Archive for August 31, 2016

Teenager arrested for hacking president’s website

Sri Lanka police has arrested a teenager on suspicion of hacking into the website of Sri Lanka President Maithripala Sirisena.

According to the officials, a 17-year old school boy allegedly hacked the President's website, demanding that his university entrance examination dates not be changed

The hacker had gained illegal access to the website and posted a message there demanding immediate presidential election if president fails to address his demands.

According to the reports of Reuters, policy said that his demand to switch University entrance exams to new year holiday month of April was abandoned by the authorities.

The police has  taken the unnamed hacker into custody under the Computer Crimes Act and on conviction faces a fine of 300,000 rupees ($2,000) and up to three years in jail.

"We traced the hack to his home in Kadugannawa," a police official said. "The website was crippled over the weekend after the attack."

The Police also arrested a 26-year-old man for allegedly helping the teenager hack into the system.

The hacker,  proclaimed to speak on behalf of The Sri Lanka Youth, posted a message: “If you cannot control the situation, hold a presidential election.”

The BBC reports that to “stop the prime minister’s irresponsible work and look more into the problems of university students.”

Now, the president's official site was up and running again.

"Police filed charges under the Computer Crimes Act and the court remanded the two until Friday," Manju Sri Chandrasean, the lawyer who appeared for the second suspect, told Reuters.

Security Breach with Opera web browser

Recently mobile based web browser company Opera confirmed that the hackers broke into the company's sync servers, potentially exposing users credentials like passwords. 

The Norway based company warned customers about the possibility of security breach and glitch in their sync system however the company claimed that it quickly blocked the attack, however some of the information may have got leaked.

"Earlier this week, we detected signs of an attack where access was gained to the Opera sync system. This attack was quickly blocked. Our investigations are ongoing, but we believe some data, including some of our sync users' passwords and account information, such as login names, may have been compromised", the company said adding that user's credentials are encrypted. "our investigations are ongoing, but we believe some data, including some of our sync users' passwords and account information, such as login names, may have been compromised," the company said in a blog post.

Opera has reset all the Opera Sync account passwords as a precaution. "We have also sent emails to all Opera sync users to inform them about the incident and ask them to change the password for their Opera sync accounts," adds the blog post. Not only resetting the Opera Sync password is advised by the company, but also resetting any passwords to third-party sites they may have synchronized with the service is also encouraged.

For those unaware, Opera Sync is a service that allows users to sync their Opera web browser settings and data across varied devices. Opera says the total active number of users of Opera sync in the last month was 1.7 million, which is less than 0.5% of the total Opera user base including 350 million users.

The Opera Sync breach warning by the company comes a little after a month since it was bought by a Chinese consortium for $600 million (approximately Rs 4,025 crores). The consortium led by Golden Brick Silk Road acquired the mobile and desktop versions of the internet browser, plus performance and privacy apps and a stake in a Chinese joint venture.

The company recently launched its unlimited VPN app with ad-blocker for Android users as well. The service arrived for iOS in May this year.

Dropbox Urges Users To Change Old Passwords

(pc-Google Images)
Dropbox has asked its users to change their passwords, if they haven’t done so since the online service’s launch in 2007. This comes as a ‘precautionary measure’ after a spate of hack attacks on an old set of Dropbox credentials in 2012.

In July 2012, Dropbox said its investigation found that usernames and passwords recently stolen from other websites were used to sign in to a small number of of Dropbox accounts. It said it had contacted the users affected to help them protect their accounts.

The cloud storage service said that the move isn’t any indication that their accounts were improperly accessed.

“Based on our threat monitoring and the way we secure passwords, we don’t believe that any accounts have been improperly accessed,” the company said. “Still, as one of many precautions, we’re requiring anyone who hasn’t changed their password since mid-2012 to update it the next time they sign in.”

Dropbox is also recommending that users use two-factor authentication when resetting their passwords.

Launched in 2007, Dropbox allows users to store, access and share files easily from a variety of devices. It has accumulated 500 million sign-ups to the service.

Hackers Steal 12 Million Baht From Thai Bank ATMs

(pc-google images)
In another row of hack attacks, hackers have managed to steal 12.29 million Baht ($350,000) from the Government Savings Banks of Thailand. The bank shut down 3,000 ATMs after 21 machines were hacked. The hacking spree was conducted from August 1st onwards.

According to the Bangkok Post, GSB found that over 20 of its machines across the provinces of Bangkok, Chumphon, Prachuap Khiri Khan, Phetchaburi, Phuket and Surat Thani were targeted.

(pc-google images)
The attack involved targeting of single machines and the malware used to compromise the ATM machines was so advanced that it could not be detected for quite some time. During the hacking campaign, hackers gradually withdrew 40,000 Baht (1154 US Dollar) every time.

Investigators have noted similarities between the malware heist in Thailand and previous attacks in Taiwan and Malaysia earlier this year. Last month, three suspects were arrested in Taiwan using a malware hack to access money from First Bank ATM machines.

Police General Panya Mamen said, “As of now the evidence we have found makes us confident that this group is linked to the gang who committed a similar robbery in Taiwan.”

 Thai police asked citizens to be on the lookout for strange behavior by foreigners at cash machines, noting that the hackers behind the heist spent a long time at each machine, usually late at night.

T-Mobile’s Data Plan Violates Net Neutrality Rules In US

(PC-google images)
The new unlimited data plan of T-Mobile One is causing serious concerns for people as it may violate net neutrality rules in US.

The Electronic Frontier Foundation believes that T-Mobile's new One plan, which offers unlimited data, calls, and texts, may fall afoul of net neutrality rules due to the restrictions that it imposes on how customers can consume data.

T-Mobile One offers unlimited video streaming at 480p, but getting HD video will cost you an extra $25 a month per line. Many are saying this violates net neutrality, and even the Electronic Frontier Foundation has spoken up.

EFF senior staff technologist Jeremy Gillula told the Daily Dot that, based on what his group has read about T-Mobile One so far, “it seems like T-Mobile’s new plan to charge its customers extra to not throttle video runs directly afoul of the principle of net neutrality.” He added that T-Mobile One’s video throttling could also violate the FCC’s Open Internet Order that says that “ISPs can’t throttle traffic based on its type, or charge customers more in order to avoid discriminatory throttling.”

On accused of violating the net neutrality rules, T-Mobile CEO John Legere gave his clarification.

“Listen, we have made it painfully clear from the beginning, we are pro net neutrality. This is all about customer choice. So if a customer buys this program, we will, based upon the offer itself, deliver them video at standard definition. If they want Ultra HD and they upgrade and pay the $25, we will give them that, too. That’s choice.

“We actually believe that there were questions associated with how we got here, and this is a very strong statement of responding to what we think are the things that are very important from a net neutrality standpoint. I’m glad to have that discussion, but it is clearly not an anti-net neutrality position.”

This isn’t the first time that T-Mobile has been accused of violating net neutrality. In the months following last year’s launch of Binge On, there were several accusations of net neutrality violations.