Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Algerian Hackers. Show all posts

Hacker Barbaros-DZ targets Chinese Government websites



An Algerian hacker known as Barbaros-DZ has hacked into more than 20 Chinese Government websites within seven days.

“I'm attacking Chinese sites because they are corrupt. Look at them, they think that money is important in the world. That’s wrong. They don't understand what freedom and love is [important],” Eduard Kovacs from Softpedia cited hacker as saying.

“The Chinese country is a rich country, with much people, but much people only want much money,” he added.

“Let’s take an example, a Chinese company with 200 workers. The boss don't even care if someone is extinct, starved and that’s why I hacked important site of Chinese companies. Hopefully Chinese will be in the future a good country.”

According to report, the hacker use Remote File inclusion (RFI) and Local file inclusion(LFI) attacks for injecting his backdoor shell and deface the websites.

The hacked sites are Gaobeidian city (gbd.gov.cn), Association of Science and Technology in Shaowu(swskx.shaowu.gov.cn), wlcblsj.gov.cn, stz.cqfd.gov.cn, Wensheng party-building network(dangjian.wensheng.gov.cn ), Ningxia Science and Technology Agency(nxkjt.gov.cn), Zhuxi Chengguan Town People's Government(cg.zhuxi.gov.cn ).

Other hacked sites :  fhjd.ezhou.gov.cn, dalimz.gov.cn , cs.sqds.gov.cn , wh-aic.gov.cn, shicai.wangqing.gov.cn,zxdj.gov.cn , dytjj.gov.cn ,jidong.gov.cn, oa.bzqts.gov.cn ,ny.yuanjiang.gov.cn ,sl.tx.gov.cn ,ny.gaotai.gov.cn ,lgtw.luogang.gov.cn,snnm.gssn.gov.cn ,dl.lnzxw.gov.cn,www.ncsj.gov.cn .

The mirror of the defacement can be found here:
http://www.zone-h.org/archive/notifier=Barbaros-DZ

Romanian Google , Yahoo, Microsoft, Paypal, Kaspersky hacked By Algerian Hacker MCA-CRB

Google Romania hacked

Here is another DNS poison attack.  we can call this month as 'Month of DNS posion attack'. The report says hackers compromised the RoTLD - The Romanian Top Level Domain Registry and poisoned the DNS Records.


An Algerian Hacker group called MCA-CRB allegedly hijacked the domain registrar and change the DNS record such that it points to defacement page.

The list of affected Top Level Domains:
  • google.ro
  • yahoo.ro
  • microsoft.ro
  • paypal.ro
  • kaspersky.ro
  • windows.ro
  • hotmail.ro

Hackers modified the DNS records such that it points to an IP address located in the Netherlands: 95.128.3.172 (server1.joomlapartner.nl) .

The mirror of the defacement can be found here:
http://www.zone-h.org/archive/notifier=MCA-CRB

At the time of writing, the affected sites are back to online and working properly.

According to the Zone-H record, the hacker group MCA-DRB, has defaced 5,530 site websites so far, many of them appearing to cover government and public services sites from countries across Asia, Africa, Europe, Australia and the Americas.

Few days back, hackers break into the PKNIC site using SQL Injection vulnerability and changed the DNS records that results in hundreds of Top level pakistani domains hijack which includes Google , Microsoft, paypal and more domains.

Kaspersky Costa Rica Website Hacked by Over-X(Algeria hackers )

Kaspersky Costa Rica Website(It is not official website of Kaspersky) Hacked and defaced by an Algerian Hacker named as "Over-X". When i write this article, the defacement page is still there in the main page of the site.


Few months back, Over-x hacked and defaced parlament.tj (Tajikistan Parliament website).

The hacked site:
http://www.kaspersky.co.cr/

Mirror:
http://www.zone-h.org/mirror/id/15938562

Today(Dec 06) we got mail from Kaspersky team,they said this site is not belong to their Firm. Sorry for wrong information.

The official Message from Kaspersky:
“The compromised website in question, kaspersky.co.cr, is owned by
cybersquatters and has no affiliation with Kaspersky Lab’s domain,
which is kaspersky.cr, or any of our partners’ domains. The fraudulent
website does not redirect any traffic to Kaspersky Lab’s websites or
any of our partners’ sites.” – Kaspersky Lab

In general, cybersquatting is a common malicious technique used by
cybercriminals. To avoid entering malicious websites, Kaspersky Lab
advises users to practice safe online browsing habits by typing the
URL of their designated website and verifying that it is spelled
correctly before entering.