Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Accounts Hacked. Show all posts

Sydney Man Detained by AFP, Obliged to Pay AUS $1.66 Million

 

As punishment, a Sydney man who has been selling hijacked subscription service deets must now pay almost $1.66 million in cryptocurrency (and some cash). The 23-year-old had previously been sentenced to two years and two months in prison in April for running the massive illicit operation that sold Netflix, Hulu, and Spotify usernames and passwords. 

According to the AFP, the funds would be allocated by the Department of Home Affairs to assist crime prevention, law enforcement, and community safety activities. The accused will now face a two-year and two-month jail term also. 

The AFP launched an investigation in May 2018 after receiving information from the FBI concerning a now-defunct account-generating website named WickedGen.com. 

WickedGen was a portal that offered stolen login information for internet subscription services such as Netflix, Spotify, and Hulu. The account information belonged to unwitting individuals in Australia and across the world, including the United States. 

The Sydney resident was identified as the site's founder, operator, and major financial beneficiary, as well as the developer, of WickedGen and three additional sites which too provided similar services. The perpetrator had over 150,000 registered members throughout four websites and sold about 86,000 memberships to unlawfully access authorized streaming services. 

In October of last year, the Sydney-based man pled guilty to acquiring these log-ins and passwords. Following the guilty plea, the AFP's Criminal Assets Confiscation Taskforce (CACT) secured restraining orders on the individual's cryptocurrencies, as well as bank and PayPal accounts kept under fictitious identities. 

While comparing to all those who watch free-to-air television, the usage of online subscriptions has increased in Australia, with nearly the same amount of Australians consuming material via online subscription streaming platforms, such as Netflix. 

According to the observations published by the Australian Bureau of Communications, Arts, and Regional Research, the prominence of over-the-top services has been on the surge.

US President’s Twitter Account Hacked; The Ethical Hacker ‘Guessed’ The Password

 

According to reports by a Dutch media, US President Donald Trump's Twitter account was purportedly hacked, after a Dutch researcher accurately speculated the president's password: "maga2020!"

De Volkskrant, a Dutch daily morning newspaper revealed, the ethical hacker and security researcher Victor Gevers had been able to access Trump's direct messages, post tweets in his name and even change his profile. 

A Twitter spokesperson however has denied this hack, in a statement, they stated, "We’ve seen no evidence to corroborate this claim, including from the article published in the Netherlands today. We proactively implemented account security measures for a designated group of high-profile, election-related Twitter accounts in the United States, including federal branches of government." 

Jack Mannino, CEO at nVisium, a Falls Church, Virginia-based application security provider, explains, “A security-savvy team would assume that these controls were important and would likely opt to use a strong password as well as MFA to reduce the likelihood of account takeover attacks. However, in the event users of the account opted for convenience over safety, it is not Twitter's responsibility to force people to pick strong passwords or to implement the security features they offer to users. Twitter's job is to offer a secure platform and strong security features, which they do. If people are unable to convince the President to wear a mask during a pandemic, it's unlikely they could force him to use a strong password.” 

Supposedly gaining access to Trump's Twitter implied that Gevers was suddenly able to associate with all of Trump's followers i.e. approximately 87 million users as per De Volkskrant's story. 

He had attempted multiple times before utilizing the "correct" password, says, “I expected to be blocked after four failed attempts. Or at least would be asked to provide additional information.” 

Gevers revealed to De Volkskrant that President Trump was not utilizing fundamental safety measures, like the multifaceted authentication. 

As indicated by the news report, Gevers frantically reached out to Donald Trump to caution him, which ended up being a rather impossible task. Remarkably though, Gevers along two other Dutch ethical hackers had likewise hacked Trump's record somewhere four years back.

In those days Trump's password was "your fired", which according to VN news, was his 'catchphrase' from the reality television show that brought him half the popularity that he has today, before his election, The Apprentice.

