Search This Blog

Showing posts with label Hackers News. Show all posts

Hackers who were preparing attacks on hospitals arrested in Romania


Romanian law enforcement officials stopped the activities of the cybercriminal group PentaGuard, which was preparing to carry out attacks on Romanian hospitals using ransomware.

Four hackers were arrested, and searches were conducted at their place of residence (at three addresses in Romania and one address in Moldova). According to the Romanian Directorate for Investigating Organized Crime and Terrorism (DIICOT), hackers had various malicious programs at their disposal, including Trojans for remote access, ransomware, as well as tools for defacing sites and SQL injections.

In addition, hackers developed malicious computer applications for use in computer attacks, such as rasomware-cryptolocker and RAT (Remote Trojan Access). Such malicious attacks were directed against several state institutions, as in Bucharest.

During the investigation, it became clear that cybercriminals planned to attack hospitals. The attackers intended to send phishing emails on the subject of COVID-19 to medical institutions, and use them to infect networks with ransomware Locky or BadRabbit, encrypt files and demand a ransom for recovery. According to the Romanian media, this is how the cybercriminals wanted to protest against the quarantine measures taken by the Romanian government.

This type of attack makes it possible to block and seriously disrupt the functioning of the IT infrastructure of these hospitals. They are part of the healthcare system, which currently plays a decisive and decisive role in combating the pandemic with the new coronavirus.

The hacker group PentaGuard has existed since about 2000. In January 2001, the group carried out a massive deface of the sites of the British and Australian governments. Over the past few years, PentaGuard has not conducted any deface campaigns but has remained active on hacker forums. In January 2020, the group resumed defacing attacks.

Germany has put a Russian "Dmitry Badin" on the international wanted list on suspicion of a cyberattack


The Office of the German Federal Public Prosecutor issued an arrest warrant for a Russian whom they suspect of hacking into the computer systems of the German Parliament in 2015, writes the newspaper Sueddeutsche Zeitung. The publication reports that the suspect's name is Dmitry Badin, he is allegedly an officer of the GRU.

Mr. Badin is also wanted by US authorities for hacking attacks, including the theft of emails from Hillary Clinton and the Democratic Party on the eve of the 2016 presidential election. US investigators rank him among a group of seven Russians suspected of cyber-hacking. The FBI believes that he is a Russian military intelligence officer from the GRU.

According to German law enforcement agencies, Badin is a member of the hacker group Fancy Bear. The Russian is accused of carrying out secret intelligence activities and illegally extracting computer data. Sources say that the Russian was one of the organizers of the attack on the networks of the German Parliament. Cybercrime was investigated by the Federal Criminal Investigation Agency and the police.

The newspaper reported that investigators are confident that 29-year-old Mr. Badin was also involved in a hacker attack on the German Bundestag Parliament in April 2015.

Recall that in January 2019, Germany experienced the largest leak of personal data of politicians in the history of the country. The German authorities suspected Moscow of the cyberattacks that had occurred before. Then Der Spiegel reported with reference to the country's counterintelligence that the hacker group Snake, linked to the Russian special services, tried to get access to the electronic resources of the Bundestag, the Bundeswehr and the German Foreign Ministry. The German intelligence services previously accused the same group of massed cyberattacks against German government agencies registered at the end of 2017.

Russia repeatedly denied accusations of involvement in hacker attacks. None of the German law enforcement agencies has ever provided any evidence in support of the media version about the connections of cybercriminals with Moscow.

Hackers switched from direct theft of money to gaining control over the infrastructure of companies


According to the report by Rostelecom Solar JSOC, hackers changed the focus of attacks, switching from direct theft of money to gaining control over the infrastructure of companies. Experts explain this trend by the fact that the average level of security of banks has increased significantly, which forces hackers to look for more vulnerable targets. Moreover, the demand for industrial espionage has increased on the black market. However, experts said that the activity of such hacker groups began to decrease against the background of the pandemic.

According to the report, by the end of 2019, the number of attacks aimed at gaining control over the infrastructure of companies and organizations has increased by 40%, while attacks for the purpose of stealing money have become 15% less frequent.

A long and unnoticeable presence in the organization's infrastructure allows attackers to investigate its internal processes in detail, gain deeper access to IT systems and control over them, says Vladimir Drukov, Director of Solar JSOC. He notes that hackers monetize this information by selling it on the black market, blackmailing the victim organization, or engaging in competitive intelligence.

