Tuesday, September 27, 2011

Al-Qaida's Shamukh Chat Forum Under Attack





Al-Qaida's top-tier Al-Shamukh chat forum is facing an ongoing electronic attack, that has rendered the forum totally unreachable, according to a terrorism expert.The attack on Shamukh is similar to one reported in June this year, and first the domain and then subsequently the underlying data server were both taken down separately, Evan Kohlmann of Flashpoint Partners said in an email late Monday.
The difference this time however is that al-Qaida now has an alternate secondary forum to distribute its propaganda and media, known as "Al-Fidaa". "In other words, shutting down Shamukh is still quite an annoyance, and it certainly causes jihadi webmasters headaches, but it hasn't had the same effect of gagging al-Qaida's media machine," said Kohlmann who has spent over a decade tracking al-Qaida and other terrorist organizations.
Al-Fidaa is not yet under attack, but it would be interesting to see if a similar electronic attack is launched against this forum as well.
The identity of the attackers is still not known, but it looks like someone launched a coordinated assault on the forum that was designed to cripple the whole system, Kohlmann said.
Typically, that's not the kind of thing that happens because of a lightning strike or a handful of people relying on a tool like LOIC (Low Orbit Ion Cannon), he added.
LOIC is a network stress-testing tool that floods sites with data, making them unable to serve legitimate visitors. This type of attack is called a distributed denial of service (DDoS) attack.
Kohlmann said in a Twitter message earlier on Monday that web domain names servicing Shamukh chat forum have come under apparent attack by unknown hostile parties. He later reported that the forum was "totally unreachable".
A threat to "cut the tongue" of U.S. TV host and comedian David Letterman was posted on the forum in August.
http://www.pcworld.com/businesscenter/article/240637/alqaidas_shamukh_chat_forum_under_attack_says_expert.html

Web Host Netregistry Hit by DDoS Attack


WEB HOST INDUSTRY REVIEW) --Australian web host NetRegistry (www.netregistry.au) was hit by a DDoS attack on Monday, according to a report by ZDNet Australia.
This attack comes a few months after it acquired the customers and assets of Australian web host Distribute.IT, the web host attacked by hacker group Evil in June.
According to the report, the attack started at 10:30 am and affected its customers using shared and virtual private server hosting. Approximately 100,000 customers were likely to have been affected by the disruption, according to Netregistry CEO Brett Fenton.
Fenton says Netregistry itself was not the intended target, but it isn't sure which hosting customer the attack was directed at. According to the report, Netregistry had to fend off a similar DDoS attack last year when its customer the Australian Federation Against Copyright Theft was targeted by Anonymous.
Around 10:45 am, Netregistry announced its phone system was overloaded and had to place a limit on the number of calls it could accept. Around this time, the company confirmed it was experiencing a DDoS attack, and began to re-divert its network bandwidth and work with its upstream provider Telstra to stem the flow of traffic.
A report by iTechReport says that by lunchtime, the company believed it had resolved the issue, but the attack restarted around 2pm bringing the hosted sites offline again.
Netregistry says by 5pm access had been restored for most customers except for those using a Telstra-provided internet connection. Access to sites on the Zeus Dynamic shared hosting infrastructure remains offline, according to the report.
The report says the outage impacted its resellers and subsidiaries like ZipHosting as well.

http://www.thewhir.com/web-hosting-news/092611_Web_Host_Netregistry_Hit_by_DDoS_Attack

Wednesday, September 21, 2011

Tesco says sorry after website crash leaves thousands unable to order groceries


Thousands of Tesco customers were unable to order food yesterday after the chain’s website crashed.
Britain’s biggest grocer was forced to say sorry when a glitch locked families out of their shopping lists.
One fed-up customer told the Mirror: “I tried for more than two hours and then gave up and switched to another supermarket because I needed a certain time slot for my shopping.”