Recent Twitter hacks raises security concerns and discredits the platform's credibility


The recent hack on Twitter leaves security researchers and others worried about the credibility of the platform, especially during the upcoming US presidential election and how a hack like this, if to be occurred during the elections, could be catastrophic.

Late Wednesday, a number of Twitter's verified accounts were hacked including former president Barack Obama, Democratic presidential candidate Joe Biden, Actress Kim Kardashian, Co-founder Microsoft Corporation Bill Gates, Amazon CEO Jeff Bezos, and Tesla founder Elon Musk. The hackers gained the login credentials of employees and hijacked these accounts. 

The company tweeted, “We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.” And "used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf.” 

This raises the concern that the platform has been compromised and that the hack was not performed from the user end rather it was attacked from the server.

Adam Conner, vice president for technology policy at the Center for American Progress, tweeted, “This is bad on July 15 but would be infinitely worse on November 3rd.” Twitter is a critical platform of political discourse and discussion and often serve as a news source. And if something similar to this was to occur on or near to Nov 3 Presidential Elections to say important political persons like Donald Trump; it would be cataclysmic.

“If the hackers do have access to the backend of Twitter, or direct database access, there is nothing potentially stopping them from pilfering data in addition to using this tweet-scam as a distraction,” said Michael Borohovski, Director at Synopsis.

These hacks have damaged Twitter's reputation especially since these are not the first attack on the platform but the worst one yet for sure. Dan Guido, CEO of security company Trail of Bits responded on the hack saying, “Twitter’s response to this hack was astonishing. It’s the middle of the day in San Francisco, and it takes them five hours to get a handle on the incident".

 The hijacked accounts tweeted to double the money sent to them via Bitcoin. By Wednesday evening 400 transfers were made and transactions worth $120,000 occurred.

Hackers use Bill Gates themed video to sell off Ponzi Crypto Scheme


Recently, tens of YouTube accounts were hacked to broadcast a Ponzi cryptocurrency scheme by renaming the hacked YouTube accounts as Microsoft accounts bearing the message from the company's former CEO Bill Gates to invest in crypto.


This is not the only attack of it's kind, various other attacks like this have become frequent on YouTube where the hacker hijacks a popular account and broadcast a message from the account- a "crypto giveaway", where the user is offered that if they give some cryptocurrency they'll get it back doubled. And of course, this is a scam and the victim does not get any returns.

These frauds first made their appearance on Twitter but moved on to YouTube as Twitter started weeding these posers out.

These hackers very efficiently gave their scheme an air of legitimacy by live streaming (on 30+ accounts) one of Bill Gates talk given to an audience at Village Global in June 2019 and adding a pop of messages of the Ponzi Scheme. This Ponzi scheme was live streaming on these accounts on YouTube- Microsoft US, Microsoft Europe, Microsoft News, and others.

Though both YouTube and Microsoft denied that any official accounts were hacked some users did report that they found the stream on Microsoft's nonverified accounts.

Most of the scam videos were streaming from hacked accounts with high subscriber numbers, that were renamed as Microsoft US, Microsoft Europe and such to seem more official. The viewed number of the videos was in tens and thousands, also the Bitcoin address in the scheme received thousands of US dollars thus successfully scamming some users.

 Various other organizations have been used by such hackers like Chaos Computer Club, a famous Germany-based hacking community, had their accounts hacked and broadcasted with a similar cryptocurrency scheme.
The most recent and popular case was when the YouTube account of YouTube's founder was hacked back in January. So, these sorts of fraudulent schemes have now become a common affair and it's at the hands of the users not to pay heed to these. Always check the legitimacy of these accounts and it's good to remember to think twice before giving in to an offer that's too good to be real.

Russian Telegram Accounts Hacked by Intercepting One Time Password (OTP)


According to a firm Group-IB, in the last few weeks a dozen Russian entrepreneurs saw their Telegram accounts hacked. And what's disturbing is the way these accounts were accessed. The attackers intercepted the codes used to authenticate user and give access.