In addition, in recent years, attacks are increasingly targeted at industrial and energy facilities, as well as government agencies whose control over infrastructure is critical for the country.

Kaspersky Lab confirmed that the number of attacks on corporate infrastructure is increasing. According to antivirus expert Denis Legezo, about 200 groups engaged in cyber espionage are currently being observed. However, the expert notes that during the coronavirus pandemic, a decline in their activity is noticeable.

Head of Analytics and Special Projects at InfoWatch Group of Companies Andrei Arsentyev noted that hackers are usually engaged in industrial espionage by order, including “hunting for various know-how, business development plans, pricing schedules”.

Attackers can monetize attacks not only through theft of funds but also by selling already configured connections to the victim’s local network to other criminals, says Evgeny Gnedin, head of Positive Technologies information security analytics department. Such a model of “access as a service” is gaining momentum today, which explains the increase in the number of such attacks.

The FBI arrested a Russian associated with Deer.io


The Federal Bureau of Investigation arrested a Russian citizen who allegedly supported the sale of hacked accounts and personal data of Internet users. The arrest occurred at the John F. Kennedy Airport.

"We received information from American law enforcement agencies that he was detained on March 7. He is in New York now in a Manhattan detention center," said Alexei Topolsky, a spokesman for the Russian Consulate.

According to him, the initial initiative for the arrest comes from the San Diego FBI. The Russian has not yet contacted the Consulate.

According to the FBI, Mr. Firsov managed the platform Deer.io where online stores engaged in illegal activities were located. The arrest warrant indicates that Firsov took part in the work Deer.io since its launch (October 2013).

According to the prosecution, Firsov is the administrator of this platform, which is located in Russia and provides an opportunity for criminal elements to sell their "products and services". The prosecution claims that the platform is selling the hacked American and international financial and corporate information, personal data, stolen accounts of many American companies.

The prosecution said that a cybercriminal who wants to sell contraband or offer criminal services through the platform can do it for $12 a month. The monthly fee is paid in bitcoins or via a number of Russian payment systems, such as WebMoney. According to Firsov, more than 24 thousand stores worked on the site, which brought in more than $17 million.

American law enforcement officers opened a criminal case, according to which Deer.io almost completely used for cybercrime purposes. FBI found stores on the Firsov site that sell access to hacked accounts, servers and personal data of users.

The Bureau said that Kirill Firsov was aware of who uses his platform, and more than once advertised Deer.io on cybercrime forums.

Russian hackers included in the US sanctions list may be associated with the criminal world


Russian hackers from the group Evil Corp, which the British intelligence services call the most dangerous in the world, can be associated with crime, in particular, with the thief in law Vyacheslav Ivankov, better known as Yaponchik ("the little Japanese").

On December 9, it became known that Maxim Yakubets, the alleged leader of the group, was married to Alena Benderskaya, who is the daughter of Eduard Bendersky, a veteran of the FSB special forces Vympel.

Journalists wrote that Benderskaya is the founder of companies associated with the security business of her father, as well as co-owner of two stores of the Italian brand Plein Sport. It's sportswear stores that Yakubets and his friends from Evil Corp liked to wear.

According to the database, the share in these stores belongs to Otari Sadov. Journalists call him "the son of an authoritative businessman Leni Assiriysky, the right hand and nephew of Yaponchik."
According to a source familiar with the details of the investigation, the hacker group was engaged in money laundering, including through real estate investments. He emphasized that Yakubets attracted a thief in law to Evil Corp.

Earlier it became known that one of the participants of the hacker group Evil Corp was Andrei Kovalsky, the son of Vladimir Strelchenko, the former mayor of the Moscow city of Khimki.

On December 5, the US government imposed sanctions against 17 Evil Corp hackers and companies associated with them. The US Treasury Department estimated the damage from their activities at $100 million.

The leader of the group Maxim Yakubets arrested in absentia. The US State department has announced a five-million-dollar reward for information leading to his arrest.

The Ukrainian Security Service and the FBI eliminated a powerful hacker group


Previously, Ehacking News reported that on July 16, it became known that the Ukrainian Security Service and the FBI detained hackers controlling 40% of the Darknet. Since 2007, members of the group have provided hackers and criminals from around the world access through Ukrainian networks in the Darknet.

