Posts Tagged hacking

How to Obtain Your PC and private Balances From Hacking Efforts

Are you confident about your computer’s protection? If not, then it’s high that you give some quality time to it because your privacy is at stake. You would definitely not want anyone to have access to important and sensitive documents that you have stored in computer. The atrocious hacker can gain access to all of the information saved in your personal computer as well as hack your private balances, if you have not taken proper care to protect your computer. Here goes a list of comprehensive instructions whereby you can save your computer from getting infiltrated by an unknown intruder.

A good anti virus is a must

It is extremely important to install a good and dependable anti virus is your computer that will also have an anti spyware and firewall resolution. Along with installation it is also important to renew the subscription every year. These computer applications will certainly guarantee protection from the malicious beasties. However, it is important to remember that though the software guarantees protection against most malwares and viruses but not all. Therefore the users must take some cautious measure while using the computer that can also save it from getting harmed.

Let’s be cautious

The users can also prevent their personal computers from getting hacked by being a little cautious. The first and foremost important thing that all users need to remember is that they should not download files from warez websites. Along with the downloaded files many other malicious viruses also get downloaded in the hard drive of the computer that can seriously harm it. Furthermore, it is best not to open spam emails or the attachments along with it.

As most often it contains malicious beasties whereby the hacker will be able to gain access to information that are saved in your computer. One important measure whereby you can take to stop your computer from getting infected is that whenever you need to get involved in something that is unsafe, try using a different computer.

Safeguarding your web balances

Any intruder can easily access the websites that you have been navigating through from your computer. If you are casually surfing through different sites, then there is no harm in it. But in it is definitely not a good idea to let someone else to know about the web pages you were browsing through as you might have accessed your personal accounts like Twitter or facebook account using it or have accessed internet banking through it. In such cases you would never want any unknown person to know about any of the details that you were surfing through.

Therefore, take the initiative to delete the browsing track record by going to history and deleting all your recent records. Even though you can think of skipping it while you are using your personal computers but you should always manually delete the websites history when using a public computer. In this way you can save your private balances form getting infiltrated by unknown users.

These are some of the precautionary measures that you take to safeguard your computer and private Balances from being hacked by unknown users or being damaged my malicious viruses that automatically get downloaded while you are browsing through different sites. It is extremely important to follow these steps as the safety of computer will guarantee security of the computer as well.

About the Author:

The above article is written by JD who is associated with many technology blogs and communities as their freelance and staff writer. He recommends his readers to check this page: forgetting passwords for any queries related to forgetting passwords.

Advertisements

,

Leave a comment

Anonymous hackers delay posting stolen Australian ISP data

A MAJOR security breach expected to hit an ISP last night following a threat from the hacker movement Anonymous has been delayed.

An active member of Anonymous yesterday told The Australian that the hackers planned to leak a very large cache of data stolen from a major Australian ISP around 9pm Australian Eastern Standard Time last night.

, , , ,

Leave a comment

The ABC interviews Anonymous regarding AAPT hack

After initially saying that it would release the data this morning the group says that it is more likely to appear on Monday but may take “even a month.” They “are entirely not sure, There is over 600 tables in the database.” [note the interview was conducted over Internet Relay Chat which frequently results in web-shorthand contractions and spelling mistakes. All quotes are left unedited.] The delay stems from the group cleaning potentially-damaging personal details such as credit card numbers from the records.

[Update] The hackers have been in touch again and told us the following: “We decided on something. That instead of releasing the leak as a whole, We will be releasing in parts. Just in case we miss something of importance. The first part should be ready to leak on Saturday.”

The hacktivists insist that the reason for the release is to protest against Attorney General Nicola Roxon’s proposed increases in government surveillance powers and highlight the fact that these powers would result in ever-increasing amounts of personal details being stored on servers similar to the one that has been hacked.

The group claims to be in the process of releasing some 42GB of data from Australian ISP AAPT with some 3.5GB of it being customer information. The ISP has already admitted that “business customer data” was compromised due to an intrusion with its Melbourne IT hosts.

According to the interview, data includes, “names, agreements, phonerecords, ip records registrations, contracts, company informations, contact persons, company bankaccounts. All the info is there. And there is a lot of it.”

One operative made the following statement which is in line with previous Anonymous releases, “Whilst our own rights to privacy dwindle, corporate rights to commercial confidentiality and intellectual property skyrocket. Whilst we no longer know about many of the activities of our governments, our governments have the means to accumulate unprecedented vast banks of data about us”

He goes on to say, “the attacks are a way to draw attention to the msg we wish to deriver to the ppl of au”

Time of activity suggest that the operatives are Australian-based. This was underscored by the following claim, “great show on four corners last week btw about Julian” which is a reference to Julian Assange of Wikileaks who is admired by Anonymous.

