Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Defaced Website. Show all posts

Attackers hacked a Spanish TV channel and showed an interview with the separatist leader of Catalonia


Spanish state television company TVE on Wednesday said that last Thursday unknown attackers used an open portal on its website to air a Russia Today program about Catalan separatist leader Carles Puigdemont.

According to the representative of TVE, hackers did not break into any external cybersecurity barriers but took advantage of the “open door” on the site.

As the source noted, it is too early to talk about the identity and location of the attackers, since the investigation is not yet finished.

The interview shown last Thursday was watched by about 96 users. Puigdemont and former Ecuadorian President Rafael Correa participated in a program produced by the Russian state channel. 
In addition, in an interview, Puigdemont said that there is no option to resolve the problem of Catalonia, which would not include the independence of the region.

It is interesting to note that both of them fled to Belgium after legal proceedings were initiated against them in their home countries.

Earlier, the Spanish authorities found evidence that Russian groups actively used social networks to support the independence movement of Catalonia and tried to influence public opinion in an effort to destabilize Spain.

Russia Today editor-in-chief Margarita Simonyan said that the channel was not involved in the hack.
"Hackers broke into the Spanish channel "+24" and turned on our broadcast instead of them, Simonyan commented on her Telegram channel.

"We just had an interview with Puigdemont, the chief on the independence of Catalonia. We don't know who did it, but it was beautiful," noted she.

Russian hackers in recent years are suspected of interfering in the political affairs of many countries, including the United States, Britain and France.

Hackers deface the website of the Ministry of Justice of Uzbekistan


On November 20, websites of some organizations including government websites were affected by a cyber attack.

A hacker from Bangladesh goes by an online handle "Skidie KhaN", a member of the hacking group called " Cyber Command0s(#Team_CC)" modified the main page of the websites of the Ministry of Justice. According to the local report, the defacement message said that the website was hacked by the hacker "Skidie KhaN".

In addition,the websites of the Ministry of Internal Affairs, the Ministry of Defense, Attorney General's office and the Ministry of the Economy were also under the cyber attack.

The Information Security Center of Uzbekistan declined to comment on the situation.

The consequences of cyber attacks on the websites of several government agencies of Uzbekistan is said to be eliminated. The government is currently working on finding the causes and method to thwart future cyber attacks.

In September, the attacker hacked into many Government websites of Myanmar.

- Christina

 

It’s an Indo-Pak Cyberspace WAR!

On Sunday morning, India’s southern Kerala state woke up to the news of the state government’s official website (www.Keralagov.in) being hacked by Pakistani hackers, who posted image of a burning Indian flag.
The hackers had left messages such as "Pakistan Zindabad", "We are Team Pak Cyber Attacker" and "Security is just an illusion". The page also carried the identity of the hacker; “hacked” by Faisal 1337”. The Home Page also contained the website address www(dot)Faisal1337(dot)com.

However, preliminary reports suggested the hackers were could not get past the home page and into the server hosting this website.

This news spread like fire over social media and the issue instead of being a government website being hacked turned into being an attack on India by the neighbouring country. But few expected that within a span of few hours an Indian hacking group with the name of “The Mallu Cyber Soldiers” will payback the favour.
The Indian hacking group had hacked over 100 official websites of Pakistani government and posted message on their websites- “Better stay away from Indian Cyber Space”.

They also posted a message on their facebook page.

" !!Message to Script Kiddies of Pakistan ....Do not touch Indian Websites !!! Now your 46 Pakistan government websites got crashed and 4 educational websites got defaced This is a small payback for hacking kerala.gov.in "

They also posted a list of websites which were crashed. Few included Pakistan’s government website Pakistan.gov.pk, president.gov.pk and cabinet.gov.pk.

But the war did not cyber war did not there. In the same message, the group ‘Hell Shield Hackers’ stated that the motive behind this attack was to retaliate against the attack on the Kerala government’s website.
Often gunfire exchanges across the border seem to take place. During the cricket matches also between the two countries, the rivalry of the two nations are frequently seen but now a full-blown hacking and defacement war seems to have simultaneously erupted in cyber space.