Intelligence service established that the organizer of the group is the citizen of Ukraine, a resident of Odessa Mikhail Rytikov (Titov). He got serious about hacking in Moscow in the mid-2000s. In 2007, he began to provide services to hackers around the world through Ukrainian networks, carefully hiding the actual location of his equipment. From time to time, Ukrainian, Russian, and American law enforcement officers found the equipment, confiscated it, but the hacker group soon resumed its activities.

It turned out that about 10 accomplices were under command of Ukrainian hacker, as well as dozens of intermediaries in different countries and thousands of customers. Among them, for example, Eugene Bogachev, the developer of the virus ZeuS, who is wanted by the FBI.

It is established that Rytikov sold his services through closed hacker forums and specialized web resources, claiming that his server equipment is located in data centers in Lebanon, Iraq, Iran, Germany, Panama, the Netherlands, Belize, Russia. In fact, the equipment was located near Odessa, in one of the unfinished houses. The room was equipped with secret telecommunication channels and even had its own elevator.

“Nearly one hundred and fifty servers were seized during the authorized investigative actions on the territory of a private house with a hidden data center with a backup autonomous power supply, security and powerful Internet access channels. Thousands of hacker resources were placed on them, some remained encrypted, many were set up in such a way as not to keep traces of criminal activity”, said the acting Head of the Cyber Security Department of SBU (the Ukrainian Security Service) Nikolay Kuleshov.

According to law enforcement officers, they seized 146 servers for hundreds of terabytes of illegal information. The total cost of the equipment, a powerful electric generator, construction and home improvement, agreements with power engineers on a dedicated electric line is estimated at 700 thousand dollars. Only one generator could cost about 150 thousand dollars. The data center could work for a long time even in the absence of electricity.

It’s interesting to note that among the crimes committed with the participation of Rytikov, law enforcement officers distinguish the spread of malicious software ZeuS, which was used to steal financial, the case of hacking the NASDAQ exchange, called "the greatest fraudulent scheme of this type ever implemented in the United States."

Hacker uses a nanocomputer to steal NASA data

It wasn’t a good day for NASA when an unidentified cyber-attacker was able to steal 500 MB of mission data, through a Raspberry Pi nanocomputer.

First introduced by the charity Raspberry Pi Foundation in 2012, the Raspberry Pi is a credit-card sized device intended for the general public, young and old, beginners and amateurs. It is sold for about $35 that plugs into home televisions and is used mainly to teach coding to children and promote computing in developing countries.

The Raspberry Pi organization has just announced the release of the fourth generation of its budget desktop PC, the completely re-engineered Raspberry Pi 4.

The April 2018 attack went undetected for nearly a year, according to an audit report issued on June 18, and an investigation is still underway to find the culprit.

The hacker infiltrated into NASA’s Jet Propulsion Laboratory network and stole sensitive data and forced the temporary disconnection of space-flight systems, the agency has revealed.

Prior to detection, the attacker was able to exfiltrate 23 files amounting to approximately 500 megabytes of data, the report from NASA’s Office of inspector General said.

These included two restricted files from the Mars Science Laboratory mission, which handles the Curiosity Rover, and information relating to the International Traffic in Arms Regulations which restrict the export of US defense and military technologies.

“More importantly, the attacker successfully accessed two of the three primary JPL networks,” the report said.

"Officials were concerned the cyberattackers could move laterally from the gateway into their mission systems, potentially gaining access and initiating malicious signals to human space flight missions that use those systems."

NASA came to question the integrity of its Deep Space Network data “and temporarily disconnected several space flight-related systems from the JPL network.”

Flaws in LTE can allow hackers to spoof presidential alerts


Last year, the United States performed the first public test of the national Wireless Emergency Alert (WEA), an alert system designed to send messages to smartphones, TVs, and other systems simultaneously. The test was specifically for the 'Presidential Alert,' a new category that can't be opted out of (like AMBER alerts). It turns out these types of alerts can be easily spoofed, thanks to various security vulnerabilities with LTE towers.

Researchers figured out a way to exploit the system that sends presidential emergency alerts to our phones, simulating their method on a 50,000 seat football stadium in Colorado with a 90 percent success rate.

