Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label UGNazi. Show all posts

UGNazi Hacker 'Cosmo the God' banned from the internet for 6 years


A 15-year-old hacker goes by the handle 'Cosmo the God' from UGNazi hacker group , Social Engineering mastermind, was sentenced by Long Beach, California juvenile court on Wednesday. He is banned from the internet for six years, until his twenty-first birthday.

As a member of the UGNazi hacker collective, the 'cosmo the god' took part in some of the most notorious hacks. The hacker group DDoS'ed government and financial sites including CIA, NASDAQ, ca.gov. They bypassed Google two step, hijacked 4chan’s DNS and redirected it to their own Twitter feed.

Cosmo is best known for his Social engineering attack. He gained access to user accounts at Amazon, PayPal, and a slew of other companies with social engineering attacks.

According to wired report, during these six years, he cannot use the internet without the prior consent of his parole officer. He is required to hand over all of his account logins and passwords. He must disclose in writing any devices that he has access to that have the capability to connect to a network.


Finally, Cosmo is prohibited from having contact with any members of UG Nazi or Anonymous, nor their associates, nor a list of "other individuals," .

Violate any of those terms will result in a three-year prison term.




Google's MarkMonitor account hacked by #UGNazi via Social Engineering


The well-known Hacker group UGNazi claimed that they gained access to the Google's MarkMonitor account.  According to their press release, hackers managed to reset the account via social engineering attack. 

"The agent that helped us reset the account should get some what of credit, she helped us alot on reseting Google's MarkMonitor account " hacker said in the press release.

"3 Days ago, We gained access into Google's registrar MarkMonitor, the following picture goes to show how no one is safe http://i.imgur.com/KDWja.png" The tweet from hackers account reads.

"i suggest you move to a more secure registrar. but then again, we are Social Engineering Gods." The statement clearly shows the group is strong in social engineering attacks. Earlier of this month, the group hacked the WHMCS via social engineering attack.

"So, this just goes to show, even Google can be Social Engineered. P.S. It was Google's Account Manager, Olga Was, so technically, we did Social Engineer Google. :)."Hacker said.

At the time of writing, there is no official statement made from Google or Mark Monitor about the hack.

Ray J site and Twitter account hacked by #UGNazi


UGNazi hackers group defaced official site of American singer, Ray J (www.rayj.com) and Razta.org site . They leaked the database belong to the Ray J website.

Hackers also hacked the Twitter account belong to Ray J(twitter.com/RayJ) and asks followers to visit their website(UGNazi.com).

 One of their tweet from the hacked account:

If you want a autographed album of RayJ Tweet "Check out http://UGNazi.com #UGNazi, & #UGNazi #Joshthegod #Cosmo #UGNazi"

and one more tweet that asks followers to re-tweet :

If this tweet gets 1000+ Rts i will make a porn video with @taylorswift13 http://UGNazi.com #UGNazi


Hackers leaked 300Mb+ data in rar file format that has been uploaded to cocksecurity (cocksecurity.com/rayj/Rayjcom.rar). The recent hack earns more followers for the UGNazi account.

CloudFlare hacked by UGNazi Hackers


 CloudFlare issued a statement admitting that hackers was able to access a customer's account and change that customer's DNS records.

“The attack was the result a compromise of Google's account security procedures that allowed the hacker to eventually access to my CloudFlare.com email addresses, which runs on Google Apps,” Matthew Prince , the co-founder and CEO of the company said in the statement.

“The password used on my personal Gmail account was 20+ characters long, highly random, and not used by me on any other services so it's unlikely it was dictionary attacked or guessed,” he added.

Surprisingly, all CloudFlare.com accounts use two-factor authentication. " We are still working with Google to understand how the hacker was able to reset the password without providing a valid two-factor authentication token."

After analyzing the incident, Google’s security team has determined that “a subtle flaw in the recovery flow” of certain accounts allowed the hackers to compromise the account.

This is where UGNazi steps in. The hackers claim that Prince and Google are both wrong.

“Nah. There’s no way you can social engineer a Google App. I don’t know what he was talking about. We did get in his emails though: matthew@cloudflare.com and mprince@gmail.com,” Softpedia quoted Cosmo, a member of UGNazi, as saying.

“We got into their main server. We could see all customer account information, name, IP address, payment method, paid with, user ID, etc. and had access to reset any account on CloudFlare,” Cosmo added.

Furthermore, the hackers plan on selling all the information they obtained on Darkode.

