Dance of Shadows

In the ethereal realm where bits and bytes pirouette, hackers, — those modern-day sorcerers — weave spells that transcend the ordinary. Armed with languages like Python, Perl, PHP and arcane JavaScript, they navigate the digital cosmos, probing, and unlocking the secrets that lie veiled in the tapestry of networks. Behold the tools they wield, are instruments of both creation and destruction, from the sacred to the profane.

In the sacred arsenal of ethical hacking tools, the dance begins with Invicti and Fortify Web Inspect, guardians of web sanctums. They scrutinize the labyrinthine codes, seeking vulnerabilities with an ethical gaze. Cain & Abel, an enigma in its own right, whispers into the ears of cryptographic secrets, unraveling the knots of security protocols.

The Network Mapper, Nmap, dons the cloak of a phantom, mapping the unseen terrain of networks, while Nessus, the vigilant sentinel, scans for the faintest echoes of weakness. Nikto, a poetic vigilante, surveys web servers with a discerning eye, unraveling the threads that may lead to digital Pandora's boxes. Kismet and NetStumbler, the ethereal wanderers, roam the airwaves, unraveling the secrets that linger in the currents.

Acunetix and Netsparker, architects of digital fortresses, wield their prowess to shield the sacred domains from malevolent gazes. Intruder, a mischievous sprite, dances on the edges, seeking chinks in armor, while Metasploit, the shape-shifter, crafts exploits that transcend the ordinary.

And in the midnight symphony, Aircrack-Ng emerges, a spectral conductor orchestrating the dissonance of wireless networks, revealing the vulnerabilities that flutter in the unseen air.

In this dance of shadows, we encounter two archetypes - the White Hat and the Black Hat. The White Hat, the virtuous guardian, dons the mantle of ethical hacking, defending the digital realms against nefarious forces. The Black Hat, the elusive trickster, navigates the shadows with malicious intent, seeking to exploit weaknesses for personal gain.

But why, in this dance between light and shadow, do we need these hackers? For in the ever-expanding digital tapestry, vulnerabilities lurk like phantoms in the night. The network, a delicate ecosystem, demands guardians to ensure its integrity. The hacker, a dual-faced Janus, plays the role of both villain and hero, revealing the chasms that may lead to calamity or guiding the way toward fortified horizons.

So, let us not cast judgment upon the hackers, but rather, seek to understand their dance. In their whispers of code and shadowy exploits, lies the echo of our collective vulnerabilities. In the labyrinth of networks, the need for the hacker emerges as an intrinsic melody, urging us to fortify our digital bastions and navigate the cosmic dance between chaos and order.

The 10 Best Cryptocurrencies

CRYPTOCURRENCIES

Crytocurrencies (CC)  / aka kriptocurrencies (kc)

Bitcoin (BTC)!  Etherium (ETH)! Litecoin (LTC)! Unless you've been living your life wearing  blinkers, or you've been hiding under a rock for the past year, I'm almost certain you've heard about them or perhaps any of the 1324 other Cryptocurrencies. So what's Crtyptocurrencies and what's all the hype about, you my ask. Well in a nutshell ..., Cryptocurrencies are the new money, and the hype is all about making money and lots of it. Many, many people have made small fortunes virtually overnight by investing in Bitcoin.

MAKING MONEY WITH BITCOIN

Let me give you an example. Bitcoin sold for less than half a $1.00 in 2010 and today a single Bitcoin is worth $14290.00 and fluctuating. By implication if you bought just $10 worth of Bitcoin in 2010 it would have metamorphosed into a six figure sum by 2017.  Impressive? Having said that, I need to add that there is no better time to invest in Bitcoin than right now, even though some billionaires are avoiding it, calling it a "bubble".  In my humble opinion they're avoiding cryto cash purely because they don't understand blockchain technology and the host of advantages it holds for future technologies.  

Bitcoin as a virtual currency, and is probably the only Crypto coin referred to most of the time by everyone when speaking about it, however, there are numerous other Cryptocurrencies available. Among them are, Bitcoin Cash (BCH), Ripple (XRP), Cardano (ADA), Veritaseum (VERI), Decred (DCR), Dash (DASH), Zcash (ZEC), etc, to name just a few. But remember, not all cryptocurrencies are born equal. Some are more popular than others, some will create more interest than others. Some will increase in value faster than others.

The reality of the matter is that a quarter of a million retailers globally will be accepting this new type of money shortly because it's doubling  its value virtually every week. Bitcoin has captivated the money markets and the demand for other digital coins are currently surging as financial institutions are raising millions of dollars in minutes. This is a rare opportunity to amass a small fortune from these emerging cryptocurrencies by investing sooner rather than later.

