HACKS, HACKERS AND HACKING

Hacks, hackers and hacking is dedicated to all hackers both white hat and black hat. Ok and grey hat hackers too. It also teaches the basics of hacking, discusses hacks of the past and informs on hacks of the present. It alerts the hacking community to current hacks and drives awareness to the best hacking tools needed to hack a target. It gateway to viruses, trojans, malware, root kits, phishing ware, spoofing tools, password sniffers, and all other forms of malicious ware exploits.

Wednesday, November 25, 2015

RANSOMWARE

2015 WAS THE YEAR OF RANSOMWARE

Computers and ICT networks are prone to electronic failure but with the expert help of ICT professionals, network up-time can almost be guaranteed to 99.98 percent. However, for the past decade computer and network redundancy and global replication services, ISP's and corporate networks have been under attack from, Heuristic Computer Viruses, Worms, Malware, Spyware, Trojan/backdoors, Adware, Rootkits, Scareware, Keyloggers, and the worst of all Ransomware attacks that appear to be more personal. Not to mention the physical threats by hackers, making the jobs of network security personal more intense and challenging. Costing companies huge additional and unnecessary expenses globally.

It is predicted that Ransomware is going to be the greatest emerging security risk in 2016 and the general consensus is that 2015 has been the year of Ransomware. The purpose behind all intrusion software is to disrupt, create chaos, steal data and extort money. The reasons, avarice, sadism, vindictiveness, arrogance, aggression, envy, anger, bitterness, jealousy, hate, narrow-mindedness and plain unadulterated evil. Can you even imagine a cracker hacking your computer system stealing your personal information as well as take over your computer holding it ransom until you make their specified payment and endure the uncertainty whether or not thy will release you computer once payment is made.

Globally security experts are doing the utmost to reverse engineer Ransonware software in an attempt to put a stop to this thievery.
Surprisingly there are number of them amongst which are TeslaCrypt, Alpha Crypt, CryptoFortress, Chimera , CryptoWall, Ransomware infection, MBR Ransomware (MBR stands for Master Boot Record), CryptoLocker and the worst of all CTB Ransomware (CTB atands for Curve-Tor-Bitcoin). Crowti (aka Cryptowall) and Tescrypt (aka Teslacrypt) are two Ransomware families that cyber gangs and e-criminals used to infect more than half a million Computers running Microsoft Operating System and Microsoft Security Software. In fact the majority of Ransomware is targeted at the Microsoft Windows operating system and is sent as spam and e-mail attachments with the following names.

disgruntled.zip
facto.zip
headband.zip
woodworking.zip
firefly.zip

If the attachment, is unpacked, it unloads a .scr file, which if activated will launch a dropper of the Dalexis class. It will then connects to a series of hard-coded URLs, from which it will download CTB Locker. CTB Locker will change all your file name extensions to .crypt however the various flavours of Ransomware can change it to any of these file name extensions listed below. (NB! This list is not exhaustive)

*.aaa
*.abc
*.cry
*.cpyt
*.crypt
*.crypto
*.darkness
*.ecc
*.enc
*.exx
*.ezz
*.kb15
*.kraken
*.locked
*.nochance
*.obleep
*.vault
*.zzz

One way to combat Ransomware is to keep a snapshots of the files in a secure area of your network that wouldn't be affected by Ransomware if the machine is infected. Alternatively store an offline backup image of your hard drive so that your data can easily be restore. Refrain from downloading or access e-mail attachments from people you don’t know and never click on e-mails links you receive from unknown e-mail addresses. Also make absolutely sure your anti virus / security solution is up to date and able to detect and block CTB Locker, and change your online security protection level by adjusting your web browser security settings.

Tuesday, November 24, 2015

THE DEEP WEB

For the past few months, Hackers have been making it to the news headlines virtually everyday and a lot has also been said about the "Deep Web". It is said that terror outfits flourish in the "Deep Web" and black market goods from illegal drugs, medical prescriptions, and firearms, etc, can be purchased directly from websites like Alpha Bay, Dream market, Korova, Outlaw Market, Valhalla (Silkkitie), etc, and you can even hire a hit man to kill your mother-in-law. Having said purchase, implies online credit card transactions, but using this form of payment on the "Deep Web" could render your banking account empty. The way to transact on the "Deep Web" is to make payment with Bitcoins. Bitcoins are rapidly becoming one of the most popular currencies for both online and offline transactions. Bitcoins can be purchases from Silkroad and will require you to set up an account. Transactions are done with a a bitcoin address and a unique private key / PIN number (private wallet software).

