Monday, 11 March 2013

Old habits seem to die hard for a hacker

 Old habits seem to die hard for a hacker, a cyber criminal who masterminded a £15 million fraud was allowed to join a prison IT class and hacked into the jail’s computer system.

Nicholas Webber, serving five years in prison for running an internet crime forum Ghost Market, Which allowed those interested in creating computer viruses, partaking of stolen IDs and enjoying private credit card data to congregate. Webber had been arrested for using fraudulent credit card details to pay for a penthouse suite at the Hilton Hotel in Park Lane, Central London.

The incident occurred back in 2011, but it only came to light recently "At the time of this incident in 2011 the educational computer system at HMP Isis was a closed network. No access to personal information or wider access to the internet or other prison systems would have been possible," A spokesman fοr prison tοƖԁ the Daily Mail reported.

 His IT teacher, Michael Fox ,who was employed by Kensington and Chelsea College has now brought a claim for unfair dismissal, saying that it wasn't his fault that Webber ended up in his class. Fox also says he had no idea Webber was a hacker. While the college cleared Fox of committing security breaches, he was made redundant when no alternative work could be found for him.

The hack at the prison triggered a security scare during a lesson but it was not immediately clear what information he managed to access.

176 Russia website hacked in 3 days


After hacking 84 Russian websites, the hacker SiR Abdou come with more hacked sites.  Yesterday, he defaced 42 website and today he hacked 50 more websites.  This comes to a total of 176 Russian websites within three days. The hacker claims this penetration is to support the prisoners on hunger strike since months in Israeli jails for up their appeal to the whole world and deliver their message. " Freedom for Prisoners of Palestinians on hunger strike in Israeli jails.  God willing, up call to the world to support the prisoners in the battle of the intestines empty waging against the Israeli jailer." The defacement message reads.

Hackers infect Pentagon admin by exploiting XSS vulnerability

Recently, Ethical Hackers News received a news report from Tunisian Cyber Army and Al Qaida Electronic Army in which the hackers claimed to have infected the Pentagon administrator, as part of their on going operation called "#opBlackSummer". The attack was happened after hackers identified a reflected cross site scripting(XSS) vulnerability in one of the sub domain of Pentagon (g1arng.army.pentagon.mil). The hacker managed to exploit this vulnerability for sending malicious payload to the admin of Pentagon. Hackers claims that they got success in infecting them. Hackers said they compromised  some important file and steal cookies from the pentagon mail. The security breach was done with collaboration with Chinese hackers.
 At the time of writing, the vulnerability is not fixed. If the TCA claim is true, then this one will be the best example that demonstrate the severity of simple reflected xss. In another mail, the team said the have hacked the state.gov with SQL injection vulnerability.

Australia Central Bank infected by virus developed in China

The Reserve Bank of Australia has been infected by a piece of malicious software that allegedly developed in China, Reuters report says. The bank was targeted by a suspicious emails purporting to be send from a senior bank staff member regarding "Strategic Planning FY2012 on November, 2011, according to Documents released by RBA. The cyber criminals embedded a link to virus payload instead of attaching the malware in the email. The link leads to a zip file that contains a Trojan , the antivirus used by the Bank fails to detect this malware. To Bypass the existing security controls, the cybercrimanl included a legitimate signature, plausible subject &content and had no attachments in the email. "It was also found that six users had clicked on malicious link , potentially compromising their workstations". the report noted.

The Bank said the affected PCs didn't have local admin rights, this prevented the virus from spreading around the network.  Bank spokesperson told Reuters that nothing was stolen.

LinkedIn Security Breach Lawsuit Dismissed

Northern California U.S. District Judge Edward Davila has dismissed a class action lawsuit that was filed against LinkedIn in response to last June's security breach.

"Davila ruled that two premium-account holders had been unable to demonstrate they suffered any actual harm as a result of the 2012 hack, which resulted in the online exposure of 6.5 million password hashes. ... Katie Szpyrka of Illinois and Khalilah Wright of Virginia sued within days of the breach becoming public knowledge in June 2012, alleging that LinkedIn failed to stick by a promise on security outlined in its privacy policy," writes The Register's John Leyden.

"In oral arguments, the plaintiffs' counsel asserted that the lawsuit is primarily based on an alleged breach of contract, but for such a claim to stand, the defendants needed to specify damages resulting from this alleged breach of contract,'" writes Computerworld's Lucian Constantin. "The injury claimed by the plaintiffs occurred before the alleged breach of contract, at the time when the parties first entered into the contract, the judge said. Therefore the economic loss they claim cannot be the 'resulting damages' from an alleged breach of contract, he said."

"The judge also noted that the two plaintiffs admitted they never read the privacy policy to know whether or not the company had misrepresented its security offering," writes Threatpost's Anne Saita.

Operation Green Rights -- Anonymous Hackers

As part of Operation Green Rights, Anonymous hackers recently published data stolen from South Africa's Anglo American Platinum Limited, which produces approximately 38 percent of the world's annual supply of platinum.

In a statement, the hackers noted that, along with several other offenses, "In late October, 2012, security forces opened fire on mineworkers using rubber bullets. South African Miners have been striking since September 2012, and many of them have been injured and killed."

"Anglo American, you destroy nature and pursue and kill indigenous people," the hackers wrote. "In the name of tribal leaders, whom you have offended, and the natives you have deported, in the name of the miners killed during a strike against your dirty company, in the name of nature that you consider as a source of gain: We curse you!"