A Telegram App logo in QR code

 How the attackers gained access?

In normal procedure, whenever someone logs into Telegram using a different device, a one-time password (OTP), is texted to them and the user can log into their account using this secret code. Now, these hackers managed to access this one-time secret code and snooped on Telegram chats of various users.

Dmitry Rodin, one of the victims of this attack, runs a coding school in Russia. He told the media, he was given a warning by telegram, that someone is trying to access his account. He ignored the notification but another notification came saying some has successfully logged in from Samara, Russia, he immediately terminated all active sessions except for his.

Like Group-IB, he also believes that there was a problem with the telecom operators or his phone was hacked and not the messaging app Telegram. “Perhaps someone logged into my account by intercepting the SMS, which suggests that there might be a problem on the side of the telecom operator,” he said. “This means that other accounts using SMS as an authentication factor are also threatened.” 13 such cases have been reported so far.

"However, this number is likely to increase since we are speaking about a new threat, which has just started spreading,” a company spokesperson said.

 Is SS7 being abused?

The most worrying part is that One-time password (OTP) were hacked, if this hypothesis is indeed true then we are looking at a very big security threat as this technology is used in many log-ins and financial transactions. Another hypothesis is that victim's devices were hacked and the attackers were spying on their messages but Group-IB found no traces of such activity on the victims' phones. And thus Group-IB is tilting towards a mobile network SS7, that's being abused.

Forbes reported, "Think of SS7 as the part of telecom infrastructure that deals with shifting users between networks as they travel abroad. It also manages the changes in charges when traversing different nations’ networks. But in recent years, hackers have learned that if they can get leverage on that network they can silently intercept text messages. Previously, such attacks have been used in bank account breaches and by surveillance companies."

Now, this same network could be used for hacking Telegram accounts.

 Selling access to accounts on the dark web 

Group-IB also suspects that access to these accounts is being sold on the dark web-based Hydra forum for 3,900$ as well as selling access to WhatsApp messages and user info. Now, they think that these could be linked.

“What made us think that the attacks might have something in common with these advertisements is the fact that the incidents coincided with the time the posts were published,” the company spokesperson added.“But we cannot rule out that there are far more connections between these  two events, which is yet to be established in the course of an investigation.”

Bengaluru's Police Accounts Hacked: Culprits changed Twitter ID’s



BENGALURU: In the last four days, five of Bengaluru’s Traffic Police Twitter accounts have been cracked where the hacker alleged access to the accounts, posting spams and changing their usernames.

While the police exhort about strengthening cyber security and the need to use strong unique passwords to safeguard online accounts, their own accounts are being hacked by simple password guessing techniques.

Jayanagar Traffic Police was the first account to be hacked at around 10 pm on Friday, followed by ACP South East Division and soon KR Puram, Shivajinagar and Airport traffic police twitter accounts too were hacked by Sunday.

This is not the first time when Bengaluru’s traffic police have been made a victim of cyber crime - Elliot Alderson, a French based hacker broke into the city’s traffic police website in march this year exposing directories. Even other government sites are not well protected, the Aeronautical Development Agency’s (ADA) TRACES account of the Income Tax Department was hacked with impunity with the culprit still unidentified.

Though, in this case, the culprits simply second-guessed common passwords. A man called up various traffic police stations, claiming to be from the IT Department and asked account details and passwords to reset them. It is suspected that one of the staff members fell for the con and shared the password.

The black hat tried the password on other accounts and voila, it worked!

After breaching their twitter handles, the miscreants posted spam messages from these accounts and changed their usernames resulting in Shivnagar Traffic police handle being renamed as ‘SHIVAJINAGAR CINEMA’ and KR Puram became ‘KR PURAM T BOLIWOOD’.

These consequences could have been avoided by quick thinking and strong passwords. Cyber security experts repeatedly identify the use of strong, unique passwords so that malicious cyber threats can’t find or guess your password. SplashData, a password security company estimates that approximately 10% of individuals used at least one of the 25 worst passwords on this year's list, and approximately 3% used the worst — 123456.