With customers unable to order groceries and others booted off its Tesco Direct ­catalogue, experts said lost sales could add up to £1million over 24 hours.
Tesco is estimated to make £255million a year from online sales alone.
GLITCH
The Tesco.com site went down at around 1pm and while Tesco Direct was back up again two hours later, IT engineers were still working flat out to fix the grocery shopping site.
Shoppers trying to log on were told: “We’re very sorry. The Tesco.com grocery website is currently undergoing improvement works.
“It will be up and running shortly so please try again.”
A statement from the ­supermarket giant blamed a technical fault.
It said: “This is a rare glitch which has affected some of our online operations. We are working hard to fix it.”
Tesco websites have been plagued by computer ­problems in recent months.
In June, angry savers threatened to dump Tesco Bank after a similar crash left them without access to their cash for three days.
And before Christmas, customers trying to cash in Clubcard vouchers ahead of a deadline were shut out after the site went down.

http://www.mirror.co.uk/news/top-stories/2011/09/21/tesco-says-sorry-after-website-crash-leaves-thousands-unable-to-order-groceries-115875-23434841/

Wednesday, September 14, 2011

Talking Points Memo Site Brought Down After Hacker Story

The popular politics and news website Talking Points Memo crashed on Friday after experiencing an apparent distributed denial-of-service (DDOS) attack. The shutdown came after the site published the mugshots of 14 alleged members of Anonymous, a loose-knit group of online hacker activists, who became well-known after launching online attacks on parties who opposed WikiLeaks, including MasterCard and PayPal. While there was no direct evidence that tied Anonymous to the attack, the group has launched similar attacks against media websites and law enforcement agencies in the past.

http://www.huffingtonpost.com/2011/09/09/talking-points-memo-websi_n_956424.html

DDoS takes down UK's Russian embassy website before PM visit to Moscow



It has been 5 years since a British leader has visited Moscow. On the eve of the first visit since a Kremlin critic was killed in London, the website for the Russian Embassy in London was attacked by a distributed denial of service attack.
British Prime Minister David Cameron has been very vocal in the past about the killing of Alexander Litvinenko who was poisoned in 2006 by radioactive polonium-210, but has worked in the last year since taking over as Prime Minister to mend the relationship with Russia and President Dmitry Medvedev.
“Prior to the visit of Prime Minister David Cameron to Russia, the website of the Russian Embassy in London was brought down by a suspected DDoS attack,” the embassy said in a statement.
The site went down on Friday, came back up on Saturday, then fell again on Sunday. It is currently live.

http://www.techi.com/2011/09/ddos-takes-down-uks-russian-embassy-website-before-pm-visit-to-moscow/

Friday, August 26, 2011

Leading Industry Analyst Firm Cites Prolexic in Recent Hype Cycle Report


 


Prolexic Technologies, the global leader in Distributed Denial of Service (DDoS) mitigation services, today announced that it has been mentioned as a sample vendor in a report entitled, “Hype Cycle for Infrastructure Protection, 2011” by respected industry analyst firm Gartner. In the August 10 report, Gartner predicts DDoS defense will achieve mainstream adoption in less than two years and lists it as “highly beneficial” on its Priority Matrix.

Prolexic Technologies, the global leader in Distributed Denial of Service (DDoS) mitigation services, today announced that it has been mentioned as a sample vendor in a report entitled, “Hype Cycle for Infrastructure Protection, 2011” by respected industry analyst firmGartner.
In the August 10 report, Gartner predicts DDoS defense will achieve mainstream adoption in less than two years and lists it as “highly beneficial” on its Priority Matrix.
A DDoS attack is an attempt to make a computer resource (i.e. web site, e-mail, voice, or a whole network) unavailable to its intended users. By overwhelming a web site and/or server with data and/or requests, the target system either responds so slowly as to be unusable or crashes completely. The data volumes required to do this are typically achieved by a network of remotely controlled Zombie or botnet [robot network] computers.

"Gartner client calls on DDoS have increased and DDoS services are nearing "must-have" status. Any Internet-enabled application that requires guaranteed levels of availability should employ DDoS protection to meet those requirements."


