Vietnamese Hacker who stole identities of 200 million American, sentenced to 13 years

After breaking into the computers of several business entities and stealing the personal identification information of over 200 million Americans, a Vietnamese hacker has finally been sentenced for 13 years in prison.

The Department of Justice on Tuesday, released a report announcing that Hieu Minh Ngo, 25, bagged $2 mn from hacking and stealing the personal identification and selling it to other cyber criminals.

A District Court in New Hampshire finally sentenced Ngo on Tuesday for various fradulent charges, as reported by the Financial Times. Ngo was arrested in february 2013, soon as he entered America.

Back in his home in Vietnam, Ngo was active from 2007 till 2013, for breaking into computer systems and stealing identifiable information like Social security numbers, credit card details, bank account, phone numbers, and advertising about the data on his websites, from where the fellow hackers used to buy the information.

A press release by the Justice Department specified that 'Ngo admitted that he offered access to PII (personally identifiable information) for 200 million U.S. citizens, and that more than 1,300 customers from around the world conducted more than three million "queries" through the third-party databases maintained on his websites'.

The Internal Revenue Service stated that the information sold on Ngo's website to other hackers was used to file income tax returns for more than 13000 people, who saw $65 million returned on their behalf.

'Criminals buy and sell stolen identity information because they see it as a low-risk, high-reward proposition,' Assistant Attorney General Leslie Caldwell said a statement.
'Identifying and prosecuting cyber criminals like Ngo is one of the ways we're working to change that cost-benefit analysis.'

The US Office of Personnel Management revealed that the hackers have stolen more than 21.5 mn social security numbers till now, and out of them 1.1 mn include fingerprints.

Sentencing Ngo has finally taken an initiative for stopping cyber crimes that are breaching the personal identity of civilians.

Digital Constitution hacked, to promote online gambling

Digital Constitution, the Microsoft web site which protects online privacy in a digital world, was hacked to promote online casinos.

According to ZDNet, which first reported about the hacking, the Digital Constitution was running an older version of WordPress when the spammy links were discovered.

Though the links were removed from the front page in the hours following the ZDNet report, a variety of other pages continued link to the gambling sites.

The news reports says that it is unknown how long ago the site was hacked to promote online gambling, whether other Microsoft websites were hacked or not. It is still not clear who was behind the attack.

Ars Technica noted that it was not unusual for hack-by-numbers exploit kits to automatically inject malicious links into vulnerable pages that when viewed by vulnerable computers, perform drive by download attacks.

However, when the company was asked, the Microsoft answered not more than "it's fixed."

According to the news report, the attacker had injected text with keywords like "online casino," "poker, "craps," "roulette," and "blackjack." New pages were added to inject to show content that embeds content from other casino-related websites. 

Hackers steal $24k from Mahwah businessman’s bank account

After big corporations and the government agencies, hackers are now targeting individuals. The hackers stole $240,000 from a local businessman’s bank account in Mahwah by hijacking his phone number.  

According to a report published on CSB New York, at first, the hackers followed and observed the local businessman and gained enough his personal information to convince his bank to wire $240,000 overseas.

Chief of Police James Batelli said that the phone number of the businessman had been hijacked so when the bank called to verify the hackers answered. However, the bank did not get a clue that it was talking to the hackers overseas.

“That is call forwarded to Brussels and the person on that end answers all the proper security questions, which was social security numbers, mother’s maiden name, hospital they were born in; and the bank thinks they’re talking to the person authorized to allow that transfer to go through,” said Batelli.

Batelli said that in order to protect personal information, people should regularly change their security questions.

Kreditech Suspects Insider In Data Breach

Kreditech, a Germany-based  micro-loan startup is investigating a data breach of personal and financial records of thousands of its online applicants, according to Brian Krebs report.

A Web site accessible via Tor, a software that transfers  Internet traffic  to a global network of relays, included links to countless documents, drivers licenses, national Ids, scanned passports, and credit agreements taken from Kreditech’s servers.

A group of  hackers 'A4' professes to have posted the screen shots of the hundreds of gigabytes documents of Kreditech.

Kreditech head of communications Anna Friedrich said, “There is no access to any customer data. This incident stemmed from a form on our website that was stored data in a caching system that deleted data every few days. What happened was that a subset of application data was affected. We are collaborating with the police, but unfortunately there is no more further information that I have to share.”

