Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Anonymous Hacker. Show all posts

Nym's Decentralized VPN: A Game-Changer for Online Privacy


Nym, a privacy technology company, is getting ready to introduce a decentralized VPN (Virtual Private Network) that aims to completely change how we safeguard our online data and preserve our privacy in a quickly changing digital environment where online privacy is getting harder to define. An industry game-changer in the field of online security, this breakthrough is scheduled to launch in early 2024.

Nym's ambitious project has garnered significant attention from the tech and cryptocurrency community. With concerns about surveillance, data breaches, and cyberattacks on the rise, the need for robust online privacy solutions is more critical than ever. Traditional VPNs have long been a popular choice for protecting one's online identity and data. However, Nym's decentralized VPN takes privacy to the next level.

One of the key features of Nym's VPN is its decentralized nature. Unlike traditional VPNs that rely on centralized servers, Nym's VPN leverages a decentralized network, making it far more resistant to censorship and government intervention. This feature is particularly important in regions where internet freedom is limited.

Furthermore, Nym's VPN is powered by a privacy-centric cryptocurrency called NYM tokens. Users can stake these tokens to access the VPN service or earn rewards for supporting the network. This innovative approach not only incentivizes network participation but also ensures a high level of privacy and security.

The decentralized VPN is designed to protect users from surveillance and data harvesting by hiding their IP addresses and routing their internet traffic through a network of anonymous servers. This means that users can browse the web, communicate, and access online services without revealing their true identity or location.

In addition to its privacy features, Nym's VPN is being developed with a strong focus on speed and usability. This means that users can enjoy the benefits of online privacy without sacrificing their internet connection's speed and performance.

Since Nym is a big step toward a more secure and private internet, the IT industry is excited about its impending introduction. Users seeking to protect their online activity will have access to a cutting-edge, decentralized solution as 2024 draws near.

Nym's decentralized VPN stands out as a ray of light in a world where threats to internet privacy are omnipresent. Its distinctive approach to privacy, robust security features, and intuitive design have the power to revolutionize the way we safeguard our personal information and identities online. When Nym launches in early 2024, it will surely be a turning point in the continuous struggle to protect internet privacy in a connected society.

Anonymous : 900,000 Emails From Russian State Media Were Leaked

 

Anonymous which has been trying to target Russia since the invasion of Ukraine has reported more attacks against critical infrastructure sectors, including one which used an "improved" version of Russian Conti ransomware, and has called for the targeting of companies for proceeding to do business in Russia after the slaughter of Ukrainian civilians in Bucha. 

More than 900,000 emails by the All-State Television and Radio Broadcasting Company were purportedly leaked by the NB65 or Network Battalion 65 group, which is linked to the famed hacker collective Anonymous (VGTRK). 

DDoSecrets, a non-profit whistleblower site for news leaks, has rendered the 786.2 GB cache accessible to the public as a torrent file after NB65 apparently shared the hacked emails with them on Monday. In this regard, Emma Best, a co-founder of DDoSecrets said, "An unprecedented expose of state-owned media and propaganda which the Russian government views crucial to the state security."

A hacker organization called NB65 has been infiltrating Russian entities, collecting private data, and exposing it online for the past month, claiming the attacks are related to Russia's occupation of Ukraine. The emails, according to the Everyday Dot, span more than 20 years of correspondence and include discussions about daily operations as well as sanctions put on Russia by many other countries in reaction to its invasion of Ukraine.

Tensor, the Russian space program Roscosmos, and VGTRK, the state-owned Russian Television and Radio broadcaster, are among the Russian organizations said to have been targeted by the hacking group. The stated theft of 786.2 GB of data, comprising 900,000 emails and 4,000 files, was released on the DDoS Secrets website following the attack on VGTRK. Since the end of March, the NB65 hackers have been using a new tactic that is attacking Russian institutions with ransomware assaults. 

Conti's source code was released after the company allied with Russia in the Ukraine invasion, and a security researcher obtained 170,000 internal chat conversations and source code for the company's operation. 