This is not the first time that the hacking has taken place between the two nations.

In October 2014, a Malayali actor and producer, Mohanlal Viswanathan Nair’s  website was hacked by a group known as Cyber Warriors, who had posted several "Free Kashmir slogans" and warned Indian Army about their activities in the Kashmir valley.

The Government from both the nations have nothing to do with it.

Hacking the government sites exposes the vulnerability of official websites.

Though it was just a defacement and officials told that the server of Kerala Government’s website is safe. Yet, the incident calls for a better cyber security mechanism.

The Indian public sees this retaliation as ‘revenge’. However, it’s an issue much more than patriotism.
 Hackers mostly target large organisations, government or community websites which store personal information of thousands or millions of users.

While the Modi government talks about digitizing India, incidents like these highlight the importance for improved cyber security which comes foremost and is a much important issue before the digitization of the country.

While the USA and China are entering into a cyber security agreement, the Indo Pak cyber hack games continue unabated which exposes the weak cyber security of both the nations.

Islamist hacking group targets Dublin gym websites

Photo Courtesy: RTE News

The RTÉ News has confirmed that the websites of three gyms, which are owned by South Dublin County Council and independently run and operated on behalf of the council by South Dublin Leisure Services Limited, have been temporarily shut down after a hacking attack by an “Islamist hacking group”.

After getting into the websites, the hackers have posted a video which contains graphic images of dead, injured people and a woman with an American accent reading a message criticizing the war on terror.

The hackers posted a message on the images which read, “Admin Don't Worry This Is just A Message And You Can Remove It. Your Website Has Been Defaced Cuz Just We Want To Show The Reality To da World. This Is The real Terrorism."

Along with the video, the hackers also posted a logo for the Liber8 Tunisia Facebook page.

“Prior to being deactivated, visitors to the web pages of the Clondalkin Leisure Centre were redirected to a page that claimed the breach was carried out by an organization describing itself as the Tunisian Fallaga Team,” the news report read.

The websites of leisure centres in Tallaght and Lucan are also inactive following the apparent attack.


According to the RTÉ News, Philip Murphy, Senior Executive Officer with the council said, "The matter has been brought to our attention this morning and we are taking appropriate action to rectify this situation. The offending material has been removed and a full investigation is under way."

Digital Constitution hacked, to promote online gambling

Digital Constitution, the Microsoft web site which protects online privacy in a digital world, was hacked to promote online casinos.

According to ZDNet, which first reported about the hacking, the Digital Constitution was running an older version of WordPress when the spammy links were discovered.

Though the links were removed from the front page in the hours following the ZDNet report, a variety of other pages continued link to the gambling sites.

The news reports says that it is unknown how long ago the site was hacked to promote online gambling, whether other Microsoft websites were hacked or not. It is still not clear who was behind the attack.

Ars Technica noted that it was not unusual for hack-by-numbers exploit kits to automatically inject malicious links into vulnerable pages that when viewed by vulnerable computers, perform drive by download attacks.

However, when the company was asked, the Microsoft answered not more than "it's fixed."

According to the news report, the attacker had injected text with keywords like "online casino," "poker, "craps," "roulette," and "blackjack." New pages were added to inject to show content that embeds content from other casino-related websites. 

Lithuanian Military Website hacked to post false information

If we had to believe what we saw on Lithuanian Armed Forces website on Thursday morning, then the North Atlantic Treaty Organization (NATO), an alliance of countries from North America and Europe committed to fulfilling the goals of the North Atlantic Treaty signed in 1949, is preparing for the annexation of Kaliningrad, Russia’s seaport city which is sandwiched between Poland to the south and Lithuania to the north and east.

However, Victoria Cemenite, spokesperson at the Lithuanian Defense Ministry, confirmed that the website had been hacked and that the false information has since been removed by the security experts from the National Cyber Security Centre.

