Virus threat hit Israeli Foreign Ministry computers

Cyber attacks on websites run by government have very common and in nearly every country many such incidents are reported every now and then. These attacks are the proof of the increasing audacity of the hackers worldwide and their expertise in gaining confidential information from government channels. This is the reason why most government agencies today are concerned more about this new form of attack rather than the conventional ones as hackers can do much more than just breaking into some servers or user accounts. Hackers today love to exploit the smallest of weaknesses in the security setup and flaunt their acts as achievements on the internet and given the speed with which such news spreads on the internet, it soon becomes a national embarrassment for the concerned government.

Virus threat hit Israeli Foreign Ministry computers

Virus threat hit Israeli Foreign Ministry computers

In the latest incident, a number of the offices of the Israel Government have become victims of a cyber attack in the past week when an attack which aimed at slipping a Trojan horse into the servers of some ministries. The Trojan horse was supposedly sent as an attachment to emails which bear the name of the Israel Defence Forces Chief of Staff Benny Gantz in the subject line. After learning of the threat, the Israeli Police pulled the national computer network from the public internet for fear of a cyber attack. A senior government official later commented that the incident was being investigated and it is quite possible that it is an isolated incident.

Sources who have gained access to the internal communications of the Foreign Ministry’s defence department have claimed that the communication mentions the appearance of unusual e-mails in the various embassies and delegations etc. during the past week. Most of those emails either contain a mention of the IDF Chief Benny Gantz or are sent from an address bearing his name. The content portion of the emails consists of statements made by politicians and some emails consisted of facebook friend requests and some links to Gant’s website. A lot of such emails were sent on Wednesday to various departments and embassies in the country and abroad also but were rejected this time by an automated system, which declared them as offensive with possibility of containing Trojans or viruses and also warned that they could be activated upon opening and could damage the central computer system.

To curb this problem effectively, the Foreign Ministry issued warnings to employees about using emails and facebook accounts and cautioned them that the malicious content could reach them through emails or facebook and that they should report any suspicious email or activity to the defence department.

It is believed that the Israel police had received an intelligence tip concerning the possible cyber attack and had information that a virus could be inserted using a USB drive or CD into the central computer system of the police.

The intelligence update did not mention anything about the identity of the culprits responsible for the attack. Moreover, it could not be confirmed whether the attack was made on a few systems or the complete networks and whether any system had been hacked actually. However, Israel government will have to be alert and cautious regarding this cyber threat during the coming days.

About these ads

Hacker leaks source code of NASA website

Hacker leaks source code of NASA website belongs to US Government computer

A hacker who calls himself LegitHacker97 has made a claim that he has hacked one of the sub domains of the website of the National Aeronautics and Space Organisation (NASA), which actually belongs to a computer of the U.S. Government. This is  the most recent in a long list of such incidents where hackers have broken into many important government websites to steal information or to reveal the vulnerabilities that are there and this is not the first time that the NASA website has been hacked or somebody has exposed the security weaknesses of the space organisation. In fact it has been officially been confirmed by NASA officials that their website was hacked 13 times in the last year so this hack should come as no surprise.

Hacker leaks source code of NASA website belongs to US Government computer

Hacker leaks source code of NASA website belongs to US Government computer

The hacker has pasted a compressed archive file of 82.52 MB on the net five days ago, which includes the complete coding of  the website in ASP. After downloading the file from the link posted by the hacker, it was found that the files included in the dump were the same that belonged to the NASA sub domain website https://nsckn.nasa.gov and the same address has been mentioned by the hacker. This leaves one to speculate how a hacker got entry into a sub domain that can be accessed only by authorised users.

Actually the domain https://nsckn.nasa.gov belongs to the NASA’s NSC Know Now centre which contains the information and access to the aerospace contractor community technical documentation related to the Space Launch System (SLS). To get the login, a contractor has to contact the designated official and create a profile. After creation of the profile, the contractor has to submit proof to the designated official that it is a U.S. based company and attach an affidavit for the same after which the access is provided as soon as possible by the designated officer Joseph McCollister.
 
When enquired about the way the hacker got access to the site, the hacker mentioned that he exploited the Local File Inclusion vulnerability in the site and gained access by uploading the backdoor to the site. Local File Inclusion vulnerabilities are commonly exploited by the hackers to gain access to such websites as these vulnerabilities allow hackers to add files of their own to the website server.

This means that hacker gained access by first establishing rapport with the designated officer of the NSC Know Now centre which helped in creating the profile. After which the hacker exploited the vulnerability and accessed the server which means that the hacker used social engineering to gain the trust of the officials. This is quite possible since a human error is practically irreparable and no cure is available for a little carelessness  and it can become the weakest link in the security. However,  the officials at NASA will have to make sure that such acts of fallacy in reasoning are not repeated and NASA will have to review its online security setup  so that hackers are not allowed to gain access. This is because it is always a source of concern if government sites are blatantly hacked every now and then.

