Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Anonymous Hackers. Show all posts
Palestinian Hackers
Anonymous Hackers Cyber Attacks Data Leak IDF Palestinian Hackers

Anonymous Hackers Threaten To Publish IDF’s ‘Top Secret Projects’

 

The Anonymous hacker group has published a video claiming to have infiltrated Israel's military and stolen some of its "top secret" documents.

Two weeks after Israel's Justice Ministry admitted a cybersecurity breach that may have taken hundreds of gigabytes of data, the Anonymous hacker group claims to have hacked the Israel Defence Forces (IDF), a much more significant target. On April 18, Anonymous posted a video on X stating, "Today we want to introduce their terrorist army to the world, after hacking their justice ministry.” 

Given the nature of the fighting on the ground, the cyber aspect of the Gaza conflict has not garnered much attention. However, with the most recent escalation, Iran has come out from behind its proxies, and as a result, two of the most cyber-active nations in the world are now participating much more publicly. This includes unsubstantiated allegations made by an Iranian hacker group that they were able to break into Israeli radar systems. 

In contrast, Israel possesses offensive cyber capabilities much beyond anything Iran can produce, despite Tehran's continuous efforts to improve its capabilities. As a result, there will likely be a digital uptick as the ballistic engagement winds down. 

None of this is related to the more theatrical hacking charges levelled at Israel's military. Anonymous is best understood as an umbrella agenda, with self-proclaimed members starting and coordinating activities that are subsequently promoted. It would be incorrect to view this as a globally organised group with any sort of structure. The most recent claims appear to come from a pro-Palestinian group called Anonymous for Justice. 

The Jerusalem Post adds that "according to IDF security assessments, the likelihood of an actual breach is minimal..." The IDF's computer system is highly secure and classified at multiple levels." According to the Post, if there was a breach, the material was most likely "obtained from civilian computers." 

With a total of 20GB of data distributed across more than 230,000 files, the Anonymous video alleges that compromised material contains "the identity of the generals, military bases, military contracts and top secret projects." The hacking operation was "conducted with the assistance of certain freedom seekers from your army," the video further warns IDF.
Read more »
DDOS Attacks
airline industry Anonymous Hackers Data Breach DDOS Attacks

SAS Airlines Faces $3 Million Ransom Demand After DDoS Attacks

 

Scandinavian Airlines (SAS) has recently become the target of a series of Distributed Denial of Service (DDoS) attacks, resulting in a $3 million ransom demand from a hacker group called Anonymous Sudan. This incident highlights the increasing sophistication and financial motivations behind cyberattacks on major organizations.

The DDoS attacks, which overwhelmed SAS's computer systems and disrupted its online operations, were followed by a ransom note demanding the hefty sum of $3 million in exchange for stopping the attacks and preventing further damage. The hackers threatened to expose sensitive data and continue their assault if the ransom was not paid within a specified timeframe.

The airline industry has been a recurring target for cybercriminals due to the potentially massive financial losses and disruption caused by such attacks. In this case, SAS faced significant operational challenges as its website and other online services were rendered inaccessible to customers, leading to a loss of revenue and damaging its reputation.

Responding to the situation, SAS promptly notified the appropriate authorities and engaged with cybersecurity experts to mitigate the ongoing attacks. The company also worked to restore its affected systems and strengthen its overall security posture to prevent future incidents. Collaboration with law enforcement agencies and cybersecurity professionals is crucial in investigating these attacks and bringing the perpetrators to justice.

The incident serves as a reminder for organizations to enhance their cybersecurity measures and be prepared for the evolving threats posed by cybercriminals. Proactive steps, such as conducting regular security assessments, implementing robust network infrastructure, and educating employees about potential risks, can help mitigate the impact of such attacks.

Incident response planning should also be given top priority by enterprises in order to reduce downtime and financial losses in the case of an attack. This entails developing a clear plan for confining and isolating the assault, recovering systems and data from backups, and keeping open lines of communication with key stakeholders all along the procedure.

