Search This Blog

Showing posts with label Hacker group. Show all posts

These legit looking iPhone cables allow hackers to take charge of your computer

When they said you should be wary of third-party accessories and unbranded cables for charging your smartphone, they were serious. And the latest example of what a cable that isn’t original can do, should be enough to scare you. There is apparently a Lightning Cable that looks just as harmless as an iPhone cable should. But it has a nasty trick up its sleeve, which allows a hacker to take control of your computer, the moment you plug this in to the USB port. This cable has been dubbed the OMGCable.

A security researcher with the Twitter handle @_MG_ took a typical USB to Lightning cable and added a Wi-Fi implant to it. The moment this gets plugged into the USB port on a PC, a hacker sitting nearby with access to the Wi-Fi module hidden inside the cable can run a malicious code and take charge of a PC or remotely access data without the user even noticing.

“This specific Lightning cable allows for cross-platform attack payloads, and the implant I have created is easily adapted to other USB cable types. Apple just happens to be the most difficult to implant, so it was a good proof of capabilities,” said MG, as reported by the TechCrunch website.

The thing with phone charging cables is that no one really gives them a second look. You see one, you plug it in and you let it be. At the same time, a lot of users are wary about using USB drives, also known as pen drives or thumb drives, because they are popular as carriers of malware and viruses that can pretty much ruin your PC.

A Hacker Group, 'Barium' on a Supply Chain Hijacking Spree



One of the most fatal forms of hacking is a software supply chain attack as it involves illicitly accessing a developer's network and placing the malicious code into the software updates and applications that users consider and trust the most.

In a single attempt, supply chain hackers can potentially place their ransomware onto thousands or millions of computer systems, they can do so without even a single trace of malicious activity. With time, this trick has gained a lot of traction and has become more advanced and difficult to be identified. Supply chain attacks follow a similar pattern and have been used by the associated companies as their core tool.

Basically, supply chain attacks exploit various software dissemination channels and over the last three years, these attacks have been majorly linked to a group of Chinese hackers. Reportedly, they are popularly known as ShadowHammer, Barium, Wicked Panda and ShadowPad, the name varies along with the security firms.

The trick demonstrates the massive potential of ShadowHammer to destroy computer systems on a large scale along with exploiting vulnerabilities present in a fundamental model which governs the code employed by users on their systems, such destructive ability possessed by Barium is a matter of great concern for security researchers.

Referencing from the statements given by Vitaly Kamluk, the director of the Asia research team for security firm Kaspersky, "They're poisoning trusted mechanisms," "they’re the champions of this. With the number of companies they’ve breached, I don’t think any other groups are comparable to these guys."

"When they abuse this mechanism, they’re undermining trust in the core, foundational mechanisms for verifying the integrity of your system,"

"This is much more important and has a bigger impact than regular exploitation of security vulnerabilities or phishing or other types of attacks. People are going to stop trusting legitimate software updates and software vendors."

On being asked, Marc-Etienne Léveillé, a security researcher, said, "In terms of scale, this is now the group that is most proficient in supply chain attacks,"

"We’ve never seen anything like this before. It’s scay because they have control over a very large number of machines

"If [Barium] had deployed a ransomware worm like that through one of these attacks, it would be a far more devastating attack than NotPetya," said another expert on the matter.






Russia-linked hackers Fancy Bears leak data from International Luge Federation

A Russia-linked hacker group called “Fancy Bears” released a statement on Wednesday claiming to have leaked emails and documents that demonstrate violations of anti-doping rules, just two weeks before Winter Olympics 2018.

“The obtained documents of the International Luge Federation (FIL) show the violations of the principles of fair play: widespread TUE approvals, missed anti-doping tests and the double standards approach towards guilty athletes,” read the report.

This is the same group that was implicated in the 2016 Democratic National Committee (DNC) hack, and is also known by the names “Pawn Storm” or “APT 28”.

This is believed to be in response to Russia’s ban from the 2018 Winter Olympics following the controversy in the 2016 games where the same group is believed to have been responsible for the hack that leaked sensitive athlete data stolen from the World Anti-Doping Agency (WADA), which too was in response to the organization’s recommendation to ban Russian athletes from the 2016 games in Rio over allegations of state-sponsored doping.

The hacking group’s “About Us” on their website reads, “We are going to tell you how Olympic medals are won. We hacked World Anti-Doping Agency databases and we were shocked with what we saw.”

China Bank Network Website Defaced By Indian Cyb3r D3V!LS


Indian Hacker group named "Indian Cyb3r D3V!LS" has hacked into the China Bank website and defaced the main page of the website(www.bbyinhang.com).

The Bibi bank network independent website, co-founded by a number of financial professionals committed to universal access to financial expertise to help the general public understand the products and services provided by banks, to cultivate rational, smart and confident consumers of financial.

The hacker claimed to have breached the site by exploiting the Remote File Inclusion (RFI) vulnerability.

Hackers claimed to have compromised around 1000 credit card numbers but they are not going to release/misuse the details.

""Chinese Hacker defacing Many Indian government and colleges along with Pakistan hackers.  Don't mess with us we are greater than you.. no respect for your f** security.. " Hacker said.

Indonesian President website hacked by MJL007 from Jember Hacker Team


The official website of Indonesian president,Susilo Bambang Yudhoyono , presidensby.info, has been hacked and defaced by an Indonesian Hacker group known as Jember Hacker Team(JHT) .

The site was defaced by a hacker called "MJL007" from the group with a small message reading "This is a payback From Jember Hacker Team".

Few hours after the site got breached, the Indonesian Government restored the website. At the time of writing, the website works fine.

Detik cited the Indonesian minister of communications and information, Tifatul Sembiring, as claiming that the hacker didn't really hack into the website diverting the IP address that is in the existing DNS soft layer in Texas.

The mirror of the defacement can be found here:
http://www.zone-h.org/mirror/id/18912807

VandaTheGod hacks several Government websites


A Hacker named VandaTheGod from UGNazi hacker group, has breached several Government websites and other websites.

Recently, he hacked Ecuador government website "Technical Secretariat for Vocational Training (setec.gob.ec), Argentina govt site "Ministry of Education of the Province of Corrientes (mecc.gov.ar)", official site of Escalante City ,Philippines(escalantecity.gov.ph).

The hacked sites simply displays a text "Deface By @VandatheGod or @CosmoTheGod" with a email address of the hacker.

The hacker keep defacing more websites every minutes. He also hacked subdomain of "The International Bank for Trade and Finance(mail.ibtf.com.sy).  

Government of Mizoram (Dpar.mizoram.gov.in) site hacked and defaced by Anonymous

Mizoram government site hacked

Anonymous hacktivist has hacked into the Department of Personnel and Administrative Reform(DP&AR) sub domain(Dpar.mizoram.gov.in) belong to Government of Mizoram.

Mizoram  is one of the Seven Sister States listed as in North Eastern India, sharing borders with the states of Tripura, Assam, Manipur and with the neighboring countries of Bangladesh and Burma.

"This is Govt saying, they can still censor you if you speak against them. " Hacker posted the protest message in the defacement webpage.

"Free press is a myth in #India thanks to #ITAct #66A with latest modification the Govt will better control "

" The time to sit silently is gone. Call your friends and get them to protests sites"

The defaced page:
dpar.mizoram.gov.in/components/index.html

At the end of the defacement page, hackers mentioned  that the website is full of malware even before they hacked into the site.