Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Government websites hacked. Show all posts
Ukraine
America Anonymous Cyber Security CyberWar Government websites hacked Killnet Russia Russian Hackers russian media Ukraine

The Russian Hacker Group Killnet Took Down the Anonymous Website

 

The Russian hacker group Killnet said that they took down the Anonymous website "anonymoushackers[.]net" and called on Russians not to believe the Internet fakes and to stay calm. Killnet's appeal was published on one of its Telegram channels on Tuesday, March 1. 

According to the hacker group, "the Internet is full of fake information about hacking Russian banks, attacks on the servers of Russian media and much more. All this has no danger to people. This "information bomb" carries only text. And no more harm. Don't give in to fake information on the Internet. Do not doubt your country". 

Hackers blamed the events in Ukraine on the country's President, Vladimir Zelensky, as well as American leader Joe Biden. The leaders of the EU countries, as they say in the appeal, are following the lead of the United States. 

 According to independent verification done by CySecurity News, there is no official website for Anonymous Group. 

Russian hackers said that they had already disabled the website of the Anonymous group, along with the website of the Right Sector banned in the Russian Federation. The Anonymous hacker group declared a cyberwar on Russia and claimed responsibility for a hacker attack, for example, on the RT website. 

On February 28, the websites of Izvestia, TASS, Kommersant, Forbes, Fontanka, Mela, E1, Buro 24/7, RBC, Znak.Com and other Russian media were hacked. On the same day, massive DDoS attacks were launched against websites of the Crimean government and authorities. Hackers used a botnet with IP addresses mostly located in North and South America, Taiwan, and a number of other countries. 

On February 26, the Ministry of Information reported that users of the public services portal may face difficulties when working with the services of the site due to cyberattacks. At the same time, the department clarified that the personal data and information of citizens are reliably protected. On the same day, the administration of the President of the Russian Federation reported regular cyberattacks on the Kremlin's website. Moreover, Russian Railways reported that the company's website is subject to regular serious DDoS attacks. 

Earlier, Information security expert Nenakhov told what danger Anonymous hackers pose to Russia. According to him, DDoS attacks are the easiest thing that can happen. Government websites, government online services such as Gosuslugi, email, social media accounts of politicians, websites, and the IT infrastructure of state banks and defense companies are relatively more vulnerable to attacks.


Read more »
Servers hacked
Government Government websites hacked Lake County servers Servers hacked

Lake County government shuts down servers after ransomware attack

After the massive cyberattack in Texas, officials from Lake County, Illinois revealed on Friday, August 23 that the county has been hit by a cyberattack that forced the shutdown of email service and several internal applications.

The officials also mentioned that the breach came in the form of ransomware, which is a type of malware that prevents users from accessing their system or personal files and demands a ransom payment in order to regain access.

Mark Pearman, director of county's information technology office said that on Thursday, August 22, the IT staff was installing cybersecurity software on 3,000 individual employee laptops and working on the process to remove the ransomware malware from 40 county servers.

The ransomware attack was first noticed by systems administrators on Thursday and to prevent it the IT staff started taking encrypted and unencrypted servers off the network.

However, the official clarified that there was no evidence of data theft from county servers and restoring the systems will take the entire week and more information about the attack will be known by Monday, August 26.

As reported, the IT department is working with the county's cybersecurity contractor, Crowdstrike to conduct a damage assessment. This process includes scanning of all the servers, almost 3,000 computers to determine those infected by the ransomware.

Almost a month ago, LaPorte County, Indiana also suffered a similar breach and the authorities paid a ransom of $132,000 worth of Bitcoins to the hackers to restore the access to affected systems.

Another ransomware hit 22 Texas town governments and recently Louisiana was also forced to declare a state of emergency after some of its school districts' networks were hacked. Now, Texas' 22 town government has become the victim of ransomware.

After all these events, National Guard Chief Gen Joseph Lengyel called the events a "cyber storm." He also mentioned that these multi-state cyber attack reiterates the need for more standardized policies and training for cyber units across the force.
Read more »
Hacking News
Government websites hacked Hacking News

Elliot Alderson(FSociety) hacks BSNL


Elliot Alderson sends information of vulnerabilities he found on BSNL. he released this from his twitter handle "fs0c131y".

