Archive for November 30, 2015

Indian hackers attack Pakistan websites to pay tribute to people killed in 9/11

In order to mark the fourth anniversary of the Mumbai terror attack famous as 9/11, which took place on 26 November, 2008, two Indian hacking groups on Thursday targeted more than 130 governmental and non-governmental websites of Pakistan.

After the cyber-attack, it seems the enmity between Pakistan and India has gone up to the next level. The cyber-attack was not the new case for both of the countries.

A hacker group called Mallu Cyber Soldiers had attacked many Pakistani websites, including official government portals such as pakistan.gov.pk, president.gov.pk and cabinet.gov.pk, as a response to the attack on the Kerala government website on 27 September.

During that attack, those Pakistani hackers had displayed a message, praising Pakistan, along with a picture of a burning Indian National Flag.

A message like "Struck By Faisal 1337. Official Website Government of Kerala Hacked! Pakistan Zindabad. We Are Team Pak Cyber Attacker. Security is just an illusion", was posted in the website.

Now, the hacking groups were identified as Indian Black Hats (IBH) and Kerala Cyber Warriors (KCW). Both of them said to have attacked the websites in order to pay tribute to the dead people during the Mumbai attack.

"It is cyber pay back for 26/11 Mumbai attack against Pakistan," a hacker of Kerala Cyber Warriors team told IBTimes India. It just took a day for us to hack all these 125 sites with the background song "Oru Yathramozhiyode from Mohanlal's Kurukshetra movie. We have access to many Pakistan servers, so the defacing was easy."

On the same day, another hacking group IBH attacked almost 10 Pakistani websites and other domains.

"Indian Black Hats is a team with members from all over India and it is in cyber space from 2011 with the name Indian Cyber Devils. Now this year the name was changed to the recent one. We have not harmed these websites, but just uploaded a file as a pay back for 26/11 attacks," one hacker of IBH told IBTimes India.

IT management firm LANDESK hacked

(pc- google images)
IT management firm LANDESK, which provides IT and security management services, has alerted its employees of a possible data breach.

The company recently warned its employees in a letter dated 18 November 2015, that hackers have obtained personal information, including names and social security numbers, of some LANDESK employees and former Wavelink employees.

On 25 November 2015, LANDESK stated that “We recently became aware of some unusual activity on our systems and immediately initiated safeguards as a precaution and began an investigation. As part of our ongoing investigation in partnership with a leading computer forensics firm, we recently learned that a small amount of personally identifiable information for a limited number of our employees may have been accessible during the breach. While no data compromises of personally identifiable information are confirmed at this point, we have reached out with information and security resources to individuals who may have been affected. The security of our networks is our top priority and we are acting accordingly. The few employees who may have been affected were notified promptly, and at this point the impact appears to be quite small.”

It was learnt from an unnamed LANDESK employee that the breach was first observed in June 2014 and was discovered when several employees complained about slow Internet speeds. The employee informed that the company has found remnants of text files with lists of source codes, and build servers  that the attackers compiled. He added that the attackers are slowly archiving data from the build and source code servers, uploading it to LANDESK’s web servers, and downloading it.

Claiming the breach as a speculation, LANDESK confirmed that security is and will continue to be a high priority for the company. 

Security Flaw in VPNs can expose your IP address

Researchers from a virtual private network (VPN) provider, Perfect Privacy discovered a gaping hole which can expose the real IP-address of VPN users easily.

The flaw, dubbed "Port Fail," affects VPN providers including those of BitTorrent users which offer port forwarding and have no protection against IP leaks.

The issue, which affects all VPN protocols and operating systems, was uncovered after altering several affected competitors to the threat before making it public.

For the past several years, there has been a wider interest in usage of VPN to bypass censorship in countries with stringent internet access and to prefer anonymity with browsing, especially post-Snowden revelation.
VPNs are used across the world by the privacy conscious people and to circumvent geolocation-based content restrictions by disguising the true location of a person.

The aim of using a VPN is to hide an ISP IP-address, but the discovery showed that this can be easily bypassed on some providers by using a port forwarding trick. If the attacker uses the same VPN as the user, the IP-address can be exposed.

Perfect privacy tested the vulnerability with nine VPN providers which offer port forwarding. Among them, five were vulnerable, including Private Internet Access (PIA), Ovpn.to and VPN, which were notified before public disclosure and have fixed the issue.

PIA awarded Perfect Privacy $5,000 for the disclosure.

MagSpoof which costs $10 can steal your credit card number


Someone has made a device that costs $10 which could steal credit card information when anyone has lost his credit card and applied for a new card. And before he gets it, the device helps hacers to steal or at least guess the credit card number.

The device dubbed MagSpoof was made by Samy Kamkar. The device can predict and store hundreds of American Express credit card numbers, allowing anyone to use them for wireless payment transactions, even at non-wireless terminals.

According to the hackers, MagSpoof can spoof any magnetic stripe or credit card entirely wirelessly, it also disable chip and PIN (EMV) protection and accurately predict the card number and expiration date on American Express credit cards.

“MagSpoof can be used as a traditional credit card and simply store all of your credit cards (and with modification, can technically disable chip requirements) in various impressive and exciting form factors, or can be used for security research in any area that would traditionally require a magstripe, such as readers for credit cards, drivers licenses, hotel room keys, automated parking lot tickets, etc,” Kamkar said in a blog post.

MagSpoof emulates a magnetic stripe by quickly changing the polarization of an electromagnet, producing a magnetic field similar to that of a normal magnetic stripe as if it's being swiped. The magstripe reader requires no form of wireless receiver, NFC, or RFID. MagSpoof works wirelessly, even with standard magstripe readers. The stronger the electromagnet, the further away you can use it.

The device actually guesses the next credit card numbers and new expiration dates based on a cancelled credit card's number and when the replacement card was requested respectively. This process does not require the three or four-digit CVV numbers that are printed on the back side of the credit cards.


The hacker has notified American Express and said the company is fixing the flaw. 

Mr.Grey back again: Theft of 1.2 billion log-in credentials



Mr. Grey, not again! A Reuter report has confirmed that the famous hacker Mr. Grey’s involvement in stealing 1.2 billion internet credentials.

Mr. Grey, who had got the access to user account information for websites like Facebook (FB.O) and Twitter (TWTR.N), now linked by the FBI through a Russian email address to the theft of a record 1.2 billion Internet credentials.

According to the documents, which were made public by a federal court in Milwaukee Wisconsin, the hacker was associated with a cybsecurity firm that announced in August 2014 that it had determined an alleged Russian crime ring was responsible for stealing information from more than 420,000 websites.

The investigation started last year when Milwaukee-based cybersecurity firm obtained information that a Russian hacker group it dubbed CyberVor had stolen the 1.2 billion credentials and more than 500 million email addresses.

After that the FBI subsequently found lists of domain names and utilities that investigators believe were used to send spam.

It also discovered an email address registered in 2010 contained in the spam utilities for a "mistergrey".

Further, it found out posts of 2011 by the hacker stating that if anyone wanted account information for users of Facebook, Twitter and Russian-based social network VK, he could locate the records.


Alex Holden, Hold Security's chief information security officer, told Reuters this message indicated mr.grey likely operated or had access to a database that amassed stolen data from computers via malware and viruses.