Millions of email accounts, passwords stolen by hackers

The passwords and other details of 16 million email users in Germany have been stolen, the country’s security agency has revealed.

Millions of email accounts, passwords stolen by hackers

Millions of email accounts, passwords stolen by hackers

Researchers and prosecutors stumbled upon the hacked accounts while conducting research on a botnet, a network of computers infected with malware.

Germany’s Federal Office for Information Security (BSI) has created a website to help people find out whether or not their e-mail was among those hacked. The site temporarily crashed on Tuesday due to heavy traffic. Users who submit their email address to the website will be sent an message if their account has been compromised.

“If that happens, then your computer is most likely infected with malware,” Tim Griese, with the Federal Office for Information Security, told the news agency DPA.

Authorities have not released information on who stole the e-mail accounts.

About these ads

FBI warns that Anonymous has hacked US government sites for a year

Activist hackers linked to the collective known as Anonymous have secretly accessed U.S. government computers in multiple agencies and stolen sensitive information in a campaign that began almost a year ago, the FBI warned this week.

The hackers exploited a flaw in Adobe Systems Inc’s software to launch a rash of electronic break-ins that began last December, then left “back doors” to return to many of the machines as recently as last month, the Federal Bureau of Investigation said in a memo seen by Reuters.

FBI Warns Anonymous

FBI Warns Anonymous

The memo, distributed on Thursday, described the attacks as “a widespread problem that should be addressed.” It said the breach affected the U.S. Army, Department of Energy, Department of Health and Human Services, and perhaps many more agencies.

Investigators are still gathering information on the scope of the cyber campaign, which the authorities believe is continuing. The FBI document tells system administrators what to look for to determine if their systems are compromised.

An FBI spokeswoman declined to elaborate.

According to an internal email from Energy Secretary Ernest Moniz’ chief of staff, Kevin Knobloch, the stolen data included personal information on at least 104,000 employees, contractors, family members and others associated with the Department of Energy, along with information on almost 2,0000 bank accounts.

The email, dated October 11, said officials were “very concerned” that loss of the banking information could lead to thieving attempts.

Officials said the hacking was linked to the case of Lauri Love, a British resident indicted on October 28 for allegedly hacking into computers at the Department of Energy, Army, Department of Health and Human Services, the U.S. Sentencing Commission and elsewhere.

Investigators believe the attacks began when Love and others took advantage of a security flaw in Adobe’s ColdFusion software, which is used to build websites.

Adobe spokeswoman Heather Edell said she was not familiar with the FBI report. She added that the company has found that the majority of attacks involving its software have exploited programs that were not updated with the latest security patches.

The Anonymous group is an amorphous collective that conducts multiple hacking campaigns at any time, some with a few participants and some with hundreds. In the past, its members have disrupted eBay’s Inc PayPal after it stopped processing donations to the anti-secrecy site Wikileaks. Anonymous has also launched technically more sophisticated attacks against Sony Corp and security firm HBGary Federal.

Some of the breaches and pilfered data in the latest campaign had previously been publicized by people who identify with Anonymous, as part of what the group dubbed “Operation Last Resort.”

Among other things, the campaigners said the operation was in retaliation for overzealous prosecution of hackers, including the lengthy penalties sought for Aaron Swartz, a well-known computer programmer and Internet activist who killed himself before a trial over charges that he illegally downloaded academic journal articles from a digital library known as JSTOR.

Despite the earlier disclosures, “the majority of the intrusions have not yet been made publicly known,” the FBI wrote. “It is unknown exactly how many systems have been compromised, but it is a widespread problem that should be addressed.”

12-year-old boy admits to hacking government sites for Anonymous

  • The boy, from Montreal, Canada, gained access to multiple sites, including that of the Chilean government, and ‘bombarded them with requests to consume so much of its resources that they become unusable’, court was told

  • He was working for hacking group Anonymous during the Quebec student uprising of 2012

  • Lawyers say the boy was not politically motivated but saw it ‘as a challenge’

  • He also taught others how to hack

A 12-year-old Canadian boy has pleaded guilty to hacking government and police websites during the 2012 student uprising in Quebec under affiliation with the Anonymous brand of hacktivists.

According to the Toronto Sun, the fifth grader, who lives in the Montreal suburb of Notre-Dame-de-Grâce, appeared in youth court on Thursday, accompanied by his father.