But first, the "Deep Web" is also known as the "Invisible Web" and the "Hidden Web", which is Internet jargon (search terms) referring to the content on the World Wide Web that are not indexed by search engines. Many believe the "Hidden Web" to be 97 percent larger than the Internet as we know it, of which only 3 percent is available to search engines. This is true to a degree because most private networks that make up a huge chunk of the Internet do not permit web spiders to crawl their sites because their robots file denies access to web crawlers hence not available in regular search results. It is also said if you need to buy anything illegal from sites in the "Deep Web" you have to access the sites via a a VPN using a Tor browser in order to fly under the radar of the FBI and CIA and NSA.

If you desire privacy and a degree anonymity when browsing the net, then the Tor network is an excellent idea, but you sacrifice speed. If you are using Linux then JonDo IP changer is a safer option than Tor. A Whonix-Gateway distro, provides even better protection against IP and location discovery on a Workstation. Then there is also the Tails distro which includes really cool networking features, using the Tor browser that does a good job of hiding your identity and prevents traffic analysis by zig-zaging your connection through an array of anonymous servers. These systems are secure but if you download anything fro the Internet via Torrent Network you still risk to expose your IP number which can be easily traced. The Tor browser can be downloaded here.

Tuesday, November 17, 2015

CYBER WARFARE

On Friday the 13th November 2015, social network giant Facebook deleted the group page of the Cyber Hacktivists Anonymous which was exposing a list of more than a thousand pro-ISIS social media accounts. Facebook announced that the existence of the group was a "violation of their Terms of Service and Community Standards" and subsequently banned all Anonymous administrators, without prior warning and without giving any reason. Exposing the pro-ISIS accounts was in retaliation to the bloody terror attacks in Paris that claimed the lives of more than 130 people and left over 352 injured. The hacktivist collective Anonymous has publicly declared total war against ISIS. One of their spokespersons, spoke in French, on a video posted on YouTube saying "Anonymous from all over the world will hunt you down. Expect massive cyber attacks" whilst hiding behind their signature Guy Fawkes mask.

The French Interior Minister Bernard Cazeneuve also said that "war" had been declared on France and that "anybody who attacks the Republic, the Republic will fight back." "They will not destroy the Republic, it is the Republic will destroy them," he added. In retaliation French jets have been bombing the ISIS stronghold of Raqqa, Syria since Monday the 16th November.

Meanwhile, in response to Anonymous' statement, the militant group ISIS released a statement, responding to Anonymous’ declaration of total war, calling them IDIOTS, and suggesting anti-hacking tips to their supporters to protect themselves against cyber attacks. The reply from ISIS to the Anonymous group was sent via one of the ISIS-affiliated official channels, dubbed “Elite Section of IS”, using the messaging app, Telegram.

An Anti-terrorism "ethical" hacker group known as Ghost Security Group (GSG), going after ISIS says that ISIS regularly use cryptocurrencies to fund its terrorist operations. Adding that they hired a team of blockchain analysts to trace several Bitcoin addresses and found one account containing $3 Million in US dollars worth of Bitcoins.

Even though ISIS is called the Islamic State is has very little to do with Islam if any. ISIS is an abbreviation for Israeli Secret Intelligence Service a.k.a Mossad (Israel's intelligence agency). ISIS is in fact a collective American-CIA-Mossad-Saudi Intel Covert Operation. Fidel Castro slammed the USA/Israel for creating ISIS and retired Lieutenant General Ian McInerny said “We have helped create ISIS”. NSA documents leaked by Edward Snowden revealed that British and American intelligence agencies and Mossad worked together to create the Islamic State of Iraq and Syria (ISIS).” The leader of ISIS is known as Abu Bakr Al Baghdadi but his real name is Elliot Shimon, a Zionist Jew born from two Jewish parents, trained by Mossad in espionage and psychological warfare against Arab and Islamic societies. He is a blackhat hack. The ISIS objective is to create unrest and chaos in the middle east -from Pakistan to the Mediteranian Sea, by deceiving the brain-dead public with the "Renegade Muslim" facade in plain sight while they steal the oil and gas.

The Iran-Iraq-Syria Pipeline and the Qatari pipeline needed access via Syria to reach the Mediterranean coastline for the oil tankers to transport it to the Americas. In order to control the the pipeline from end-to-end America declared war on Sadam Husain for weapons of mass destruction and in the process vanquished Iraq killing thousands of Iraqis, taking control and setup several US army bases. A blink of an eye later, America's war on terror attacks Afghanistan demanding that the Taliban hand over Osama bin Laden and expel al-Qaeda, vanquishing the country killing thousands of Afghans, taking control and setting up several US army bases. Then, sanctions against Iran for their used of Uranium for electrification and its possible use for weapons of mass destruction. But they still working on Iran. Meanwhile Syria the last piece of the puzzle goes up in flames with barrel bombs being dropped on the masses and America declaring was on ISIS on all fronts and bombing the Syrians into submission. All the ISIS killings are purely collateral damage because with the pipe line is more valuable than people. With all this middle eastern turmoil, ISIS has now grown into veritable armies with modern advanced weaponry and vehicles with thousands of foot-soldiers covering the faces so that the masses cannot identify them as Caucasians. To achieve their goal of world domination / new world order, with America at the helm, they have unceremoniously killed tens of thousands of innocent bystanders.