A group of researchers at the University of Colorado Boulder released a paper that details how Presidential Alerts can be faked. An attack using a commercially-available radio and various open-source software tools can create an alert with a custom message.

Why it matters: The Wireless Emergency Alert (WEA) system is meant to allow the president to promptly broadcast alert messages to the entire connected US population in case of a nationwide emergency. It can also send out bad weather or AMBER alerts to notify citizens in a particular region or locality, thus making its operation critical. However, the exploitation of LTE networks used in it can enable the transmission of spoofed messages that can cause wide spread of misinformation and panic among the masses.

The researchers didn’t perform an actual attack on a live crowd at the stadium or on actual mobile devices, Eric Wustrow, a researcher on the paper, told Gizmodo in an email. The tests performed were instead done in isolated RF shield boxes, Wustrow said, “and our analysis of Folsom Field was a combination of empirically gathered data and simulation.”

First, alerts come from a specific LTE channel, so malicious alerts can be sent out once that channel is identified. Second, phones have no way of knowing if an alert is genuine or not. Adding digital signatures to alerts could potentially solve the latter problem, but the task would require device manufacturers, carriers, and government agencies to work together.

Criminal Case Filed Against Hackers For Hacking Koltsovo Airport Database And Stealing Money From Banks


Two residents of the city Yekaterinburg are in custody for stealing money from several bank accounts and hacking into Database of Koltsovo international airport(Yekaterinburg, Russia).

Authorities found out that Cyber criminals Konstantin Melnik and Igor Makovkin created a virus through which they got access to the accounts of Bank customers.

Hackers stole 1.2 billion rubles (about 18 million USD) from their cards. In addition, hackers infected the computers of Yekaterinburg airport "Koltsovo" with malicious programs and got access to the air harbor database. The airport could not say the amount of the company's losses.

It is important to note that the hacker group was called Lurk and consisted of 24 members. Igor is one of the organizers, and Konstantin is his active participant.

The group of hackers successfully worked for five years, as it was difficult to detect the virus. The virus was self-removing and left no traces after gaining access to the accounts.

Specialists of Kaspersky Lab helped to find cyber criminals. They identified the virus in corporate networks with Sberbank's programmers.

According to some sources, the hacker group Lurk probably stole more than 124 million rubles (about 1.9 million USD) from the Bank accounts of members of the Liberal Democratic Party of Russia, holding senior positions in the party.

Pulkovo Airport's air-traffic control system malfunctioned after receiving threatening emails from Hackers



On August 8th, the Air-Traffic control system "Galaxy" in the international airport "Pulkovo" (Saint Petersburg, Russia) is malfunctioned.  The system  controls the movement of aircraft in the area of approach to the airport.

An interesting fact is that the failure occurred not only on the server but also on all the computers in the control room. Suddenly, they were frozen.

At the time of the incident, four Airplane were in the air without control for about ten minutes.

Few days back (August 3rd) before this incident the Airport's Quality Control Department received threatening e-mail.  The Pulkovo airport received these threatening emails at least three times starting from July 30.

The Cyber Criminals demanded 200 Bitcoins (around 89 million rubles/90 million rupees) otherwise they will disrupt the navigation control system.  Employees assume that these threats and system failure have a direct connection.

Law enforcement agencies found that the letters were sent from Switzerland, and the SIM cards to which the addresses are linked are registered on British citizens. Most likely, hackers used fake IP-addresses to mislead the police.  The police said that no one can hack the air navigation system of the airport from external sources.

Could it be a just coincidence that the control system malfunctioned after these threatening letters? or the hackers really behind the attack? It is still unknown. The experts are trying to find the root cause of the failure. Thankfully, there was no damage.

The cyber criminals can be punished with three years imprisonments or can be fined up to 300 thousand rubles.

This is not the first time an Airport receiving threatening letters from cyber criminals.  But, it appears that this is first time a malfunctioning-incident reported after such kind of letters.  It should be noted that Airport "Domodedovo" (Moscow International airport) also received a threatening letter with a demand of several hundred in Bitcoins.  However, there was no incident reported in this case.

Cyber crime goes up by 103.2 percent in UP


Cyber crime has been increasing in Uttar Pradesh, however, the State government seems to have no plan to control it. The number of people arrested on the charges of cyber fraud in 2014 has increased by 103.2 percent comparing to 2013.