Blockchain Technology

Cryptocurrencies are based on Blockchain Technology and again in my humble opinion will become the  core of many future technologies. Governments will benefit from Blockchain Technology when it ties GIS systems to their land ownership and titling system. When I worked in Madagascar on a Geospacial project for land identification, I witnessed that their records / paper trail for land ownership was antiquated and inadequate.  We found at least two cases where title deeds were forged, in order to steal land from their rightful owners. A blockchain-based solution would easily have solved this problem by allowing the land chain to be traced from owner to owner upto and including its genesis. A heathcare blockchain-based solution would solve  numerous patient health record problems, if  all doctors contribute to the blockchain. A patient's entire medical records from birth to current date would be on-hand and in a single volume, accessible from anywhere in the world.

There are so many other uses for Blockchain Technology and should never be considered a bubble. Cryptocurrencies are potential replacement currencies and the popularity behind them, is the fact that they are completely decentralized, and cannot be manipulated by government and other authorities like Federal Reserve bank. Crytocurrencies are safe and allows you to buy commodities on the international markets without paying forex and other expensive banking fees in the process. Cryptocurrency payments, permits  private transactions with total anonymity, is completely irreversible  and nearly impossible to forge or counterfeit. Hence Cryptocurrencies have been growing in popularity at a blistering speed so much so that it is starting to "challenge gold" as the investment of choice.

Bitcoin Mining

There are two ways of getting onto Cryptocurrency band wagon, the first is to open an account at a brokerage that invests in Bitcoin, Etherium, Litecoin or other Crytocurrencies. This entails parting with a sizable amount of cash and trusting them to make your investment grow. The  second is to mine one or more Crytocurrencies  yourself, using a computer capable of a high hash rate , alternatively using an ASIC miner for mining Bitcoin or an ASIC miner manufactured for a specific Cryptocurrency. This entails investing your cash into some pretty expensive hardware, that's going to consume and enormous amount of electricity. ASICs are coin specific and are difficult to resell  whereas as a GPU based miner is essentially a regular gaming computer with plural graphics cards capable of mining different coin subject to the software installed.

ASIC Miner for mining Bitcoin.

CPU's have a low hash rate whereas GPU's have extremely high hash rates, so the more GPU's you install and the faster they process capability, the higher your hash rate and the faster they mine. Both ASICs and GPU's are power hungry and the trick is to balance out your initial hardware investment and your continuous electricity and internet connectivity bills against your Cryptocurrency mining earnings. The successive blog installment will cast some light on how to setup a mining rig for Bitcoin, Etherium and Litecoin, etc.

GPU Miner for mining Etherium, Litecoin Dash, Zcash etc.

CC is an abbreviation for Crytocurrencies and sometimes  KC is used for  Kriptocurrencies. Most cryptocurrencies have a three character abbreviation much like AUD - for Australian Dollar, GBP - for the Great Britain Pound, EUR - for Euro, JPY - for Japanese Yen, etc have. Like I mentioned above, there are in excess of 1324 crytocurrencies and other crytocurrencies are constantly emerging with just a few of them listed below.

BTC - Bitcoin 
LTC - Litecoin
ETN - Electroneum
XRP  - Ripple 
ETH  - Ethereum  
BCH - Bitcoin Cash
ADA - Cardano  
ZEC  - Zcash  
XMR - Monero  
EOS  - EOS 
NEO - NEO 
BTG - Bitcoin Gold
ETC  - Ethereum Classic
TRX  - TRON
XVG - Verge
IOTA - MIOTA

However the 10 crtypocurrencies to look out for during 2018 are:- 
LTC - Litecoin
XRP  - Ripple 
XMR - Monero
ETH  - Ethereum
ADA - Cardano
Iota  MIOTA 
BCH  - Bitcoin Cash
NEO - NEO
ADA - Cardano
TRON - TRX

DISCLAIMER:
NB!  The author holds and invests in crypto assets. However, the contents of this post should not be misconstrued as investment advice;  it's merely shedding much needed light on some lesser known cryptocurrencies that have the potential to grow between 10 and 100 times it's ICO.