Additional commissioner of police (traffic) BR Ravikanthe Gowda said they have filed a complaint with city cyber crime police and told officials to immediately change passwords to secure their accounts (quoting TOI). They also reported the hacking to twitter awaiting a response.

An officer said they are unable to take back control of their accounts on grounds of lack of trained men for the job.

Bengaluru has only one cyber crime police station with a tally of 8,200 cases this year, though to open more of these has been repeatedly proposed to no effect.

Fashion designer lost business after her Instagram account got hacked

Twenty-three-year-old Bree Kotomah almost gave up on a burgeoning career in fashion design when hackers compromised her business's Instagram account in November 2018.

"Unfortunately, at the time I ran everything on Instagram, so when that was gone, that was the whole business gone," she told BBC Radio 5 Live.

At least half of micro businesses - companies with fewer than nine employees - in the UK are victims of cyber-attacks every year, compared to just a third of other companies, according to the Association of Independent Professionals and the Self-Employed (IPSE).

Ms Kotomah, whose business Boresa Kotomah is based in London, had not studied fashion. She taught herself to sew and began designing clothes in 2018. Due to interest on Twitter in her fashion styles, she started an Instagram account and gained 5,000 followers in seven months, after a photo of a dress she made went viral.

Interested customers would send her a direct message on Instagram enquiring about prices, and commission her to make the dresses.

Ms Kotomah would invoice her customers using PayPal and mobile app Invoice2go, and her reputation grew by word of mouth and through shares of her outfits on Instagram and Twitter.

But then it all stuttered to a halt.

"I woke up one morning and my account was deleted. I received an email from Instagram saying I had violated some terms and I had done certain things that I know I didn't do," she said.

"My business at that time was my livelihood. That was what I was doing full-time. I'm self-employed. So if I'm not making money from working, I'm not making money at all so I was just thinking like, 'What am I going to do?'"

Ms Kotomah's designs have been worn by actors, influencers, singers, models and dancers.

Ms Kotomah was so disheartened that she stopped designing for two months and considered other jobs. But then she decided to give it one more try. She started a new Instagram account, learned more about running a business, and set up a website showcasing her work that offered ready-to-wear clothing available for immediate purchase.

Instagram account can be easily hacked, finds hacker

A professional hacker discovered what he considered a fairly simple way to seize control of any Instagram user's account. Fortunately for the site's 500 million active daily users, he told Instagram exactly how it could be done.

Laxman Muthiyah is a professional bounty hunter. Not the kind who tracks down bail jumpers, mind you. He uses his hacking skills to collect bug bounties, money companies pay to hackers who find and report vulnerabilities in their software.

Muthiyah found the account-breaking bug in the mobile version of Instagram's password reset system. When a user wants to reset his or her password, Instagram tries to validate their identity by sending a 6-digit code to a recovery phone number.

A six-digit code is child's play for a hacker with any amount of computing power at their disposal, which is why Instagram has a system in place that can detect brute-force attacks. Muthiyah found that out of 1,000 attempts around 75% were blocked.

By creating a race condition -- a nasty situation that occurs when a computer tries to process multiple requests at the same time -- and making attempts from a huge number of IP addresses -- Muthiyah was able to do an end run around Instagram's brute force blocker.

He bombarded Instagram with 200,000 codes from 1,000 different IP addresses. That might sound like a Herculean task, but Muthiyah notes that it's actually quite simple using cloud-based tools.

In his estimation it would have cost about $150 to reset anyone's password.

Gaining control of an account with hundreds of thousands -- or even millions -- of followers is well worth the investment. It provides an opportunity to spam users with links to infected downloads or phishing pages from an account they are likely to trust.

There's no telling how many unsuspecting fans would've blindly clicked a malicious link posted from a celeb's verified IG account. It's quite possible that a major incident was avoided thanks to Muthiyah's hard work and Facebook's (which owns Instagram) rapid deployment of a fix.

