Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Hacktivists. Show all posts
MTC
Artificial Intelligence Cyber Attacks CyberCrime Cyberhackers Cybernetworks Cybersecurity CyberThreat Hacktivists Military Intelligence MTC

Ukrainian Hackers Launch Coordinated Cyber Offensive on Russian Networks

 



Ukrainian military intelligence agents operated a mass cyberattack on Russian Internet providers on August 24 that disrupted the online platforms of dozens of industrial facilities in Russia, according to a source with the Kyiv Independent, who was authorized to speak on the matter. During the recent cyber attack, there were at least 33 servers and 283 computers in offices at industrial facilities that were affected, 21 websites that have been taken offline and 15 cloud-based storages that have been destroyed. An online source has reported that the Ukrainian hackers have also left pro-Ukrainian messages on the affected platforms. 

Users in Russia have complained that they have had issues with Rostelecom, one of the world's largest digital service providers, and they have described poor Internet connections at MTC and Beeline, as well as Yandex, an international technology company and its services. A Russian source told the newspaper that platforms hit by cyberattacks in the past support and finance Russia's war against Ukraine. 

According to the Telegram messaging app published by Solntsepyok, a group of activist hackers and "hacktivists" who exercised control at Kyivstar, launched the cyberattack and published screenshots that appear to support their claim that they had accessed the network. In the past few months, Russia has denied being responsible for such cyberattacks on several occasions. According to a statement released by Ukraine's State Service of Special Communications and Information Protection (SSSCIP), this incident is being investigated along with the domestic intelligence agency SBU, which is responsible for spreading intelligence across the country. 

It is also believed that many industrial facilities, which support the Russian military-industrial complex, were attacked, as well as dozens of services belonging to the facilities. Hackers from Ukraine have been targeting the network infrastructure of factories and companies that produce equipment for Russian law enforcement agencies, aircraft, and helicopter components, as well as other hardware and software used in producing those products, such as servers and processors. Several Russian Internet providers, including Mail.ru, one of the most used and most popular Russian portals, have been attacked, putting their cloud and file storage services at risk. 

This attack affected at least two dozen websites owned by companies whose products include lighting equipment and diesel power plants as well as hosting providers and ballistic protection products. In 2022, the Russian invasion of Ukraine on a full scale began, and since then, Ukrainian hackers have regularly attacked Russian online platforms. There was a large-scale cyberattack that took place in late June, which caused at least 250,000 consumers to lose access to the internet in Crimea and other Russian-controlled territories, according to a military intelligence source quoted in the Kyiv Independent. 

In the June attack, the impacted infrastructure was shared by consumer networks and operators of the occupied territories that used the impacted infrastructure. According to the HUR report, Russian providers called it "the most powerful DDoS attack they had ever experienced to date". In July of this year, the Ukrainian military intelligence agency conducted a cyberattack against the Russian banking system, striking several top banks in the process. The attack was caused by the freezing of the Russian banks, so users of the Russian banks were not able to withdraw cash, and when they tried to use an ATM, they were blocked immediately from using their debit or credit cards.
Read more »
OpenAI
Anonymous Sudan ChatGPT Cyber Attacks DDoS DDOS Attack Hacktivists OpenAI

OpenAI Reveals ChatGPT is Being Attacked by DDoS


AI organization behind ChatGPT, OpenAI, has acknowledged that distributed denial of service (DDoS) assaults are to blame for the sporadic disruptions that have plagued its main generative AI product.

As per the developer’s status page, ChatGPT and its API have been experiencing "periodic outages" since November 8 at approximately noon PST.

According to the most recent update published on November 8 at 19.49 PST, OpenAI said, “We are dealing with periodic outages due to an abnormal traffic pattern reflective of a DDoS attack. We are continuing work to mitigate this.”

While the application seemed to have been operating normally, a user of the API reported seeing a "429 - Too Many Requests" error, which is consistent with OpenAI's diagnosis of DDoS as the cause of the issue.

Hacktivists Claim Responsibility 

Hacktivist group Anonymous Sudan took to Telegram, claiming responsibility of the attacks. 

The group claimed to have targeted OpenAI specifically because of its support for Israel, in addition to its stated goal of going against "any American company." The nation has recently been under heavy fire for bombing civilians in Palestine.

The partnership between OpenAI and the Israeli occupation state, as well as the CEO's declaration that he is willing to increase investment in Israel and his multiple meetings with Israeli authorities, including Netanyahu, were mentioned in the statement.