And an investigation has been launched.

The ministry said a private company, which provided server for the Army website, is responsible for its maintenance and security.

Baltic country's National Defence Minister Juozas Olekas says that the hacking attack was aimed to harm the reputation of Lithuania and the NATO. Similarly, security measures will be taken to avoid vulnerabilities.    

“We are carrying out an investigation to identify what measures are necessary to avoid such incidents in the future. The contents was provocative and aimed at discrediting Lithuania and NATO," Olekas told journalists on Thursday.

“It is undoubtedly an initiative of people or institutions unfriendly for Lithuania and NATO. Now, both the sides are improving, hackers and institutions in charge of cyber security. It will be a good lesson for future considerations of additional security measures.”

Arizona’s department website shuts down after hacking attack


One after another, Middle East Cyber Army, a hacking group, is attacking government websites of various countries.

After Myanmar’s Ministry of Mines, the hacker group has hacked the website of Arizona’s Department of Weights and Measures’. As a result, the website has been shut down for the last one week.

The hackers left a message on the website, “Hacked by Middle East Cyber Army” and slogans like such as, “In Allah we trust. For Allah we work. Death to Israel. Free Palestine. Jerusalem is ours” along with a masked figure in front of the Dome of the Rock.

Andy Tobin, director at the department, confirmed that the department’s website was hacked on Sunday.

Today, the department’s website is still down for maintenance.

“The web-site you were attempting to access is currently undergoing maintenance activities. We apologize for the inconvenience. Please retry again later. Thank you for your patience,” the website read.

According to Tobin, soon after they got to know about the hacking attack, they shut down their website and database.

He said that the agency got its backup database running on Tuesday so its investigators can continue their work.

Tobin said the agency is investigating the matter collaborating with the Arizona Department of Administration. Similarly, they have also informed the U.S. Department of Homeland Security about the hacking attack.

The department is still trying to sort out the issue. It has yet to be determined whether the department to resume its website or shift its components over to the Arizona Department of Agriculture, which is scheduled to take over many of the department’s duties next year.

The hacking group had hacked many other websites like in December the group hacked the website for a school district in Little Rock, Ark. It took over the website for the small Quebec town of Terrasse-Vaudreuil in January. Similarly, in May, it targeted Auckland University in New Zealand. And in April, it hacked Art and Sol, a Scottsdale-based performing arts program for children.

Pro Syrian group hacked US Army's official website

 
The US Army's official website was hacked  by the "Syrian Electronic Army", and posted a message on its twitter account, criticizing the training of rebel fighters inside Syria.

According to the army officials, no personal or classified data has been stolen. The army has decided to temporarily shut down the website.

One of the messages reads as, "Your commanders admit they are training the people they have sent you to die fighting."

This pro-Syrian group has been blamed for various hacking and denial of service attacks of  numerous news media sites, including the Twitter account of AFP's photo service.

Army spokesman Brigadier General Malcolm Frost said in a statement, "Today an element of the Army.mil service provider's content was compromised. After this came to our attention, the Army took appropriate preventive measures to ensure there was no breach of Army data by taking down the website temporarily."

This is not the first time they have hacked website, in 2013 they created confusion in the stock market briefly by putting  out a fake media tweet falsely claiming the White House was under attack.

But officials said “It was possibly the first time a US military website had been penetrated, as previous hacking had targeted Twitter accounts.”

Hackers hijack Tesla automaker's website, Twitter account

(PC- Google images)
The website and Twitter account of high-tech automaker Tesla were hacked over the weekend as part of a prank by angry rival hackers. Tesla CEO Elon Musk’s personal twitter account was also hacked around Saturday night (US Standard Time).

The first sign of hijacking was noticed around 1:52 p.m., when the company’s Twitter account had a tweet that declared it being under the control of attackers and the name changed from “Tesla Motors” to  “#RIPPRGANG”. The tweet posted on the carmaker’s account said, “This Twitter is now run [sic] by Henry Blair Strater [sic] from Oswego Illinois, call me at [number redacted]”. 