China hacked TCS, 7 other major firms: Report

‘Operation Cloud Hopper’ — a global cyber espionage campaign — first made headlines when Chinese hackers reportedly broke past IBM and Hewlett Packard Enterprise. Now, it seems that they weren’t the only ones attacked.

Hackers working for China’s Ministry of State security broke into networks of eight of the world’s biggest technology service providers in an effort to steal commercial secrets from their clients, according to sources familiar with the attacks.

Technology service providers such as Hewlett Packard Enterprise (HPE), IBM, Fujitsu, Tata Consultancy Services (TCS), NTT Data, Dimension Data, Computer Sciences Corporation (CSC) and DXC Technology, HPE’s spun-off services arm, were the target of Cloud Hopper attributed to the Chinese government by the United States and its Western allies.

It isn’t just TCS that was hacked. The service provider was used as a jumping off point to gain access to their client’s networks.

Meanwhile, China is denying all involvement in the attacks and companies are claiming that no sensitive information was compromised, but the Reuters report shows otherwise.

A U.S. indictment in December outlined an elaborate operation to steal Western intellectual property in order to advance China’s economic interests but stopped short of naming victim companies.

Reuters has identified more than a dozen victims who were clients of the service providers. That list includes Swedish telecoms giant Ericsson, U.S. Navy shipbuilder Huntington Ingalls Industries and travel reservation system Sabre.

HPE said it worked “diligently for our customers to mitigate the attack and protect their information.” DXC said it had “robust security measures in place” to protect itself and clients, neither of which have “experienced a material impact” due to Cloud Hopper.

NTT Data, Dimension Data, Tata Consultancy Services, Fujitsu and IBM declined to comment. IBM has previously said it has no evidence sensitive corporate data was compromised by the attacks.

Sabre said it had disclosed a cybersecurity incident in 2015 and an investigation concluded no traveler data was accessed. A Huntington Ingalls spokeswoman said the company is “confident that there was no breach of any HII data,” via HPE or DXC.

Hackers attacked Russian Prime Minister Dmitry Medvedev's Twitter


Source: RT
Unknown hacked the page of Russian Prime Minister Dmitry Medvedev on Twitter. They posted on the Twitter page meaningless letters and words in response to the message of the Iraqi Ambassador in Moscow.

The hacking of the Russian Prime Minister's Twitter page was recorded on 12 June. The Press Service of the Cabinet of Ministers said that currently control over the account is restored.

We are talking about the English version of the account @MedvedevRussiaE. Mysterious messages on Medvedev's Twitter appeared in response to the message of the Ambassador of Iraq in Moscow Haidar Mansur Hadi. He posted few photos from the ceremonial reception of Heads of diplomatic missions in the Kremlin on the occasion of Day of Russia. The answer to him was an incomprehensible phrase written in Latin letters, from which only one word “cucumber” is understandable.

Some users of social networks suggested that in such an unusual way Dmitry Medvedev decided to congratulate the Ambassador on Russia's holiday. However, the second phrase was no less mysterious “Hop cc very very hubby cheers cheers her very vav chi hi”. After this comment, users decided that the English-language Twitter account of the Prime Minister was attacked by hackers. Shortly after publication, both messages were deleted.

Currently, on June 12, the account @MedvedevRussiaE contains congratulation on the Day of Russia.

Earlier, Medvedev's Twitter was hacked in August 2014. Then, in the Twitter account of Dmitry Medvedev, there were ports of his resignation, as well as criticism of colleagues in the Government. The motive for the resignation was based on the fact that the Prime Minister was allegedly ashamed of the Government's actions. In a short time, records on behalf of the Prime Minister scored thousands of retweets, and the Media began to publish screenshots of the hacked page. Subsequently, the Press Service of the Government reported that the account was hacked.