Be that as it may, France is currently in the global spotlight because as few as 130 innocent people were killed yet the entire civilized world turns a blind eye when tens of thousands of innocent Palestinians men women and children are massacred by Israeli settlers, gunmen and Israeli Government policies. Conservatively speaking, between 2000-2005 as many as 4,907 Palestinians were killed and as many as 8,611 wounded and between 2006 and 2015 as many as 5,500 Palestinians were killed and as many as 20 400 wounded, but spotlight, not even a candle. Shame on all of you!

Sunday, November 15, 2015

ONLINE PRIVACY

Social media has taken the world by storm and has provided the powers that be, the ideal way to hack you and me. Adult dating sites, Twitter, Facebook, LinkedIn, Xing, YouTube, Google+, Meetup, Disqus, Medium, Renren, Pinterest, Instagram, Secret, Vine, WhatsApp, Flickr, Qzone, VK, Tumblr, and the rest of the social media slice of the Internet can be equated to a global collection of profiles, admissions, personal ledgers, or even diaries. It constitutes the largest collection of volunteered personal information ever and the greatest incentive to would be hackers to mark you. In days gone by, personal ledgers were kept by many in which to tabulate their thoughts, record their ideas and purposefully expose their fears to a book. A book that played the role of a non-human psychologist, if you like. It merely acted as a wall to bounce ideas off, tell your secrets to, share you deepest thoughts, reveal you innermost desires, even talk to if needs be, though never expecting a reply.

Personal diaries and personal ledgers helped many people to retain their sanity and deal with their demons, but as personal ledgers slowly died out, it was replaced by the psychologist and his couch. For many a "would be patient", bouncing the mental anguish off a quack was often a futile and expensive exercise, whereas for many a physiologist, a very lucrative money spinner. The more people who thought they needed the help of a psychologist, the more psychologist brain washed them into using their services.

I don't deny nor dispute that there is a need for psychologist in society, but they tend to diagnose everyone with some sort of schizophrenia or the other. Prescribing the same regimen of drugs to everyone from Retalin, to Adderall, to Concerta, to Vyvanse, to Imipramine, to Inderal, to Invega Sustenna, to Ambien, to Celexa, to Prozac, to Thorazine, to Valium, to Zoloft, to mention but a few, even though we all have a biochemical individuality, in fact and absolutely unique biochemical individuality.

Some parents even felt the need to send their children to psychologist for evaluation who then became regular couch subjects. This turned out to be an ingenious cash cow model that kept psychologist near the top of the food chain for some time and also kept the masses sedated and conditioned to be perfect zombies. But the psychologist are being phased out by the social media networks, where the masses are comparing notes, with fake friend discussing their personal issues, their mental issues, their health issues, their psychological issues, etc... entrusting their deepest and darkest secrets to strangers, and others soliciting commentaries who are as effed-up. Besides bolstering their own achievements and lying through their teeth about it, exposing themselves, divulging personal data and volunteering way too much information about themselves. So much so, that the bullshit on the social media networks is fast replacing the bullshit that their patients construed as insight.

As if it's not bad enough that everyone out there have their own share of problems, be they chicks with daddy issues, or guys with mommy issues, sex addictions, drug dependencies, need for acceptance, dependency syndrome, peddling drugs, kleptomania, alcoholism, prostitution, bullying, theft, lies, cheating wives and sugar daddies, etc. The NSA and the FBI are also added to this mix. Yes, the NSA has been pushing for cooperation from Google, Yahoo and other search engines to feed them with profiles of "misfits", suspect offenders, pedophiles, etc... This means that you and I and everyone else we know, are being poured though a sieve, being judged for what we say or do online, for what we buy and sell online, and the websites that we visit.

Google is god of the internet and stores all your search history and I'm not talking about your browser history that is stored on your computer which can easily be erased or configured by selecting the paranoid tick in your control panel Control panel \ Internet Properties \ General \ browser history \ settings \ history \ 0 days. Here I'm referring to your Web & App Activity that may go back several years and can by found in the settings menu in the bottom right hand side of Google's search page. Why you may ask, why does Google do this? Because governments compelled them to do so. Google and Yahoo have maps on their sites that you can visit to see how many of your fellow countrymen or women is in the NSA's spotlight, all thanks to social networks.

The Tor browser is an option if you feel that its best to surf anonymously but the FBI is trying their utmost to get the profiles of people who surf anonymously and wish to enjoy some privacy. There are rumours that the FBI hackers are too lame to do it themselves, so they agreed to pay Carnegie Mellon University (CMU) in Pittsburgh, USA, $1 million to hack the Tor network and deanonymize its users. So who’s hacking who? However, the EFF (Electronic Frontier Foundation) is doing their level best to get court injections against the FBI and the NSA's abuse of power and save us all from becoming suspects or victimized for what we say online..