Anonymous hacks 20 million accounts

Anonymous hacks 20 million accounts to promote Operation Jubilee

Anonymous, the famous hacktivist group which has been planning and executing incidents for nearly a decade now with their philosophy of being the change in the world whist staying anonymous is up and roaring once again as the group who has been involved in several cyber attacks in the past few days. The Anonymous has recently claimed to have hacked over 20 million user accounts this year and have done this to promote their large scale project called the Operation Jubilee. The hacking of these accounts, they say, was done to gain access to contact information so as to gather more and more support for the Operation Jubilee. The hackers attacked large community web sites to achieve their objectives and gained user account information while the web administrators kept stating that no data had been stolen from their websites while they having been hacking their sites for nearly a year or so. This is the most recent in the series of attacks Anonymous has executed in connection with their Operation Jubilee which has received great public attention after some recent incidents carried out by the Anonymous.

Operation Jubilee is supposedly one of the biggest and ambitious projects of the Anonymous and they plan to execute it on the 5th November, 2012. It is a massive public gathering organised by the group who will protest outside the Parliament Building in London. The objective of the Operation Jubilee is to end the economic crisis and to bring an end to all debt, wars and poverty. This is based on the realisation of the potential that a congregation of people possesses in order to bring the much required change in the world. The most recent incident in the Operation Jubilee was when the Anonymous hacked and defaced the UK Police forums and sent out emails to the police officers urging them to join the operation Jubilee and help as they were also one of the general public beneath their uniforms.

This has lead to intense speculation about the exact nature of the protests that are going to be part of the Operation Jubilee as the public opinion varies in this regard. While some take it to be a genuine endeavour on part of the group, while some have commented that it will be nothing but another riot planned by the Anonymous. To clear such apprehensions, the hackers have sent millions of emails to people and police officers in which they have stated the Rules Of Engagement if they join Operation Jubilee. Notably, the hackers have mentioned that the protesters will confiscate any weapons possessed either by the public or the police and will execute a citizen’s arrest if a situation of violence arises as they want the protests to be peaceful and will subdue anybody who turns violent. Well, given the unsatisfactory success of their earlier protests in Greece etc. it seems to be a good move but the success of the operation will be judged only on the 5th November, 2012.
 
Furthermore, considering the nature of Anonymous and their association with hack attacks and protests, it becomes difficult to assess the outcome of Operation Jubilee at present and whether it will succeed in being a peaceful gathering or not.

Hackers stole Credit Card details from 63 ‘Barnes & Noble’ stores

Barnes and Nobles, the biggest book store chain in North America, has become the target of a cyber attack and is the most recent retail chain giant to be attacked by cyber criminals. Although it is not the first time that  a  retail chain has been targeted  by cyber thieves, it is the first time for Barnes and Nobles. Retail chains are usually lucrative targets for hackers and cyber criminals as they offer ample opportunity to steal credit or debit card information and access codes for the same which is why the frequency of such incidents has gone up in the recent times.

Hackers stole Credit Card details from 63 'Barnes & Noble' stores

Hackers stole Credit Card details from 63 ‘Barnes & Noble’ stores

In the most recent of such incidents, hackers stole credit card and debit card details from about 63 of the Barnes and Nobles stores in Chicago, San Diego, and New York City, and California where nearly 20 stores were attacked. The thieves hacked into the keypads of the payment devices used in these stores so as to gain confidential credit or debit card information and the Personal Identification Number (PIN) codes for these payment cards. This means that the PIN numbers and account numbers of customers who swiped their cards at the compromised machines are at high risk of being misused by the thieves. Upon detailed enquiry, it was found that only one payment device in each of the 63 stores was affected and it was stated that only 1% of the total machinery was found to be affected. However, the company disconnected all of its payment pads in about 7000 stores all over the country when they learned of the security breach. The cashiers at the stores are using the payment machines which are directly linked to the cash registers for electronic payment as it is a secure option given the present situation.
 
Moreover, the Barnes and Nobles management has advised their patrons to check their bank accounts and card statements for any unapproved transactions and has urged them to be alert. The chain has denied the involvement of any Barnes and Nobles employee in the security breach. The company said that they were cooperating with banks, credit card brands, and investigating authorities so as to prevent any further untoward happening. It was also stated that they had caught wind of the breach on September 14 this year and had used caution since then and believe things are under control now and customers can use their payment cards without any apprehensions about safe transactions and that their customer database was fully secure and unaffected.

Experts have stated that this appears to be a case of organised crime and that Barnes and Nobles could not have done anything that could have averted the incident. The other good thing is that none of the mobile apps of Barnes and Nobles were affected and transactions made through Nook were also unaffected. Although the management at Barnes and Nobles has denied any such happening, but it has been reported that some unwanted transactions have resulted because of this breach. It is shocking how these incidents are on the rise and this incident is sure to affect the customer confidence and reputation of Barnes and Nobles for sure.

