Archive for the ‘CyberChaos’ Category

Millions hit in South Korean hack

Friday, July 29th, 2011

South Korea has blamed Chinese hackers for stealing data from 35 million accounts on a popular social network.

The attacks were directed at the Cyworld website as well as the Nate web portal, both run by SK Communications.

Hackers are believed to have stolen phone numbers, email addresses, names and encrypted information about the sites’ many millions of members.

It follows a series of recent cyber attacks directed at South Korea’s government and financial firms.

Details of the breach were revealed by the Korean Communications Commission.

It claimed to have traced the source of the incursion back to computer IP addresses based in China.

Wave of attacks

The Nate portal gives people access to web services such as email while the Cyworld social site lets people share images and updates with friends and allows them to create an avatar that inhabits a small virtual apartment.

Like many other nations, South Korea has suffered a spate of hacking attacks in recent months. One incident in April targeted a government-backed bank.

A month later, data on more than 1.8 million customers was stolen from Hyundai Capital.

Government ministries, the National Assembly, the country’s military HQ and networks of US Forces based in Korea were also hit.

Earlier this year, the South Korean government drew up a cyber security plan in an attempt to thwart the attackers.

– More…

Hackers hit Italian cyber-police

Thursday, July 28th, 2011

Hackers have started to release gigabytes of secret documents stolen from an Italian cybercrime unit.

The 8GB of files has allegedly been taken from the network of the Italian CNAIPIC which oversees the country’s critical IT infrastructure.

In a message announcing the release, the Anonymous hacker group said it received the files from a “source”.

The attack on CNAIPIC is thought to be in retaliation for arrests of Italian members of Anonymous.

Links to the first few confidential files purportedly stolen from CNAIPIC were placed on the Pastebin website. Anonymous claims the files were taken from the evidence servers of CNAIPIC (National Computer Crime Centre for Critical Infrastructure Protection).

The documents include information about government offices such as Australia’s Ministry of Defence and the US Department of Agriculture as well as data about private firms Gazprom, Exxon Mobil and many others.

Preview images also shared by Anonymous reveal the management structure of CNAIPIC, pictures of staff and a long list of all the documents that have been taken.

CNAIPIC has yet to respond to requests for comment.

Officers from Italy’s cybercrime division carried out a series of raids on homes of suspected Anonymous members in early July. Three people were arrested as a result.

– More…

Hackers seize PayPal UK Twitter account

Friday, July 15th, 2011

Hackers seized control of a PayPal Twitter feed for more than an hour on Tuesday, then sent out messages criticizing the payment processor in the second attack of its type in two days.

The hijacking of the PayPalUK Twitter feed came a day after hackers took control of a Fox News feed for more than five hours, then sent false tweets saying that U.S. President Barack Obama had been shot dead.

In PayPal’s case, the attackers sent out messages promoting paypalsucks.com, a site devoted to what it says is “exposing the nightmare of doing business ‘the PayPal way.'”

The Tweets were removed within a few hours of the hijacking. “Sorry, the profile you are trying to view has been suspended,” Twitter said on its page for the PayPalUK feed.

– more…

Pentagon admits suffering major cyber attack in March

Friday, July 15th, 2011
hacking

hacking

The Pentagon has admitted it suffered a major cyber attack in which thousands of files were taken by foreign hackers.

Deputy Defence Secretary William Lynn said that in a March attack and other breaches, hackers had taken information on “our most sensitive systems”.

The admission came as the Pentagon rolled out a strategy for strengthening US cyber capabilities and addressing threats and attacks in cyberspace.

The plan would treat cyberspace in a similar manner to land, air and sea.

“In the 21st Century, bits and bytes can be as threatening as bullets and bombs,” Mr Lynn said, unveiling the plan.

In a speech at National Defense University in Washington, Mr Lynn said about 24,000 files containing Pentagon data were stolen from a defence industry computer network in March, marking one of the largest cyber attacks in US history.

– more…

Exclusive first interview with key LulzSec hacker

Friday, July 8th, 2011

It was early May when LulzSec’s profile skyrocketed after a hack on the giant Sony corporation. LulzSec’s name comes from Lulz, a corruption of LOL, often denoting laughter at the victim of a prank. For 50 days until it disbanded, the group’s unique blend of humour, taunting and unapologetic data theft made it notorious. But knowing whether LulzSec was all about the “lulz” or if it owed more to its roots as part of Anonymous – the umbrella group of internet subculture and digital activism – was pure speculation. Until now.

Who is “Sabu”?
I’m a man who believes in human rights and exposing abuse and corruption. I generally care about people and their situations. I’m into politics and I try my best to stay on top of current events.

We’ve seen you cast as everything from the greatest of heroes to the most evil of villains. How would you characterise yourself?
It is hard for me to see myself as either. I am not trying to be a martyr. I’m not some cape-wearing hero, nor am I some supervillain trying to bring down the good guys. I’m just doing what I know how to do, and that is counter abuse.

What was your first experience with “hacktivism”?
I got involved about 11 years ago when the US navy was using Vieques Island in Puerto Rico as a bombing range for exercises. There were lots of protests going on and I got involved in supporting the Puerto Rican government by disrupting communications. This whole situation was the first of its kind for the island and the people didn’t expect things to go that route. Eventually, the US navy left Vieques.