A few minutes later, the account began promising free Teslas to those who followed certain accounts or to those who called a certain phone number. The number belonged to a repair shop in Illinois which was flooded with calls.

Nearly at that time, Tesla’s website was hacked by the same attackers. Visitors were redirected to a website with ISIS in the URL, a Laden-ranting video and a picture of a man resembling Osama Bin Laden.
(PC-google images)

The Twitter account war restored around 2:45 p.m., an hour after it was uncompromised and the website was back to its usual state at around 6:30 p.m.

Elon Musk’s Twitter account was hijacked by miscreants who claimed to be from the infamous Lizard Squad Hacking crew, known as Autismsquad.

Indexeus.org website hacked by Pernicious Developers 2014

A day after Security blogger Brian Krebs published an article entitled "Even Script Kids Have a Right to Be Forgotten", hackers breached the Indexeus website(indexeus.org)

Yesterday, Krebs wrote an article about "Indexeus" which is a new search engine containing database of stolen user names and passwords from more than 100 data breaches.

According to KrebsOnSecurity, the database contained stolen credentials from the recent Yahoo and Adobe breaches.


The site also contained databases of few hacker forums that have been hacked. It seems to have ticked off many hackers.  Today, the website was defaced by hacker group Pernicious Developers.

"This is the Original Pernicious Developers, we're still here. Even if you don't know which version of the group who did this." The defacement message reads.  At the time of writing, the website shows a blank page. 

Owner of the Indexeus has replied in one of the threads in HackForums about the hack:



Mirror:
http://www.zone-h.org/mirror/id/22702440

*Update:
The hacker group have provided a screenshot that shows they uploaded a backdoor shell to the affected website.


Official websites of Taj Mahal and Agra Fort hacked by Pakistani hackers


The Pakistani hackers continue to target Indian Government and other websites.  'Pakistan Haxors Crew' is to be one of the most active groups that targeting Indian websites.

Today, the hacker known as 'H4$N4!N H4XOR' from the group hacked into one of the popular Indian Government websites ; The main page of Taj Mahal website(www.tajmahal.gov.in) is now displaying the Pakistan's flag.

The message posted on the defaced page reads follows:
"Whatever you fail to detect, will cause your downfall..Pakistan Haxors Crew is here to remind you of your Security.. Our fight is not against any individual but the system as whole"

It is not the only website defaced in the recent attack. The group also changed the contents of other popular government websites including Agra Fort official site(agrafort.gov.in) and Fatehpur Sikri site.

While other sites are modified to display the hacker's content in the front page of the site, hackers have placed their defacement page in Fatehpur Sikrisite at "http://fatehpursikri.gov.in/r00t.html"  

At the time of writing, all of the affected websites still display the contents modified by the hackers. 

Tata Motors website hacked by Pakistani Hackers


The official website of Tata Motors, the Largest Indian multinational automotive manufacturing company, has been breached and defaced by a Pakistani Hacker who uses the online moniker "H4$N4!N H4XOR".

The main website is not affected by this breach. The Hacker has defaced the 'connect.tatamotors.com', a sub-domain dedicated for the Auto Expo 2014.

"India B Ready I Am Coming  :P " The hacker wrote on the defaced page.

"Pakistan Haxors Crew is here to remind you of your security... Our fight is not against any individual but the system as a whole.. Should you choose to ignore security, it will reincarnate as your worst nightmare !  We just defaced your website to give you a chance to put your hands on it before others come and destroy it!"

At the time of writing, the Tata Motors' sub-domain still showed the defacement page. The mirror of defacement is available here:  http://zone-h.com/mirror/id/22337776

LK Advani's official website hacked by Pakistani Hacker

Screenshot of Defacement

The next day after Bihar BJP's official website get hacked by hacker claimed to be from Pakistan, the official website of Senior BJP Leader LK Advani (www.lkadvani.in) also got defaced by the same hacker.

