CPLC Chief says 'Pakistan a safe heaven for cyber criminals' 06.49

The cyber crimes of multiple kinds in Pakistan have increased by five times over the past four years. Pakistan Daily Times News today reported that, Citizen Police Liaison Committee (CPLC) Chief through a letter on Saturday, apprised the Federal Law, Justice & Parliamentary Affairs Minister that in the absence of Prevention of Electronic Crime Ordinance (PECO) Law 2007, lapsed in 2010, Pakistan had become a safe heaven for cyber criminals and con artists whereas the law enforcement agencies were unable to take legal action against them.

According to the Cyber Crime Unit (CCU), a branch of Pakistan's Federal Investigation Agency (FIA), 62 cases were reported to the unit in 2007, 287 cases in 2008 and the ratio dropped in 2009 but in 2010 more than 312 cases were registered in different categories of cyber crimes.

“There are numerous complaints regarding fake calls deceiving citizens into receiving a phony prize. The normal practice is that the criminals calls the supposed prize winner, and gives him three options to collect his prize money i.e. have the amount transferred in his account through cheque, visit Islamabad to receive the prize money or receive the prize at door step. Thereafter, the caller asks the victim to pay Rs 10,000 through easy paisa transfer and or by cellular easy load for the prize to be processed and once sent the receiver disappears. “ CPLC Chief said.

Cybercrime in Pakistan has its global impact especially with cyber terrorism, example of this, the disappearance of the The Wall Street Journal correspondent on Jan. 23, 2002, from Pakistan's southern city of Karachi and his captors started sending e-mails to newspapers, then the investigators starting to trace the e-mails sent by the kidnappers, this was one of the important reason for establishing the National Response Center for Cyber Crimes in Pakistan to combat against cybercrimes.

After receiving several complains, Sindh CPLC Chief Ahmed Chinoy asked FIA to take up such cases for necessary action as per law. In response to Chinoy’s letter, FIA told him that due to the absence of PECO, they were unable to take any action against the offenders.Sindh CPLC Chief wrote a letter to the Federal Law, Justice & Parliamentary Affairs Minister to draw his attention towards the PECO Law 2007, which had been lapsed in 2010.

Urging the federal minister to revoke PECO, Chinoy stated that these criminals were intentionally harming the physical, mental and financial position of their victims by using modern telecommunication networks such as internet and mobile phones.

There are a number of cyber crimes in Pakistan mainly including cyber pornography, sale of illegal articles, online gambling, intellectual property crimes, email spoofing, cyber stalking, forgery, unauthorized access to computer systems/networks, theft of information contained in electronic form, virus attacks, Trojan attacks, Internet time theft, password cracking and financial cyber crimes (hacking of ATM card numbers and bank accounts).Official data suggest that the hacking of ATM card numbers and bank accounts are on the rise in Pakistan.

Kuwait Government will suspend Twitter accounts of Anonymous Users 06.36

In Kuwait, the Ministry of Interior is in the process of enforcing a rule of their own on Twitter which prevents Kuwaiti users from using anonymous accounts. The ministry said in a press statement that such measure comes in order to preserve the rights of citizens and residents of people who were used to slander them and their families under fake names, saying that such is a crime punishable by law.

The statement went on to say that the move was meant to protect the rights of citizens and residents who have found themselves the subject of slander through statements made by these anonymous accounts, a crime punishable by law in the country, as it is in the UAE.

It confirmed that all public have the freedom of expression guaranteed to them by the Constitution as long as those practices are going according to the law, especially with regard to using the Twitter site.

US Subway Stores POS Hacked For $3Million Dollars 08.39

Honestly there hasn’t been much news over the holiday period, well maybe there was but no one bothered reporting it. There was the Stratfor case of course, which Anonymous is saying wasn’t anything to do with them.

The scale of this incident somehow reminds me of the whole TJ MAXX fiasco a few years back.

Anyway, this whole scheme sounds like a case of people installed VNC with weak passwords and someone finding it by accident – it doesn’t even seem to have been a targeted hack.