RANSOMWARE

2015 WAS THE YEAR OF RANSOMWARE  

Computers and ICT networks are prone to electronic failure but with the expert help of ICT professionals, network up-time can almost be guaranteed to 99.98 percent. However, for the past decade computer and network redundancy and global replication services, ISP's and corporate networks have been under attack from, Heuristic Computer Viruses, Worms, Malware, Spyware, Trojan/backdoors, Adware,  Rootkits,  Scareware, Keyloggers, and the worst of all Ransomware attacks that appear to be more personal.  Not to mention the physical threats by hackers, making the jobs of network security personal more intense and challenging. Costing companies huge additional and unnecessary expenses globally. 

It is predicted that Ransomware is going to be the greatest emerging security risk in 2016 and the general consensus is that 2015 has been the year of Ransomware. The purpose behind all intrusion software is to disrupt, create chaos, steal data and extort money. The reasons, avarice, sadism, vindictiveness, arrogance, aggression, envy,  anger, bitterness, jealousy, hate, narrow-mindedness and plain unadulterated evil. Can you even imagine a cracker hacking your computer system stealing your personal information as well as take over your computer holding  it ransom until you make their specified payment and endure the uncertainty whether or not thy will release you computer once payment is made. 

Globally security experts are doing the utmost to reverse engineer Ransonware software in an attempt to put a stop to this thievery. 
Surprisingly there are number of them amongst which are TeslaCrypt, Alpha Crypt, CryptoFortress,  Chimera , CryptoWall, Ransomware infection, MBR Ransomware  (MBR stands for Master Boot Record), CryptoLocker and the worst of all CTB Ransomware (CTB atands for Curve-Tor-Bitcoin). Crowti (aka Cryptowall) and Tescrypt (aka Teslacrypt) are two Ransomware families that cyber gangs and e-criminals used  to infect  more than half a million Computers  running Microsoft Operating System and Microsoft Security Software. In fact the majority of Ransomware is targeted at the Microsoft Windows operating system and is sent as spam and e-mail attachments with the following names.

disgruntled.zip
facto.zip
headband.zip
woodworking.zip
firefly.zip

If the attachment, is unpacked, it unloads a .scr file, which if activated will launch a dropper of the Dalexis class.  It will then connects to a series of hard-coded URLs, from which it will download  CTB Locker.  CTB Locker will change  all your file name extensions to .crypt however the various flavours of Ransomware can change it to any of these  file name extensions listed below. (NB! This list is not exhaustive)

*.aaa
*.abc
*.cry
*.cpyt 
*.crypt 
*.crypto
*.darkness
*.ecc
*.enc
*.exx
*.ezz
*.kb15
*.kraken
*.locked
*.nochance
*.obleep
*.vault
*.zzz

One way to combat Ransomware is to keep a snapshots of the files in a secure area of your network that wouldn't be affected by Ransomware if the  machine is infected. Alternatively store an offline backup image of your hard drive so that your data can easily be restore. Refrain from downloading or access e-mail attachments from people you don’t know and never  click on  e-mails links you receive from unknown e-mail addresses. Also make absolutely sure your  anti virus / security solution is up to date and able to detect and block CTB Locker, and change your online security protection level by adjusting your web browser security settings.

THE DEEP WEB

THE DEEP WEB

For the past few months, Hackers have been making it to the news headlines virtually everyday and a lot has also been said about the "Deep Web". It is said that terror outfits flourish in the "Deep Web" and black market goods from illegal drugs, medical prescriptions, and firearms, etc, can be purchased directly from websites like Alpha Bay, Dream market, Korova, Outlaw Market, Valhalla (Silkkitie), etc,  and you can even hire a hit man to kill your mother-in-law. Having said purchase, implies online credit card transactions, but using this form of payment on the "Deep Web" could render your banking account empty. The way to transact on the "Deep Web" is to make payment with Bitcoins. Bitcoins are rapidly becoming one of the most popular currencies for both online and offline transactions. Bitcoins can be purchases from Silkroad and will require you to set up an account. Transactions are done with a a bitcoin address and a unique private key / PIN number (private wallet software). 

But first, the "Deep Web" is also known as the  "Invisible Web" and the "Hidden Web", which is Internet jargon (search terms) referring to the content on the World Wide Web that are not indexed by search engines. Many believe the "Hidden Web" to be 97 percent larger than the Internet as we know it, of which only 3 percent is available to search engines.  This is true to a degree because most private networks that make up a huge chunk of the Internet do not permit  web spiders to crawl their sites because their robots file denies access to web crawlers hence not available in regular search results. It is also said if you need to buy anything illegal from sites in the "Deep Web" you have to access the sites via a a VPN using a Tor browser in order to fly under the radar of the FBI and CIA and NSA. 