The SAS Airlines ransom demand serves as a sobering reminder of the constant threat posed by cyberattacks and the significant financial implications for targeted organizations. Heightened cybersecurity measures, swift incident response, and collaboration among industry stakeholders are crucial in combatting these threats and safeguarding critical infrastructure from malicious actors.

Read more »
Phishing Attacks
Anonymous Hackers Cyber Security Cyber Threats Network Threats Phishing Attacks

Phishing: The Biggest Security Threat of 2023

The year is about to end and every year we are witnessing that cybercriminals are advancing their methods of attacking systems and networks. Therefore there are various reasons why private firms and federal agencies should be more prepared for the coming years. As per the recent analysis Phishing attacks will be the greatest security threat in 2023. 

What should be done and what should be avoided?  


According to security analysts, Phishing attacks are more popular among other methods of targeting victims and have already claimed millions of victims worldwide. As per the ratio of attacks, phishing attacks are still on the rise. 

When we talk about phishing first we need to know why is phishing so dangerous? Because the emails that you receive from hackers will appear legitimate and use elements of social engineering to make victims far more likely to fall for the scam. 

Following the steps, hackers often fooled victims into providing their sensitive data and credentials such as credit card numbers, social security numbers, and detailed account information in hopes of rectifying some nonexistent issues with an account. 

Furthermore, 74% of organizations in the United States suffered from a successful phishing attack last year, which is a 14% increase from 2019. 

Subbu Iyer, regional director for India and ASEAN, at Forescout Technologies, said that "digital transformation wave even as the cybersecurity teams in most companies are perennially understaffed and under-resourced. Poor knowledge of digitization, lack of cyber skills, and inadequately trained cybersecurity professionals are some of the factors leading to elevated cyber threats." 

Below are the indicators to identify whether the email you have received is legitimate or a scam. 

  • If you look closely you will notice poor grammar and spelling mistakes in the message.  
  • You will see that the email is coming from unusual email addresses, for instance, "4m4zon" instead of "amazon". 
  • The email includes links, if a source asks you to click on it, this is likely a sign of phishing.

How you can secure your system from phishing attacks? 


One way to protect your company from phishing attacks is to educate users and all employees. Educate them on how they can identify a phishing email and what could be done to avoid losses after receiving a phishing email. Furthermore, advanced technology and updated systems are required at the workplace to fight against phishing attacks and their consequences.
Read more »
hackers group
Anonymous Anonymous Hackers Cyber Attacks hackers group

Anonymous Hackers reportedly exposed the anti-Russian activities of the British Council

The Anonymous hacker group published an analysis of documents belonging to various British government agencies, including the Foreign Office, according to the local media reports. 

Anonymous previously accused British authorities and media organizations of influencing Russian-language media and attempting to shape the minds of their audiences in the way the West wants. In support of their position, the hackers published hundreds of copies of files that they called documents of the British Foreign and Parliamentary Ministries and organizations working for the authorities.

The analysis notes that the purpose of such manipulations is to change power in Russia and change the Kremlin's foreign policy.

It is also pointed out that the council is cooperating with British intelligence to be more effective.

The hackers noted the organization's activity in Russia's neighboring states: in the Caucasus, Moldova, Belarus and Ukraine.

"The British Council's operations in the Baltic States are well documented: they are designed to socially unite Russian-speaking communities in these countries, to make sure they have strong ties among themselves and feel an affinity with British and European values and culture, and are resistant to destabilizing narratives. Brilliant brainwashing," writes Anonymous.

The group cites photocopies of files to prove their claims, which include a call for proposals for communication in English in the South Caucasus, Moldova, and Belarus for fiscal years 2019-2022. Anonymous claims that it is a copy of the Foreign Ministry document, but there are no logos or markings on it to confirm this.

According to this document, the British State was willing to allocate 650,000 pounds per year for English language training in the regions, so the total cost of the three-year program should not exceed 1.95 million pounds.

