Search This Blog

Showing posts with label Turkish hacker. Show all posts

Bangladesh Air Force Career website's database hacked by @1923Turkz

*Update*:  @1923Turkz is fake claimer.  Sorry for this article.  Anyway, This article will be reference for his fake claim.

A hacker has managed to gain access to the database server of the official career website of Bangladesh Air Force and leaked the accounts' login credentials.

 "Joinbangladeshairforce.mil.bd", serves as a portal for applying for Air Force, is reportedly breached by the hacker using the online name @1923Turkz.  The SQL injection vulnerability in the website gave him the opportunity to break in.

The database breach was announced in his twitter account along with the link to the accounts leak.

The leak include login credentials of 19 accounts that contains the email addresses that ends with 'army.mil.bd' and encrypted passwords.

Although the passwords are encrypted , it won't take much time for someone to crack the hash.  We have analyzed the leaked passwords and found most of the passwords are very weak passwords.

A simple google search reveals the decrypted passwords.  We just like to point out one of the worst password used : "password".  We recommend the Bangaldesh government to immediately fix the vulnerability and urge users to change their password.

Swami Ramdev official site hacked by Turkish Hacker CyberDead



The official website of Swami Ramdev(divyayoga.com) has been breached by Turkish Hacker CyberDead and defaced with a message "We Will Be Your Curse On Cyber World !"

The hack was occurred on last Saturday(December 8) . The site has been restored at the time of writing and working properly. The defacement mirror can be found here:
http://www.zone-h.org/mirror/id/18716200

The hacker also has defaced one of the subdomain yoggram.divyayoga.com. The mirror for this defacement can be found here:

http://www.zone-h.org/mirror/id/18716202

The hacker also hacked more number of websites and defaced them.