If you desire privacy and a degree anonymity when browsing the net, then the Tor network is an excellent idea, but you sacrifice speed. If you are using Linux then JonDo IP changer is a safer option than Tor. A Whonix-Gateway distro, provides even better protection against IP and location discovery on a Workstation. Then there is also the Tails distro which includes really cool networking features, using the Tor browser that does a good job of hiding  your identity and prevents traffic analysis by zig-zaging your connection through an array of anonymous servers.  These systems are secure but if you download anything fro the Internet via Torrent Network you still risk to expose your IP number which can be easily traced. The Tor browser can be downloaded here.

HACKER MENTALITY

HACKER MENTALITY

Hackers are thinkers. They visualize what others can't. They see the world differently. They are super curious. They tinker with things in order to understand them.  They hunger for knowledge that interest them. Einstein was a tinkerer, a preoccupied thinker, so much so that his teachers said that he won't amount to anything. Yet, we all know what his intellectual contribution was to the global society. He saw the world differently and he could have been absolutely wealthy but his interests weren't monetary.  Likewise Tesla a was a tinkerer totally preoccupied by his interests having time for nothing else because he saw the world differently. He could have been stinking rich but be chose the art of tinkering over money. They wanted to empower the masses and create a better future for all. They were eccentric men, yet there are loads of people today that are wired like Einstein and Tesla, even share their eccentricity, though they may not be as intelligent or perhaps even more so.

Albert Einstein, tinkerer, hacker, scientist.

 The masses call these people hackers and nerds. Yep, Nerds...  a derogatory term used by the masses to talk down on them as if they are inferior. But quite the contrary. These hackers and nerds are the ones who brought them the bicycle, the internal combustion engine, electricity, the telephone system, the computer, the internet, the smartphone, satellite TV, and so much more. Without the nerds where would the masses be technologically?  Professor Tim Berners-Lee conceptualize URIs, HTTP and HTML the invented the World Wide Web. James Gosling developer of  the Java Programming language. Linus Torvalds  is the creator of the Linux kernel and its principal developer, and the list goes on. Realistically is was never about the money for them  but rather the sharing of knowledge to empower others.

Nicola Tesla ... whose ideas were usurped by Edison, much like
Zuckerberg usurped Jarkko Oikarinen's IRC and turned it into Facebook.

Admittedly some of these master minds opted for the money. Wasniak didn't but his partner Jobbs did. Tim Paterson the inventor and originator of MSDOS didn't but Bill did, making him one of the riches men in the world. IRC was an amazing app designed by Jarkko Oikarinen which since the days of inception  was free, gratis and verniet. A sucker like Zuckerberg copied IRC added some bells and whistles called it Facebook and became stinking rich in the process. These are the sellouts. Money motivated them above the art of hacking  and sharing,  not desiring equality but disparities in wealth, to the point that the world's wealthiest 5%  is sitting with 95% of the global wealth and the remaining  95% of the masses share in the 5%. Disgraceful! Many of them having made their fortunes on the backs of child labour (Apple, Microsoft & Samsung) in their supply chains, adding to the already enormous Third World Debt Crisis.

The above passage gives the impression that hackers and nerds are all male, but this is certainly not the case. I have encountered that "chica" who could show me a thing or two when it comes to high-tech. As a whole, hackers are rebellious by nature, non conformists, often loners preferring the company of computers over people. They prefer  to do their own thing, and not be bogged down by a 9 to 5. They cannot see themselves as obedient Zombies who conform to the system by subjecting their income to the trinkets of society. You know... that prestigious car that gives others the impression that you are "all that", though they are knee deep in arse mousse because of debt. That pretentious house  with the swimming pool and entertainment area with which to lure friends to impress. Those life, car and household insurances that were all grudge purchase anyway, which they endure under great strain because the Jones' have them. That expensive lifetime gym membership that's costing them an arm and a leg which they hardly use, except as a conversation piece.  Not forgetting the maxed out credit cards that they constantly juggle not to embarress the arse mousse out of your families. Slave to the system with debt as the sword of Damocles hanging over their heads. Dept up to their freaking eyeballs.

That's what gets these obedient slave,  Zombies jumping out of bed at an unruly hour of the morning, braving the traffic to get to work on time to earn that measly salary that they are unhappy with to pay for the trinkets that they don't really need which they were enticed into by the system even though it's not what they really wanted   in the first place. They are spokes in the  system and getting out is most difficult hence its best not to get into the system in the first place. That's why hackers keep it real and therefore don't deserve the negative connotations attached to the term. Admittedly there are angry hackers who tend to be anarchists,  evil enough to destroy the establishments, but you have those types in all walks of society. Then their are wannabe hackers ... the script kiddies (crackers) who gave hackers the bad name by hacking into networks haphazardly because they lack real hacker knowledge. This hacker stigma has led to the White hat, Black hat, blah, blah blah by those who wants to label everything.  The cybersecurity problem of today doesn't lie with the hackers but falls squarely the shoulders of operating system manufacturers who couldn't design  a secure system in the first place. And secondly on the heads of the dumb asses corporates employ to guard their networks who don't know enough to hack their way out of a wet paper bag.