"the owner Matthew Prince thinks it’s secure. It’s obviously not, implying we got access into the main CloudFlare server today." The hackers stated as the reason for the attack.

UGNazi Hacker Cosmo Arrested After WHMCS Breach

Cosmo, one of the members of the UGNazi hacktivist group, has been arrested in connection to the breach that affected the website of the client management and billing solutions WHMCS.

On May 21, UGNazi gained unauthorized access to the systems of WHMCS and leaked around 1.7 gigabytes of data. At the time, Matt Pugh, the founder and main developer of the website, alerted the Federal Bureau of Investigations.

A few hours ago, other members of the collective found out that the FBI apprehended Cosmo.

“Last time was just questioning, but this time he’s actually being held. No other word from him,” one hacker told us.

“Well I’m sure he'll be out soon and back to work. He’s been arrested before so it’s nothing new to him. Basically WHMCS called in the feds and now it’s been 9 days into the investigation and they got one of us. But we left no tracks which is why I’m sure he will be out soon,” he added.

Also, he revealed that another member of the group, called Josh, hasn’t been online for the past couple of days.

Apparently, Cosmo was actually the one who social engineered Hostgator employees in order to get the access information to WHMCS systems.

In the meantime, law enforcement also seized the hacktivists’ website (ugnazi.com) and Cosmo’s Twitter account.

Ironically, one day before his arrest, Cosmo posted a picture with a message that read “Arrest one of us; two more appear. you can't arrest an idea.”

It will remain to be seen if he can get off the hook for a second time. However, the hackers seem to be determined to carry on their regular activities, a “huge release” being planned for the upcoming period.

[source]

UGNazi hacked WHMCS by Social Engineering attack

UGNazi hacke group have manage to break into the WHMCS, a company that provides billing and customer support tech to many web hosts . They leaked data and deleted all the files from the firm’s server.

The data leak contains 500,000 records including customer credit card details, username, passwords and IP addresses.

According to report, The hackers tricked WHMCS's own hosting firm into handing over admin credentials to its servers.

UGNazi also gained access to WHMCS's Twitter account, which it used to publicise a series of posts on Pastebin that contained links to locations from which the billing firm's customer records and other sensitive data might be downloaded.

"Following an initial investigation I can report that what occurred today was the result of a social engineering attack. The person was able to impersonate myself with our web hosting company, and provide correct answers to their verification questions," Matt Pugh, WHMCS founder and lead developer explained.

“And thereby gain access to our client account with the host, and ultimately change the email and then request a mailing of the access details. This means that there was no actual hacking of our server. They were ultimately given the access details.”

Hacktivists justified the attack by making unsubstantiated accusations that WHMCS offered services to shady characters, via an update to WHMCS's compromised Twitter feed:

Many websites use WHMCS for scams. You ignored our warnings. We spoke louder. We are watching; and will continue to be watching. #UGNazi

After the incident, WHMCS reported the breach on its systems to the FBI.

Government of Anguilla Hacked By #UGNazi Hackers Team

The Hackers group "UGNazi", break into the Government of Anguilla website (www.gov.ai).  The attack carried out and announced by @UG.

Hacker dumped the database details in the pastebin(http://pastebin.com/Bm46PQZL).

The leaked data contains server/network information and contains user and administration details including email id, username, encrypted passwords.

The user accounts appear to belong to different divisions of the government as well as some other sites and providers as well.



"By trusting any government is the same as working for the CIA for the USA, We distrust every form of government in the world." – UGNazi Hackers said.

Hackers also claimed in the twitter that cia.gov and visa.com is down.

CIA site take down by UGNazi Hackers group

Hackers part of UGNazi group launched DDOS attack against CIA.gov site , results in both websites are inaccessible now.

Initially ,some anonymous member take credit for the Cyber attack by tweeting "CIA Tango Down", but later it admitted UGNazi had instead brought down the site.

"since #anonymous tryed to take credit for tango down'in http://cia.gov , we have stopped attack and oh look now its up! #UGNazi" UGNazi group tweet says.

Hackers again attacked the and bring down the site.  At the time writing, both cia.gov is inaccessible.

@ThaCosmo, the member of UGNazi said the group has also compromised a notice sent out by the FBI Assistant Director in Charge Janice K. Fedarcyk to Field Offices.  They leaked the details in pastebin.

"all will be well aware of the brutality in individual privacy that will come after CISPA is implemented by the Government. And this is the exact reason for all these online protests that are on large today. We are fighting for the common people and to protect their privacy, to protect them from the prying eyes of the corrupt government." Hacker said.