It should be noted that Medvedev started a Twitter account long ago when he was the President of Russia. During a trip to the United States in 2010, Medvedev visited Apple Headquarters and received an iPhone 4 from Steve Jobs as a gift. He also visited Twitter Headquarters, where he created an account and wrote his first tweet. The Russian-language Twitter account of Medvedev has 4.84 million subscribers, the English version has 1.04 million.

Multi-factor authentication bypassed to hack Office 365 & G Suite Cloud accounts



Massive IMAP-based password-spraying attacks successfully breached Microsoft Office 365 and G Suite accounts, circumventing multi-factor authentication (MFA) according to an analysis by Proofpoint.

As noted by Proofpoint's Information Protection Research Team in a recent report, during a "recent six-month study of major cloud service tenants, Proofpoint researchers observed attackers are targeting legacy protocols with stolen credential dumps to increase the speed and efficiency of the brute force attacks.

Based on Proofpoint study, IMAP is the most abused protocol, IMAP is the protocol that bypasses MFA and lock-out options for failed logins.

This technique takes advantage of the fact that the legacy authentication IMAP protocol bypasses MFA, allowing malicious actors to perform credential stuffing attacks against assets that would have been otherwise protected.

These intelligent new brute force attacks bring a new approach to the traditional normal brute force attack that uses the combination of usernames and passwords.

Based on the Proofpoint analysis of over one hundred thousand unauthorized logins across millions of monitored cloud user-accounts and found that:

▬ 72% of tenants were targeted at least once by threat actors
▬ 40% of tenants had at least one compromised account in their environment
▬ Over 2% of active user-accounts were targeted by malicious actors
▬ 15 out of every 10,000 active user-accounts were successfully breached by attackers

Their analysis unearthed the fact that around 60% of all Microsoft Office 365 and G Suite tenants have been targeted using IMAP-based password-spraying attacks and, as a direct result, approximately 25% of G Suite and Office 365 tenants that were attacked also experienced a successful breach.

On the whole, after crunching down the numbers, Proofpoint reached the conclusion that threat actors managed to reach a surprising 44% success rate when it came to breaching accounts at targeted organizations.

The ultimate aim of the attackers is to launch internal phishing and to have a strong foothold within the organization. Internal phishing attempts are hard to detect when compared to the external ones.

Hackers Target Popular Instagram Profiles


Cyber Hackers have now set their sights on the Instagram accounts of high-profile and social media influencers with phishing emails so as to gain access to their accounts before the influencers can even comprehend what's going on.

As indicated by sources it was reported that the hackers have especially targeted those Instagram profiles that have followers somewhere in the range of 15,000 and 70,000. Their targets for the most part go from well-known actors and artists to even proprietors of new companies.

Starting with the phishing emails showing up from Instagram requesting that the user should verify their accounts to get the 'Verified' batch on their respective Instagram profiles; it takes them to the phishing page that requests the following user certain details such as their date of birth, email, and credentials.

Once submitted, a batch notification shows up, yet for just four seconds. This is a trap to give the users the feeling that their profile has been verified thusly.

A visualization of how the hackers are stealing the Instagram profiles
As the user enters the credentials in the phishing page attackers gain access to those credentials and by utilizing them they access the Instagram profiles and change the data that requires recouping the stolen account.

The attackers change the username of the stolen address to show that it is hacked and use it to change the email address, over and over in order to trap the users with security emails making them feel as though the changes made were legitimate indeed.

Screenshot of the phishing email asking the user to verify his Instagram account
That is exactly what happened to a photographer who had approximately 15,000 followers on Instagram, when she had her account stolen.

The hackers nowadays have therefore, without any doubt become experts in areas where they 'lure' the victims into handing out their personal information to get a motivating force, particularly like the blue batch on their profiles and their mimicry of Instagram's messages nearly seems real.

Hence, here are some of the warnings users and organizations can keep an eye out for and eventually protect their accounts from being hacked;

1. Use of domains other than the social network's own
2. Dubious font styles (i.e., utilization of screenshots rather than genuine pictures)
3. Incorrect language and punctuation 
4. Emails that request credentials; social networks never request them outside of their real, secure login pages
5. Spam filters and Antispam portals.