Meanwhile, a type of malware known as ransomware has been restricting users from accessing their own website or computer system by uploading the above notice, locked by the FBI or Justice Department on their systems. It forces "offenders" to pay a ransom / fine in Bitcoins via specified online methods before they can get your own systems or data back. The hacker known as Slavik who also wrote the Zeus banking trojan, is responsible for the CryptoLocker Ransomware Virus and has been using the FBI to extort money from victims.

Friday, November 13, 2015

HACKER MENTALITY

Hackers are thinkers. They visualize what others can't. They see the world differently. They are super curious. They tinker with things in order to understand them. They hunger for knowledge that interest them. Einstein was a tinkerer, a preoccupied thinker, so much so that his teachers said that he won't amount to anything. Yet, we all know what his intellectual contribution was to the global society. He saw the world differently and he could have been absolutely wealthy but his interests weren't monetary. Likewise Tesla a was a tinkerer totally preoccupied by his interests having time for nothing else because he saw the world differently. He could have been stinking rich but be chose the art of tinkering over money. They wanted to empower the masses and create a better future for all. They were eccentric men, yet there are loads of people today that are wired like Einstein and Tesla, even share their eccentricity, though they may not be as intelligent or perhaps even more so.

Albert Einstein, tinkerer, hacker, scientist.

The masses call these people hackers and nerds. Yep, Nerds... a derogatory term used by the masses to talk down on them as if they are inferior. But quite the contrary. These hackers and nerds are the ones who brought them the bicycle, the internal combustion engine, electricity, the telephone system, the computer, the internet, the smartphone, satellite TV, and so much more. Without the nerds where would the masses be technologically? Professor Tim Berners-Lee conceptualize URIs, HTTP and HTML the invented the World Wide Web. James Gosling developer of the Java Programming language. Linus Torvalds is the creator of the Linux kernel and its principal developer, and the list goes on. Realistically is was never about the money for them but rather the sharing of knowledge to empower others.

Nicola Tesla ... whose ideas were usurped by Edison, much like
Zuckerberg usurped Jarkko Oikarinen's IRC and turned it into Facebook.

Admittedly some of these master minds opted for the money. Wasniak didn't but his partner Jobbs did. Tim Paterson the inventor and originator of MSDOS didn't but Bill did, making him one of the riches men in the world. IRC was an amazing app designed by Jarkko Oikarinen which since the days of inception was free, gratis and verniet. A sucker like Zuckerberg copied IRC added some bells and whistles called it Facebook and became stinking rich in the process. These are the sellouts. Money motivated them above the art of hacking and sharing, not desiring equality but disparities in wealth, to the point that the world's wealthiest 5% is sitting with 95% of the global wealth and the remaining 95% of the masses share in the 5%. Disgraceful! Many of them having made their fortunes on the backs of child labour (Apple, Microsoft & Samsung) in their supply chains, adding to the already enormous Third World Debt Crisis.

The above passage gives the impression that hackers and nerds are all male, but this is certainly not the case. I have encountered that "chica" who could show me a thing or two when it comes to high-tech. As a whole, hackers are rebellious by nature, non conformists, often loners preferring the company of computers over people. They prefer to do their own thing, and not be bogged down by a 9 to 5. They cannot see themselves as obedient Zombies who conform to the system by subjecting their income to the trinkets of society. You know... that prestigious car that gives others the impression that you are "all that", though they are knee deep in arse mousse because of debt. That pretentious house with the swimming pool and entertainment area with which to lure friends to impress. Those life, car and household insurances that were all grudge purchase anyway, which they endure under great strain because the Jones' have them. That expensive lifetime gym membership that's costing them an arm and a leg which they hardly use, except as a conversation piece. Not forgetting the maxed out credit cards that they constantly juggle not to embarress the arse mousse out of your families. Slave to the system with debt as the sword of Damocles hanging over their heads. Dept up to their freaking eyeballs.

That's what gets these obedient slave, Zombies jumping out of bed at an unruly hour of the morning, braving the traffic to get to work on time to earn that measly salary that they are unhappy with to pay for the trinkets that they don't really need which they were enticed into by the system even though it's not what they really wanted in the first place. They are spokes in the system and getting out is most difficult hence its best not to get into the system in the first place. That's why hackers keep it real and therefore don't deserve the negative connotations attached to the term. Admittedly there are angry hackers who tend to be anarchists, evil enough to destroy the establishments, but you have those types in all walks of society. Then their are wannabe hackers ... the script kiddies (crackers) who gave hackers the bad name by hacking into networks haphazardly because they lack real hacker knowledge. This hacker stigma has led to the White hat, Black hat, blah, blah blah by those who wants to label everything. The cybersecurity problem of today doesn't lie with the hackers but falls squarely the shoulders of operating system manufacturers who couldn't design a secure system in the first place. And secondly on the heads of the dumb asses corporates employ to guard their networks who don't know enough to hack their way out of a wet paper bag.