A news report published in Times of India (TOI) confirmed that 1,223 computer professionals and hackers were arrested across the state under cyber crime act in 2014, which was more than 103.2% in comparison to 2013. A total of 602 people were arrested in 2013.

TOI published a data of National Crime Record Bureau (NCRB) showed that majority of the people were between 18 to 45 years old. Among them, 15 employees or disgruntled employees and 62 business competitors were also held by police. The statistics revealed that 2013 witnessed a 122.5% jump in cyber offences over 2012.

The NCRB revealed that UP had 18.1% share of cases reported under cyber crime during 2014. Moreover, majority of 898 cases lodged across the state under Section 66 A of IT Act were computer related offences. A total of 1,042 cases were lodged under Sections 66 A to 66 E.

Similarly, it also revealed that 36 cases (under Section 65) were registered on charges of tampering computer source documents. Similarly, 371 cases were reported under Section 67 and 67 A to C on the charges of publication or transmission of obscene/sexually explicit material.

According to the news report, in 2014, cyber crime cases were registered for tampering computer source document, hacking (damage to computer resources utility and hacking cases), obscene/publication/transmission, unauthorized access/attempt to protected computer system, obtaining digital signature by misrepresentation and publishing false digital signature certificate, fraud digital signature and breach of confidentiality and privacy. Under IPC sections, 78 cases of forgery, cheating, data theft, criminal breach of trust and fraud were registered. 

32 people charged in international hacking and insider trading ring

The Securities and Exchange Commission (SEC) of the United States announced on August 11 fraud charges against 32 people, among them two are Ukrainian men, after finding their involvement in an alleged international hacking and insider trading ring.

The SEC issued a press release informing that these people took part in a scheme to profit from stolen nonpublic information about corporate earnings announcements.

“Those charged include two Ukrainian men who allegedly hacked into newswire services to obtain the information and 30 other defendants in and outside the U.S. who allegedly traded on it, generating more than $100 million in illegal profits,” the press release read.

According to the press statement, the complaint against the people was filed under seal on August 10 in U.S. District Court in Newark, N.J.

The crooks used proxy servers to mask their identities and by posing as newswire service employees and customers.  The two allegedly recruited traders with a video showcasing their ability to steal the earnings information before its public release.

“The complaint charges that in return for the information, the traders sometimes paid the hackers a share of their profits, even going so far as to give the hackers access to their brokerage accounts to monitor the trading and ensure that they received the appropriate percentage of the profits,” the statement read.

Similarly, it also charges that the traders sought to conceal their illicit activity by establishing multiple accounts in a variety of names, funneling money to the hackers as supposed payments for construction and building equipment, and trading in products such as contracts for difference (CFDs).                                              

“This international scheme is unprecedented in terms of the scope of the hacking, the number of traders, the number of securities traded and profits generated,” Mary Jo White, Chairperson of the SEC, said in the press release.

 “These hackers and traders are charged with reaping more than $100 million in illicit profits by stealing nonpublic information and trading based on that information. That deception ends today as we have exposed their fraudulent scheme and frozen their assets,” she added.

The SEC charged that Ivan Turchynov and Oleksandr Ieremenko created a secret web-based location to transmit the stolen data to traders in Russia, Ukraine, Malta, Cyprus, France, and three U.S. states, Georgia, New York, and Pennsylvania.

“This cyber hacking scheme is one of the most intricate and sophisticated trading rings that we have ever seen, spanning the globe and involving dozens of individuals and entities,” said Andrew Ceresney, Director of the SEC’s Division of Enforcement.  “Our use of innovative analytical tools to find suspicious trading patterns and expose misconduct demonstrates that no trading scheme is beyond our ability to unwind.”

Housing.com hacked within days of CEO's ouster

Within days of its CEO Rahul Yadav’s exit from the company, the website of Housing.com has been hacked.

The homepage of the website shows a cryptic message, which seems as a call for its co-founder.

The defaced Housing.com home page showed the message: “Yes! We will solve the real estate, but 10X better with The Chief Architect.” The Chief architect here, refers to Yadav who was sacked by the Board of Directors, blaming him for his unfavourable behaviour.

(pc- google images)


The page of the website was filled with the following messages.