How did you get involved with Anonymous?
When I found out about what happened to Julian Assange, his arrest in the UK and so on, I found it absolutely absurd. So I got involved with Anonymous at that point.

– More…

Hacker group Anonymous declares war on Orlando, Florida

Friday, July 8th, 2011

The hacker group Anonymous has taken down a US tourism website in Orlando, Florida as a protest against the arrests of people handing out food to the city’s homeless.

Anonymous said the attack on orlandofloridaguide.com was retaliation for the arrest of members of the group Food not Bombs.

The website, which is not owned by the city, went offline for part of Tuesday.

Anonymous rose to prominence by hacking the sites of major corporations.

Anonymous is often seen as a political collective and has pledged to take action against those its members view as acting improperly.

They have been linked to several high-profile web attacks, including several on Sony websites as well as the Church of Scientology.

– More…

Security researchers discover ‘indestructible’ botnet

Thursday, June 30th, 2011

More than four million PCs have been enrolled in a botnet security experts say is almost “indestructible”.

The botnet, known as TDL, targets Windows PCs and is difficult to detect and shut down.

Code that hijacks a PC hides in places security software rarely looks and the botnet is controlled using custom-made encryption.

Security researchers said recent botnet shutdowns had made TDL’s controllers harden it against investigation.

The 4.5 million PCs have become victims over the last three months following the appearance of the fourth version of the TDL virus.

The changes introduced in TDL-4 made it the “most sophisticated threat today,” wrote Kaspersky Labs security researchers Sergey Golovanov and Igor Soumenkov in a detailed analysis of the virus.

“The owners of TDL are essentially trying to create an ‘indestructible’ botnet that is protected against attacks, competitors, and anti-virus companies,” wrote the researchers.

– more…

Travelodge customer data stolen

Thursday, June 30th, 2011

Travelodge is investigating an apparent hacking attack on its customer database.

A spokesperson for the hotel chain said that a “third party” had managed to obtain names and e-mail addresses.

The company warned users of its online service to be on the lookout for spam e-mails.

The incident has been reported to the UK’s information commissioner who can fine businesses for poor data protection.

A letter to customers, signed by the Travelodge’s chief executive Guy Parsons, contained little information about the nature of the leak, although it stressed that the company had not sold users’ personal data to anyone else.

It also included details of a spam e-mail that some customers had received.

“Good day. Don’t miss exciting career opening. The company is seeking for self-motivated people in United Kingdom to help us spread out our activity in the UK area,” said the message.

A spokesperson for the information commissioner Christopher Graham, said that he was looking into the Travelodge reports.

“We will be making enquiries into the circumstances of the alleged breach of the Data Protection Act before deciding what action, if any, needs to be taken,” said the statement.

The ICO has the power to levy fines of up to £500,000 on companies or organisations which are shown to have failed to protect personal information entrusted to them.

– more…

LulzSec hacking group announces end to cyber attacks

Thursday, June 30th, 2011

– That’s what I’d say if I was drawing a lot of heat.  – dennis

– – – – – – – – – – – – – – –

A hacker group that has attacked several high-profile websites over the last two months has announced that it is disbanding.

Lulz Security made its announcement through its Twitter account, giving no reason for its decision.

A statement published on a file-sharing website said that its “planned 50-day cruise has expired”.

The group leapt to prominence by carrying out attacks on companies such as Sony and Nintendo.

Broadcasters Fox and PBS, the CIA, and the United States Senate have also been cyber-attacked by the group.

As a parting shot, the group released a selection of documents apparently including confidential material taken from the Arizona police department and US telecoms giant AT&T.

Correspondents say LulzSec’s announcement could be a sign that its members are nervous because of recent police investigations, including the arrest of a British man suspected of links to the group, and efforts by rival hackers to expose them.

– more…

Newsnight online ‘chat’ with Lulz Security hacking group

Thursday, June 30th, 2011

The Lulz Security hacking group that has claimed attacks on high-profile targets including the CIA and Sony in recent weeks has exclusively told the BBC’s Newsnight programme that it wants to target the “higher ups” who write the rules and “bring them down a few notches”.

Lulzsec has claimed a new scalp – releasing confidential material taken from the Arizona police department.

The anonymous hacking group says they’ve not been knocked off course, or successfully exposed, by rival hackers who claim to have named them online – apparently because they object to their agenda.

This agenda seems to have evolved. When they started out, two months ago, they said they were mainly hacking “for laughs”.

In an online Q&A, Whirlpool, the spokesman for Lulzsec, who describes himself as “captain of the Lulz Boat”, agreed that their goals now go beyond that: “Politically motivated ethical hacking is more fulfilling”.

We weren’t able to talk to Whirlpool in person, but met in cyberspace in a private online chat room. In those circumstances it’s almost impossible to verify with absolute certainty who you are speaking to, but Newsnight was able to verify that this person had access to the @Lulzsec Twitter feed.

Here are some other edited highlights from the online chat, which began with a question about the Antisec movement to which Lulzsec seem recently to have aligned themselves.

– More…