However, according to Anonymous, the real purpose of the humanitarian programs of the British authorities in the post-Soviet space is "to break the foundations of the regime in Russia or to change its foreign policy".


Read more »
NIC
Anonymous Hackers malware NIC

NIC hacked by a malware, over 100 computers compromised

 

Recently, India's largest data agency NIC ( National Informatics Center) was hacked by a malware unidentified as of yet. The attack was sent from an email, infiltrating the network and around a hundred computers were affected. 



After the attack, the incident was reported to Delhi Police's Special Cell and the case was registered under the Information Technology Act (IT Act). The attack came from an email, which upon opening by an employee - all data from the machine was stolen and encrypted. 

The National Informatics Center is a branch of the Ministry of Electronics and Information Technology (MEITY). The NIC is responsible for the government's technical infrastructure and for the implementation and delivery of digital India initiatives. The Institute contained sensitive information related to National Security, India's Citizens, Home Ministry, Security Advisor, and the stolen data could very well harm National Interest. 

Upon investigation by Delhi Police, the attack was confirmed as a Malware coming from an email bait. While it was reported by only one employee, several of the workers got this mail containing the malware and when the user clicked on this mail, his system was compromised. Likewise, hundred of such computers were infected.

The IP address from the mail was detected to be from the Bengaluru office of an American company.

Attack from Anonymous?
Some sources say that this attack was from the infamous hacking group- Anonymous. Some days back the official website of the Indian Army and according to firstpost.com, a letter was sent to the Indian Government stating- 

 "We are Anonymous Again. 

 To the People of India and Government,
 You Have Underestimated the Power of people. You thought First NIC Hack by Anonymous was a Playful act, "THINK AGAIN".
 We are not here to Play with anyone. We are here to send a message to all the people who support the Anti-corruption bill. We took Down Indian Army Official Site and NIC knows more about what we did. We do not support anyone, We Support Only The Anti-Corruption Bill.

No one can speak for Anonymous, Nothing is Official." 

 It could be that both these attacks are linked and from the same group.
Read more »
Email Hacking
Anonymous Hackers Cyber Attacks Data Breach Email Hacking

Norwegian Parliament Hit by a Cyber-Attack on Its Internal Email System


Stortinget, the Norwegian Parliament succumbed to a cyber-attack that targeted its internal email system. The news came in on Tuesday when the Norwegian parliament's director, Marianne Andreassen, affirmed that the threat actors had targeted the parliament. 

The hackers penetrated email accounts for elected representatives and employees, from where they stole various amounts of data. Andreassen said that the incident is currently being monitored, and, so couldn't give any insight into who was responsible for the attack, or the number of hacked accounts.

People whose accounts were exposed in the attack have been informed about the same and a report has been filed with the Norwegian police and the nation's intelligence agency has just begun investigating the incident, as per a statement the agency posted on its Twitter account after the incident. 

The local press, who initially broke the story additionally, announced that the parliament's IT staffs has closed down its email service to keep the hackers from siphoning more information. 

Besides this, a representative for Norway's main opposition party, the Labour Party, told public broadcaster NRK that the attack had additionally affected a few Labour Party members and staff. 

After the incident was found, the Norwegian National Security Authority (NSA) was brought in to counter the attack and get to the bottom of what had occurred "We have been involved for a few days," said NSA spokesman Trond Oevstedal. 

"We are assisting parliament with analysis and technical assistance." Andreassen said that the parliament had discovered "anomalies a little more than a week ago." 

"A number of risk-reducing immediate measures were implemented to stop the attack," said Andreassen. "These measures had an immediate effect." 

In a statement issued earlier read: "Burglary has been registered in the email accounts of a small number of parliamentary representatives and employees. Our analyses show that different amounts of data have been downloaded." 

The Storting through this statement said that the attackers had snatched a vague measure of data. So far no there is no info released with respect to what sort of cyber-attack was executed against the Norwegian parliament or who was responsible for it. 