It looks like he has found multiple vulnerabilities like sql injection, ransomware attacks on two servers and broken authentication. he claims some of these vulnerabilities were reported by another hacker in India 2 years back and BSNL did not respond back.

It is unclear if this hacker passed on some of the vulnerabilities to "Elliot Alderson"

According to the hacker, "You will find multiple issues with different level of severity. All these issues have been reported to BSNL via Twitter. I discussed with @BSNLCorporate and a member of their IT team. They acknowledged the issues and fixed them".

It is very interesting to note, BSNL has talked to the hacker and worked on their issue and patched/fixed/taken down some of these site. Most of the vulnerabilities have been addressed.Contrary to the claims, BSNL action has been proactive.


The same hacker had earlier identified vulnerabilities in multiple website like Indian express, aadhar, punjab police and Bangalore police.

It is unclear if law enforcement agencies have registered cases to pursue the hackers.

"Law enforcement agencies can take action if the affected parties register compliant", says a senior law enforcement officer.

According to a Mumbai based IT security company , "we believe the intrusion are from hackers in india(who may have used vpn and tor) to hide their identity, If the hackers only wanted to expose vulnerabilities, they should work with penetration testing company who are CERTIN Empaneled. They will earn out of this exercise".

Another IT Security Company who worked for close to 20 years in information security says, "This is work of a script kiddie. BSNL security was like 0/10 and this guys skill is 1/10."


Read more »
Hacking News
Government websites hacked Hacking News

Ministry of External Affairs thanks hacker for Inputs on Vulnerabilities


Kapustkiy, the hacker who hacked into 7 Indian Embassies and also hacked into Indian embassy in New York wrote to E Hacking News. In exclusive email he says he was in for a surprise when a senior Indian government official sent him an email.

Kapustkiy claims "They have started to fix everything one by one, and thanks all media for the support", he claims he had no malicious intent and only wanted to show that these vulnerabilities existed. He resorted to posting on pastebin only because the Embassy Officials did not respond to him.

Kapustkiy sent a screenshot of email(to E Hacking News), he received from the joint secretary in MEA. The Senior MEA officially has appreciated kapustkiy's efforts to bring forth the vulnerabilities. He requested the hacker not to post further hacks into pastebin. 

Kapustkiy was pleasantly surprised by this email from Ministry of external affairs.

"Corporate India should learn from this incident, how Government of India has responded to such an incident where they appreciate the hacker and take steps to fix the vulnerabilities. Most Indian corporates cover up security breaches in India, maybe they should take a page from the Indian Government" says J Prasanna, Director, Cyber Security and Privacy Foundation Pte Ltd.
Read more »
Hacking News
Government websites hacked Hacking News

Seven websites of Indian Embassy hacked, database leaked




Seven domains of Indian Embassy in Europe and Africa has been hacked and published by Kapustkiy & Kasimierz L on Pastebin.com (http://pastebin.com/GqJcwSSc).

The countries where Indian Embassy got affected are South Africa, Libya, Italy, Switzerland, Malawi, Mali, Romania.

Indian Embassy in South Africa (http://www.hcisouthafrica.in/)  was the first one to be hacked.  The hackers published the admin login detail and password, other than that they also published the whole database containing the name, passport number, email-id and their phone numbers. The published data contains 161 entries, and the database contains 22 tables.

While the  Indian Embassy in Bern was the second target (http://indembassybern.ch/) and it contains 3 databases with 19 tables with total 35 entries, and login details with passwords. The compromised data includes the name, last name, email id, address, college, and a course where students are enrolled.

The third country that got affected is Italy. The hackers hacked three databases with 149 entries, including the name, email-id, telephone numbers, and their passport numbers. Here also the affected are the students.

In Libya also the Indian embassy's three databases were hacked with 24 tables and 305 entries. While High Commission of Mali was the least affected by this hack, with 14  entries and 16 tables.

The Indian Embassy in Malawi hacked database contains the 74 entries with 16 entries, including their name, email-id, and their mother name. The Romanian Embassy saw the hack of two databases with 139 entries and 42 entries separately with their passport numbers.