Monday, November 9, 2015

HACKERS

Since the arrival of IPV6 and the Internet of Things (IoT), millions of additional network nodes have extended the realm of the WWW. Needless to say, computer savvy individuals have an inherent curiosity, a burning desire, a need and an itch to interact with these additional network devices. This is as human as wanting to run the fastest race and win. Sing the best and beat the rest. Excel at school to prove your worth. This curiosity and the need to prove yourself goes far beyond the individual, it is the epitome of Governments behaviours. Both Russia and the US of A had the curiosity to go into space and the USA just had to dominate, needed to, or wanted to ... semantics. Global militaries have the curiosity to witness the destruction of military hardware and chemical weapons, so Netanyahu just had to drop phosphorus bombs on the Palestinians. They also wanted to out do one another with their displays of military armourments, the one boasting better than the other. This idea of mental prowess and greater ability even extend to the movie business, where Bollywood is bigger but Hollywood just has to prove that it's better. Kiddies cartoons even teach this attitude to our young children for example, Pinky and the Brain, with the Brain wanting to take over the world.... because he can.

If we look back to 1983 when Ronald Austin of the 414s hacked the Los Alamos National Laboratory, the Sloan-Kettering Cancer Center and Security Pacific Bank. He and his crew had the curiosity and the knowledge but lacked the computer network to practice on, and prove to themselves that they could do it. They didn't own nor could they afford a computer network of their own to play with, experiment on, hack, reconfigure, etc... So they just had to use the internet which only had 562 host computers at the time as opposed to billions of nodes today. If they had their own hubs, routers, gateway servers, DNS servers, proxy servers, mail servers and a network with computer running Microsoft, iOS, Linux, Solaris, Unix and VMS operating systems, they would never have done a live hack that landed Ronald a 3 years probation. They looked upon their hacks as youthful pranks whereas the authorities saw them as criminals and black hat hackers.

What’s a Blackhat Hacker?

A Black hat hacker is an individual with exceptional computer knowledge, a computer guru if you like, who takes pride in beating cybersecurity expert at their own game by breaching or bypassing their computer network security purely because he can. This doesn't make him a criminal for outwitting his counterparts, it just puts him at the head of his game. So out of pure jealousy he is called a Black hat hackers or a crackers or a dark-side hacker. Many of these "Black Hat Hackers" become cybersecurity experts and are employed as "White Hat Hackers" by large corporations. World's most famous hacker Kevin Mitnick was one of the FBI's most Wanted, because he hacked into 40 major corporations just for the challenge, today he is a trusted security consultant to Fortune 500 companies and governments worldwide. He also mentors the theory and practice of social engineering. He published several books on cybersecurity, the latest being 'Ghost in the Wires'. However some "Black Hat Hackers" hack with maliciousness intent, defacing web pages, deleting log files, or even crashes the computers or take the entire network offline out of anger. Anger at having extraordinary skills but unemployed. Resulting in some "Black Hat Hackers" hacking for personal gain. When they do so, they are more often than not often members of hacking tiger team. This is the stereotypical young, intelligent, highly motivated, energetic and curious male "Black hat hacker" portrayed in popular culture as the computer criminal involved with identity theft and the illegal sale of credit card numbers and fraudulent bank transfers. They are also labelled as the hackers who create computer viruses.

What’s a Whitehat Hacker?

A white hat hacker is normally paid cybersecurity consultants who contracts himself out to both small businesses and large corporations, to perform penetration tests by breaking into their protected computer systems and networks purely to asses the level cyber security. He then informs their IT departments of all computer and network vulnerabilities and how they should be plugged before malicious hackers breach their computers network for criminal purpose.

Then there are also "blue hat hackers" and "gray hat hackers". Blue hat hackers are normally security professionals working outside of computer security consulting firms who are contracted to bug-test computer system prior to going live. Their objective is to indentify exploits so they can be plugged. A "Grey hat" computer hacker is an individual with exceptional computer knowledge but whose "ethical standards" fall somewhere between altruistic (Whitehat Hacker) and malicious (Blackhat Hacker). A fence sitter if you like, a white hat that has going bad or a Black hat in the process of cleaning up his act. Uncertain of his loyalties.

Saturday, November 7, 2015

CIA AND FBI HACKED

THE CIA AND THE FBI HAVE BEEN HACKED

The young Black Hat hacker crew that hacked into CIA Director John Brennan personal correspondence and that of other government officials acquired very sensitive security information regarding top-secret Intelligence matters. This enabled them to struck again, but now infiltrated the FBI. They identified themselves as CWA - "Crackas With Attitude" and subsequently hacked into an even more important target, which according to them is a private law enforcement portal that granted them access to the US arrest records database and at least a dozen more law enforcement tools. Amongst which are the Enterprise File Transfer Service, a tool for sharing files, as well as Intelink the United States Government computer system Justice Enterprise File Sharing, and so much more.