CYBER WARS CONTINUED

 CYBER WARS CONTINUED

The US is hacking China and China is hacking them in return and somehow the  “biggest government hack ever” got past the Feds and the "multi billion-dollar intrusion detection and prevention system that stands guard over much of the federal government's Internet traffic". By the time the federal authorities finally detected an ongoing remote attack targeting the United States' Office of Personnel Management (OPM) computer systems, the hack was completed. 

During the first hack, some  4.2 million federal workers’ information was stolen, and during the second hack between 21 million to 25 million federal workers and contractors was stolen. But a even larger theft took place in 2006, when over 26 million files were stolen from from the Department of Veteran Affairs when US government data networks was breached. 

This hack may have spanned several months, before the White House  made it public, however it is believed that the attack bears the hallmark of Chinese state-sponsored espionage but no direct evidence has been provided. The add insult to injury OPM has also confirmed that 19.7 million background investigation forms and 1.1 million fingerprint records were stolen not to mention Edward Snowden  exposing NSA surveillance practices and records.

Famous Hacker - Keven Lee Poulsen (Dark Dante)

Two Russian computer hackers  Alexey Ivanov, 20, and Vasiliy Gorshkov, 25, were arrested by the FBI for  victimizing banks and 40 US businesses in 10 states and the theft of credit card numbers in a cross-border hacking case. They were lured to the United States and snared in a cyber-sting.  The case against them is built on reverse hacking by the FBI who accessed the Russian's computers.

According to the charges by government lawyers, the pair may be linked to hundreds of crimes, including the theft of 15,700 credit card numbers from Western Union in Denver in September. The breached US computers servers were running Microsoft software, who  acknowledged that security holes exist in some versions of Windows NT and offered to fix  them at no charge for at least two years. 

Associate professor Robert Morris at MIT (creator of Internet's first worm virus)

Apparently Russia has been cyberspying on the United States, several countries throughout Europe and Asia for more than seven years.  It is believed that a large  hacking crew known as "the Dukes" is spying for the Russian government since  all the signs point back to Russian state sponsorship.   Other reports confirmed that the Kremlin is behind cyber-espionage attacks and Regin seems to be their malware of choose. 

Russian hackers also penetrated U.S. industrial control networks that run critical infrastructures like the electrical grid and its been disclosed   that Moscow has formed a special cyber military  hacker unit as part of preparations for future cyber warfare. US  intelligence agency also singled out China, Iran, and North Korea as the primary nation states capable of conducting sophisticated cyber attacks and espionage stating that Politically motivated cyber attacks are now a growing reality. 

Infosec expert - Mark Abene (Phiber Optik)

US Statistics on cybercrime show a huge disparity between the number of attacks reported and the number of people who actually get caught. Based on this more and more computer savvy people are turning to hacking starting out with the firm intention of not getting caught. 

However, hackers like Kevin Mitnick, Eric Bloodaxe, Keven Lee Poulsen (Dark Dante), "Data Stream". "Knight lightning", Mark Abene (Phiber Optik), Paul Stira (Scorpion), Elias Ladopoulos (Acid Phreak), Robert Morris, who are worth their weight in gold have been caught and served time.

CYBER WARS

This summary is not available. Please click here to view the post.

THE INTERNET OF THINGS

THE INTERNET OF THINGS

ICT and Cybersecurity experts warned that companies need to pay greater attention to their computer networks' cybersecurity and add that Telecoms company TalkTalk got hacked because “it wasn’t paying enough attention to its cybersecurity,” and that the recent  Ashley Madison attack,  is just the “the tip of  iceberg”.  They add that the growing threat by hackers is very real and that the cyber attacks comparable to the 9/11 event can be expected but needs to be thwarted before they happen.  With the arrival of the Internet of Things (IoT) a lot more devices are connected to the Internet and this number is constantly growing,  and provides new ways for hackers to gain access to private and confidential data. Experts recommend that network security must be part of a company’s core infrastructure because the few professional cybersecurity companies globally just aren't  enough to stop the constant barrage of cyber threats. 