According to Gartner Vice President and Research Fellow, John Pescatore, Gartner client calls on DDoS have increased and DDoS services are nearing "must-have" status. In the report, he states, “DDoS mitigation services should be a standard part of business continuity/disaster recovery planning and be included in all Internet service procurements when the business depends on the availability of Internet connectivity. Any Internet-enabled application that requires guaranteed levels of availability should employ DDoS protection to meet those requirements.” The report also lists 10 sample DDoS mitigation providers, including Prolexic.
“Because DDoS is all we do, we have more expertise, more experience and more network resources dedicated to fighting these attacks than any other provider,” said Scott Hammack, chief executive officer at Prolexic. “That’s why large, complex attacks that can overwhelm other providers always end at Prolexic.”
Since 2003, Prolexic has been protecting Internet facing infrastructures against all known types of DDoS attacks at the network, transport and application layers with a distributed global network of scrubbing centers. By dedicating more bandwidth to attack traffic than any other provider – supplemented by proprietary tools, techniques, and experienced security experts – Prolexic has been able to handle the largest and most sophisticated DDoS attacks ever launched.
Prolexic’s singular focus on DDoS mitigation also avoids potential conflicts of interest between business groups for companies that offer multiple service lines. This can occur when a DNS provider also offers “add on” DDoS mitigation services, for example. If the same infrastructure that supports DNS services is overwhelmed by a DDoS attack, it is possible that DDoS customers will be sacrificed to protect DNS customers and the company’s core business. Pure play DDoS mitigation providers like Prolexic do not have this concern.
“Five of the ten largest global banks, e-Commerce providers, payment processors and others with mission critical Internet-facing infrastructures trust Prolexic to protect them from DDoS attacks and restore availability in minutes,” said Hammack. “That’s why Prolexic is the gold standard for DDoS monitoring and mitigation.”
http://www.prweb.com/releases/2011/8/prweb8742612.htm

Thursday, August 11, 2011

Prolexic Becomes First DDoS Mitigation Provider to Gain PCI DSS Certification - Speeds Service Provisioning to Mitigate Encrypted Layer 7 Attacks -




Prolexic Technologies, the global leader in Distributed Denial of Service (DDoS) mitigation services, today announced that it is the first DDoS mitigation provider to secure PCI DSS (Payment Card Industry Data Security Standard) level 2 certification.
PCI DSS is a worldwide program designed to help protect consumers from fraud by regulating payment card data security. The PCI DSS standard is the result of a collaborative effort by the major credit card brands (Visa, MasterCard, American Express, Discover and JCB) to build a set of requirements designed to ensure that all merchants that process, store or transmit credit card information maintain a secure online environment.
In the last few years, Prolexic has observed an increase in the number of encrypted attacks against web properties. Typically, these attacks use Secure Socket Layer (SSL) to start an application layer (Layer 7) attack. To monitor and mitigate these encrypted attacks effectively, Prolexic requires that a customer provide their data decrypting private keys.
“Achieving PCI DSS compliance makes it much easier for customers to deploy with us and leverage our unique capabilities to overcome encrypted attacks,” said Paul Sop, chief technology officer at Prolexic. “With this certification, customers know instantly that our key management and security procedures are in compliance with their PCI DSS policy without the time and expense of auditing Prolexic.”

Quote startWith this certification, customers know instantly that our key management and security procedures are in compliance with their PCI DSS policy without the time and expense of auditing Prolexic.Quote end


While PCI DSS certification is not required because Prolexic does not store or process any credit card data, certification makes it much easier for a compliant organization to onboard with Prolexic. Critically, certification speeds deployment of remediation for compliant organizations during encrypted Layer 7 DDoS attacks.
Brightline, http://www.brightline.com, an external auditing company specializing in assurance and compliance services, found that Prolexic has taken sound measures to establish a solid set of security controls and procedures.
“Achieving compliance with this globally recognized data security standard is a significant milestone for Prolexic,” added Sop. “With more and more payment processing and e-Commerce companies coming under DDoS attack, this certification will further differentiate our capabilities and make Prolexic the logical choice for these types of organizations.”
About Prolexic
Prolexic is the world’s largest, most trusted Distributed Denial of Service (DDoS) mitigation provider. Able to absorb the largest and most complex attacks ever launched, Prolexic restores mission critical Internet facing infrastructures for global enterprises and government agencies within minutes. Five of the world’s ten largest banks and the leading companies in e-Commerce, payment processing, travel/hospitality, gaming and other at risk industries rely on Prolexic to protect their businesses. Founded in 2003 as the world’s first “in the cloud” DDoS mitigation platform, Prolexic is headquartered in Hollywood, Florida and has scrubbing centers located in the Americas, Europe and Asia. For more information, visit http://www.prolexic.com.