The CIA and the FBI just got hacked

Cracka the leader of the hacker crew provided a screenshot of the arrest records database called JABS which stands for Joint Automated Booking System. This could give them carte blanche to erase criminals records of anyone who has one, for a price and even clean their own slates if they have criminal records or were previously incarcerated. This portal also grants them access to arrest information of suspected terrorists, gang members and drug merchants. I wouldn't be surprised if this information end up on Tor network or Alpha Bay on the deep web for sale to the highest bidder.

JABS database query tool infiltrated by the CWA hacker crew.

However yesterday CWA posted a list of names, phone numbers, and email addresses of more than 3000 government employees, military personel and FBI agents working at various local police departments through the country into Pastebin and Cryptobin. This was done to coincide with Guy Fawkes Day and in solidarity with the "million mask march" of hacker crew "Anonymous" from the Philippines. As an indication of their seriousness, they named this release “Part 1” implying that there is more to follow. Cracka, also said it is their way to hurt the government and not innocent people and that they are doing this to help the people of Palestine and not for name and fame.

CWA has certainly opened up a can of worms by targeting both the CIA and the FBI of the United States and is sure to become public enemy number one. If they haven't been on the intelligence agencies radar before, they certainly are now.

CYBER WARS CONTINUED

The US is hacking China and China is hacking them in return and somehow the “biggest government hack ever” got past the Feds and the "multi billion-dollar intrusion detection and prevention system that stands guard over much of the federal government's Internet traffic". By the time the federal authorities finally detected an ongoing remote attack targeting the United States' Office of Personnel Management (OPM) computer systems, the hack was completed.

During the first hack, some 4.2 million federal workers’ information was stolen, and during the second hack between 21 million to 25 million federal workers and contractors was stolen. But a even larger theft took place in 2006, when over 26 million files were stolen from from the Department of Veteran Affairs when US government data networks was breached.

This hack may have spanned several months, before the White House made it public, however it is believed that the attack bears the hallmark of Chinese state-sponsored espionage but no direct evidence has been provided. The add insult to injury OPM has also confirmed that 19.7 million background investigation forms and 1.1 million fingerprint records were stolen not to mention Edward Snowden exposing NSA surveillance practices and records.

Famous Hacker - Keven Lee Poulsen (Dark Dante)

Two Russian computer hackers Alexey Ivanov, 20, and Vasiliy Gorshkov, 25, were arrested by the FBI for victimizing banks and 40 US businesses in 10 states and the theft of credit card numbers in a cross-border hacking case. They were lured to the United States and snared in a cyber-sting. The case against them is built on reverse hacking by the FBI who accessed the Russian's computers.

According to the charges by government lawyers, the pair may be linked to hundreds of crimes, including the theft of 15,700 credit card numbers from Western Union in Denver in September. The breached US computers servers were running Microsoft software, who acknowledged that security holes exist in some versions of Windows NT and offered to fix them at no charge for at least two years.

Associate professor Robert Morris at MIT (creator of Internet's first worm virus)

Apparently Russia has been cyberspying on the United States, several countries throughout Europe and Asia for more than seven years. It is believed that a large hacking crew known as "the Dukes" is spying for the Russian government since all the signs point back to Russian state sponsorship. Other reports confirmed that the Kremlin is behind cyber-espionage attacks and Regin seems to be their malware of choose.

Russian hackers also penetrated U.S. industrial control networks that run critical infrastructures like the electrical grid and its been disclosed that Moscow has formed a special cyber military hacker unit as part of preparations for future cyber warfare. US intelligence agency also singled out China, Iran, and North Korea as the primary nation states capable of conducting sophisticated cyber attacks and espionage stating that Politically motivated cyber attacks are now a growing reality.

Infosec expert - Mark Abene (Phiber Optik)

US Statistics on cybercrime show a huge disparity between the number of attacks reported and the number of people who actually get caught. Based on this more and more computer savvy people are turning to hacking starting out with the firm intention of not getting caught.

However, hackers like Kevin Mitnick, Eric Bloodaxe, Keven Lee Poulsen (Dark Dante), "Data Stream". "Knight lightning", Mark Abene (Phiber Optik), Paul Stira (Scorpion), Elias Ladopoulos (Acid Phreak), Robert Morris, who are worth their weight in gold have been caught and served time.

CYBER WARS

This summary is not available. Please click here to view the post.