Anonymous deface UK Police forum and Dating Portal

Anonymous is the famous hacking group who call themselves as hacktivists, and are responsible for many anarchic acts since their inception in 2003. They have in fact gained so much clout that they were named by the TIME magazine as one of the most influential groups in the world. This congregation which has no leadership or organisational structure has time and again been involved in activities that are a source of concern for many corporate and government agencies but are supported by a huge number of followers who believe in their modus operandi to bring change.

Anonymous deface UK Police forum and Dating Portal

Anonymous deface UK Police forum and Dating Portal

Anonymous is once again in the news for their latest act of internet vandalism in which the obscure and notoriously elusive group has defaced the website of UK Police (www.ukpoliceonline.co.uk) and their dating portal as well.  In addition, they also stole the private e mail addresses of many of the members of the police force. The incident is being investigated by the e-crime unit of UK Metropolitan Police who have said that no computer has been hacked as such in this attack. The hack was declared by posting the mirror URL of the defaced UK police site on an anonymous twitter account OpJubilee which is the handle for their newest project, called the Operation Jubilee and this hack was committed as a part of operation jubilee.

Operation Jubilee is an upcoming project or incident planned by the Anonymous and it will consist of a large rally towards the UK Parliament. It is scheduled to take place on the 5th November, 2012 and is supposedly a peaceful protest outside the Parliament. The tagline of the Operation Jubilee is : Rally millions to Parliament, London November 5, 2012 Cancel All Debt Stop War Redistribute the Land Eliminate Poverty. To send out a message to the UK Police, the hackers also posted two YouTube Videos of the Operation Jubilee on the defaced site. They also sent emails to former police officers whose details they gained during the hack and the subject line was “A message to the police and armed forces”.

The message which was posted by the hackers called for the recipients to stand with them and not against them. It mentions that under the uniform, the police officers are one of them and if we stand united, we can change the world and make it a better place for all. The message also mentions that we are not against you, or the evil system that you are defending, contains an appeal to their consciences to stop protecting traitors and banksters and to protect the people from them instead. They ended the message by stating that they were Brothers in arms and to join them to end wars and poverty, the last line being “United we stand”.
Well, it seems that Anonymous has made their intentions pretty clear and it is not the first time that they have tampered with the website of a government agency. It seems that the Operation Jubilee is quite important for the group but it will be interesting to see the response of UK Police and the general public to the Operation Jubilee.

Sony PlayStation 3 hacked

New reports claim Sony’s PlayStation 3 (PS3) has been hacked again with custom firmware

 Hackers are becoming almost ubiquitous nowadays and no platform is safe from cyber attacks any more.  Sony’s PlayStation 3 (PS 3) has come under fire once again after it was hacked recently and all the critical security information was leaked online by a hacking group. This has created ripples in the online world as it exposes all security encryptions written for PS 3 online which means that gamers can easily use pirated games and play them since no encryption is active any more. However, this is not the first time such an incident has occurred and PlayStation is not new to being hacked.

Sony PlayStation 3 hacked

Sony PlayStation 3 hacked

PlayStation 3 was hacked earlier in the year 2011 when PS Jailbreak was introduced in the market and the USB protocols were exploited so that users could run copied software. After which another hacking group named failedoverflow further exploited the security encryption of PS3 to let the users edit the existing encryption and add their own encryptions to the system. Then came the Geohot incident where a hacker named George Hortz publicly released the metldr which was a further blow to the security systems of PlayStation 3 and this incident revealed in full public view the incapability of Sony to deal with security fallacies in their console. The faliedoverflow episode had in fact undermined the security measures in PlayStation 3 to a large extent which they had claimed as a retort for the removing of Linux compatible features from the OS of the console. Moreover, only those who had upgraded their firmware were safe from privacy and security loopholes.

In the most recent incident, a group of hackers calling themselves The Three Musketeers have released custom firmware that allows the compromised consoles to log on to the PlayStation Network and released software keys that allow them to circumvent future security features. This is because the recently released firmware contains the encryption protocols for the current PlayStation Network security system as the hackers released the Lv0 or Level 0 security decryption codes which allow users to bypass the security setup and escape security updates in the future. This means that even if Sony develops and adds new firmware, it will not be sufficient as the Level 0 codes have been made public. This will necessitate the release of a new console by Sony if they really want to curb this issue.

The hacking group The Three Musketeers made a shocking revelation that they had hacked the Lv0 codes quite a while back and were reluctant to release them. However, when reports started surfacing that a Chinese hacking group BlueDiskCFW had planned to make profit by selling the custom firmware keys, they decided to take action as they did not want anyone to make profit out of their discovery. They also mentioned that the hacking scene was replete with riffraff and anybody was releasing anything they wanted just for fame and to create unnecessary buzz on the internet. However, the important thing will be whether the new version of firmware to be released by Sony is up to the mark or not.