http://www.prweb.com/releases/2011/8/prweb8711385.htm

IT security – a priority for African businesses







As Kenya prepares to host the IDC IT Security Roadshow, Kaspersky Lab is proud to be a part of such a thought leading event, as the company aims to stress the importance of proactive security measures that businesses operating in East Africa need to understand and implement today, for future success.
“91% of companies have experienced at least one IT security event from an external source in the last 12 months. This high statistic certainly proves just how crucial corporate IT security is now more than ever. The reality is that cybercriminal activity targeted at the corporate has, and will continue, to grow on a global scale, especially as newer, more innovative technologies evolve and become critical business competitive tools. And with the prediction that East Africa will be a significant contributor to Africa’s forecasted growth of 3.7%² in 2011 – the African continent will continue to boom economically where the business landscape will grow – making businesses operating in African countries an ideal target for cybercriminals,” says Sergey Novikov, Kaspersky Lab Head of EEMEA Research Centre.
In their recently released report, Worldwide Security Products and Services 2011 Top 10 predictions, the IDC drew some interesting conclusions that closely correspond to Kaspersky Lab’s strategy and vision in this regard. Of these, the IDC predicts that consumers and enterprises will continue to grow their spending on Endpoint Security at surprising rates – the reason being obvious – corporate IT security is a necessity! Customers and enterprises are looking  for  an  integrated  approach  that  offers  a  broad  range  of  protection from malicious cyber attacks, accidental  disclosure  of  sensitive  information  (consumer  and  corporate),  usage  by  unauthorised  users  (identity  fraud), and  applications (botnets).
“For many years now, Kaspersky Lab has taken an integrated approach to protection in our product offering and believe that IT Security should be top of mind for all businesses operating within the African continent. Apart from the traditional organisation of DDoS attacks, cybercriminals today have a main focus of targeting corporate servers for stealing corporate data and African businesses are not excluded,” says Novikov.
The IDC further predicts that small and medium enterprises (SMEs) globally will see more targeted attacks against data and resources. Small businesses will see increasing attacks on customer data.  Attempts to take full control of servers, PCs, and storage arrays for botnets, DDoS attacks, spam, phishing, hacktivism, and other uses are also expected to increase.
“With SMEs accounting for an estimated 60%³ of all employment in East Africa, and contributing up to 30% of gross national product, the SME sector in East Africa cannot afford to experience such attacks on their organisations, as the results could be detrimental likely having a ripple effect on the economy,” adds Novikov.
The conference will be taking place at the Hilton Hotel in Nairobi, where Novikov aims to provide insight into the above at the IDC IT Security Roadshow, to ensure that businesses operating within the African landscape are made aware of such threats that exist and take the necessary action required to avoid the impact of these attacks.
“The reality today is that proactive security is a requirement for all businesses, to ensure effective protection against such threats and attacks. Corporate servers are being attacked continuously and should such activity continue to take place, a business could stand to loss everything. Implementing the necessary corporate IT security measures now is the next major step for East African based businesses in effectively protecting enterprises – ensuring success and as such, continued positive growth of the African continent,” concludes Novikov.

HKEx - Hong Kong stock exchange Hacked




Trading in Hong Kong was disrupted on Wednesday by a hacking incident on the Hong Kong Exchange website. "Our current assessment that this is a result of a malicious attack by outside hacking," Charlies Li, chief executive of Hong Kong Exchanges & Clearing, told reporters.

The seven stocks in question were all due to release sensitive results to the website that could impact the price of their stocks.Although the Hong Kong stock exchange also operates an alternative backup site for posting the results, it chose to halt trading of the affected stocks for the afternoon session.Stocks affected included HSBC, Cathay Pacific, China Power International and the Hong Kong exchange itself.It is unclear at this point whether the attack actually compromised the site, or if it was merely a denial of service attack.