 Barack Obama and  Xi Jinping

President Barack Obama and Chinese President Xi Jinping met as recent as the 25 Sept 2015 in Washington and reached an “understanding” not to use cyber spies to commit economic espionage and not to hack private firms in each other’s country for economic gain. But in less tan 20 days  a U.S. cybersecurity company claims that it has evidence that hackers linked to the Chinese government tried to violate a recent agreement between Washington and Beijing. American business have complained for a number of years that Chinese hackers have sought to steal trade secrets from U.S. corporate computers. In retaliation U.S. spy organizations have hacked into Chinese companies claiming that American officials performed these hacks  for national security purposes and not to steal Chinese trade secrets. Washington’s determination to eradicate Chinese cyber theft and ban all forms of digital protectionism resulted in regional trade pact with Pacific Rim countries  requiring  them to criminalize hacking attacks on U.S. companies.

US officials currently working on the Iran policy determined that the recent surge of cyber attacks by the Iran’s Revolutionary Guards to email and social media accounts of Obama administration officials it possibly  linked to arrest of  Siamak Namazi an Iranian-American businessman. The Iranian military  Revolutionary Guards have regularly made hacking attacks on US government agencies in recent years but has increased  after the landmark international agreement to eased severe economic sanctions on Iran in return for Tehran curbing its nuclear program.  

The World  Wide Web is the direct consequence of  all the hacking taking place globally but even though these hacks cost global business move than  £200bn last year, the Internet is non-the-less an indispensable  global resource which no country can function without. It is in this sense that ministers of the Obama administration are demanding answer with respect to the protection of the vital undersea Internet cables.  The Russian government recently spooked US officials by dispatching a submarine equipped to cut undersea cables along the East Coast of the United States. 

However the threat is much closer to home. A  teenage hacker crew has been casing John Brennan director of the CIA and other  government officials. A hacker with the alias "Cracka",  hacked into an email account belonging to the FBI Deputy Director Mark Giuliano  getting into a Comcast email that’s under Giuliano’s wife’s name.  They even provided several screenshots to prove they hacked the account but declined to reveal how they did it.

CYBERCRIME

CYBERCRIME FRENZY

It is common knowledge that Cybercrime cost global business more than £200bn last year. Statistically one in six companies have been hacked in the past year alone, and the financial and legal sectors are especially targeted but no exclusively. Having said that, the Talk Talk Telecom Group got hacked last Thursday  and the customers' bank details were stolen for the third time in eight months. TalkTalk previously got hacked in August and again in February. Management speculated that the hackers made off with some the 4 million client accounts, but after further investigation realized it to be a lot less. In an attempt to appease worried customers, Dido Harding apologized for the hacking before TalkTalk released official figures based on their internal investigation.  Announcing that some 20,000 bank account numbers and 28,000 partially obscured credit card details were accessed. Their investigation further showed that some 1.2 million customer email addresses, names and phone numbers were accessed.  

TalkTalk just got hacked

To add insult to injury, these very customers' bank details are already up for sale for £1.62 each (Bitcoins) on Alpha Bay Website by a hacker with the alias 'Martian'.  It is believed that Eastern European criminal gangs are the main buyers of such stolen financial data. A  hacker claimed that he could make £150,000 by getting hold of the data and selling it on to many gangs.

Beware of Alpha Bay on the deep web

Tuesday marked the 98th anniversary of the Balfour Declaration, and Pro-Palestinian hackers on took over over the Twitter feed of the Hebrew-language Haaretz news website and sending threatening text messages to journalists. Among the tweets posted by the unknown hackers: “The Holocaust of the Balfour Declaration will continue the knife intifada”; “The mothers of our martyrs will drink the blood of your soldiers and settlers,” and “The memory of the Balfour Declaration has changed the situation, wait for the massacre that will be arriving soon.” Apart from the tweets, a sms expressing similar sentiments and threats was sent out to cell phones around Israel. “A continuous Holocaust upon you until you give back the right to its owners,” 

Goldman Sachs Private Capital Investment Group have just coughed up $35 million to a Cybersecurity company to secure their computer network because in 2014 hackers gained access to confidential and personal information of 83 million of JP Morgan's customers. The credentials of the Cybersecurity company has been verified by Deloitte and their hype seems very promising but only time will tell. This is the type of mark that hackers find very, very interesting and a challenge to prove that any and all forms of cybersecurity is purely a deterrent and not hacker proof.