    For thousands of customers of Subway restaurants around the US over the past few years, paying for their $5 footlong sub was a ticket to having their credit card data stolen. In a scheme dating back at least to 2008, a band of Romanian hackers is alleged to have stolen payment card data from the point-of-sale (POS) systems of hundreds of small businesses, including more than 150 Subway restaurant franchises and at least 50 other small retailers. And those retailers made it possible by practically leaving their cash drawers open to the Internet, letting the hackers ring up over $3 million in fraudulent charges.

    In an indictment unsealed in the US District Court of New Hampshire on December 8, the hackers are alleged to have gathered the credit and debit card data from over 80,000 victims.

    “This is the crime of the future,” said Dave Marcus, director of security research and communications at McAfee Labs in an interview with Ars. Instead of coming in with guns and robbing the till, he said, criminals can target small businesses, “root them from across the planet, and steal digitally.”

    The tools used in the crime are widely available on the Internet for anyone willing to take the risks, and small businesses’ generally poor security practices and reliance on common, inexpensive software packages to run their operations makes them easy pickings for large-scale scams like this one, Marcus said.

    While the scale of this particular ring may be significant, the methods used by the attackers were hardly sophisticated. According to the indictment, the systems attacked were discovered through a targeted port scan of blocks of IP addresses to detect systems with a specific type of remote desktop access software running on them. The software provided a ready-made back door for the hackers to gain entry to the POS systems. The PCI Security Standards Council, which governs credit card and debit card payment systems security, requires two-factor authentication for remote access to POS systems—something the applications used by these retailers clearly didn’t have.

It seems like there’s a pretty large ring behind this operation, just due to the sheer number of locations compromised and the amount of time it must have taken to install all the malware and logging software.

Plus the network infrastructure that was build to receive the logs via FTP upload, the criminals were pretty smart too – they even ‘backed up’ their stolen data to sendspace just in case their hosting got taken down.

    Once they were in, the hackers then deployed a collection of hacking tools to the POS systems, including logging software that recorded all the input into the systems—including credit card scans. They also installed a trojan, xp.exe, onto the systems to provide a back door to reconnect to the systems to allow the installation of additional malware, and prevent any security software updates.

    Collected data from the loggers was posted by the malware to FTP “dump” sites on a number of Web servers in the US created with domains they registered through GoDaddy.com using stolen credit card data. In addition to using the stolen data to register their own domains and pay for hosting service, the hackers periodically rounded up the dumped transaction data and moved it to sendspace.com, a file transfer site. Richard James of sendspace.com says that his company cooperated with the FBI in the investigation of the hack. ” Sendspace [is] a file hosting and transfer site used by millions every single day,” he said in an email to Ars Technica,”and as such can indeed be used for activities which are against our TOS and that we do not condone.”

    Some of the data was used to print counterfeit credit cards using blank plastic cards and embossing machines. One of the alleged hackers, Cezar Iulian Butu, was generating counterfeit cards with an embossing machine out of a house in Belgium in October of 2010, and working with a group, used the cards “among other uses [to] place bets at local French ‘tobacco’ shops,” the Justice Department said in its filing. The rest of the stolen data was sold in blocks to other criminals from the Sendspace server.

    According to a report by Schuman, Subway’s corporate IT and a credit card company discovered the data breach “almost simultaneously.” Subway Corporate Press Relations Manager Kevin Kane told Ars that “the tech guys who dealt with this moved and put steps in place [to block the theft of data] as soon as they discovered it.” He said the company wouldn’t discuss the measures taken, as “we don’t want to give away the blueprint” to other potential attackers. And Kane added that Subway had been asked by the Justice Department not to comment on other details of the case, as it is part of an ongoing investigation.

It’ll be a pretty interesting case to watch either way, we’ll have to see what else gets discovered (and more importantly released to the public).

Subway corporate IT has taken some measures against this, but as it was franchisee stores that got owned – I don’t honestly see how much they can do. Unless they implement a complete new POS system (which is secure and preferably doesn’t run Windows and connect to the Internet).

POS in this case should well stand for Piece of Shit.