Additionally, it asserted that “AI is now being used in the development of weapons and by intelligence agencies like Mossad” and that “Israel is using ChatGPT to oppress the Palestinians.”

"ChatGPT has a general biasness towards Israel and against Palestine," continued Anonymous Sudan.

In what it described as retaliation for a Quran-burning incident near Turkey's embassy in Stockholm, the group claimed responsibility for DDoS assaults against Swedish companies at the beginning of the year.

Jake Moore, cybersecurity advisor to ESET Global, DDoS mitigation providers must continually enhance their services. 

“Each year threat actors become better equipped and use more IP addresses such as home IoT devices to flood systems, making them more difficult to protect,” says Jake.

“Unfortunately, OpenAI remains one of the most talked about technology companies, making it a typical target for hackers. All that can be done to future-proof its network is to continue to expect the unexpected.”  

Read more »
Threat actors
critical infrastructures Cyber Attacks Cyber Warfare Data Hacktivists Israel-Palestine tensions Safety Security Threat actors

Pro-Palestinian Hacktivists Reportedly Employ Crucio Ransomware

 

In a recent development, a newly emerged pro-Palestine hacking collective identifying itself as the 'Soldiers of Solomon' has claimed responsibility for infiltrating more than 50 servers, security cameras, and smart city management systems located within the Nevatim Military area.

According to the group's statement, they employed a ransomware strain dubbed 'Crucio,' hinting at a possible utilization of Ransomware-as-a-Service. Additionally, they assert to have gained access to an extensive cache of data amounting to a staggering 25 terabytes.

In an unconventional public relations move, the Soldiers of Solomon disseminated this information via email to multiple threat intelligence firms, including Falconfeeds, alongside other influential entities actively engaged on Twitter.

To substantiate their claims, the group supplied visual evidence obtained from the breached CCTV systems, as well as images showcasing altered desktop wallpapers bearing their statement, as per Falconfeeds.

The year 2023 has witnessed a resurgence of hostilities between Israel and Palestine, culminating in a full-scale armed conflict. The longstanding discord between the two nations, which traces back to the early 20th century, has witnessed significant escalations since 2008. 

Reports indicate that while the 2014 conflict was marked by unprecedented devastation, the 2023 altercation raises concerns about an even higher casualty count.

The conflict zone in Gaza has become a focal point for retaliatory strikes from both hacktivist groups and Threat Actors (TAs), a trend anticipated given similar patterns observed since 2012. 

Cyberattacks have increasingly become complementary strategies within the context of contemporary warfare, a phenomenon noted even prior to the onset of the Russia-Ukraine conflict in early 2022.

Additionally, Cyble Research & Intelligence Labs (CRIL) has been meticulously curating intelligence amidst the fog of cyber-attacks, monitoring the activities of hacktivists and various threat actors to discern noteworthy developments in the cyber theatre. They have observed a diverse array of malicious techniques being employed by hacktivists and threat actors to exploit vulnerabilities in critical infrastructures and disrupt their operations.
Read more »
Source Code
Cyberint Data Breach Fanap GhostSec Hacktivists Iran government Iranian Surveillance Software Source Code

GhostSec: Hacktivist Breach Iranian Surveillance Software


Hacking group GhostSec confirmed that they have taken down Fanap Behnama – Iran’s privacy-invading software – and also mentioned details of its surveillance capabilities. 

Apparently, GhostSec exposed 20GB of data that involved source code relating to face recognition and motion detection systems of the Iranian software company – Fanap – which is appointed as a comprehensive surveillance system by the Iranian government, monitoring its citizens.

Following the confirmation, GhostSec revealed the intentions of making the data public and has also made a telegram channel ‘Iran Exposed’ to share further information about the breach. It says it is planning to share pieces of the Behnama code, along with various components including configuration files and API data, and that after all the data has been uploaded, detailed explanations will be given.

"This is not about technology and software, it's about the privacy of the people, civil liberties and a balance of power[…]Also publishing the source code for the public presenting this Fanap's lovely AI face recognition and various other privacy invading features and tools. We're simply making the fight a bit more equal," says GhostSec.

The group claims to have found equipment for facial recognition-based video surveillance, utilized in the Pasargad Bank Car GPS and tracking system, as well as a car numberplate identification system—which may have an impact on hijab alerts—and a facial recognition system used for producing ID cards.