"It was the first time for a suspension due to such a kind of technical problem and one involving so many companies," Alfred Chan, chief dealer at Cheer Pearl Investment in Hong Kong. Hackers attacked the Zimbabwe stock exchange website on Friday, forcing a shutdown of the site and hampering traders monitoring performance on the 79-company bourse.


http://www.thehackernews.com/2011/08/hkex-hong-kong-stock-exchange-hacked.html

Wednesday, August 10, 2011

Hacker Group Anonymous Vows To Destroy Facebook On November 5




Hacktivist group Anonymous, which has been responsible for cyber-attacks on the Pentagon, News Corp, and others, has vowed to destroy Facebook on November 5th (which should ring a bell).
Citing privacy concerns and the difficulty involved in deleting a Facebook account, Anonymous hopes to "kill Facebook," the "medium of communication [we] all so dearly adore."
This isn't the first time Anonymous has spoken out against social networks.
After Google removed Anonymous' Gmail and Google+ accounts, Anonymous pledged to create its own social network, called AnonPlus.
The full text of the announcement, made on YouTube and reported by Village Voice, is below:
Operation Facebook

DATE: November 5, 2011.

TARGET: https://facebook.com

Press:
Twitter : https://twitter.com/OP_Facebook
http://piratepad.net/YCPcpwrl09
Irc.Anonops.Li #OpFaceBook
Message:

Attention citizens of the world,

We wish to get your attention, hoping you heed the warnings as follows:
Your medium of communication you all so dearly adore will be destroyed. If you are a willing hacktivist or a guy who just wants to protect the freedom of information then join the cause and kill facebook for the sake of your own privacy.

Facebook has been selling information to government agencies and giving clandestine access to information security firms so that they can spy on people from all around the world. Some of these so-called whitehat infosec firms are working for authoritarian governments, such as those of Egypt and Syria. 

Everything you do on Facebook stays on Facebook regardless of your "privacy" settings, and deleting your account is impossible, even if you "delete" your account, all your personal info stays on Facebook and can be recovered at any time. Changing the privacy settings to make your Facebook account more "private" is also a delusion. Facebook knows more about you than your family. http://www.physorg.com/news170614271.htmlhttp://itgrunts.com/2010/10/07/facebook-steals-numbers-and-data-from-your-iph.... 

You cannot hide from the reality in which you, the people of the internet, live in. Facebook is the opposite of the Antisec cause. You are not safe from them nor from any government. One day you will look back on this and realise what we have done here is right, you will thank the rulers of the internet, we are not harming you but saving you.

The riots are underway. It is not a battle over the future of privacy and publicity. It is a battle for choice and informed consent. It's unfolding because people are being raped, tickled, molested, and confused into doing things where they don't understand the consequences. Facebook keeps saying that it gives users choices, but that is completely false. It gives users the illusion of and hides the details away from them "for their own good" while they then make millions off of you. When a service is "free," it really means they're making money off of you and your information.

Think for a while and prepare for a day that will go down in history. November 5 2011, #opfacebook . Engaged.

This is our world now. We exist without nationality, without religious bias. We have the right to not be surveilled, not be stalked, and not be used for profit. We have the right to not live as slaves.

We are anonymous
We are legion
We do not forgive
We do not forget
Expect us


http://www.businessinsider.com/anonymous-facebook-2011-8

Monday, August 8, 2011

Morocco: Militant Website Sustains DDoS Attack


The Moroccan militant website Mamfakinch! has come under a distributed denial-of-service (DDoS) attack on Sunday 31 July, 2011, which blocked the access to its main platform for several hours. The website is now back online.
What is Mamfakinch! and why has it been attacked?
Mamfakinch!
In the wake of the Arab revolutions, a couple of Moroccan online activists launched a militant website on February 17, 2011. They called it Mamfakinch!, which in Moroccan Arabic means “We won't give up!”.