GETTING PAID TO HACK

GETTING PAID TO HACK

During most of 2014 numerous hacking stories made it to the head lines of several newspapers. Data worth millions of dollars were stolen, websites were defaced and confidential client data was released to the general public. These acts drove fear into the hearts of Governments and fortune 500 companies, to the point that Tech Companies like Google, Tesla, Facebook, Apple and several other incentivized hackers and hacker crews to attempt to breach their computer network security, in exchange for a handsome payout should they be successful. Movies like Hackers and Blackhat, and TV series like Mr Robot,, NCIS, Criminal Minds and Continuum only served to entice White Hat and Grey Hat hacker squads to go "Black hat" and chase the bounty. However the objective of these companies were to identify weaknesses in the network security and plug it after getting feedback from hackers as to how they got in. Well that happens when they hire the wrong ITC people and especially network administrators with mediocre hacking skills.

The Hacker in Mr Robot

In September, a  bounty of  $1 million was publicly offered to anyone who could successfully hack the latest versions of Apple’s mobile operating system, iOS 9.1 and 9.2b, on a new iPhone or iPad. The rules stated that the iPhone hack must “be achievable remotely, reliably, silently, and without requiring any user interaction, other than visiting a web page or reading a text message”.  Only Google Chrome and Apple’s own Safari browsers were allowed to be used for the hack.  On Monday 2 November,  security company Zerodium  announced that they have agreed to pay out that seven-figure sum to the hacker crew who successfully developed a technique that can hack any iPhone or iPad and can trick them into visiting a carefully crafted web site. Two hackers teams have been actively working on the challenge both keeping their eyes on the prize. But only hacker crew  managed to develop  a complete remote jailbreak however the second team  may qualify for a partial bounty. Zerodium will brief Apple on the exploit so that the holes in the iOS  can be plugged. The procedures of this hack is especially valuable, given that government agencies including the NSA and CIA have had difficulty hacking into iPhones.

Europe’s Chaos Computer Club is very disappointed that Apple rejected the group’s streaming video app. The Apple app would've allowed interested parties to watch  the  Chaos Communications Congress event talks in real time. But it turns out the Apple is still pissed because members of the conference had previously hacked iOS. Apple claims they don’t want to help spread the hacking word even though  fellow hacker Steve Wasniak and co-founder of Apple was part of the “white hat” hacker community.  Shame on you Apple for depriving the hacker community and denying the principals upon which Apple was built. However the conference live streams are available on both the Chaos Computer Club’s official website and on YouTube and still accessible to Apple users.

Electric caremaker Tesla Motors invited hackers to try to breach their vehicle's systems and offered hackers attending the SyScan conference in Beijing $10,000 earlier this month if they could hack and control its electric Model S sedan. A "white hats" hacking crew from Zhejiang University was awarded $1,700  for their efforts because they didn't achieve the goal within the specified time frame even though they gained access. After the hackers explain how they did, Tesla patched many of the vulnerabilities to make the Tesla a safer car.

The all electric Tesla car

Wauconda's website was hacked on Friday 30 October or sometime during the past weekend  The hackers  or hacker replaced much of the onsite municipal information  by anti-American and anti-Israeli photographs and pro-Islam messages. Turns out Doug Maxeiner the village Administrator was quite offended by the image of the burning U.S. flag but its more likely that he is his pissed because he got hacked and couldn't do anything about it. Blaming the hack on their web hosting company in Charleston inability to block them because he believes the hacker or hackers achieved accessed the website through the ISP's system. Wauconda police are aware of the hacking who was also asked to notify the FBI of the incident. The Mayor said this also happened to the Wauconda police website and ads that it was also done a radical Islamist group. That's sander and without proof it could be anyone, perhaps even the Pope. 

Anonymous Hacker crew Philippines wearing Guy Fawkes Masks

Anonymous Philippines, is an anti-government hacking crew with a mission to “fight for freedom, truth, and justice” and their  latest victim is non other than the Ku Klux Klan. A hacking campaign dubbed "Operation KKK" with the sole intent to  harass members of the racist group online, embarrass and intimidate then and shame them  publicly.  "Anonymous"  have released two lists of alleged KKK members retrieved from a KKK database. The "Anonymous" crew  have previously targeted  the electronics giant Sony, the Church of Scientology, the anti-gay Westboro Baptist Church. Earlier this year, the "Anonymous" crew hacked and defaced 20 government websites seeking justice for the 44 fallen policemen at the Mamasapano incident. Last September, they did the same thing to the National Telecommunications Commissions (NTC) website. They are known to wear Guy Fawkes masks in public and instigated the "Million Mask March" planed for November 5, 2015--Guy Fawkes Day.  Anonymous claimed responsibility for breaking into the social media twitter account of Maine on Tuesday morning to get access to her 2.4 million followers and inform them all of the "Million Mask March".