Further adding Friedrich said that Kreditech believes the data was leaked by an insider, can be former or current employee.

Kreditech, has raised $63 million from investors since 2012. The company grant credit to applicants using traditional data scoring and social media, and provide loans  in Spain, the Czech Republic, Poland, Mexico, Australia, Russia,  Peru, the Dominican Republic and Kazakhstan.

Twitch advises users to change passwords after potential hack

Gaming video broadcaster Twitch recently announced that the site could have potentially been hacked and all users should set new passwords for their accounts on the website.

The company has given out an official statement on the matter saying that hackers could have gained access to personal account information of its users. The website has not given out any information as to how hackers accessed the user information.

Not taking any chances, Twitch has expires the passwords of all its user accounts and also accounts linked from Youtube and Twitter. The company has gone a step further and also asked users to change their similar passwords on other websites.

Twitch is also contacting users personally via email, who they think might have been directly impacted because of the potential breach. In the email (obtained from Twitter user Chris Seymour) Twitch has further stated the information of the affected users at risk.

The email read, 'We are writing to let you know that there may have been unauthorized access to some of your Twitch user account information, including possibly your Twitch username and associated email address, your password, the last IP address you logged in from, limited credit card information (card type, truncated card number and expiration date), and any of the following if you provided it to us: first and last name, phone number, address, and date of birth.'

Twitch has declined to comment publicly what personal information of its users might be at risk.

LAX Police investigating credit card breach at Tom Bradley International Airport

Police have begun investigating what appears to be a credit card fraud at one of the shopping vendors at the Tom Bradley International Airport.

The police are being reclusive on the matter and haven failed to comment what led them to finding out about the credit card breach. They have also refused to tell the press about which shopping vendor might have been compromised for card payments. No suspects have been identified as of yet by the police.

The Tom Bradley International Airport is the sixth busiest airport in the world, and the third in United States. The terminal has three levels and 18 gates and 39 airlines operate out of their. There are dozens of vendors present throughout the airport.

LAX Police have asked anyone who finds unauthorized charges on their card statements at the airport terminal after March 4 to call  (424) 646-6100 immediately.

Yahoo says ShellShock vulnerability is NOT the cause of the servers hack

Researcher Jonathan Hall says he found evidence that Romanian hackers used the recent "ShellShock" vulnerability to hack a number of high profile websites including Yahoo, WinZip.

Hall said he informed Yahoo, WinZip and FBI about the issue.

Yahoo earlier today said their servers were compromised by the ShellShock vulnerability.  But, Yahoo's Chief Information Security Officer Alex Stamos published a statement in Hacker News that the breach is not a result of 'Shell Shock'.

"Three of our Sports API servers had malicious code executed on them this weekend by attackers looking for vulnerable Shellshock servers." Stamos wrote.

"These attackers had mutated their exploit, [and] this mutation happened to exactly fit a command injection bug in a monitoring script our Sports team was using at that moment to parse and debug their web logs."

The company claimed hackers did not gain access to any user data and the affected servers are used to provide live streaming for its sports service that don't store user data.

In response, Hall said in his blog "The Yahoo! infiltration WAS from the 'Shellshock' vulnerability, and it did NOT originate on the sports servers / API’s".

Monsanto hacked, 1300 individuals affected

Monsanto, a chemical and agricultural biotech corporation, has admitted that hackers managed to breach the server of its subsidiary Precision planting.

The breach occurred in late March, affecting less than 1,300 customers and employees.

The affected server contained sensitive information including customer names, addresses, tax ID numbers, Social Security numbers and financial information.

The server was also used for storing Human Resources Department data which includes employee names, addresses, social security numbers and driver's license numbers of small number of employees.

The company claims that it does not believe the breach was an attempt to steal customer information.

The affected individuals are being offered one year free membership of credit monitoring and identity theft insurance. 

Spotify suffers Data Breach, You should upgrade the android app

Music Streaming Service Spotify is the latest high-profile company to report a Data breach.  Spotify has announced on its blog that it had been hacked.

According to the blog post, the breach affected only one user.  The affect user has been notified about the incident.  The company says the breach did not involve any password, financial or payment information.

"Based on our findings, we are not aware of any increased risk to users as a result of this incident." Oskar Stål, Chief Technology Officer at Spotify said in the blog post.

As an additional security measure, the company also recommends android users to upgrade their spotify application.  iOS and Windows Phone users do not need to take any actions.