The hacker who called himself Muhammad Bilal began the defacement message by saying "I'M Back ;D gOOd mOrNing Narendra Modi".  The hacker also wrote "Free Kashmir..Freedom is our goal."

The hacker also claimed to have defaced the websites of Bharti Janta Party In Lok Sabha and Bharti Janta Party In Rajya Sabha.

A screenshot published in the hacker's profile shows that he also gained access to the database server.  The accessed information includes email IDs, hashed-passwords, phone numbers and other details.

At the time of writing, the LK Advani's website is down for maintenance.

Bihar BJP website hacked and defaced by Pakistani Hackers

Bharatiya Janata Party's(BJP) website once again has been targeted by hackers claimed to be from Pakistan.

This time, a hacker named Muhammad Bilal from Pak Cyber Experts group breached the official Bihar Bjp website(www.biharbjp.org) and defaced the home page.

The defacement contains a picture of person standing on Narendra Modi's photo and posted some comments.  The hacker also called India as Stupid.

"I just woke up for reading Namaz. I just thought i will check BJP website :D good site it was :( then my mind changed :( i thought to write 'Pakistan Army' or 'pakistan zindabad' on the site of people who say [redacted] about Pakistan." defacement message reads(translated).

The hacker has a past history of attacking Indian websites and Modi's related websites.

This is not the first time BJP's websites being defaced by Pakistani Hackers.  Earlier this month, hacker with online handle 'Sniper Haxxx' defaced the BJP Junagadh unit's website.

It seems like the website was defaced before 14 hours. The website is still showing the defacement. You can find the mirror of the defacement here: http://zone-h.com/mirror/id/22233554

Ministry of Health Saudi Arabia website defaced by Moroccan hackers


Moroccan Islamic Union-Mail hacks and deface the official website of prevention program of injuries and accidents - Ministry of Health Saudi Arabia(moh-ncd.gov.sa)

The site was showing a picture of Mohamed Morsi The President Of Egypt and member in the Muslim Brotherhood and a clear message in arabic which said :

"Penetration in response to a statement by the Ministry of Interior inclusion of the Muslim Brotherhood in the list of terrorist groups."

"Our message to the governor of Saudi Arabia: The day will come who are under it is exposed to more than what it is now Syria." hackers said.

" The most worthy AQIM contain the Two Holy Mosques to be a compromise in everything Do not be biased for a class to another, until he became Al Saud believe in all that is Islamic terrorist And all of the resistance for pursuing terrorism The injustice of kin most Reluctantly --- one of Hussam signed Mohannad. Signature: Moroccan Islamic Union-mail"

The mirror of the defacement is available here:  http://www.aljyyosh.org/mirror.php?id=125826

This is not the first time the site being targeted by hackers - Earlier this year, a hacker going by handle 'Dr.SHA6H' also defaced the website.

Syrian National Coalition website and US Central Command hacked by Syrian Electronic Army


The official website of the National Coalition for Syrian Revolutionary and Opposition Forces(etilaf.org) and few other websites have been hacked and defaced by Syrian Electronic Army.

In addition to Syrian National Coalition hack, the group also hacked into Masarat Syria (masaratsyria.com) and the City Council of Daraya (darayacouncil.org).

The hacked websites went offline at the time of writing, A mirror of the defacement can be found here:
  • http://www.zone-h.org/mirror/id/22015751
  • http://www.zone-h.org/mirror/id/22015787
  • http://www.zone-h.org/mirror/id/22015855
Recently, the group also announced that they have successfully breached the US Central Command(CENTCOM) and accessed hundreds of documents.

In the meantime, the Syrian Electronic army also posted a tweet "How much does @Microsoft charge @FBIPressOffice ever month to spy on your emails? Stay tuned for their leaked documents. #SEA #PRISM".