Thursday, November 5, 2015

THE INTERNET OF THINGS

ICT and Cybersecurity experts warned that companies need to pay greater attention to their computer networks' cybersecurity and add that Telecoms company TalkTalk got hacked because “it wasn’t paying enough attention to its cybersecurity,” and that the recent Ashley Madison attack, is just the “the tip of iceberg”. They add that the growing threat by hackers is very real and that the cyber attacks comparable to the 9/11 event can be expected but needs to be thwarted before they happen. With the arrival of the Internet of Things (IoT) a lot more devices are connected to the Internet and this number is constantly growing, and provides new ways for hackers to gain access to private and confidential data. Experts recommend that network security must be part of a company’s core infrastructure because the few professional cybersecurity companies globally just aren't enough to stop the constant barrage of cyber threats.

Barack Obama and Xi Jinping

President Barack Obama and Chinese President Xi Jinping met as recent as the 25 Sept 2015 in Washington and reached an “understanding” not to use cyber spies to commit economic espionage and not to hack private firms in each other’s country for economic gain. But in less tan 20 days a U.S. cybersecurity company claims that it has evidence that hackers linked to the Chinese government tried to violate a recent agreement between Washington and Beijing. American business have complained for a number of years that Chinese hackers have sought to steal trade secrets from U.S. corporate computers. In retaliation U.S. spy organizations have hacked into Chinese companies claiming that American officials performed these hacks for national security purposes and not to steal Chinese trade secrets. Washington’s determination to eradicate Chinese cyber theft and ban all forms of digital protectionism resulted in regional trade pact with Pacific Rim countries requiring them to criminalize hacking attacks on U.S. companies.

US officials currently working on the Iran policy determined that the recent surge of cyber attacks by the Iran’s Revolutionary Guards to email and social media accounts of Obama administration officials it possibly linked to arrest of Siamak Namazi an Iranian-American businessman. The Iranian military Revolutionary Guards have regularly made hacking attacks on US government agencies in recent years but has increased after the landmark international agreement to eased severe economic sanctions on Iran in return for Tehran curbing its nuclear program.

The World Wide Web is the direct consequence of all the hacking taking place globally but even though these hacks cost global business move than £200bn last year, the Internet is non-the-less an indispensable global resource which no country can function without. It is in this sense that ministers of the Obama administration are demanding answer with respect to the protection of the vital undersea Internet cables. The Russian government recently spooked US officials by dispatching a submarine equipped to cut undersea cables along the East Coast of the United States.

However the threat is much closer to home. A teenage hacker crew has been casing John Brennan director of the CIA and other government officials. A hacker with the alias "Cracka", hacked into an email account belonging to the FBI Deputy Director Mark Giuliano getting into a Comcast email that’s under Giuliano’s wife’s name. They even provided several screenshots to prove they hacked the account but declined to reveal how they did it.

Wednesday, November 4, 2015

CYBERCRIME

CYBERCRIME FRENZY

It is common knowledge that Cybercrime cost global business more than £200bn last year. Statistically one in six companies have been hacked in the past year alone, and the financial and legal sectors are especially targeted but no exclusively. Having said that, the Talk Talk Telecom Group got hacked last Thursday and the customers' bank details were stolen for the third time in eight months. TalkTalk previously got hacked in August and again in February. Management speculated that the hackers made off with some the 4 million client accounts, but after further investigation realized it to be a lot less. In an attempt to appease worried customers, Dido Harding apologized for the hacking before TalkTalk released official figures based on their internal investigation. Announcing that some 20,000 bank account numbers and 28,000 partially obscured credit card details were accessed. Their investigation further showed that some 1.2 million customer email addresses, names and phone numbers were accessed.

TalkTalk just got hacked

To add insult to injury, these very customers' bank details are already up for sale for £1.62 each (Bitcoins) on Alpha Bay Website by a hacker with the alias 'Martian'. It is believed that Eastern European criminal gangs are the main buyers of such stolen financial data. A hacker claimed that he could make £150,000 by getting hold of the data and selling it on to many gangs.

Beware of Alpha Bay on the deep web

Tuesday marked the 98th anniversary of the Balfour Declaration, and Pro-Palestinian hackers on took over over the Twitter feed of the Hebrew-language Haaretz news website and sending threatening text messages to journalists. Among the tweets posted by the unknown hackers: “The Holocaust of the Balfour Declaration will continue the knife intifada”; “The mothers of our martyrs will drink the blood of your soldiers and settlers,” and “The memory of the Balfour Declaration has changed the situation, wait for the massacre that will be arriving soon.” Apart from the tweets, a sms expressing similar sentiments and threats was sent out to cell phones around Israel. “A continuous Holocaust upon you until you give back the right to its owners,”

Goldman Sachs Private Capital Investment Group have just coughed up $35 million to a Cybersecurity company to secure their computer network because in 2014 hackers gained access to confidential and personal information of 83 million of JP Morgan's customers. The credentials of the Cybersecurity company has been verified by Deloitte and their hype seems very promising but only time will tell. This is the type of mark that hackers find very, very interesting and a challenge to prove that any and all forms of cybersecurity is purely a deterrent and not hacker proof.