GOVERNANCE OF PAKISTAN and 2 other pakistani websites Got hacked by Ashell(INDISHELL) 02.04

GOVERNANCE OF PAKISTAN , pmumcdp and my.pakistanwebhost Got hacked by Ashell(INDISHELL)


Once again Pakistani cyberspace hit by INDISHELL.This time Ashell INDIA from INDISHELL group have hacked Pakistan's governance’s website and pmumcdp . The reason behind this attack is one Pakistani hacker named THA have hacked BJP’s website so Ashell have hacked it. you can see the hacked website.
http://www.governance.pk/
http://my.pakistanwebhost.com/
http://www.pmumcdp.gov.pk/


mirrors of websites
http://legend-h.org/mirror/272151/governance.pk/
http://legend-h.org/mirror/272257/my.pakistanwebhost.com/
http://legend-h.org/mirror/272150/pmumcdp.gov.pk

China Software Developer Network (CSDN) 6 Million user data Leaked 11.49

The "Chinese Software Developer Network" (CSDN), operated by Bailian Midami Digital Technology Co., Ltd., is one of the biggest networks of software developers in China. A text file with 6 Million CSDN user info including user name, password, emails, all in clear text leaked on internet.

The Download Link (use xunlei to download the file) of the File is available on various social Networks. Now Chinese programmers are busy changing their password now.(lol)

Just did some data ming on CSDN leaked user data. Some interesting findings. Here are the results of Top 100 email providers form 6M CSDN user emails :

@qq.com, 1976190

@163.com, 1766919

@126.com, 807893

@sina.com, 351590

@yahoo.com.cn, 205487

@hotmail.com, 202944

@gmail.com, 186843

@sohu.com, 104735

@yahoo.cn, 87048

@tom.com, 72360

@yeah.net, 53292

@21cn.com, 50709

@vip.qq.com, 35119

@139.com, 29207

@263.net, 24778

@sina.com.cn, 19155

@live.cn, 18920

@sina.cn, 18601

@yahoo.com, 18452

@foxmail.com, 16432

@163.net, 15173

@msn.com, 14211

@eyou.com, 13372

@yahoo.com.tw, 10810

@huiseo.cn, 8493

@csoftmail.cn, 7121

@citiz.net, 6605

@vip.sina.com, 5378

@189.cn, 5004

@etang.com, 4236

@chinaren.com, 3973

@yahoo.com.hk, 3899

@neusoft.com, 2930

@wormsoft.cn, 2780

@sogou.com, 2567

@bdqnok-cp.com.cn, 2551

@live.com, 2528

@mail.china.com, 2177

@china.com, 2169

@mail.ustc.edu.cn, 2038

@huawei.com, 1921

@vip.163.com, 1882

@sjtu.edu.cn, 1881

@371.net, 1805

@10pig.com.cn, 1782

@zte.com.cn, 1681

@cp-bdqnok.com.cn, 1632

@company-mail.cn, 1555

@msn.cn, 1522

@netease.com, 1499

@uggsrock.com, 1363

@bjtu.edu.cn, 1342

@hotmail.com.tw, 1313

@owlpic.com, 1277

@siteposter.net, 1275

@x263.net, 1183

@2008.sina.com, 1180

@elong.com, 1172

@yahoo.co.jp, 1049

@chongseo.com, 1033

@bofthew.com, 1022

@tyldd.com, 992

@fudan.edu.cn, 987

@marketnet.com.cn, 963

@newline.net.cn, 955

@stu.xjtu.edu.cn, 931

@online.sh.cn, 928

@msa.hinet.net, 927

@zju.edu.cn, 878

@king.com, 870

@cmmail.com, 844

@123.com, 838

@56.com, 836

@cpok-bdqn.com.cn, 818

@zj.com, 804

@china.com.cn, 803

@fm365.com, 763

@71mail.com.cn, 751

@avl.com.cn, 748

@bdqncpok.com.cn, 720

@mails.tsinghua.edu.cn, 719

@bit.edu.cn, 693

@mail.nankai.edu.cn, 640

@lzu.cn, 622

@xnmsn.cn, 602

@wo.com.cn, 599

@ah163.com, 598

@yahoo.ca, 594

@263.com, 563

@eastday.com, 561

@stu.edu.cn, 559

@188.com, 556

@mobile.csdn.net, 539

@csdn.net, 533

@sian.com, 519

@ymail.com, 518

@km169.net, 490

@emails.bjut.edu.cn, 488

@pp.com, 483

@pchome.com.tw, 480

 