KKK lighting up a cross with gasoline.

HACKING THE NET

HACKING THE NET

Curiosity and inquisitiveness are two characteristics deeply ingrained in nature and is a very natural part of all life forms. Curiosity killed the cat but inquisitiveness has sent many a hacker to jail for 'cybercrime' though over zealous inquisitiveness is normally their only crime. Anyone with sufficient interest in the 'art of hacking' can become quite accomplish in just a few short months  but mastering it takes substantially longer.  The learning curve of hacking is fairly steep, the subject is extremely interesting and the knowledge totally beyond awesome. Hence you hear names like, “Digigod”, “Cybergod” “Solo”, “C0mrade”, “Dark Dante” and   “Byteking”, etc, etc, because analytical thought,  mental brilliance or a high IQ and  does tend give some people a complex of superiority. Which in some cases borders on arrogance then stupidity. 

When one gets the hang of computers, ports, software and programming, understand communications protocols, have a familiarity with networks and routing tables and can visualize how they seamlessly integrate, curiosity can get the better of you. Knowing when to stop  is the difference between a hacker and a cracker. Crackers are those individuals or teams intent on stealing sensitive or classified information, credit card details and other forms of identity theft for financial gain. Whereas hackers are those individuals who respect personal and corporate boundaries and do what they do for personal pleasure and advancement of knowledge. Most hackers today are employed as network security consultants or security analysts and the best example of such a hacker is Kevin Mitnick. He served time for his inquisitiveness and now works  as a network security professional. People with hacking skills are in big demand and normally command above decent salaries.  There is an old saying that says, "it takes a thief to catch a thief" well likewise "it takes a hacker (“White Hat”) to catch a cracker" ( “Black Hats” ).  One of the hackers were even referred to as  the “Hannibal Lecter of computer crime.”

Kevin Mitnick hacker supreme

Hacking is a serious offence and as recent as 28th August,  'smilex' the administrator of the botnet “Bugat” aka Dridex got nabbed in Cypress by the Federal Bureau of Investigation (FBI). In a joint venture of U.K and US disrupted his botnet which infected more than 125 000 computers in one year. Smilex is innocent until proven guilty but has already been labeled as a cyber criminal. He is being held for releasing a sophisticated malware package designed to steal banking and other credentials from infected computers that amounts to millions of USD. Smilex's real name is Andrey Ghinkul  or Andrei Ghincul and he is from Moldova.  It is alleged that he and  his co-conspirators used the Dridex P2P malware to initiate fraudulent electronic funds transfers  from the victims’ bank accounts into the accounts of their money mules, who then transferred the stolen funds to other members of the conspiracy. 

Black hat hacker

The first offence was a transfer of $999,000 from the Sharon, Pennsylvania, City School District’s account at First National Bank to an account in Kiev, Ukraine.  The second offence was a transfer of  $2,158,600 from a Penneco Oil account held at First Commonwealth Bank to an account in Krasnodar, Russia.  The third offence was a transfer of   $1,350,000 from a Penneco Oil account held at First Commonwealth Bank to an account in Minsk, Belarus.  The fourth was a attempt to transfer $76,520 from a Penneco Oil account held at First Commonwealth Bank to an account in Philadelphia. But the FBI estimates that peer-to-peer malware and the Bugat botnet is responsible for at  least $10 million domestically. The United States Department of Homeland Security (DHS), in collaboration with the Federal Bureau of Investigation (FBI) and the Department of Justice (DOJ), have released a Technical Alert (TA15-286A)  for all Microsoft Windows Affected Systems  about the Dridex botnet. 

Because Smilex targeted American businesses, the USA is seeking for his extradition so that he can be tried in America. He will be charged with criminal conspiracy, unauthorized computer access with intent to defraud, damaging a computer, wire fraud and bank fraud.   But don't let this put you off from learning hacking, because the key to becoming a successful hacker  is to know where to draw the line.

If you've been infected, the following anti-virus software could help to alleviate your problems.

F-Secure
https://www.f-secure.com/en/web/home_global/online-scanner/

McAfee
http://www.mcafee.com/uk/downloads/free-tools/stinger.aspx/

Microsoft
http://www.microsoft.com/security/scanner/en-us/default.aspx/ 
       
Sophos
https://www.sophos.com/en-us/products/free-tools/virus-removal-tool.aspx/

Trend Micro
http://housecall.trendmicro.com/