Bank details of Bernard Matthews employees stolen

A suspected cyber-attack "potentially compromised" the bank account details of 200 workers at Bernard Matthews.

The turkey producer has made staff aware of the suspected hack.

The Norfolk-based company said it was alerted by its bank on 22 January, as first reported in the EDP.

A spokesman said: “After being first alerted by our bank, we reported the incident to the relevant authorities and put in place extra security measures, as well as offering additional security advice to those affected.” "We continue to monitor the situation but we are not aware colleagues have been affected any further," he added.

The person or group behind the hack is unknown.

Bernard Matthews employs 3,000 people across East Anglia. The company is a major employer in Norfolk and Suffolk, including at its plant at Holton, near Halesworth, and its headquarters at Great Witchingham.
The business has been through a difficult time in recent years, coming close to collapse in 2013.

Last year, it was one of two interested parties bidding to take over Banham Poultry, in Attleborough, which was eventually sold to Chesterfield Poultry.

In 2016 the Boparan Private Office, owned by food tycoon and 2 Sisters Food Group entrepreneur Ranjit Boparan, known as the “Chicken King”, bought the firm in a pre-pack deal in 2016 from Rutland Partners, saving 2,000 jobs after the firm posted pre-tax losses of £5.2m.

US charges Russians for interfering in 2016 Elections, Identity theft in the centre

On Friday, Special Counsel Robert Mueller charged against 13 Russian nationals and three Russian groups for interfering with the 2016 U.S. elections.

The charges included creation of false U.S. identities as well as identity theft of six U.S. residents. The charges of identity theft were brought against four Russian nationals.

According to the indictment, the Russian nationals used stolen Social Security numbers, home addresses, and birth dates of the six persons to open bank and PayPal accounts and obtain fake government documents between June 2016 and May 2017.

“This indictment serves as a reminder that people are not always who they appear to be on the Internet,” Deputy Attorney General Rod J. Rosenstein said at a press briefing announcing the indictments.

The Russians allegedly used the stolen identities to open four accounts at an undisclosed U.S. bank and purchased more than a dozen bank account numbers from online sellers.

The stolen information was also allegedly used to evade PayPal security measures.

“We work closely with law enforcement, and did so in this matter, to identify, investigate and stop improper or potentially illegal activity,” PayPal said in a statement.

The Russians are claimed to have used the accounts to pay for the promotion of politically inflammatory social media posts, IRA expenses, political rallies and political props including banners, buttons and flags, in efforts to boost President Trump’s campaign, and are alleged to have been paid $25 to $50 per post from U.S. persons to promote content on IRA-controlled Facebook and Twitter accounts.

Hackers compromised over 50,000 accounts of 'Kinopoisk' website to change rating of movie 'Crimea'


Hackers compromised over 50,000 user accounts of the Kinopoisk(Movie Search) website - One of the leading online database for movies in Russia.  The main goal of hackers was increasing the rating of a film "Crimea", which was expected on the screens.

The incident first came to the spotlight when some of the users noticed the marks in their profile that they are expecting the premiere of the film "Crimea".  The administration of "Kinopoisk" received complaints from number of users.

After internal investigation, Representatives of the website has removed over 50,000 incorrectly marked marks.  After removing those marks, the number of marks is reduced from 70,000 to 17,000 - The rating of the move is reduced from 60% to 20%.

The technical Support staff of the portal also send notification to all the users of the hacked accounts to change the password.  They also recommended to set a strong password and not to use the same password in any other services.

- Christina


Twitter Account Of Actress Stefanie Scott for sale in UnderGround hacking forum

A recent post on an underground hacking forum claimed to sell the Twitter account of the actress "Stefanie Scott" . This is one of the rare time's the attack can be prevented before it happens so I am releasing this  post in public interest.And to show how such celebrity accounts are sold by hackers.