"We apologise for any inconvenience this causes, but hope you understand that this is a necessary precaution to safeguard the quality of our service and protect our users." the blog post reads.

Official websites of Taj Mahal and Agra Fort hacked by Pakistani hackers


The Pakistani hackers continue to target Indian Government and other websites.  'Pakistan Haxors Crew' is to be one of the most active groups that targeting Indian websites.

Today, the hacker known as 'H4$N4!N H4XOR' from the group hacked into one of the popular Indian Government websites ; The main page of Taj Mahal website(www.tajmahal.gov.in) is now displaying the Pakistan's flag.

The message posted on the defaced page reads follows:
"Whatever you fail to detect, will cause your downfall..Pakistan Haxors Crew is here to remind you of your Security.. Our fight is not against any individual but the system as whole"

It is not the only website defaced in the recent attack. The group also changed the contents of other popular government websites including Agra Fort official site(agrafort.gov.in) and Fatehpur Sikri site.

While other sites are modified to display the hacker's content in the front page of the site, hackers have placed their defacement page in Fatehpur Sikrisite at "http://fatehpursikri.gov.in/r00t.html"  

At the time of writing, all of the affected websites still display the contents modified by the hackers. 

New Zealand Super Computer FitzRoy Hacked


FitzRoy, one of the fastest supercomputer weighing 18 tonnes, equivalent to 7000 laptops working simultaneously, supplying information on future severe weather, as well as greater world issues such as climate change, has been targeted by a computer hacker assumed to hail from China.

FitzRoy is owned by Niwa and is housed in a specially constructed room at the National Institute for Water and Atmospheric Research base at Greta Point, Wellington.

John Morgan chief executive of Niwa confirmed the news on May 23rd that supercomputer's security has been compromised by "an unauthorized person" overnight on Thursday.

He further said- "We immediately isolated the supercomputer, and switched functionality to back-up facilities in Hamilton"

"We are . . . confident the intruder did not get beyond the supercomputer."

FitzRoy provides a Capability Class supercomputer for use by New Zealand scientists working at the forefront of some of the largest scientific challenges faced by the nation. It is the fastest machine of it's kind in the southern hemisphere and comfortably in the world's top 500 supercomputers. It has a peak speed of 34 Tflops which a low latency, high bandwidth interconnect allowing the machine to act as a unified tool to solve the largest scientific problems.

Though it has been confirmed that the attacking IP address is from China still it cannot be confirmed that the attack originated from China, Prime Minister John Key said.“I would be very wary of attributing it to any country,” he says.

Meanwhile Niwa assures that the attack was in vain and FitzRoy has resumed its work normally."After taking a number of mitigation steps, the supercomputer was back online on Saturday evening with all normal services resumed," Niwa says.

Furthermore security expert Dr Paul Buchanan — a former policy analyst for the US Secretary of Defense advising the Pentagon — told NBR the attack followed the Chinese pattern of cyber trawling.He suggests the attack was to look for a back door or weak link, if Fitzroy is connected to other government computers.

But Daniel Ayers, a one-time Ernst & Young computer forensic expert and fraud investigator now private company Special Tactics, has different interpretation.He says-the attack could be used to mount a brute force attack on encryption of the supercomputer."The culprit in this case might have been seeking to establish a ‘botnet’ of super computers to solve a particularly difficult problem — possibly cryptographic. Or they might have suspected that the machine had covert classified uses, and it may do.”-he adds.

On the way we can now be sure that the day is not far when the security of super computer can be interrogated heavily.

Hackers lock iPhones remotely and demanding $100 to unlock it


In recent hours, a number of users from Australia had a nightmare as cyber criminals locked their devices and demanding payment of a ransom.

The locked devices show the following message "Device Hacked by Oleg Pliss" and instructs victims to send $100 dollars to lock404@hotmail.com to unlock their devices.

The cyber attack came to light, after one user from Melbourne shared his experience in Apple support forum and asked help to fix the problem.  Following his post, several users have reported of being affected by this attack.

It appears hackers used stolen Apple IDs and passwords to access iCloud account that allowed them to lock victim's devices and display a message.

What you should do? Don't pay the Ransom !
Affected users are advised to contact Apple directly to regain access to their account.  

Once you have access to your account, change the password immediately and enable two step authentication feature for your account.