12 year old anonymous

12 year old anonymous

The boy pleaded guilty to three charges related to hacking websites that included those of Montreal police, the Quebec Institute of Public Health, the Chilean government and some non-public sites.

The attacks took some of the sites offline for up to two days, at what police estimated as a cost of $60,000 in damages. A more detailed report will be handed over next month when the boy is sentenced, according to the Toronto Sun.

The student uprising of spring 2012, which lasted into that fall, was sparked by outrage at a proposed tuition hike and spiraled into a have v. have-nots version of Occupy Wall Street, marked by the use of Molotov cocktails on one occasion, police use of rubber bullets and tear gas, and serious injuries to both police and protesters.

Be that as it may, the boy’s lawyer told the court that the 12-year-old’s actions in hacking the sites weren’t politically motivated:

He saw it as a challenge, he was only 12 years old. … There was no political purpose.

The paper reports that the young hacker has been involved with computers since he was 9.

The court was told that the targeted sites suffered three types of attack:

  • Distributed denial of service (DDoS) attack: An attack wherein the aggressors bombard a target with requests designed to consume so much of its resources that it becomes unusable.
  • Defacement of pages. See Pastebin for a message posted on the Montreal police’s website in French and English.
  • Exploiting security holes in order to access database servers.

Others have reportedly been arrested for the attacks, but it was the boy who opened the door to enable them, the court was told.

The young hacker reportedly managed to get at personal information belonging to the sites’ users and administrators.

According to the Toronto Sun, he traded the pirated information to Anonymous in exchange for video games.

He also taught others how to hack, police experts told the court, though he reportedly warned them against going overboard, lest they get caught.

The Toronto Sun says that the court heard testimony from somebody who said that the tween put it this way:

It's easy to hack but do not go there too much, they will track you down.

I guess he went there too much, because they certainly did track him down.

Is he the youngest hacker ever to be caught?

Mafiaboy – the Canadian hacker who DOS’ed Yahoo, eBay and E*TRADE wound up in jail at the tender age of 15.

Canada: they grow more than maple trees up there!

Michael Calce – Mafiaboy’s real name – would go on to write in his book – “Mafiaboy: A Portrait of the Hacker as a Young Man” – that the attacks he unleashed in 2000 were “illegal, reckless and, in many ways, simply stupid.”

He wrote:

At the time, I didn't realize the consequences of what I was doing.

Calce wound up pleading guilty to 56 counts stemming from hacking and attacking the sites and was sentenced to eight months in “open custody” at a rehabilitation home for youths, with another year spent on probation.

Parents, are your kids extremely talented with computers?

What are you doing to ensure they’re chatting rather than DDoSing? Programming for good instead of draining databases like some kind of cyber Dracula?

Please feel free to share with us how, exactly, you’re managing to rein in technical talent so you and your child stay out of court.

Colombian Government Website Hacked in Support of Boyaca Protests

Hundreds of thousands of farmers from eleven of Colombia’s departments are protesting these days against the government. The protesters are unhappy that the government has failed to help the farming and agricultural sector.

Colombian Government Website Hacked

Colombian Government Website Hacked

Hacktivists of the Anonymous movement have joined the protests in Boyaca, which, according to the BBC, is one of the most affected provinces. They’ve hacked and defaced the official website of Santander’s General Comptroller of North Department (contraloriands.gov.co).

On the defacement page, the hackers wrote the following message: “President Santos is lying! Boyaca is in crisis, these are it’s leaders orders.”

The message is accompanied by several videos and a link that points to an article regarding the human rights violations in Boyaca.

At the time of writing, the website still hosts the defacement page added by the hackers.

Second LulzSec hacker sentenced

Second Member of Hacking Group Sentenced to More Than a Year in Prison for Stealing Customer Information from Sony Pictures Computers

LOS ANGELES—A member of the LulzSec hacking group was sentenced this morning to one year and one day in federal prison for participating in an extensive computer attack that compromised the computer systems of Sony Pictures Entertainment and resulted in personal information of more than 138,000 people being posted on the Internet.

LulzSec Hacker Jailed

LulzSec Hacker Jailed

Raynaldo Rivera, age 21, known by the online moniker “neuron,” of Chandler, Arizona, was sentenced by United States District Judge John A. Kronstadt. In addition to the prison sentence, Judge Kronstadt ordered Rivera to serve 13 months of home detention, to perform 1,000 hours of community service and to pay $605,663 in restitution.