Kaspersky Internet Security Memory Corruption Vulnerability 11.45

Vulnerability-Lab Team discovered a Memory & Pointer Corruption Vulnerability on Kaspersky Internet Security 2011/2012 & Kaspersky Anti-Virus 2011/2012. A Memory Corruption vulnerability is detected on Kaspersky Internet Security 2011/2012 & Kaspersky Anti-Virus 2011/2012.

The vulnerability is caused by an invalid pointer corruption when processing a corrupt .cfg file through the kaspersky exception filters,which could be exploited by attackers to crash he complete software process.The bug is located over the basegui.ppl & basegui.dll when processing a .cfg file import.

Affected Version(s):

• Kaspersky Anti-Virus 2012 & Kaspersky Internet Security 2012
• KIS 2012 v12.0.0.374
• KAV 2012 v12.x
• Kaspersky Anti-Virus 2011 & Kaspersky Internet Security 2011
• KIS 2011 v11.0.0.232 (a.b)
• KAV 11.0.0.400
• KIS 2011 v12.0.0.374
• Kaspersky Anti-Virus 2010 & Kaspersky Internet Security 2010

The kaspersky .cfg file import exception-handling filters wrong or manipulated file imports like one this first test . (wrong-way.png). The PoC is not affected by the import exception-handling & get through without any problems. A invalid pointer write & read allows an local attacker to crash the software via memory corruption. The technic & software to detect the bug in the binary is private tool.

Backdoor in Android for No-Permissions Reverse Shell 11.36

Thomas Cannon working at viaForensics as the Director of R&D has demonstrated a custom-developed app that installs a backdoor in Android smartphones – without requiring any permissions or exploiting any security holes.Thomas built an app which requires no permissions and yet is able to give an attacker a remote shell and allow them to execute commands on the device remotely from anywhere in the world. The functionality they are exploiting to do this is not new, it has been quietly pointed out for a number of years, and was explained in depth at Defcon 18.

It is not a zero-day exploit or a root exploit. They are using Android the way it was designed to work, but in a clever way in order to establish a 2-way communication channel. This has been tested on Android versions ranging from 1.5 up to 4.0 Ice Cream Sandwich, and it works in a similar way on all platforms.

The application operates by instructing the browser to access a particular web page with specific parameters. This web page, and the server behind it, will, in turn, control the app by forwarding the browser to a URL that starts with a protocol prefix that is registered as being handled by the app, for example app://. This process can then be repeated and in doing so it enables two-way communication.

"In this demonstration Android’s power and flexibility were perhaps also its downfall. Other smartphone platforms may not offer the controls we are bypassing at all, and the multi-tasking capabilities in Android allowed us to run the attack almost transparently to the user. This power combined with the open nature of Android also facilitates the customisation of the system to meet bespoke security requirements. This is something we have even been involved in ourselves by implementing a proof of concept Loadable Kernel Module to pro-actively monitor and defend a client’s intellectual property as it passed through their devices. It is no surprise that we have seen adoption of Android research projects in the military and government as it can be enhanced and adapted for specific security requirements, perhaps like no other mobile platform before it." Thomas Cannon said.

