Hackers' attempt to bring down Rostelecom failed



At the end of August, a powerful DDOS attack was launched against Rostelecom, a largest Internet provider in Russia.  According to the local news report, the experts from the company managed to detect and defend the attack within 8 minutes.

If the attack was successful, it coulld disrupted the usage of 170,000 customers and disrupted the work in Kirov region.  Moreover, this attack would have done economic and reputation damages for the Rostelekom.

It is to note that "Rostelecom" is serving a large number of users: about 130,000 people use the Internet, 44000 use the interactive TV, another 300000 use telephony. The customers not only include normal users but also a corporates which includes largest ones.

"Our company has powerful monitoring tools, we can identify these attacks, reflect them and, in most cases, determine where the attack has been initiated. Generally, the purpose of these attacks is to create problem for service provider and users, limiting their access to the Internet, in order to cause commercial and reputation risks.", The technical Director of "Rostelecom" in Kirov region, Alexey Dolzhenkov said.

It is still unknown who is behind this attack, the experts are gathering evidence of the attack.

- Christina

Official forum of Unity Hacked by OurMine Hacking Group


Representatives of the company Unity Technologies released an official statement concerning the hacking of the Unity forum last weekend. Hackers from the notorious group OurMine took responsibility for the attack on the defacement page and told about the theft of data.

Through integrated system for mailing the hackers sent letters to all users of the forum with a message, in which they called themselves a "group of experts". In e-mail attackers also reported on the hacking of the website Unity3D and recommended to change passwords. Hackers claimed that the database of resource was at their disposal. And they have information of more than two million users.

The staff of Unity Technologies confirmed the attack, however, the company denied that hackers got user-level passwords and other personal information. The company explained that the incident occurred as result of "using weak password," but members of the OurMine and the attackers compromised "small number of data". Separately, it emphasized that financial information of users were not affected, and the attack did not affect other services of Unity.

Developers warned that in this incident passwords were not "lost", but they still recommend users to change passwords. Because it is possible that the group have e-mail addresses and passwords obtained from other sources.

Directly after the attack on April 30, 2017 the forum time were not available for some, but now it is operating normally. Representatives from Unity Technologies promise to work on their security, in particular, in the coming weeks two-factor authentication and a more serious password policy should appear on forum.

The group OurMine is known for regularly hacking accounts of different famous personalities. List of victims from hands of hackers include: Mark Zuckerberg (head of Facebook, hacked Pinterest and Twitter), Dick Costolo (ex-head of Twitter, hacked Pinterest and Twitter), Sundar Pichai (head of Google, hacked Quora and messages from the hackers were duplicated in Twitter), Ev Williams (co-founder of Twitter, Blogger and Medium, hacked Twitter), Daniel Ek (head of Spotify, hacked Twitter) and Brendan Iribe (head of Oculus Rift, hacked Twitter), and YouTube-user Pewdiepie, Hollywood actor Channing Tatum and many others.

Vietnamese Hacker who stole identities of 200 million American, sentenced to 13 years

After breaking into the computers of several business entities and stealing the personal identification information of over 200 million Americans, a Vietnamese hacker has finally been sentenced for 13 years in prison.

The Department of Justice on Tuesday, released a report announcing that Hieu Minh Ngo, 25, bagged $2 mn from hacking and stealing the personal identification and selling it to other cyber criminals.

A District Court in New Hampshire finally sentenced Ngo on Tuesday for various fradulent charges, as reported by the Financial Times. Ngo was arrested in february 2013, soon as he entered America.

Back in his home in Vietnam, Ngo was active from 2007 till 2013, for breaking into computer systems and stealing identifiable information like Social security numbers, credit card details, bank account, phone numbers, and advertising about the data on his websites, from where the fellow hackers used to buy the information.

A press release by the Justice Department specified that 'Ngo admitted that he offered access to PII (personally identifiable information) for 200 million U.S. citizens, and that more than 1,300 customers from around the world conducted more than three million "queries" through the third-party databases maintained on his websites'.

The Internal Revenue Service stated that the information sold on Ngo's website to other hackers was used to file income tax returns for more than 13000 people, who saw $65 million returned on their behalf.

'Criminals buy and sell stolen identity information because they see it as a low-risk, high-reward proposition,' Assistant Attorney General Leslie Caldwell said a statement.
'Identifying and prosecuting cyber criminals like Ngo is one of the ways we're working to change that cost-benefit analysis.'

The US Office of Personnel Management revealed that the hackers have stolen more than 21.5 mn social security numbers till now, and out of them 1.1 mn include fingerprints.

Sentencing Ngo has finally taken an initiative for stopping cyber crimes that are breaching the personal identity of civilians.

Digital Constitution hacked, to promote online gambling

Digital Constitution, the Microsoft web site which protects online privacy in a digital world, was hacked to promote online casinos.

According to ZDNet, which first reported about the hacking, the Digital Constitution was running an older version of WordPress when the spammy links were discovered.

Though the links were removed from the front page in the hours following the ZDNet report, a variety of other pages continued link to the gambling sites.

The news reports says that it is unknown how long ago the site was hacked to promote online gambling, whether other Microsoft websites were hacked or not. It is still not clear who was behind the attack.

Ars Technica noted that it was not unusual for hack-by-numbers exploit kits to automatically inject malicious links into vulnerable pages that when viewed by vulnerable computers, perform drive by download attacks.

However, when the company was asked, the Microsoft answered not more than "it's fixed."

According to the news report, the attacker had injected text with keywords like "online casino," "poker, "craps," "roulette," and "blackjack." New pages were added to inject to show content that embeds content from other casino-related websites. 

Hackers steal $24k from Mahwah businessman’s bank account

After big corporations and the government agencies, hackers are now targeting individuals. The hackers stole $240,000 from a local businessman’s bank account in Mahwah by hijacking his phone number.  

According to a report published on CSB New York, at first, the hackers followed and observed the local businessman and gained enough his personal information to convince his bank to wire $240,000 overseas.

Chief of Police James Batelli said that the phone number of the businessman had been hijacked so when the bank called to verify the hackers answered. However, the bank did not get a clue that it was talking to the hackers overseas.

“That is call forwarded to Brussels and the person on that end answers all the proper security questions, which was social security numbers, mother’s maiden name, hospital they were born in; and the bank thinks they’re talking to the person authorized to allow that transfer to go through,” said Batelli.

Batelli said that in order to protect personal information, people should regularly change their security questions.

Kreditech Suspects Insider In Data Breach

Kreditech, a Germany-based  micro-loan startup is investigating a data breach of personal and financial records of thousands of its online applicants, according to Brian Krebs report.

A Web site accessible via Tor, a software that transfers  Internet traffic  to a global network of relays, included links to countless documents, drivers licenses, national Ids, scanned passports, and credit agreements taken from Kreditech’s servers.

A group of  hackers 'A4' professes to have posted the screen shots of the hundreds of gigabytes documents of Kreditech.

Kreditech head of communications Anna Friedrich said, “There is no access to any customer data. This incident stemmed from a form on our website that was stored data in a caching system that deleted data every few days. What happened was that a subset of application data was affected. We are collaborating with the police, but unfortunately there is no more further information that I have to share.”

Further adding Friedrich said that Kreditech believes the data was leaked by an insider, can be former or current employee.

Kreditech, has raised $63 million from investors since 2012. The company grant credit to applicants using traditional data scoring and social media, and provide loans  in Spain, the Czech Republic, Poland, Mexico, Australia, Russia,  Peru, the Dominican Republic and Kazakhstan.