Yadav has however denied that he by any means is behind the hacking incident. He denied his involvement on his facebook page by saying that, “I would have DESIGNED it better. ‪#‎NotInvolved ‪#‎LoveYouTechTeam".

J Prasanna, director, Cyber Security and Privacy Foundation, a non-profit organization in Bangalore said that, Housing should get a thorough technical assessment of the website. He added that in a live portal, there are more chances of compromising a lot of data of the consumers.

"In this case, the hackers decided to publish the hacking. What if the hackers don't publish this and the data is sold to competitors or rogue elements? These guys did for publicity, but not everyone would do it for fun.", Time of India quoted Prasanna as saying.

Housing.com’s board released announced Yadav’s release on the 1st of July. The board released a statement that day indicating his ouster from the online realty company.

The press release said, “The board believes his behaviour is not befitting of a CEO and is detrimental to the company, known for its innovative approach to product development, market expansion and brand building.” Yadav, the release said, would “no longer be an employee of Housing and be associated with the company in any manner, going forward”.

An unidentified group stole 400 GB data from Hacking Team


An unidentified group of hackers stole 400 GB worth of confidential data from the Hacking Team, which provides effective, easy-to-use offensive technology to the worldwide law enforcement and intelligence communities.

According to report published on Welivesecurity, the attack started late night on July 6. It is said that the weak passwords might be reason behind the leak.

“Passwords are also contained in the leaked documents, including the login for the company’s official Twitter account which was used by the attackers to publish confidential information. The attackers posted private emails from company employees to Twitter, as well as a link from where anybody can download the 400GB file,” the report read.

The company’s official came to know about the attack only on the next morning. 

Christian Pozzi, a security engineer, on July 7 confirmed by stating that, “We are awake. The people responsible for this will be arrested. We are working with the police at the moment.” 

The researchers have claimed that as the company, which develops surveillance tools, sells such tools to various organizations across the world and that might be the reason behind the hacking.

 J. Prasanna, Founder of Cyber Security & Privacy Foundation, said the Hacking team has been accused of selling software to hack into people for last few years. They seem to have supplied to countries where there are dictatorship regime (where people are targeted by government).

“Maybe an activist group would have hacked into the servers of hacking team,” opined Prasanna.
“Companies can make such tools, but it should be sold responsibly to democratic regime, such activity of monitoring should be subject after a court warrant. It should never be sold to countries which does human rights violations,” he added.

 He added that there was always weak element in security.

“There may have a zero day vulnerabilities which hackers could have used to exploit,” he said. 

Regarding about the impact of the attack, Prasanna said that many countries or governments who dealt and bought this software would get exposed.

“Today, many governments and companies are hungry for information on people/corporations/governments. So they hire hackers or software that does hacking,” Prasanna concluded.

Hackers hacked Polish Airline LOT

The computer system of Polish airline LOT was hacked, about 1,400 passengers were grounded at Warsaw’s Chopin airport.

The system was hacked around 4 pm local time (3pm GMT), used to issue flight plans. After five hours, the specialist came up with a solution.

The  spokesman Adrian Kubicki, of LOT told Reuters reporter that “delays meant 10 national and international flights were canceled, while more than a dozen more were behind schedule.”

With his interview to TVN 24 television, he described the incident as the “first attack of its kind.”

The airline provided seats for some passengers on the other flights, and offered accommodation for those who want to stay overnight.

Kubicki mentioned, “the passengers’ lives were not in danger at any point, and the airport itself was not affected.”

“We’re using state-of-the-art computer systems, so this could potentially be a threat to others in the industry,” he added.

BJP Junagadh website hacked by Pakistani hackers

Local news organizations reports that BJP Junagadh unit's website (bjpjunagadh.org) was hacked and defaced by some unknown hackers.

The hackers who defaced the website posted comments against BJP and RSS. The defacement also contains several images of people burning and standing on the Indian tricolor.

We have referred some defacement-mirror websites, the hack appears to have taken place in February.  It is unclear whether these local reports referring this incident or the website got defaced again today.

According to the defacement-mirror record(hxxp://dark-h.org/deface/id/12604), this website was defaced by a Pakistani hacker going by handle "Sniper haxXx" who is responsible for many Indian websites' hacks.

"As soon as I reached office, our IT cell employees told me that someone has hacked our website http://www.bjpjunagadh.org and uploaded photographs and comments to malign reputation of BJP, RSS and Narendra Modi,"Indian Express quoted In-charge of BJP Junagadh office Raju Jivani as saying.