Threat analyst Tom Malka first alerted to NB65's activities but was unable to locate a ransomware sample, and the hacking gang refused to provide it. This changed when a sample of the NB65's updated Conti ransomware executable was published to VirusTotal, letting us see how it functions. 

On VirusTotal, almost all antivirus vendors identify this sample as Conti, and Intezer Analyze discovered it shares 66% of the code with other Conti ransomware samples. When encrypting files, gives NB65's malware a run for its money.

The All-Russian State Television and Radio Broadcaster (VGTRK) is Russia's largest media conglomerate, with five national television channels, two major international networks, five radio shows, and over 80 regional television and radio networks under its umbrella. The ransomware will also leave R3ADM3.txt ransom notes all over the encrypted device, with threat actors accusing President Vladimir Putin of invading Ukraine for the attacks. 

Hacker uses a nanocomputer to steal NASA data

It wasn’t a good day for NASA when an unidentified cyber-attacker was able to steal 500 MB of mission data, through a Raspberry Pi nanocomputer.

First introduced by the charity Raspberry Pi Foundation in 2012, the Raspberry Pi is a credit-card sized device intended for the general public, young and old, beginners and amateurs. It is sold for about $35 that plugs into home televisions and is used mainly to teach coding to children and promote computing in developing countries.

The Raspberry Pi organization has just announced the release of the fourth generation of its budget desktop PC, the completely re-engineered Raspberry Pi 4.

The April 2018 attack went undetected for nearly a year, according to an audit report issued on June 18, and an investigation is still underway to find the culprit.

The hacker infiltrated into NASA’s Jet Propulsion Laboratory network and stole sensitive data and forced the temporary disconnection of space-flight systems, the agency has revealed.

Prior to detection, the attacker was able to exfiltrate 23 files amounting to approximately 500 megabytes of data, the report from NASA’s Office of inspector General said.

These included two restricted files from the Mars Science Laboratory mission, which handles the Curiosity Rover, and information relating to the International Traffic in Arms Regulations which restrict the export of US defense and military technologies.

“More importantly, the attacker successfully accessed two of the three primary JPL networks,” the report said.

"Officials were concerned the cyberattackers could move laterally from the gateway into their mission systems, potentially gaining access and initiating malicious signals to human space flight missions that use those systems."

NASA came to question the integrity of its Deep Space Network data “and temporarily disconnected several space flight-related systems from the JPL network.”

Russian hackers claim to have breached 3 US antivirus makers

A group of elite Russian hackers claims to have infiltrated their networks and stolen the source code for their software.

Researchers with Advanced Intelligence (AdvIntel) have been tracking the activity of the group on underground forums for some time. The hackers, who operate under the handle Fxmsp, have an established reputation for infiltrating well-protected networks. Their targets typically include highly-sensitive corporate and government information.

Two months ago AdvIntel saw Fxmsp reappear on hacking forums after a half-year hiatus. It's probably no coincidence that the group reported that its campaign against security software firms had kicked off six months earlier.

Fxmsp laid low until it had achieved its goal. When its stealth operation concluded, the hackers allegedly made off with more than 30 terabytes of data from their latest victims. They posted screenshots showing folders, files, and source code.

The asking price for this trove of data: a cool $300,000. They also claimed to still have access to the networks and would throw that in at no extra charge to the lucky buyer.

If what they're offering is the real deal, then this is pretty much a worst-case scenario for the three firms that were compromised. Access to the source code allows hackers the opportunity to locate showstopping vulnerabilities and exploit them, rendering the software useless... or worse. They could even turn what was once legitimate protection from malware into an incredibly effective spying tool.

Hacker uploads about 1 billion user data in 2 months

A serial hacker who goes by the name of Gnosticplayers has released another 65.5 million records of users last week taking his grand total of 932 million records overall, with the consequences of the data pool as yet unknown. Since mid-February, Gnosticplayers has been putting batches of hacked data on Dream Market, which is a dark web marketplace for selling illegal products like hacking tools guns and drugs.