Hacker surrenders, after Roger Ver puts $20,000 bounty on the Hacker


Be Careful who you are messing with, An attacker realized he picked a wrong victim when the victim decided to spend $20,000 to find him.

Roger Ver, the man known as "Bitcoin Jesus, who is the Angel investor in lots of Bitcoin startups, announced a 37.6BTC reward(about $20k) for information that leads to the arrest of the hacker who hijacked his Hotmail account and threatened to ruin his life.

It all started when the hacker managed to hijack an old Hotmail account of Roger by answering the security questions.

According to reddit, the attacker used the hotmail account to gain access to Roger's old facebook account and one of his domain accounts at register.com.  The attacker also attempts to hack his primary email account and domain name. 

The attacker using the screen name 'savaged' contacted Roger via Skype and demanded "37.63289114 BTC"

"I think we both know this won't be pleasent and let's be honest there is nothing you can do to have me caught, I've been around too long" The attacker said.

"Let's be honest I will sell [SSN REDACTED] + your information to fraudsters that will credit f*** you then get your moms social and credit f*** her too and ruin both your lives"

The hacker also claimed he is the one who hacked @UberFacts twitter account which has 6.7 M followers.

A Bounty on the Hacker:
But, Roger decided to follow a technique used in the movie called 'Ransom': Rather than giving the money to criminals, he posted he was putting a bounty on the hacker instead.



When the attacker learned of the bounty on his head, he got scared and deleted Roger's hotmail and gave the password for all other accounts and ran away.

"I just need to raise funds for my mother, but since you aren't going to help, all your passwords are: Nigger55" The person on the end of skype said.

"Goodbye, Sir, I am sincerely sorry I am just a middleman I was being told what to tell you."

Roger said in his tweets the things are back to control and not a single Bitcoin was stolen. 

Doge Vault hacked, 121 Million Dogecoin appears to be stolen


A Popular Dogecoin online wallet service DogeVault has reportedly been infiltrated by cyber criminals, millions of Dogecoins missing from user's wallet.

A note on the front page of the website(www.dogevault.com) says DogeVault service compromised by attackers on May 11, resulting in a service disruption and tampering with wallet funds.

The website has not provide much information about how much they lost in the heist.  However,  Some users at reddit reported that coins have been transferred to a newly created mega wallet.

According to Dogechain records, this wallet (DHKM6NDUUv9kaHAGi1QU7MRBNKfQiAdP3F) has more than 121 million Dogecoins that is about $56,000 dollars.

"We are currently in the process of identifying the extent of the attack and potential impact on user's funds" The statement on the website reads.

DogeVault suggests users not to transfer any funds to Doge Vault addresses until they finish the investigation.

Syrian Electronic Army hacks 4 Wall Street Journal twitter accounts


Wall Street Journal was caught in the crossfire between the Syrian Electronic Army and Ira Winkler who is the CEO of security firm Secure Mentem.

The Syrian Electronic Army(SEA) hijacked four twitter accounts belong to WSJ : @WSJD,  WSJ Europe(@WSJPEurope), WSJ Africa(@WSJAfrica) and WSJ Vintage(@WSJVintage).

SEA posted the message "@Irawinkler is a cockroach" with a picture of Ira Winkler's head on the body of a cockroach.

The attack was carried out in response to a RSA Conference presentation in which Winkler talked about the hacking methods of the SEA and made fun of them.

In his presentation, Winkler also commented that "these people are like cockroaches of the Internet".

This is not the first attack carried out by SEA in response to this presentation.  Last month, the group also defaced the RSA Conference website and said "If there is a cockroach in the internet, it would be definitely you "

Wall Street Journal seems to have recovered the hijacked twitter accounts posted in twitter "We have secured our compromised Twitter accounts and they are now functioning normally."

Creepy Voice from Baby Monitor Yells at baby

It's middle of the night and 10-month-old Adam Schreck's daugher was asleep in her room.  Adam had a baby monitor that was also equipped with a camera.  Suddenly, there was a creepy voice coming from the baby monitor.

The voice said "Wake up baby.. Wake up baby" and then a long 'aaaaahhhhh'. Once Adam entered the baby's room, the camera turned towards Adam and shouted at him.

No, I'm not telling you scary stories and not even talking about the scary baby monitor scene from 'Insidious' movie.  It's real incident occurred in Cincinnati, ohio.