A complaint has reportedly been lodged against the unknown hacker, police are trying to find the hacker who is responsible for the breach.

Meanwhile, Gujarat Pradesh Congress Committee's President Arjun Modhwadia told reporters that "This is purely an attempt to get votes by playing the communal card ahead of the election"

Pakistani hacker group 'Team MaXiMiZerS' hacks India's Kerala state Government websites

Hundreds of Indian websites including two Kerala state Government websites have been breached by a Pakisani hacker group identifying itself as "'Team MaXiMiZerS"

The affected websites are Cooperative Institute of Management and Technology (cimat.kerala.gov.in) and Kerala Cultural Welfare Development(cwb.kerala.gov.in), Kerala's Kannur University (kannuruniversity.ac.in). 

Other affected sites have been listed here: http://pastebin.com/p0zPbQDC

The defaced websites displayed the message  "What we Ask From India All the time is the only Kashmir , Most of the times we dnt act like that but this is the only way left . Why indian army is killing innocent's in kashmir ?  We Just Ask you these simple Question's and the indian gov got no answer's..... why ?"

"This is the only way left to protest for us. For what you are scared of ? India will loose the beauty of kashmir ? how many muslim brother's being killed on daily basis did u ever thought ? a 16 year's girl raped and killed a boy shot in the head for what ? because they are protesters ?All we ask is just the Answer of these Questions Nothing Personal ...you will pay for these sins one day"

Orange.fr hacked, details of 800,000 customers stolen

Unknown Hackers have breached the website of Telecoms giant Orange and have compromised details of 800k customers from the www.orange.fr.

According to PCINpact, My accounts page of website has been targeted by hackers on January 16.  Hacker have gained access to personal data including names, email IDs, phone numbers, mail addresses and other details.

Orange states claims only personal information have been accessed by hackers, passwords have not been compromised in the Data Breach.  Customers' bank account numbers are stored in separate server which is not impacted by this breach.

Few hours after became aware of the intrusion, the ISP immediately closed the "My Accounts" page to prevent further attack.  The security hole responsible for the breach is said to have been closed.

The company said only 3% of its customers impacted by the breach.  In an email sent to affected customers,  the company warned them that the stolen data can be used by cyber criminals to launch phishing attacks.

The company has filed a complaint about the breach and working with Police.

#Exclusive: Syrian Electronic Army hijacks Microsoft Xbox Instagram and twitter accounts


Just few days after, hacking the official twitter account of Skype, Syrian Electronic Army once again has attacked Microsoft.  Today, they have hijacked the Official Twitter and Instagram accounts.

It appears @xbox and @xboxsupport twitter have been compromised in the attack.  The group managed to post usual post from Xbosupport account saying "Syrian Electronic Army was here".

At the time of writing, Microsoft regained the access to both Twitter and Instagram accounts.

It is still unknown how hackers managed to compromise these accounts.  I believe they have used their usual social engineering attack.

We are trying to reach the group for further statement. We will update if get any interesting info.

*Exclusive -Update:
One of the member of SEA group told E Hacking News that they have compromised the info by sending an email containing malware file to Microsoft's staff.

Hackers told us that "another hack will come soon with publishing the documents of monitoring email accounts by Microsoft".

*Update:
Microsoft News twitter account also have been hijacked by Syrian Electronic army, read the full update here.

More screen shots:




Albania, Bulgaria government website hacked by TeslaTeam

TeslaTeam, one of the infamous hacker group from Serbia, has hacked into the Government websites belong to Albania and Bulgaria.


Bashkia Librazhd website of Albania( www.bashkialibrazhd.gov.al) has been defaced the group with a simple text saying "Hacked by teslateam".


Hackers discovered a SQL Injection vulnerability in the government.bg, a website that provides biographical information about the Prime Minister and Ministers, programs, priorities, Press and links to various ministries.

The group has managed to exploit the vulnerability and extracted login credentials from the database server belong to government.bg.

The leak(pastebin.com/GA8ivuV9) contains user IDs and hashed passwords that includes the credentials of admin account.

The group also discovered a SQL Injection vulnerability in the "University of Cambridge" subdomain(buffalo.niees.group.cam.ac.uk) .