"The hacker's name is Gnosticplayers, and he's responsible for the hacks of 44 companies, including last week's revelations," the ZDNet reported late on Monday. The names of big companies that were hit included UnderArmor, 500px, ShareThis, MyHeritage and GfyCat. The releases have been grouped in four rounds -- Round 1 (620 million user records), Round 2 (127 million user records), Round 3 (93 million user records), and Round 4 (26.5 million user records).

"Last week, the hacker notified ZDNet about his latest release -- Round 5 -- containing the data of 65.5 million users, which the hacker claims to have been taken from six companies: gaming platform Mindjolt, digital mall Wanelo, e-invitations and RSVP platform Evite, South Korean travel company Yanolja, women's fashion store Moda Operandi, and Apple repair center iCracked," the report added.

Earlier in March, the serial hacker stole and posted personal data of close to 843 million users of various popular websites. The companies impacted include GameSalad, Estante Virtual, Coubic, LifeBear, Bukalapak and Youthmanual.

Larceny of $70 million from the largest crypto-mining marketplace

The notice announcing "service unavailable" as well as an official press release was displayed on the website of the Slovenian digital currency mining firm NiceHash, which it said endured a hack of its Bitcoin wallet on the seventh of December.

 In a video update that streamed live on Facebook, the CEO and co-founder Marko Kobal provided an update to a rather startling declaration that the organization, established in 2014, had been subjected to a hack and ensuing theft which additionally compromised its payment system also.

 The news was accompanied by the increasing reports of vacant wallets as well as an additionally expanded downtime period for the service's website; every one of the operations for the website in question has been halted for the following 24 hours.

As per Kobal, the attack began in the early hours of December 6 after a worker's PC had been compromised , he further added that their team is working with law enforcement and clarified that " we're still conducting a forensic analysis” to determine how it all happened and to discover the exact amount of bitcoin that was stolen.

Kobal went ahead to state that he couldn't give extra points of interest, however, he added that the attack seems, by all accounts, to be “an incredibly coordinated and highly sophisticated one.”

However the Wall Street Journal reported that, Andrej P. Å kraba, the head of the marketing at NiceHash, affirmed to the outlet that roughly 4,700 bitcoins, worth up to $70 million disappeared from NiceHash's bitcoin wallet, Å kraba also told the Journal that he too like Kobal trusted that "it was a professional attack", but would not give any more information on the matter, taking note of that the further improvements would be released at a later date.

NiceHash, which exhorted its clients to change their online passwords after it stopped operations on Wednesday, has given a couple of other insights about the attack on its payment system also.

"We ask for patience and understanding while we investigate the causes and find the appropriate solutions for the future of the service", it said on its website.

The Slovenian police said that were investigating the hack, but however, declined to further comment.

British National Party's Twitter account and website hacked by Anonymous


A Hacker appears to affiliated with Anonymous hacktivists has hijacked the official twitter account of British National Party(BNP) and started to post anti-government and hateful messages.


The hacker also managed to deface one of the subdomains of BNP(British National Party Twitter account hacked by Anonymous ).  The defacement message simply says "Hacked by Anon_0x03, [redacted] the Government!"

When an user asked about the motive of the attack, the hacker simply replied that BNP is a random target.

"I'm not even from GB." the tweet posted from hacked BNP account(@BNP) reads.

It appears hackers have access to the account for more than 20 hours.  But, No one from BNP have noticed.  The recent tweet says "damn racist".

At the time of writing, the hacker has still access to the BNP twitter account and the subdomain is still defaced.

#OpTurkey: Hacktivists hit Turkey with massive Cyber attack


Turkey suffers massive cyber attack after several hacktivists started to participate in the ongoing hacking operation against Turkey government.  "#OpTurkey",the operation was launched in retaliation to the violent police response against protesters.