BSNL subdomain's defaced by "Kai-h4xOrR And Trojan"



Two Pakistani hackers called "Kai-h4xOrR And Trojan" have managed deface some webpages of BSNL's sub-domains.

The defaced pages are:
http://learntelecom.bsnl.co.in/acp_main_module/schedule_list.asp
http://www.vas.bsnl.co.in/vas/contact_us.jsp?cir=11

They left the following message: "Team MaXiMiZerSOp# Free For Kashmir"

BSNL has very bad track record with security it has been defaced multiple times in the past few years.

Mirrors:http://zone-h.com/mirror/id/22021830

http://zone-hc.com/archive/mirror/d0abab6_learntelecom.bsnl.co.in_mirror_.html

http://zone-hc.com/archive/mirror/ea72f34_vas.bsnl.co.in_mirror_.html

Russian Today (RT) news website hacked

On Sunday, the famous Russian news website RT.com has bee hacked and defaced.

The hackers gained access to the admin panel of the RT website and managed to publish several articles containing "Nazi" word in the headline.

The security breach also has been confirmed by the Russian Today in its official twitter account saying "Hackers deface RT.com  website, crack admin access, place "Nazi" in every headline. Back to normal now.".

Some of the published articles are entitled "Russian Senators vote to use stabilizing Nazi forces on Ukrainian territory", "Nazi nationalist leader calls on 'most wanted' Nazi umarov' to act against Russia' ".

The website has been restored and back to normal.  But still, no hackers appear to have taken credit for the breach.

EC Council official website hacked


A hacker who calls himself "Eugene Belford" (A character from the movie "Hackers" )has hacked the EC-Council website - an organization that offers Certified Ethical Hacker(CEH)

"Owned by certified unethical software security professional" The defacement message reads.

He has also put in the deface page documents proving that "Edward Snowden" attended the CEH classes in India.

A spokesman from CSPF (Cyber Security and Privacy Foundation) says, it appears to be hackers used DNS hijacking attack to deface the website and possible gain access to their email.

Another CEH certified professional says he was not satisfied with EC Coucil  Training. He says though the course material is good and certification is recognised worldwide, the trainers from francisees of EC Coucil do not know hacking and they are not competent to take CEH classes.


Update: Sometime after this news was posted the hacker edited the deface page with this extra text. 

"Defaced again? Yep, good job reusing your passwords morons jack67834#

owned by certified unethical software security professional
Obligatory link: http://attrition.org/errata/charlatan/ec-council/
-Eugene Belford

P.S It seems like lots of you are missing the point here, I'm sitting on thousands of passports belonging to LE (and .mil) officials "

It might be that the attacker has gotten access to the emails of EC Council and hence all the email correspondence of the Law Enforcements and Military officials might be compromised also.



Las Vegas Sands casino websites hacked and defaced by Anti WMD Team

Las Vegas Sands Corp which is said to be the world largest casino operator, has been targeted by hackers.  Websites of Sands casino and its subsidiaries have been defaced.

The sites home page modified with the world map marking the location of sands casinos with flickering flame.

"Damn A, Don't  let your tongue cut your throat "the defacement message reads. "Encouraging the use of weapons of Mass destruction, Under Any condition , is a Crime"

The defacement also contained personal information of Sands employees including e-mail id, social security numbers and other information.

The sign left in the defacement suggest it is done by a hacker group identified as "Anti WMD team".  However, we are not able to find any history about this group.

List of affected websites are: Sands official website (sands.com), Venetian (www.venetian.com), Palazzo (palazzo.com), Sands Bethlehem (pasands.com), Marina Bay Sands (www.marinabaysands.com), Venetian Macao (venetianmacao.com), Sands Macao (sandsmacao.com) and Holiday Inn Macao Cotai Central (sandscotaicentral.com).

All of the affected websites are currently showing "Undergoing Maintenance" message.

Sands Spokesperson told Associate Press that the company is working with law enforcement to find out the hacker behind this security breach.  The company couldn't say whether customers' card data had been compromised.