked by hackers, who accessed its internal system following a spear phishing attack in November, 2014.

The company posted in its website on August 5 that these profile accounts contained user preferences for the website, public bios, interests, newsletter subscriptions, etc.

It is said that the encrypted passwords (hashes) are not easy to reverse however, for the users safety the company has urged all its users to reset their passwords.

“When you next visit our site, please go to the login page and click the forgot password link: to create your new password,” the company explained.

“There is no evidence that any profile accounts were accessed or that any internal ICANN systems were accessed without authorization,” the post read. While investigations are ongoing, the encrypted passwords appear to have been obtained as a result of unauthorized access to an external service provider.”