Dailytop15 , gogo.pk and 6 other pakistani websites got hacked by Ashell (indishell) 06.15

Pakistani websites got hacked by Ashell (indishell)

The member of  "Indishell" (ICA-indian cyber army) once again hit Pakistani cyber space. This time Ashell  from Indishell team deface the 8 pakistani website.And the reason of this hack is that some pakistani hackers hacked INDIAN sites. you can see the site listed bellow.
http://dailytop15.com/ (Alexa Traffic Rank: 308,132 Traffic Rank in PK: 14,277 )
http://gogo.pk/ (Alexa Traffic Rank: 568,567 Traffic Rank in PK: 9,569 )
http://paksky.com/
http://www.gsp.gov.pk/
http://thebusinessdata.com/
http://www.bestibusiness.com/
http://www.thebusinessplus.com/
http://www.tipstorunbusiness.com/

President of Guyana's Website defaced by Hackers 07.11

Official Website of President of Guyana's Website defaced by some hackers belongs to Group called "The Hackers Army" And they have posted that the ignorant observer Israel may appear modern, vigorous and democratic largely thanks to the outrageous bias in Western media and the $$$ whores whom have become our leaders...now wake up!!!
REALITY: Israel is and will always be a racist murderer, a child abuser, a child killer, a thief, a compulsive liar, a financier of genocide, an exporter of Terror and a haven for sick perverted traffickers of desperate, vulnerable and naive little girls and young women from Eastern Europe - Essentially a Middle East perverted despot hell bent on recreating the nightmare of Nazi Germany! .The Disaster named hacker from the group is responsible for the Defacements.

NokiaHouse Hacked By Ashell (Indishell) 11.47

NokiaHouse Hacked By Ashell (Indishell)

An INDIAN hacker from INDISHELL(ICA) have hacked Nokiahouse.com. and he have also put the vulnerability details on the deface page. ”Vul : Basic sqli and server intrusion” .and he have created the mirror for that site. click here to see the mirror. And the another site hosted on the same server got hacked by that hacker. Nokia House is part of Nokia. From Nokia House you can download free nokia attractive games interesting applications melodious ringtones and High Quality videos, themes and many more things for you phone.

Hacked site:

http://nokiahouse.com/

http://mastienjoy.com/

Mirror:

http://zone-h.com/mirror/id/16180462

http://zone-h.com/mirror/id/16180458

Best SMS Spoofer: Send Fake SMS 10.56

Well here I am sharing one amazing post about sms spoofing. Using this technique you can send SMS from any number to any number and you can also update the status of any facebook account if the victim have active that service.This post is educational purpose only I am not responsible for anything. 

Lets start..

Smsglobal is an amazing website to send SMS. However, it is a premium site from Australia.But they only allow to send 25 fake SMS at the time of signing up there. So, you can send only 25 Fake SMS using this service . After that, you have to try signing in with a new number and Email ID.

just open this link http://smsglobal.com/signup/signup_page.php and sign up there.

Now fill the form as shown below in the image.

After signing in, you will receive your username and password on your phone.

• Now login in your SMS global Account with your provided Username and Password. 
• After loging in, you will see the welcome screen, just click on Send SMS to Number as shown below.
• 

First remove the sender ID while sending to send a spoofed SMS after that enter the mobile number of both the victim and now you can send a spoofed SMS as shown below.

So, Enjoy Sending fake SMS to any of the number , and now you can update any buddy’s facebook status using this technique!!

Please do not misuse this trick, This article is just for educational purposes. I am not responsible for any consequences taking place!!!

Facebook Security Flaws Allowing Attackers To grab Your Private Photos 09.50

Facebook Security Flaws Allowing Attackers To grab Your Private Photos

A very serious security flaws found in Facebook. Recently a forum has demonstrated how any one can access and download someones private and locked photos from Facebook. Here we sharing the process. The flaw was first reported on the forums of BodyBuilding.com, presumably because the users of that website like taking photos of themselves and putting them online. The bug exploits the way the offensive photograph reporting tool works. Facebook has been heavily criticised in the last few years for matters of privacy and so there are people who will leap on this story as yet another example of how the company simply doesn’t take its users privacy seriously. Such problems have included a change to the terms and conditions that made all your photographs and statuses Facebook’s property and a settings change that made everything on everybody’s profile accessible to search engines by default.

Locate the person who you want to view photos of

Click on Report/Block. From the popup menu, select Inappropriate Profile photo and press continue

Select Nudity or pornography and press continue

Only check Report to Facebook and press continue

Only select Help us take action by selecting additional photos to include with your report and press Okay

While some browsers restrict this flaw, private photos that are hidden or unaccessible to

people who are friends, can not only be accessed but enlarged to their full scale.