The hackers didn’t think much of the security they cracked saying, “They did not even secure the ColdFusion login. So ANY one could of accessed, and leaked data.”

The interview finishes with a dose of the ominous:

“Will there be more hacks?”
“Yes. Definetely. Much more, A lot more.”

The following is the IRC chatroom chatlog between an ABC Producer and the hackers at least one of whom runs the @Op_Australia Twitter account which has been the source of the hack. It is left virtually unedited: chatlogs appear very strange when using correct grammar and spelling while subtle nuances and meanings get lost. Names have been changed at the request of the interviewees.
– Lisa joined

Lisa Hello this is Lisa
AnonUser1 Hello Lisa.
Lisa Downey do you think you’ll release the redacted data?
Lisa Sorry on bus
AnonUser2 hi
AnonUser1 It’s alright.

Lisa Question is, when do you think you’ll release the redacted data?
AnonUser1 But yeah, You’ll be interviewing myself and AnonUser2

AnonUser1 We are entirely not sure, There is over 600 tables in the database.

AnonUser1 So it can take from a week, to a month to remove all data.
AnonUser2 yes review will take longer than the release itself

Lisa Can you tell me what type of data you have? Names, credit card no?
AnonUser1 I haven’t actually went through it yet
AnonUser1 But i’ll ask someone who has.
AnonUser2 the data is not so much as important as the reason as to its
release lisa

Lisa What do you mean by ‘release’?
Lisa Yep I’m following what the security agencies have asked for
AnonUser2 well the operation running atm is in protest of the current
proposed legislation in regards to data retention
AnonUser2 Two key assumptions have dominated recent government security policy. The first is that the threat of terror and international crime
AnonUser2 means that the government’s right to know everything about us must outweigh our individual right to privacy. The second is that the rights
AnonUser2 of the government and major corporations to secrecy must outweigh our right to know about their activities

AnonUser1 names, agreements, phonerecords, ip records registrations,
contracts, company informations, contact persons, company bankaccounts
AnonUser1 All the info is there. And there is a lot of it.
AnonUser2 Whilst our own rights to privacy dwindle, corporate rights to
commercial confidentiality and intellectual property skyrocket. Whilst we no longer know about many of the activities of our governments, our governments have the means to accumulate unprecedented vast banks of data about us

Lisa I was planning a story on Monday.
AnonUser2 we feel an increase in the current data rentention laws not only
treats every Australian as a criminal but also increases the risks we have highlighted this week to our own digital finger prints

AnonUser1 Ok

Lisa You say this is the start of your protest, right?
AnonUser1 Yes
AnonUser2 yes

Lisa Will ere be more hacks?
AnonUser1 Yes
AnonUser1 Definetely
AnonUser1 Much more, A lot more.
AnonUser1 There will also be a lot of DDoS attacks as soon as it goes through.
AnonUser2 we will continue to put the pressure on the au government while our rights are being abused yes

Lisa What about the agencies requests for citizen passwords? Are you
tailoring each attack to a specific request by the agencies?
AnonUser1 May even be able to organise some sort of protest, Like we did for #OpIndia and #OpJapan and others.
AnonUser2 yes and the attacks are a way to draw attention to the msg we wish to deriver to the ppl of au

Lisa Ok are you talking to other journalists?
AnonUser2 so they will vary depending on the phase of the operation at that time
AnonUser1 Yes, Many others.

Lisa Could we do a Skype on Monday?
AnonUser2 skype is unsecure

Lisa Or tomorrow?
AnonUser2 we feel we would expose ourselves by the use of skype
Lisa Iok

Lisa Ok tell me how easy it was to get this info
AnonUser2 like i said i have heard of them
AnonUser2 when we wer working on operatins in the middle east
Lisa That’s them.
AnonUser2 ya same group
Lisa Yep
AnonUser2 great show on four corners last week btw
AnonUser2 about julian
AnonUser1 You would not believe how easy it was to get the info.
Lisa Ta, we work hard…….Ok so let me get some of your quotes out to
news tonight….just about the type of info you have and there will be
more hacks

AnonUser1 They did not even secure the ColdFusion login.
AnonUser1 So ANY one could of accessed, and leaked data.