Tuesday, November 3, 2015

GETTING PAID TO HACK

During most of 2014 numerous hacking stories made it to the head lines of several newspapers. Data worth millions of dollars were stolen, websites were defaced and confidential client data was released to the general public. These acts drove fear into the hearts of Governments and fortune 500 companies, to the point that Tech Companies like Google, Tesla, Facebook, Apple and several other incentivized hackers and hacker crews to attempt to breach their computer network security, in exchange for a handsome payout should they be successful. Movies like Hackers and Blackhat, and TV series like Mr Robot,, NCIS, Criminal Minds and Continuum only served to entice White Hat and Grey Hat hacker squads to go "Black hat" and chase the bounty. However the objective of these companies were to identify weaknesses in the network security and plug it after getting feedback from hackers as to how they got in. Well that happens when they hire the wrong ITC people and especially network administrators with mediocre hacking skills.

The Hacker in Mr Robot

In September, a bounty of $1 million was publicly offered to anyone who could successfully hack the latest versions of Apple’s mobile operating system, iOS 9.1 and 9.2b, on a new iPhone or iPad. The rules stated that the iPhone hack must “be achievable remotely, reliably, silently, and without requiring any user interaction, other than visiting a web page or reading a text message”. Only Google Chrome and Apple’s own Safari browsers were allowed to be used for the hack. On Monday 2 November, security company Zerodium announced that they have agreed to pay out that seven-figure sum to the hacker crew who successfully developed a technique that can hack any iPhone or iPad and can trick them into visiting a carefully crafted web site. Two hackers teams have been actively working on the challenge both keeping their eyes on the prize. But only hacker crew managed to develop a complete remote jailbreak however the second team may qualify for a partial bounty. Zerodium will brief Apple on the exploit so that the holes in the iOS can be plugged. The procedures of this hack is especially valuable, given that government agencies including the NSA and CIA have had difficulty hacking into iPhones.

Europe’s Chaos Computer Club is very disappointed that Apple rejected the group’s streaming video app. The Apple app would've allowed interested parties to watch the Chaos Communications Congress event talks in real time. But it turns out the Apple is still pissed because members of the conference had previously hacked iOS. Apple claims they don’t want to help spread the hacking word even though fellow hacker Steve Wasniak and co-founder of Apple was part of the “white hat” hacker community. Shame on you Apple for depriving the hacker community and denying the principals upon which Apple was built. However the conference live streams are available on both the Chaos Computer Club’s official website and on YouTube and still accessible to Apple users.

Electric caremaker Tesla Motors invited hackers to try to breach their vehicle's systems and offered hackers attending the SyScan conference in Beijing $10,000 earlier this month if they could hack and control its electric Model S sedan. A "white hats" hacking crew from Zhejiang University was awarded $1,700 for their efforts because they didn't achieve the goal within the specified time frame even though they gained access. After the hackers explain how they did, Tesla patched many of the vulnerabilities to make the Tesla a safer car.

The all electric Tesla car

Wauconda's website was hacked on Friday 30 October or sometime during the past weekend The hackers or hacker replaced much of the onsite municipal information by anti-American and anti-Israeli photographs and pro-Islam messages. Turns out Doug Maxeiner the village Administrator was quite offended by the image of the burning U.S. flag but its more likely that he is his pissed because he got hacked and couldn't do anything about it. Blaming the hack on their web hosting company in Charleston inability to block them because he believes the hacker or hackers achieved accessed the website through the ISP's system. Wauconda police are aware of the hacking who was also asked to notify the FBI of the incident. The Mayor said this also happened to the Wauconda police website and ads that it was also done a radical Islamist group. That's sander and without proof it could be anyone, perhaps even the Pope.

Anonymous Hacker crew Philippines wearing Guy Fawkes Masks

Anonymous Philippines, is an anti-government hacking crew with a mission to “fight for freedom, truth, and justice” and their latest victim is non other than the Ku Klux Klan. A hacking campaign dubbed "Operation KKK" with the sole intent to harass members of the racist group online, embarrass and intimidate then and shame them publicly. "Anonymous" have released two lists of alleged KKK members retrieved from a KKK database. The "Anonymous" crew have previously targeted the electronics giant Sony, the Church of Scientology, the anti-gay Westboro Baptist Church. Earlier this year, the "Anonymous" crew hacked and defaced 20 government websites seeking justice for the 44 fallen policemen at the Mamasapano incident. Last September, they did the same thing to the National Telecommunications Commissions (NTC) website. They are known to wear Guy Fawkes masks in public and instigated the "Million Mask March" planed for November 5, 2015--Guy Fawkes Day. Anonymous claimed responsibility for breaking into the social media twitter account of Maine on Tuesday morning to get access to her 2.4 million followers and inform them all of the "Million Mask March".

KKK lighting up a cross with gasoline.