A hacker group from Turkey named TurkHackTeam has claimed to have breached ofmuftulugu.gov.tr and Mufti COUNTY CERKES (cerkesmuftulugu.gov.tr).

The group leaked some info from the server  :
 1.http://pastebin.com/pF93F7Uf
 2. http://pastebin.com/CcGuBD9H

Even Syrian Electronic Army who usually target western media participated in the operation and breached Turkish Prime Minister(PM) and Turkish Ministry of Interior websites.

 The group left a message on the defacement page: "Syria and Turkey are one. We salute Turkey's brave protesters"

Atlantic Bank, Fidelity Bank Ghana and few other sites hacked by Sepo


A hacker with twitter handle @anon_4freedom a.k.a "sepo" who has been quite for some time, has come with some interesting hacks.  Today he hacked into multiple Bank websites.

 The list of affected websites includes Atlantic Bank Group (banqueatlantique.net), Fidelity Bank Ghana(fidelitybank.com.gh),Italian Labour Union ( uil.it), Agricultural Development Bank of Ghana (agricbank.com).

The hacker managed to identify the SQL injection vulnerabilities that allowed him to gain access to the database server.  At EHN, we have verified the vulnerability.   

All leaks (pastebin.com/u/HackinotrThe) just contain server details, database details such as Database username, OS, Database name, SQL version  and Host IP.  It also contains the list of table names.

Hacker didn't the leak the personal data of users because he don't like to expose the normal people's data.

South African Police Service website breached by #Anonymous


The official website of South African Police Service has been breached by the Anonymous hacktivist with online name "DomainerAnon". 

"This action is to serve as a reminder to the government regarding the murders of 34 protesting miners outside the Marikana platinum mine by police. "Hacker stated as reason for the attack.

"To date no officers have been brought to justice... This situation will NOT be tolerated. #OpMarikanaMiners"

The hacker provided a link to the database dump(pastebay.com/1232460) that includes Usernames, hashed passwords, Telephone numbers and few other details.

He also shared a 13Mb size file named "EMAILS.csv" in the DatafileHost which is said to be contain emails.

Suspected Anonymous hackers arrested in Jordan for #OpIsrael attack


A massive cyber attack dubbed as "#OpIsrael" launched by joined Anonymous hacktivists hit the Israel websites.  Hackers launched ddos attacks, defacements, database leaks and social network hacks.

Following the cyber attack, Jordanian security forces has arrested several youths who are allegedly participated in the cyberattack.

In response, Anonymous threatened to attack Jordanian internet sites. The group demanded the activists' immediate release.

"A Facebook group called 'The Third Intifada – Jordan' boasted that 100,000 Israeli internet sites had been disabled" Arutz Sheva Israel News report reads.

Bangladesh Government websites defaced by Rahm Anonymous

An Anonymous Hacker with the twitter handle " Rahm Anonymous " has launched cyber attack against the Bangladesh Government websites.

The hacker defaced the following Government websites: Sub-domain of Bangladesh Public Service Commission(portal.bpsc.gov.bd/rahm.php), SEQAEP (www.seqaep.gov.bd/admin/), nidw.gov.bd/administrator, Bangladesh National Commission for UNESCO(bncu.gov.bd/administrator/ ).


He also claimed to have taken down more than 40 Bangladesh Government websites.  The hacker has posted a list of affected websites in pastebin(pastebin.com/CMLu4vMP).

EHN has tried to verify the hacker claim about the DDOS attacks, the site seems to be down but those sites are working with "www".

At the time of writing, the defaced websites still hosts the defacement page uploaded by the hacker.

"WELCOME BACK ADMIN-- --YOUR SITE GOT HACKED!!!-- NOTHING PERSONAL WITH YOU--THIS IS JUST BECAUSE OF--YOUR STUPID COUNTRY . HACKERS ARE ABUSING OUR RELEGION. AND WE ALWAYS WANTED PEACE BUT NOW THE SHORE IS GETTING OFF. NOW THIS IS JUST THE BEGINNING!!! " The hacker stated in the defacement page as reason for the attack.