Now lets analyze the post . First I am worried by his statement of "pm me for her twitter ETC" which point's that he is in control of MORE than her twitter account. And she seems oblivious to the fact that her account's might be hijacked because she tweeted about an hour ago and the sales thread has been opened way before that .

As you can see such accounts can go for 400$ or more .The account has 256,211 followers which is worth a lot.Most such hacks don't affect the celebrities as much as the followers whose computers or accounts might be hijacked as the result of following the links posted by a hacker posing as the celebrity. 

It is the responsibility of the celebrity to keep his/her account safe as they are not the only people affected, their fans often take the worst side of the attack.

PS: This might just be a scam by the user to rip off  other users but it seems unlikely since he is a higher level of user and would not like "scam reports" to be opened against him.I will update this article if I get more information. 

Facebook Page of Former Secretary of State Colin Powell hacked


Former US Secretary of State Colin Powell's official page was hacked. After hijacking the facebook page, the hacker started to post some of the pictures stolen from the email accounts of the Bush family by a hacker named "Guccifer".

"Kill the illuminati! Tomorrow’s world will be a world free of illuminati or will be no more!" The hacker said in one of the post.

After few hours, Powell managed to recover his facebook page and apologized for the offensive posts made by the hacker.

"Dear Friends, as most of you realize, my fb page has obviously been hacked. I'm sorry you have to see all the stupid, obscene posts that are popping up. Please ignore as we are working with fb to take care of this problem. I appreciate your patience." Powell posted after he recovered his facebook page.

"Dear Friends, I'm happy to report that the hacking problem has been fixed. We have been working with fb this morning and they took immediate action to remedy the situation."

Avengers: "The Hulk"(Mark Ruffalo) Twitter account hacked

The twitter account belong to actor Mark Ruffalo, who plays 'The Hulk' in the Avengers Movie, has been hacked by an unknown hacker.

The hacker took over the account, started to sending out crazy messages and post a link to who has the best booties in Hollywood, a link to which women in Hollywood have the best breasts, and how to have mind blowing sex.

"It's kind of hilarious me getting hacked today. I got to hand it to the hacker. Kind of genius." Tweet from Mark_Ruffalo reads.

After being accused of being the hacker, he wrote, “Giving up answering Tweets. Last word on the matter. Mark's account was hacked, and the hacker renamed it, so this username became free. I registered the name so Mark could get it back if he wanted it. I'm happy to hand it over, or e-mail the password to him. End of story.”

“Dude, You are my hero. Thanks for giving me back my identity. Thanks for thinking to save it. Best to you,” Ruffalo responded.

Twitter transferred the followers and the old tweets to Hulk’s new account, @Mark_Ruffalo.


North Korean hacked Email Accounts of Information Security School Students


Hackers breack into Information Security School server and compromised email accounts of alumni.  The National Intelligence Service investigated that North Korea was behind this hacking attack.  According to the report, They hacked e-mail accounts of 27 students of Korea University's Graduate School of Information Security.

"Analysis of the malware used to hack into the e-mail accounts confirmed that it is identical to malicious codes spread by North Korea," an NIS official said Wednesday. "We have tentatively concluded that North Korean hackers were behind the attack and are tracking the source."

The hackers send spam mail with malwares to alumni via the Korea University Center for Information Security Technologies. The investigation revealed that all of those who received it graduated in the same year. It appears that the hackers obtained the directory with all their email addresses and planted the malicious code.

The reason North Korea tried to hack into the e-mail accounts is because most of the school's graduates get jobs either at the Defense Ministry, NIS or other government security agency, intelligence officials believe.

International Foreign Government E-Mails Hacked by TeaMp0isoN



A hacker named as "Hex00010" , a member of Hackers Team "TeaMp0isoN" hacked about 200 emails accounts of International Foreign Government. He released the all database in pastebin. They got these email database by hacking into armynet.mod.uk , website of Parliament of Australia (aph.gov.au)  and some other sites.