When E Hacking News contacted the hacker, he clarified that "I am from Netherlands. I've found several SQL on their website and I reported it.But they ignored me so I dumped there db" - says hacker on email.
Read more »
Malware Report
Government websites hacked Malware Report

Brazil Government website hacked, redirected to malicious website

malicious javascript

Security Researcher at F-Secure has spotted a piece of malicious code injected in the official website of the City of Franca in São Paulo, Brazil(franca.sp.gov.br).

Hackers managed to place a malicious javascript code in one of the javascript file which loads malicious flash object.  The flash object redirects visitors to a malicious domain.

Researcher didn't specify what exactly served in the malicious domain.

The website using outdated joomla version(1.5), Cybercriminals might have exploited any known vulnerabilities.  According to researchers, this is not the only Brazil government website using outdated CMS.

F-Secure has contacted the Brazil's  Computer Security and Incident Response Team - CTIR Gov and informed about the incident.
Read more »
Government websites hacked
Breaking News Defaced Website Dr.SHA6H Government websites hacked

Kerala Government websites hacked by Syrian Hacker 'Dr.SHA6H'

A Syrian Hacker using online handle 'Dr.SHA6H' who is known for his Government websites' hack, now started targeting Indian Government websites. Today, he hacked into a number of Indian Government sites and left them defaced.

The hacker claiming he is a Syrian who does not accept "the Syrian regime's actions of murder, rape and destruction with the support of most of the countries". He wants to save Syria from Hell.

Though it is still in question why he targeted Indian government, he left a message related to Syria in the defacement.

"Today, after looking at what faces ( Syria ) note most of the countries in the world do not want help Syria. There are a lot of countries all over the world enter the irrational intervention in the problems of other countries such as the
United States intervened in the problem ( Osama bin Laden ) Why .. !?" The defacement message reads.


"Now, America and other countries do not interfere in the problem of Syria Is
there an international interest with ( Bashar al-Assad ) .. !? Or economic interest
or is a political interest ( We do not understand ) .. We want answer all the countries of the world, there are children dying, women raped and houses destroyed."


 
The affected Indian sites are belong to the Kerala State Government websites.  The list of hacked websites are INSIGHT(insight.kerala.gov.in), Kerala State Blood Transfusion Council(blood.kerala.gov.in), Thiruvananthapuram Medical College(tmc.kerala.gov.in), Kerala State Planning Board(spb.kerala.gov.in).

The other affected sites are :
  • Right to Education Kerala(rtekerala.gov.in)
  • Thiruvananthapuram(trivandrum.gov.in)
  • Fisheries Network Information System(fishnetkerala.gov.in)
  • Ombudsman For LSGI Kerala (ombudsmanlsgiker.gov.in)
  •  Farm Information Bureau(fibkerala.gov.in)
  • Arogyakeralam National Rural Health Mission Kerala Web Portal (arogyakeralam.gov.in), sevana.gov.in
Read more »
Indian Hackers
Cyber Attacks Government websites hacked hacker news Indian Hackers

Pakistan Army website and Facebook fan pages hacked by Indian Hacker


If you are regular reader of EHN , you know that this is not the first time the Pakistan Army website is under cyber attack.  Once again Indian hacker "Godzilla" breached the Pakistan Army website.

Speaking to E Hacking News, the hacker said that he hacked into "pakistanarmy.gov.pk" and left a malicious PDF file disguised as a magazine.


The admin clicked the PDF exploit which results in his computer is infected with malware.  It allowed the hacker to compromise the facebook fan pages.

The following Facebook fans pages deleted by the hacker : Pakistan Army Official Facebook Page (www.facebook.com/OfficialPakArmy)  Pakistan Army Officers Club Facebook Page (www.facebook.com/fb.paoc), Pakistan Army Fan Facebook Page(www.facebook.com/pakarmyfanpage).

He claimed the admin removed the login page of CMS used by the website but failed to remove the backdoor.

"Now no more deals, if you can fire then we can bombard  You are punished for breaking ceasefire we are coming for you." Hacker stated as reason for the cyber attack.

The website and facebook pages has been recovered at the time of writing.  It also appears the admin of the facebook pages blocked India from accessing the pages.

You can find more proof and details about the hack here:
http://pastebin.com/3jkp6k2e
Read more »
Subscribe to: Posts (Atom)