Philippines President site & other Government sites hacked by Anonymous Philippines


Anonymous Philippines has breached several Philippines Government websites including the official website of the Philippines President website.  The hackers managed to publish an article in the President website(http://1.president.gov.ph/news/anonymous-philippines/) with title "Anonymous Philippines" .

"Greetings, President Aquino! We have watched how you signed into law a bill that endangers and tramples upon the netizens’ freedom of speech and expression. Now, we are silent witnesses as to how you are mishandling the Sabah issue." The article published by the hackers reads.

"We did not engage the Malaysian hackers who invaded our cyberspace since we expected you to appropriately and judiciously act on the same, but you failed us. You did nothing while our fellow brothers are being butchered by the Malaysian forces, and while our women and children become subject of human rights abuses. If you can’t act on the issue as the Philippine President, at least do something as a fellow Filipino. We are watching."

The security breach was initially published by the Clifford Trigo in The PinoyTechNews and notified to EHN about the hack.

The hacker also defaced the following Government websites :
http://www.gdelpilar.gov.ph/
http://www.calasiao.gov.ph/
http://bolinao.gov.ph/
http://mauban.gov.ph/
http://apayao.gov.ph/
http://www.mauban.gov.ph/
http://www.drd.pnp.gov.ph/

At the time of writing, all of the government websites still displays the defacement page except the President websites.  The article published in President website has been removed.

Teleton Colombia database hacked by LulzSec Argentina


LulzSec Argentina hacktivist has managed to identify multiple security flaws in the Teleton Colombia website(www.teleton.org.co) -   fundraising event broadcast on television.

The hacker managed to exploit the SQL Injection vulnerability in the website and extracted the database.  He dumped the database in a paste (pastebin.com/hY4ibzmn).

The leak contains personal information including names, date of birth, email addresses, usernames.

The hacker leaked the admin user id and password(plain-text) in one of the tweet posted in his official twitter account.

He also identified a Non-persistent Cross site scripting vulnerability in the Teleton.org.co. POC Code :
teleton.org.co/buscar/articulo/?texto=1<ScRiPt >prompt(910244)</ScRiPt>

Team M3DU5A hacked Constantin Film and leaked login credentials


The hackers from a group called "TEAM M3DU5A" have hacked into the official website of Constantin Film AG (www.constantin-film.de)- a German film production and film distribution company.

The hackers managed to compromise the database and leaked in the pastebin(pastebin.com/vW40pRFL).

The dump contains the username and MD5 hashed passwords belong to Backend page . It also contains the username & plain-text passwords for the Movie and Budget Database .

In addition to the login credentials , the team leaked the a number of email addresses compromised from the server and links to login pages.

The group also provided two screenshots which shows that they have successfully logged in with the stolen credentails , allows them to create new movie project post.

Report says the hacker attack was retaliation for the shut down of an illegal file sharing website drei.bz by German copyright protection group GVU

"F*** the Copyright Lobby and Contentmafia | F*** the GVU | F*** the GEMA | RIP drei.bz" Hacker said in their leak.

The Constantin Film website uses the open source CMS TYPO3 . Recently, Typo3 updated their version to patch a critical SQL injection vulnerability which is found to be exploited in the wild. It seems like Constantin Film fails to update to the latest version.

Chinese Government website pzhws.gov.cn hacked by lot of hackers


Today, One of the Anonymous News twitter accounts @PublicAnonNews announced that an anonymous hacker called Av4sT defaced the Panzhihua Health Information Network - one of the Chinese Government websites.

When i tried to visit the page pzhws.gov.cn, i have been invited with Anonymous Logo and " Hacked by Av4sT.  Access Denied" Message. 

After Gathering some information about this website, i found that this is not the first time the site being defaced by hackers.

The websites has been breached several times by lot of hackers.  In fact, I am still able to view the previous defacements.  