Additionally, it claims that the Single Sign-On (SSO) platform, which the regime uses for online user authentication, is connected to the Fanap system. According to cybersecurity firm Cyberint, "This integration compiles intricate aspects of citizens’ lives, not only to determine access privileges for services but also to construct a virtual profile for facial recognition.”

"The group maintains that this evaluation is rooted in the software code, substantiating indisputable evidence of the software’s capabilities and deployment," adds Cyberint. 

GhostSec initially claimed responsibility for taking down the fanap-infra.com website but later disclosed that a different website connected to the Fanap software company was only accessible within Iran. In addition, the company's primary GitHub repository was made private, probably in response to the GhostSec attack. "That mean[s], they are scared. That mean[s] it's time to hit harder," GhostSec said.

Read more »
User Privacy
Botnet Dark Web Data Breach Hacktivists Misinformation Phishing Attacks Russia-Ukraine War SSU User Privacy

30 Million Data Theft Hacktivists Detained in Ukraine

The Security Service of Ukraine's (SSU) cyber division has eliminated a group of hackers responsible for the data theft or roughly 30 million people. 

According to SSU, its cyber branch has dismantled a group of hacktivists who stole 30 million accounts and sold the data on the dark web. According to the department, the hacker organization sold these accounts for about UAH 14 million ($375,000). 

As stated by the SSU, the hackers sold data packs that pro-Kremlin propagandists bought in bulk and then utilized the accounts to distribute false information on social media, generate panic, and destabilize Ukraine and other nations. 

YuMoney, Qiwi, and WebMoney, which are not permitted in Ukraine, were used by the group to receive funds.The police discovered and seized many hard drives containing stolen personal data, alongside desktops, SIM cards, mobile phones, and flash drives, during the raids on the attackers' homes in Lviv, Ukraine. 

By infecting systems with malware, fraudsters were able to gather sensitive data and login passwords. They targeted systems in the European Union and Ukraine. According to Part 1 of Article 361-2 of the Ukrainian Criminal Code, unauthorized selling of material with restricted access, the group's organizer has been put under investigation.

The number of people detained is still unknown, but they are all charged criminally with selling or disseminating restricted-access material stored in computers and networks without authorization. There are lengthy prison terms associated with these offenses.

The gang's primary clients were pro-Kremlin propagandists who utilized the stolen accounts in their destabilizing misinformation efforts in Ukraine and other nations.

The SSU took down five bot farms that spread misinformation around the nation in March and employed 100,000 fictitious social media profiles. A huge bot farm with one million bots was found and destroyed by Ukrainian authorities in August.

The SSU discovered two further botnets in September that were using 7,000 accounts to propagate false information on social media.

Malware producers are frequently easier to recognize, but by using accounts belonging to real people, the likelihood that the operation would be discovered is greatly reduced due to the history of the posts and the natural activity.






Read more »
Pinoy Vendetta
Breaking News Defaced Website Hacktivists Pinoy Vendetta

PC World Philippines website hacked by Pinoy Vendetta


Users who try to access the PC World Philippines website have been invited with a pop up message "Security Breach".  The message followed by another pop up message "Hello Admin" and "Please Fix your System".

Following the pop-up messages, you will be redirected a page "pcworld.com.ph/4nti.php" where it displays the "Pinoy Vendetta into your System.  Testing the Security".

Pinoy Vendetta is a Philippines hacktivists group which is reportedly created by two hackers named 'Hitman' and '4ntipatika' . 

At the end , the page displays the following message : "Sorry, You have been hacked by 4ntipatika". At the time of writing, we are still able to see the defaced page.



The news was first reported by local hacking news reporting site Pinoy Hack News.  However, the hackers didn't mention about the hack in their official facebook page.

Read more »
OpTurkey
Anonymous Hackers Anonymous hacktivists Breaking News Database Leaked Hacktivists OpTurkey

#OpTurkey - Fox Turkey & VodaSoft hacked by Anonymous

Anonymous hacktivists continue their cyberattack against Turkey.  Today, they have breached Fox turkey and Vodasoft Call Center Solutions websites.

The security breach is part of the ongoing operation "#OpTurkey" which was kicked off in response to the government's violent attempt to suppress Turkish protests.

Unfortunately, the Government fails to know the violence against protesters will get the attention of Internet activists.