AnonUser1 So there’s going to be something on the news tonight?
AnonUser2 i would like to point out to if data retention laws r imposed on au isps like the ones proposed a lot more servers like this will be floating around with ppls information on them

Lisa If you want that yes, but will be online most likely and News 24.
AnonUser1 Ok, News 24, Is that on Foxtel?
AnonUser2 i pretty much only watch abc/sbs commercial tv annoys me to much
AnonUser2 lol
AnonUser1 I’m on ABC1 watching the 7:30pm show thing

AnonUser2 maybe you should cover the data sharing agreements signed last month with nicola roxn
Lisa Love to do that…..
AnonUser1 Sure
AnonUser1 An interview like this is fine. We will be here.
AnonUser2 n how this tied in with the tppa n the US ndda in theory would
allow the US to investigate au citizens without au gov knowledge n then also with the terrorist label being thrown around allow extradition of n au citizen for being a nuisance to the US gov

Lisa Ok I’ll come find you on twitter again?
Lisa Yes
AnonUser2 n in the meantime make julia apologize for calling julian a
criminal in 2010 with out any evidence being put forward at all

Lisa Do you think you’ll drop anything new on Monday?
AnonUser1 Possibly more hacked sites?
AnonUser1 And the Release of the data should be released by Monday
AnonUser2 we will continue the research n attacks u never know 😉

Lisa Okay if we can time that then we’ll be in good shape.
AnonUser2 what time on 24 do u expect

Lisa Ok I have to email these quotes through -can you just keep this up
for 20mins?

AnonUser2 that is np can keep it open all month if we want
AnonUser1 Damn, News24 is a HD channel.
AnonUser2 can watch it online

Lisa Lovely let’s do that, you don’t have HD it’s streamed live online.
AnonUser2 http://www.abc.net.au/news/abcnews24/
AnonUser2 we need to get some one to record it n start making a video
AnonUser2 for the op
AnonUser2 a good one
AnonUser1 Oh, it’s online too?
AnonUser1 Awesome.
AnonUser2 yup

As with previous Anonymous (and splinter group, Lulzsec) hacks, the actions have split opinion. To some they are akin to criminals who are breaking and entering illegally. However, last year’s high profile hacks on the likes of Sony drew public, corporate and government attention to the importance of online security like never before. There is also the point that criminal hackers, who seek to profit from such information, do not announce their hacks to the world.

If you are concerned that your account has been hacked, the website shouldichangemypassword.com tells you if your password has been released to the public.

, , , ,

Leave a comment

End of DNS malware saga

This day last week, the cyber world was speculating on how many people would lose their access to websites after the much-publicized shutdown by the FBI of rogue servers set up by fraudsters. The criminals had unleashed the DNS Changer malware over many years that changed the DNS setting of infected computers thereby redirecting users to fake sites instead of the real ones.

So what happened after the FBI shut down the rogue servers on July 9 at 12.01 am? How many people lost access to internet? In India, 19,642 networks were known to be infected, according to DNS Changer Working Group.
It’s impossible to accurately put a figure on internet disruption caused by the malware. All users do encounter break in connectivity for one reason or the other. Normally, it comes back on its own after a few minutes. But when the disruption is prolonged, users call up their service providers, who as part of the solution advise customers to reset their DNS settings. So it’s difficult for any user or service provider to accurately say that the internet disruption was caused by the DNS malware.

However, Trend Micro’s senior threat researcher Feike Hacquebord, going by data on infected networks, estimates that about 3 lakh users around the world would have experienced disruption. He says a much bigger disruption happened in 2008 when web hosting provider Atrivio (which was hosting the data centre of the DNS malware creators) had gone down.
The cyber world was spared of the “doomsday” that some security-paranoid netizens predicted. There are many reasons. A major one is the general awareness created over the past many months about the malware, and the planned shutdown. Security firms, companies like Google and Facebook, and service providers collaborated with other stakeholders in the DNS Changer Working Group to clean up the cyber mess. They sent out warning notes and tips to users whose computers had been infected.

Another reason is that security solutions have either blocked DNS Changer malware intrusion attempts or removed the malware from infected computers. Kaspersky Labs says that this year alone, it detected 1,01,964 attempts by DNS Changer malware to infect its users.

So, in all probability, the curtains are down on one of the longest-running and most widespread cyber crimes we have seen.

, , , , ,

Leave a comment

Phishing For Your Identity

Who hasn’t received an email directing them to visit a familiar website where they are being asked to update their personal information? The website needs you to verify or update your passwords, credit card numbers, social security number, or even your bank account number. You recognize the business name as one that you’ve conducted business with in the past. So, you click on the convenient “take me there” link and proceed to provide all the information they have requested. Unfortunately, you find out much later that the website is bogus. It was created with the sole intent to steal your personal information. You, my friend, have just been “phished”.