While some browsers restrict this flaw, private photos that are hidden or unaccessible to people who are friends, can not only be accessed but enlarged to their full scale.

This private photo of Mark Zuckerberg is also been exposed from his profile by the method described earlier. Facebook later said that they are working to patch this security hole.

sslyze – Fast and Full-Featured SSL Configuration Scanner 05.29

Transport Layer Security (TLS), commonly called SSL, is one of the most widely used protocols to secure network communications. As costs fall and user security and privacy expectations rise companies are deploying it more widely every year. Attacks against the CA system, SSL implementation flaws and aging protocol versions have grabbed news headlines, bringing attention to weak configurations, and the need to avoid them. Additionally, server misconfiguration has always greatly increased the overhead caused by SSL, slowing the transition to improved communications security.

To help improve system configurations, iSEC is releasing the free software “SSLyze” tool. They have found this tool helpful for analyzing the configuration of SSL servers and for identifying misconfiguration such as the use of outdated protocol versions, weak hash algorithms in trust chains, insecure renegotiation, and session resumption settings.

 

Features

• Insecure renegotiation testing
• Scanning for weak strength ciphers
• Checking for SSLv2, SSLv3 and TLSv1 versions
• Server certificate information dump and basic validation
• Session resumption capabilities and actual resumption rate measurement
• Support for client certificate authentication
• Simultaneous scanning of multiple servers, versions and ciphers

You can download sslyze here:

sslyze-0.3_src.zip

Dawn.com (biggest pakistani news site) hacked by LuCkY 05.22

Dawn.com (biggest pakistani news site) hacked by LuCkY

The member of  "Indishell" (ICA-indian cyber army) once again hit Pakistani cyber space. This time LuCkY from Indishell team deface the biggest Pakistani News site Dawn.com (Alexa Rank : 3540, 56 in pakistan).
Deface page message include the possible hack reason "You Wont get kashmir by hacking sites lol , Kashmir is ours will be".The Indishell and PCA warriors hide behind coded named such as 'Zombie' , 'Lucky' and are thought to be young IT experts.

pakhackerz,abbottabad. and 2 more websites got hacked by INDISHELL (ICA) 05.21

pakhackerz,abbottabad. and 2 more websites got hacked by INDISHELL (ICA)

Indian hackers group INDISHELL have hacked some of the Pakistani websites, the list of the websites are as follow.
http://pakhackerz.com/
http://esolpakistan.com/
http://www.thenucleuspak.org.pk/imp.html
http://justpakistan.com/administrator 
http://pakistanhost.com/administrator

Cain & Abel v4.9.43 Released 23.50

Cain & Abel v4.9.43 Released

Cain & Abel is a password recovery tool for Microsoft operating systems.It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using dictionary and brute force attacks, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols.
Change Log :

• Added SAP R/3 sniffer filter for SAP GUI authentications and SAP DIAG protocol decompression.
• Added support for Licensing Mode Terminal Server connections to Windows 2008 R2 servers in APR-RDP sniffer filter.
• Added support for MSCACHEv2 Hashes (used by Vista/Seven/2008) in Dictionary and Brute-Force Attacks.
• Added MSCACHEv2 Hashes Cryptanalysis via Sorted Rainbow Tables.
• Added MSCACHEv2 RainbowTables to WinRTGen v2.6.3.
• MS-CACHE Hashes Dumper now supports MSCACHEv2 hashes extraction from Windows Vista/Seven/2008 machines and offline registry files.
• Fixed a bug (crash) in Certificate Collector with Proxy settings enabled.
  click here to Download

Protecting Your BlackBerry Smartphone with Security Wipe 23.30

Protecting Your BlackBerry Smartphone with Security Wipe

The BlackBerry is a amazing device. We load our BlackBerries with various useful softwares and applications to increase our productivity and customize them with interesting themes and ringtones. We watch movies and play games and track day to day activities. All of these things require passwords and usually involve storing data on our devices that is sensitive in nature.