However, as Andreassen said to the reporters they take the matter quite seriously and have given our complete attention to investigating the situation to get a complete image of the incident and the possible degree of harm caused by it.

Read more »
Wi-Fi Router
Anonymous Hackers Bank Bank Information Security Darkweb hackers Hackers Wi-Fi Router

Your home wi-fi isn't safe: Hackers know router trick to access bank accounts, card details

Next time when you connect smartphone or a laptop to relatively secure home Wi-Fi, you might actually be surprised how easy it is to hack into your home Wi-Fi network, courtesy that router installed by your Internet Service Provider (ISP). A small vulnerability in the home Wi-Fi network can give a criminal access to almost all the devices that access that Wi-Fi. This could spell trouble for bank accounts, credit card details, child safety and a whole lot of other concerns.

Trouble could come in the form of a neighbourhood kid who piggybacks on your Internet service. While he plays video games online and talks to his friends over VOIP (Internet-based) telephone service, your Internet service may become sluggish.

But an unsecured home wireless system can also be used to commit crime.

According to the US Department of Justice, law enforcement officers will come knocking on your door if someone uses your Internet connection to upload or download child pornography.

And the bad guys don't have to live next door. Powerful Wi-Fi antennas can pull in a home network's signal from as far away as over 4 kms.

According to Finnish cyber security firm F-Secure, for very little money, a hacker can rent a Cloud-enabled computer and guess your network's password in minutes by brute force or using the powerful computer to try many combinations of your password.

The US Computer Emergency Readiness Team (US-CERT) recently issued an alert about Russia-sponsored hackers carrying out attacks against a large number of home routers in the U.S.

According to Sanjay Katkar, Joint Managing Director and CTO, Quick Heal Technologies, cyber criminals are known to exploit vulnerabilities in home Wi-Fi routers by delivering a payload.

"Once infected with the malware, the router can perform various malicious activities like redirecting the user to fake websites when visiting banking or other e-commerce sites," Katkar told IANS recently.
Read more »
Server Compromise
Anonymous Hackers Command injection vulnerability malware Microsoft Azure Microsoft Hacks Server Compromise

Hackers abusing Microsoft Azure to deploy malware

Now Microsoft Azure becomes a sweet spot for hackers to host powerful malware and also as a command and control server for sending and receiving commands to compromised systems.

Microsoft Azure is a cloud computing platform created by Microsoft for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.

Initially, this malicious operation was uncovered and reported by @JayTHL & @malwrhunterteam via Twitter in which they provide the evidence that there is a malicious software being hosted in Microsoft Azure.

Researcher’s already reported this malicious operation to Microsoft. however, the original malware (plus additional samples uploaded since) still resided on the Azure site as of May 29, 2019 – 17 days later, Appriver Reported.

This is an evidence of Azure that failed to detect the malware residing on the Microsoft server, but Windows defender is detecting the malicious files if users attempt to download from the malware-hosting server.

Windows defender detects this malware as Trojan:Win32/Occamy.C and the first new sample ( searchfile.exe ) was initially uploaded to VirusTotal on April 26, 2019, and another sample (printer/prenter.exe) was first submitted on April 30, but also remains undetected on Azure servers.

According to appriver, however, it does not appear the service is currently scanning Azure sites or, one could surmise that these files would’ve been detected by now.

Based on the analysis report using the printer.exe file, attackers uncompiled this malware with the c# .net portable executable file.

Attackers cleverly using an uncompiled file as an attempt to evade the gateway and endpoint security detection by thoroughly examining the downloaded binaries.”

Once running, this malicious agent generates XML SOAP requests every 2 minutes to check-in and receive commands from the malicious actors Azure command and control site at: systemservicex[.]azurewebsites[.]net/data[.]asmx”

This is not a first-time malware operator abusing Azure, but already we reported that attackers abuse Microsoft Azure Blog Hosting and it also attempted to steal the login credentials.
Read more »
Subscribe to: Posts (Atom)