Rivera pleaded guilty last October to conspiring to cause damage to a protected computer after participating in the attack on Sony Pictures in 2011.

Lulzsec’s goal in the attacks on Sony Pictures and other corporate and government entities, according to a court document, was to see the “raw, uninterrupted, chaotic thrill of entertainment and anarchy” and to provide stolen personal information “so that equally evil people can entertain us with what they do with it.”

Another member of LulzSec, Cody Andrew Kretsinger, who used the online moniker “recursion,” was sentenced in April to one year and one day in federal prison. In addition to the prison term, Judge Kronstadt ordered Kretsinger to serve one year of home detention following the completion of his prison sentence, to perform 1,000 hours of community service, and to pay $605,663 in restitution.

Rivera and Kretsinger studied together at the University of Advancing Technology in Tempe, Arizona. Kretsinger first joined LulzSec, and then he recruited Rivera to join the group, prosecutors said.

Rivera, Kretsinger and others involved in the intrusion obtained confidential information from Sony Pictures’ computer systems by using an SQL injection attack against Sony Pictures’ website. The attackers distributed the stolen data on the Internet, information that included names, addresses, phone numbers, and e-mail addresses for tens of thousands of Sony customers.

LulzSec is known for its affiliation with Anonymous, which is a loose collective of computer hackers and others around the world who conduct cyber attacks and disseminate confidential information stolen from victims’ computers. In 2011, LulzSec engaged in “a two-month rampage of cyber attacks against various corporate and government entities in the United States and the United Kingdom,” according to a sentence memorandum filed by prosecutors.

This investigation into the attack on Sony Pictures’ computer systems was conducted by the Electronic Crimes Task Force (ECTF) in Los Angeles. The ECTF is composed of agents and officers from the FBI, the United States Secret Service, the Los Angeles Police Department, the Los Angeles County Sheriff’s Department, the United States Attorney’s Office, the Los Angeles County District Attorney’s Office, and the California Highway Patrol.

Facebook server outage makes everyone freak out

STAND down. Facebook appears to be back online after a few minutes of a server-wide outage. Everyone can stop losing their minds.

Facebook appeared to be down for many users in the past hour or so with many taking to Twitter to complain that they could not access the site. When YourGadgetGuide tried to access Facebook from the UK 30 minutes ago the servers did not appear to be responding although in the last few minutes it has come back online. Service monitoring site DownRightNow reported that many of its users had reported Facebook as being offline although it is unclear what caused the problem. Facebook later explained that the site outage was due to some work they were doing on the site’s DNS servers.

Facebook server down

Facebook server down freaks out All

It said, “Earlier today we made a change to our DNS infrastructure and that change resulted in some people being temporarily unable to reach the site. We detected and resolved the issue quickly, and we are now back to 100 percent. We apologize for any inconvenience.” Earlier today at around 5pm Eastern Google was also suffering with reports of a GMail being down in the US, the UK and Brazil. were reported in the U.S., as well as Great Britain and Brazil. The email service returned after about an hour, “We’re investigating reports of an issue with Google Mail. We will provide more information shortly”, Google said on the Google Apps Dashboard.

Some dates when Facebook was actually down

On September 23, 2010, Facebook was showing DNS failure when you tried to reach their site. This seemed to be the case for most visitors.

Other general comments from our users about Facebook

  • Facebook can be down or working at various times throughout the day due to server problems, over activity, site problems, bugs, etc.
  • However, it should be pointed out that the servers of Facebook are rarely down and they last about 2 minutes (at most) when they are. If the servers are down, they forward you to a page telling you to come back later; when they maintain the site, they do it account by account, so the homepage is always working.
  • A good Internet connection is necessary to load the page, so if you can’t access Facebook, check that there is nothing else using the Internet on your IP address. If it is always slow, contact your service provider.
  • Sometimes Facebook doesn’t load due to the amount of cookies on your computer. If you have Vista, click Tools, delete browsing history and then delete all.

Messages posted online, apparently linked to hacking group Anonymous, have claimed responsibility for attacking the site, but these have since been debunked. That didn’t stop people from speculating that the outage was orchestrated by Anonymous in response to Facebook’s involvement in the US National Security Administration data-mining scandal.