Phishing (pronounced as “fishing”) is defined as the act of sending an email to a recipient falsely claiming to have an established, legitimate business. The intent of the phisher is to scam the recipient into surrendering their private information, and ultimately steal your identity.

It is not at easy as you think to spot an email phishing for information. At first glance, the email may look like it is from a legitimate company. The “From” field of the e-mail may have the .com address of the company mentioned in the e-mail. The clickable link even appears to take you to the company’s website, when in fact, it is a fake website built to replicate the legitimate site.

Many of these people are professional criminals. They have spent a lot of time in creating emails that look authentic. Users need to review all emails requesting personal information carefully. When reviewing your email remember that the “From Field” can be easily changed by the sender. While it may look like it is coming from a .com you do business with, looks can be deceiving. Also keep in mind that the phisher will go all out in trying to make their email look as legitimate as possible. They will even copy logos or images from the official site to use in their emails. Finally, they like to include a clickable link that the recipient can follow to conveniently update their information.
A great way to check the legitimacy of the link is to point at the link with your mouse. Then, look in the bottom left hand screen of your computer. The actual website address to which you are being directed will show up for you to view. It is a very quick and easy way to check if you are being directed to a legitimate site.

Finally, follow the golden rule. Never, ever, click the links within the text of the e-mail, and always delete the e-mail immediately. Once you have deleted the e-mail, empty the trash box in your e-mail accounts as well. If you are truly concerned that you are missing an important notice regarding one of your accounts, then type the full URL address of the website into your browser. At least then you can be confident that you are, in fact, being directed to the true and legitimate website.

, , ,

Leave a comment

Hacking: Experts call for code

NEW DELHI: Cooking, sketching, horse riding, swimming – there is no dearth of skills that one can pick up in handy, bite-sized courses during summer. Now you can add computer hacking to that list.

Advertised as ‘ethical hacking’, the courses claim to teach you how to hack passwords and social networking accounts – all to protect your system better, of course. But cyber lawyer Pavan Duggal says that under law, there is no such thing as ‘ethical hacking’ and institutes offering such courses need to be regulated.

Faridabad-based Brains Booster, which claims to have an IIM alumnus as faculty, offers an “exclusive” summer ‘Hacking Course’. In its promotional pamphlet, the institute claims to teach how to “hack Facebook account in less than 1 minute” and even how to “run your virus when anyone opens your pen drive”.

Byte Code Cyber Securities in Delhi lists ‘Yahoo Hacking and Google Hacking’ and ‘Wi-Fi Hacking’ on their website as part of their 60-hour ethical hacking course. And Appin, with more than 100 centres nationwide, has a six-week course in ‘information security and ethical hacking’. All these courses cost upwards of Rs 6,000.

The institutes maintain that they function within the purview of law. “Unless you know how hackers and viruses work, how will you protect your system?” argues Suvam Patwari of Brains Booster. Appin, which claims to have served Intelligence Bureau, makes the same point.

“We are also in the service trade. We handle cyber and data security for corporate offices as well,” says Devendra Awasthi , centre manager at an Appin branch.

However, with a cyber criminal and an ethical hacker requiring similar skill sets, it pays to be careful about the laws. The additional DCP of the economic offences wing, S D Mishra, says the Delhi Police cyber crime cell has never received a complaint against such institutes. They have, however, made arrests in the past in cases that involved the hacking of bank websites.

Duggal points out that hacking is punishable under Section 66 of the IT Act, 2000, with three years’ imprisonment and/or up to Rs 5 lakh fine. If a contaminant (virus) is created and released into a computer system or network, the victim can sue the hacker for damages up to Rs 15 crore per intervention.

Duggal says the courses exploit a loophole in the IT Act. “The IT Act has no provisions to penalize those who encourage various kinds of cyber crimes. There is no such thing as ‘ethical hacking’ under law. This needs to be regulated , otherwise these courses will keep mushrooming,” he says.

 

Computer security expert Ankit Fadia recommends caution for aspirants. “It is impossible to hack into a Facebook account as quickly as these institutes claim. It’s only a marketing ploy and the students will be disappointed. It is the responsibility of the training institute to teach from the perspective of data security rather than hacking a friend’s Facebook account,” says Fadia , author of ‘The Unofficial Guide To Ethical Hacking’ and ‘How To Unblock Everything on the Internet’.

Protector or provocateur – the jury is still out on ethical hacking. But now you know what some folks are doing this summer.