Someone hacked into the Adam's baby monitor and began shouting at his daughter.  The camera that was hacked is manufactured by Foscam, according to Fox19 report.

Earlier this year, security journalist Brian Krebs explained about a security bug in the Foscam's firmware.  The bug allows anyone to access the web-interface for this camera by entering a blank username and password.

This is not the first case of hackers taking control of a baby monitor, as a similar incident occurred in Houston last year.

To secure yourself, make sure you have update to date firmware and change the default user name and password of your baby monitor.

BSNL website hacked by Pakistani hacker Kai-H4xOrR


Website of Indian state-owned Telecoms company Bharat Sanchar Nigam Limited is one of the highest targets of Pakistani hackers. The site has been defaced a dozens of times in the past decade.

Today, a Pakistani hacker known as Kai-H4xOrR from Pakistan Haxors Crew has managed to deface a BSNL's sub-domain for International Roaming (http://ir.bsnl.co.in/).

" Payback For Hacking Pak Sites .!! " The hacker said in the defacement.

"And Dont mess with Pakistan else you will lose both your Name and this Game Backoff Lamers from our cyber space.. Everybody Knows whose cyber space is more vulnerable You will hack 1 we will hack thousands ./Logout "

At the time of writing, the website is still defaced.  The mirror of the defacement can be found here: http://legendhacks.com/defacements/?id=7173

The same hacker defaced the BSNL's sub-domain for the Online Certificate Programme in the mid of March, 2014.

British National Party's Twitter account and website hacked by Anonymous


A Hacker appears to affiliated with Anonymous hacktivists has hijacked the official twitter account of British National Party(BNP) and started to post anti-government and hateful messages.


The hacker also managed to deface one of the subdomains of BNP(British National Party Twitter account hacked by Anonymous ).  The defacement message simply says "Hacked by Anon_0x03, [redacted] the Government!"

When an user asked about the motive of the attack, the hacker simply replied that BNP is a random target.

"I'm not even from GB." the tweet posted from hacked BNP account(@BNP) reads.

It appears hackers have access to the account for more than 20 hours.  But, No one from BNP have noticed.  The recent tweet says "damn racist".

At the time of writing, the hacker has still access to the BNP twitter account and the subdomain is still defaced.

LK Advani's official website hacked by Pakistani Hacker

Screenshot of Defacement

The next day after Bihar BJP's official website get hacked by hacker claimed to be from Pakistan, the official website of Senior BJP Leader LK Advani (www.lkadvani.in) also got defaced by the same hacker.

The hacker who called himself Muhammad Bilal began the defacement message by saying "I'M Back ;D gOOd mOrNing Narendra Modi".  The hacker also wrote "Free Kashmir..Freedom is our goal."

The hacker also claimed to have defaced the websites of Bharti Janta Party In Lok Sabha and Bharti Janta Party In Rajya Sabha.

A screenshot published in the hacker's profile shows that he also gained access to the database server.  The accessed information includes email IDs, hashed-passwords, phone numbers and other details.

At the time of writing, the LK Advani's website is down for maintenance.

Hacker arrested for exploiting HeartBleed vulnerability to steal information

A 19-year-old computer science student has been arrested by the Royal Canadian Mounted Police (RCMP) and accused of stealing personal data by exploiting the "HeartBleed" vulnerability.

HeartBleed, the bug that left the Internet vulnerable, is a recently uncovered security flaw in the popular open-source encryption library(OpenSSL) which allows attackers to read memory of the server running vulnerable OpenSSL - means attacker can steal sensitive information.

Stephen Arthuro Solis-Reyes from London, Ontario, accused of exploiting HeartBleed bug to steal sensitive information from servers of the Canadian Revenue Agency(CRA), according to RCMP.

During the Police raid, his computer was seized by Canadian police.  He is scheduled to appear in court in Ottawa on July 17.

The arrest came after CRA announced that someone exploited the HeartBleed bug to steal 900 Social Insurance numbers of taxpayers.  The agency had shut down its site temporarily to prevent further attacks.

"The RCMP treated this breach of security as a high priority case and mobilized the necessary resources to resolve the matter as quickly as possible." Assistant Commissioner Gilles Michaud said in a statement.

"Investigators from National Division, along with our counterparts in “O” Division have been working tirelessly over the last four days analyzing data, following leads, conducting interviews, obtaining and executing legal authorizations and liaising with our partners".