So what if you want to wipe your BlackBerry clean?

There are a number of reasons why you might want to wipe out your Blackberry. Perhaps you have switched jobs and need to submit your BlackBerry into your new IT department so they can set it up for their network. You wouldn’t want them to have access to your previous employers data would you?

Perhaps you have purchased a new model of BlackBerry and would like to gift your previous model to a friend or sell it on ebay. The same rule applies, you do not want them to see what you were using your Blackberry for prior to handing it over.

How to Use security wipe ?

Before using this function, it is recommended that you back up any data and applications that you like to use on your new BlackBerry smartphone.

1. On the BlackBerry smartphone, select Options from the home screen.

2. Select Security Settings, then Security Wipe.

3. Specify what items will be wiped during this process by checking off the boxes.

4. Enter “blackberry” (field is not case-sensitive) and select Wipe.

5. The BlackBerry smartphone will reset a few times, and after this process is complete, it will no longer contain any of your personal data.

Google, Gmail, YouTube, Yahoo, Apple hacked using DNS cache poisoning attack 23.08

Google, Gmail, YouTube, Yahoo, Apple hacked using DNS cache poisoning attack

Hacker with Codname AlpHaNiX deface Google, Gmail, Youtube, Yahoo, Apple etc domains of Democratic Republic of Congo. Hacker use strategy so-called DNS cache poisoning.

DNS cache poisoning is a security or data integrity compromise in the Domain Name System (DNS). The compromise occurs when data is introduced into a DNS name server's cache database that did not originate from authoritative DNS sources. It may be a deliberate attempt of a maliciously crafted attack on a name server.

Picture show you how hacker insert fake records into the cache of DNS servers.

List of hacked websites:
http://apple.cd/
http://yahoo.cd/
http://gmail.cd/
http://google.cd/
http://youtube.cd/
http://linux.cd/
http://samsung.cd/
http://hotmail.cd/
http://microsoft.cd/

15 Years Old Expert found XSS Vulnerability On Twitter !! 01.15

 

A 15 years old XSS Expert "Belmin Vehabovic(~!White!~)" discovered XSS Vulnerability On Twitter and report us. The Vulnerable link is here. Even He also Discovered XSS Vulnerability in Facebook also as tweeted by him Yesterday &Facebook is offering him $700 as Bounty.

New Yahoo 0-day exploit hijacks status updates !! 23.15

Malware spread via Yahoo Instant Messenger has been around for years. Infection, though, has been limited by the fact that it requires some interaction with the user.

 

 

How does it work?
The status message change happens when an attacker  simulates sending a file to a user. This action manipulates the $lnlineAction parameter in order to  load an iFrame which , when loaded ,swaps the status message for the attacker’s custom text. This status may include a dubious link.

 

Why is this dangerous?

When the victim's status message is swapped with an attention getting text that points to a page hosting a zero-day exploit targeting the IE browser, the locally installed  or Flash environments or even a PDF bug, to mention only a few. when  a contact clicks on the victim’s status message, chances are they get infected without even knowing it. All this time, the victim is unaware that his status message has been hijacked!!

The Mole – Automatic SQL Injection SQLi Exploitation Tool 03.09

The Mole – Automatic SQL Injection SQLi Exploitation Tool

The Nole is an automatic SQL injection exploitation tool. YOou just need to provide SQL vulnerable LINK and valid string on the shitty site and it can detect the injection and it will exploit it using union technique or a boolean query based technique. You can hack any sql vulnerable website using this tool.

 Features

• Support for injections using Mysql, SQL Server, Postgres and Oracle databases.
• Command line interface. Different commands trigger different actions.
• Developed in python 3.
• Support for query filters, in order to bypass certain IPS/IDS rules using generic filters, and the possibility of creating new ones easily.
• Auto-completion for commands, command arguments and database, table and columns names.

You can download it from here

Windows: themole-0.2.6-win32.zip

 Linux: themole-0.2.6-lin-src.tar.gz

 If you want to know how to use this tool then click here