Hackers leaked more than thousands data from the Fox Turkey website(fox.com.tr) which contain ip address, email ids and name : http://nopaste.me/paste/208744166651b10f0ba7d44

The Vodasoft's leak comprise of username, email address, name and password details :http://nopaste.me/paste/126630249651b1068f3ee4c

Recently hacktivists breached the Prime minister website, Ministry of Interior and more Turkey websites as part of the operation.
Read more »
OpTurkey
Anonymous Hacker Breaking News Hacktivists OpTurkey

#OpTurkey: Hacktivists hit Turkey with massive Cyber attack


Turkey suffers massive cyber attack after several hacktivists started to participate in the ongoing hacking operation against Turkey government.  "#OpTurkey",the operation was launched in retaliation to the violent police response against protesters.

A hacker group from Turkey named TurkHackTeam has claimed to have breached ofmuftulugu.gov.tr and Mufti COUNTY CERKES (cerkesmuftulugu.gov.tr).

The group leaked some info from the server  :
 1.http://pastebin.com/pF93F7Uf
 2. http://pastebin.com/CcGuBD9H

Even Syrian Electronic Army who usually target western media participated in the operation and breached Turkish Prime Minister(PM) and Turkish Ministry of Interior websites.

 The group left a message on the defacement page: "Syria and Turkey are one. We salute Turkey's brave protesters"
Read more »
NullCrew
Database hacked Database Leaked Hacktivists NullCrew

United Nations , Wasatch and Wisconsin University data leaked by Nullcrew

The NullCrew hacktivist come with third zine as part of their operation called "Fu**TheSystem". Hackers claimed to have compromised data from the United Nations website(UN.org), Microsoft Partner Wasatch(Wasatchit.com) and Wisconsin Universety.

"We here at NullCrew believe in non-censorship, and have noticed something. We have noticed that the government will never change their ways, they simply refuse to. No matter how much violence they cause, no matter how many times they refuse to admit their wrongs. No matter how many times they have denied documents for being factual. Even better, they REFUSE TO LET THEIR PEOPLE BE FREE! " The hacker said .

" America, you have been a primary target for activists, and hacktivists alike.

The true freedom fighters whom prove you wrong, you censor us; lock us away in prisons. You take away our freedom of speech, if the world relied on things such as free-source. The world would be a less corrupt place. Sadly, that won't happen anytime soon; as long as people from the system are greedy!"

The database leaked from UN contains username, passwords and IP addresses of users.

The Wasatch dump contains username, password and email address details. Wordpress users and Passwords were included. The dump also contains database details of Wisconsin University.

The leak:
http://pastebin.com/CcUJf8Hx
Read more »
IT Security News
Anonymous Hackers EHN hacker news Hacktivists IT Security News

Anonymous #AutumnStatement to the tax avoiding rich and corrupt politicians



The Anonymous hacktivists have hacked into a number of websites and defaced them with "Autumn statement" to the tax avoiding rich and corrupt politicians.

The list of hacked websites includes SABA Consulting(sabaconsulting.eu) ,Maxwells Spanish Holiday Villas (maxwellsvillas.com), EF Medispa (efmedispa.com), Arena Wealth(arenawealth.com)



"While the UK continues to demonise and punish the poor, the sick and the unemployed for the corruption of the financial and political systems, we would like to remind all of the British tax-avoiding Monaco dwellers, the super-rich and politicians that:

We are watching you.

You will be held accountable for your greed.

Expect Us." The defacement page reads.

At the time of writing , most of the sties still displays the defacement message. After few minutes, users are being redirected to The defaced page redirects to HM Revenue and Customs website(hmrc.gov.uk).


Read more »
UGNazi
Breaking News DDOS Attacks Hacktivists UGNazi

CIA site take down by UGNazi Hackers group

Hackers part of UGNazi group launched DDOS attack against CIA.gov site , results in both websites are inaccessible now.

Initially ,some anonymous member take credit for the Cyber attack by tweeting "CIA Tango Down", but later it admitted UGNazi had instead brought down the site.

"since #anonymous tryed to take credit for tango down'in http://cia.gov , we have stopped attack and oh look now its up! #UGNazi" UGNazi group tweet says.

Hackers again attacked the and bring down the site.  At the time writing, both cia.gov is inaccessible.

@ThaCosmo, the member of UGNazi said the group has also compromised a notice sent out by the FBI Assistant Director in Charge Janice K. Fedarcyk to Field Offices.  They leaked the details in pastebin.

"all will be well aware of the brutality in individual privacy that will come after CISPA is implemented by the Government. And this is the exact reason for all these online protests that are on large today. We are fighting for the common people and to protect their privacy, to protect them from the prying eyes of the corrupt government." Hacker said.
Read more »
Subscribe to: Posts (Atom)