*A Hacker named s13doeL uploaded a defacement text in the site on 20 Jan,2013.  You can still see the defacement page here: pzhws.gov.cn/z.txt

*A hacker named Jack Riderr from Johor Hacking Crew has uploaded defacement page on 20 Jan 2013. The defacement page is still there: pzhws.gov.cn/folder.htm

* Turkish hackers breached and uploaded their defacement also : 
pzhws.gov.cn/images/rht.htm

* In 2010, HEXB00T3R defaced the site but the defacement has been removed.

I am not sure whether the hackers exploit the vulnerability or the site has multiple vulnerabilities.  The question is whether the Chinese Government about these hack ?! Why they are not taking any steps to protect this website?

MVS Comunicaciones Hacked by MexicanH Team


The Mexian Hacker group named as "MexicanH" affiliated to Anonymous hacktivists has claimed to have breached MVS Comunicaciones (MVS)- a Mexican Media conglomerate that owns owns MASTV, MVS Radio.

The hacker team announced the attack in Twitter that they hacked MVS comunicaciones , and posted a link to database dump(pastebin.com/EYUj5vm3)

The database dump contains more than 3000 usernames, encrypted passwords and email addresses. The data are compromised from 30 different databases. 

Cyber War News analyzed the dump and found that the same email id has been used in different database server; There is around 1700 unique accounts with email ids.

Anonymous Twitter account allegedly hacked by Rustle League

We can refer this week as Twitter account hack week. Following the high profile twitter account hack, now twitter account of a hacker also hijacked by hackers.


A Hacker group called as Rustle League has hijacked @Anon_Central, Twitter account belong to one of the Anonymous hacktivist that has more than 160k followers.

"The reason Anonymous fell victim is probably human weakness," BBC cited as Graham Cluley saying, senior consultant at security firm Sophos.

"Chances are that they followed poor password practices, like using the same password in multiple places or choosing a password that was easy to crack.

In response to the numerous account compromises, Twitter has issued a “friendly reminder about password security” in which they advise users to follow four important rules to make sure their accounts aren’t hacked.

Anonymous Hackers leaked 600,000 credentials from Israeli portal Walla!


An anonymous hacker going by the name of AnonSabre has managed to breach the servers of the popular Israeli web portal Walla. As a result of the security breach, hackers dumped around 600,000 email accounts and passwords. The hack was done as part of the operation called "#OpIsrael".

The hacker first uploaded the compromised data in 93 separate pastebin posts(pastebin.com/6BYg2suP). The links in question are dead at the time of writing.

The leaked credentials were first found by PwnedList, a service that helps users figure out if their account credentials were stolen as part of a hack.

“The data leak included 583,083 credentials. The passwords were hashed and salted, but the salts were leaked as well.” PwnedList .

Walla has confirmed the breach, but the representatives say that the leaked data is useless because the passwords leaked by the hacker are encrypted.

#OpLastResort: Anonymous leaks 4000 U.S. Bank executive details in hacked Alabama Govt Site


Anonymous hackers has leaked login and private information of more than 4000 U.S Bank executives , under their latest Operation Last Resort (#OpLastResort).

Hackers usually choose the pastebin or Anonpaste site for leaking the compromised data. Interestingly, hackers chose a government website for publishing the data. They hacked into the Alabama Criminal Justice Information Center (acjic.alabama.gov) and published the data.

"Now we have your attention America: Anonymous's Superbowl Commercial 4k banker d0x via the FED http://acjic.alabama.gov/documents/oops-we-did-it-again.html … #opLastResort #Anonymous" Hacker announced the attack in Twitter.

The data published by Anonymous contains Addresses, Business Phone numbers, Email addresses, Fax numbers, names, institutions, Login IDs, hashed passwords and titles.

Based on the titles provided in the leak, the data are allegedly belong to Information Systems/Security Officer, EVP & Chief Financial Officer, President, Vice President, Managing Officer, CFO, Asst. Vice President and Cashier, CEO, Vice Chairman, Senior Vice President, BRANCH MANAGER and others.