Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Websites Hacked. Show all posts

Cyberattacks Were Launched Against Government Sites of Both Russia and Ukraine

 

Following Russia's attack on Ukraine, the Kremlin's official website and several other major Russian government websites have gone offline. Currently, the websites to go offline include Kremlin (kremlin.ru), the official website of Russian President Vladimir Putin, the Russian Ministry of Defense, and the Russian Parliament's official website (aka the Duma). Although it is unclear whether these websites were taken down as a result of a cyberattack or a technical error. 

This comes just one day after a suspected hack took out a number of Ukrainian government websites. Ukraine is on the radar of cybercriminals, according to two cybersecurity organisations with a strong presence in the country, ESET and Symantec Threat Intelligence, which have revealed that the country's computer networks are being targeted with devastating data-wiper malware. 

According to an ESET assessment, the new data wiper malware has targeted hundreds of computer systems in Ukraine. In one example, it infiltrated the victim's device's Microsoft Active Directory server. The virus appears to have been created five hours before it was released into the world, implying that its code and operational infrastructure were likely already set up and ready to go. 

According to ESET's analysis, the malware employed in the attack was HermeticaWiper, which is typically distributed via Windows group policies. This suggests that attackers may have gained complete control of their target's internal networks. According to the organisation, the malware corrupts data by exploiting genuine drivers from a disk management utility, EaseUS Partition Master software. 

Furthermore, the Wiper binary is signed "using a code signing certificate issued to Hermetica Digital Ltd," according to ESET researchers. When the wiper is activated, it launches the EaseUS disk partition application and, if the data is corrupted, it reboots the machine. 

However, Stairwell's security researcher Silas Cutler noted that HermeticaWiper may access both local data and the master boot record part of the hard drive, preventing the computer from booting into the operating system following the device's forced reboot. This is comparable to the WhisperGate malware. 

Given the time-stamp data of one of the samples, this attack could have been in the works for two months. According to Symantec Threat Intelligence, the Wiper is followed by a distributed denial of service (DDoS) attack on a number of Ukrainian websites.

It should be noted that on February 16th, 2022, Ukrainian banks and government websites were also subjected to a series of DDoS attacks. The cyberattacks were blamed on Russia by the governments of the United Kingdom and the United States. The sites of Ukraine's Ministry of Foreign Affairs, Cabinet of Ministers, and Parliament were among those affected.

Websites Including Ixigo Hacked, Leaving 127 Million Accounts Exposed For Sale






Over 127 million accounts were broken into from around 8 separate websites. This is the doing of a hacker who’d stolen records of 620 million people before.

The travel booking site “Ixigo” seems to be one of the major victims from which records were stolen.

Allegedly, these infamous records include the users’ names, email addresses, passwords and other personal details.

According to a research, 18 million user records were wrested from Ixigo and around 40 million were stolen from YouNow which is a live-video streaming site.

1.8 million accounts were wrested from Ge.tt and 57 million records were snatched off from Houzz.

Hakcer’s listings showed that an antiquated “MD5” hashing algorithm was applied to “scramble” passwords which are otherwise easy to “unscramble”.

It was claimed by the hacker themselves that they had user records from mainstream sites like MyFitnessPal and Animoto with declaring number of records to be 151 million and 25 million respectively.

Bitcoin currency of $20,000 could now be used in exchange for databases which make life easier for hackers, from the Dream Market cyber-souk in the Tor network.

The price is pretty hacker-pocket friendly. The major target audience for the deal seem to be spammers and credential stuffers.

These credentials could further be used to hack into other sites and wrest other user details.

The victimized websites have started alerting their users about the hazard and it would only be fit for the users to stay vigilant about it all.