 

, ,

Leave a comment

Anonymous and India: 5 recent hacks‎

I
ncidents that occurred through the past year have markedly changed the way in which we have been perceiving the Internet, all this while. Those of us who thought of it as a place to ink down our thoughts, be it happy, sad or even a platform to vent out anger, were made to think otherwise. Hacking, which was once a foreign word, extending concerns against threat from other nations or malicious minds trying to steal some critical information government/military info or making malicious ways to make money online by targeting leading companies. 2012 dawned and we received another blow as we got ourselves, for the first time, acquainted to the phenomenon of blocking of websites. Soon enough, hacktivists had no choice, but to turn their attention to the ongoing scene, in a bid to combat those who are trying to restrict/limit our freedom on the Internet. Here are the 5 most recent hacks by Anonymous to protest against Internet censorship.

Reliance Communications
The year 2012 brought in a wave of combat against ISPs who have been blocking file hosting websites and Reliance Communications was hit with the first blow. Reliance Entertainment had acquired John Doe orders for its films, which had prompted many ISPs to block file hosting sites. A John Doe order means a court order, which is against a party whose true identity is not known. Websites, like The Pirate Bay and Vimeo (we wonder why?) were blocked, which left many perturbed. A hacker, who called himself Isac and his friend hackthis29 were irked by this move and attacked the major Internet service provider, Reliance. He claimed to have hacked Reliance’s ‘very very vulnerable’ netsweeper panel in about 5 minutes. Reliance passed the order last month for its upcoming film, and is believed to have acquired such John Doe orders earlier, too.

Supreme Court

It was around the mid of last month when ISPs starting blocking sites, like Vimeo, The Pirate Bay and many others, as per orders by the DoT. It was not only Reliance, who had acquired the John Doe order, but also Copyright Labs, a Chennai based firm, who had acquired these orders for movies – Dhammu and 3. This miffed the keepers of global Internet freedom, Anonymous, and the Supreme Court and Congress websites ended up being victims of a hack. Websites, like http://supremecourtofindia.nic.in, dot.gov.in and aicc.org.in were rendered inaccessible. The attacks were carried out by OpIndia (Operations in India) and they, in a series of tweets revealed on micro-blogging site, Twitter that – “#Government must understand. #INTERNET belongs to us! #TANGODOWN –> http://supremecourtofindia.nic.in & http://aicc.org.in”, and in another tweet stated – “@Anon_Central Another #TANGODOWN –>> http://www.dot.gov.in Department of telecom, You should’ve expected us! ~ #opindia.”

MTNL
As ISPs continue to block websites, Anonymous seems to be in no mood to spare anyone. The next in our list and the most recent target by Anonymous is MTNL. The MTNL website was taken down by the hacktivist group yesterday. Although MTNL’s Internet services weren’t affected, the MTNL website (mtnl.net/in) was rendered inaccessible. The site serves as a gateway for a number of services for MTNL, which include bill payment and schemes on their services. Anonymous hasn’t damaged any data on site, except for the main home page from the look of things. So, it’s clear, that it is just a protest against Internet censorship. MTNL is one of the ISPs that’s been blocking torrent and other file sharing sites.

Andhra Pradesh Power Development Company
Last year, unidentified hackers attempted to break into different websites of the Andhra Pradesh government, even as a security audit was being conducted at the State Data Centre. This time, however, it was the Andhra Pradesh Power Development company’s site that was under attack, not by some unidentified name, but Anonymous. The reason for the previous attacks may have been unclear, but Anonymous was quite clear, and did leave a message behind. The URL to the website would route users to another site that was defaced with the famous Anonymous messages – “We are anonymous. We are legion. We do not forgive. We do not forget. You should have expected us!” So, if the government plans to block other websites, Anonymous shows its protest by hacking government websites.

BJP Website
Even by the end of the last month, ISPs continued to block websites and Anonymous, this time targeted a political party. It defaced the website of one of the most prominent parties of the nation. The BJP website was reportedly hacked for not protesting against their opposition party, Congress on the topic of Internet censorship. On their Twitter account (‏@opindia_back), the hacktivist group made this public in a series of tweets; some reading – “Young guns of #India —> We owned http://mumbaibjp.org/anonymous.html to display a message to you all. So kindly read it. #opindia”, among others in succession. Further posts on Twitter that serve as a probable explanation to the hacks, read – “BJP are the opposition they should have f****n stopped this or should have organised a protest they didn’t do any.”

Moreover Anonymous, on its Facebook page has asked users to vote for either of the two ISPs – Reliance and Airtel. The group have asked their Facebook followers to Like the post, if they are in favour of Reliance’s website/services being hacked or Share the post if their choice is Airtel.

Image Credit: Getty Images

, , , , ,

Leave a comment