In the six months of its existence Mamfakinch! has attracted a record audience of over a million unique visitors across its two main outlets which comprise an online news portal and a blog. The site's goal, according to its members, is to provide a platform for free expression for opposition voices and pro-democracy activists.
Against the backdrop of the Arab revolutions, Mamfakinch! set about to aggregate, curate and disseminate citizen media material, emulating the work of similar outlets in the region, notably the celebrated Tunisian news portal Nawaat.org.
But as Mamfakinch! readers and supporters have grown in number, so too have its detractors. “The website has gained a lot of popularity in the Moroccan activist blogosphere but we had also attracted a lot of enemies. Attacks against the website have started very early on but they are becoming increasingly aggressive” says this site's co-manager who also explains that the platform is receiving regular threats and countless derogatory comments. [Please note: the Mamfakinch! representatives interviewed in this article wish to remain anonymous].
One video recently surfaced on the internet purporting to show an attack against Mamfakinch!. The site was quick to publish an article [Fr] in which it (very sarcastically) dismissed the alleged attack as “a miserable spoof”.
The Attack
This Sunday, while the website was securing the exclusive live coverage of the pro-democracy marches and demonstrations being held across the kingdom, access to its main portal was denied. The blockade lasted for several hours before the site again became accessible late in the evening.
According to the site administrators, Mamfakinch! came under a large-scale DDoS attack. “The attack seems to originate from thousands of dynamic IPs localted in Saudi Arabia (!)” says the website's webmaster. The site's server has, in the matter of a few hours, became overloaded with the amount of new automated IPs' requests.
“The site is now up and running and we have taken measures to insure that such attacks don't happen in the future… although no one can be absolutely sure” says this co-founder of the site who adds that his colleagues, “for obvious security reasons, prefer not to disclose details of the steps taken to secure access to the site.”
Like in Ben Ali's Tunisia
Before the revolution in Tunisia, Morocco was praised for the relative freedom enjoyed by its internet users. But the country is now seeing a surge in attacks against online dissidents, several of whom have had their Facebook or email accounts hacked into. Phishing techniques were probably used to harvest account passwords.
DDoS attacks, infiltration techniques and blockage of dissident domain names were common during the Ben Ali era in Tunisia. Those types of attacks are increasingly becoming commonplace in Morocco. The site of the irreverent magazine Demain Online has not yet recovered from an attack it suffered over a month ago. The website 20Fevrier.com, believed to be related to the pro-democracy movement in Morocco, also came under attack several weeks ago. It has been offline ever since.
“The more they attacks us, the more we learn!”
Paradoxically, in the Arab world, the most experienced activists usually come from the most repressive environments. After a long confrontation with their governments, Tunisian and Egyptian activists have become experts in circumvention tools. This expertise is now being transferred to other countries in the region where militants are learning each day as they struggle against attempts to censor their voices online.
This statement from a member of Mamfakinch! sums up the situation quite well: “The more they attack us, the more we learn! Let them come!”

Anonymous unsheathes new, potent attack weapon

Better DDoS attacks ahead


Members of Anonymous are developing a new attack tool as an alternative to the LOIC (Low Orbit Ion Cannon) DDoS utility.
The move follows a spate of arrests thought to be connected to use of the LOIC, which by default does nothing to hide a user's identity.
The new tool, dubbed RefRef, due to be released in September, uses a different approach to knocking out websites. LOIC floods a targeted site with TCP or UDP packets, a relatively unsophisticated yet effective approach, especially when thousands of users use the tool to join voluntary botnets.
RefRef, by contrast, is based on a more sophisticated application-level approach designed to tie up or crash the servers behind targeted websites instead of simply flooding them with junk traffic, according to a blog post on the development by an Anonymous-affiliated blog.
"Anonymous is developing a new DDoS tool," the post explains. "So far, what they have is something that is platform neutral, leveraging JavaScript and vulnerabilities within SQL to create a devastating impact on the targeted website."
RefRef, which uses a "target site's own processing power against itself" is undergoing field trials, with tests against Pastebin, the blog post by AnonOps Communications reports.
Arrests in UK, Spain and Turkey connected to LOIC-powered attacks have already prompted some core members of Anonymous to move towards using a new server and dropping LOIC in favour of other attack tools, such as Slow Loris and Keep-Dead DoS. This now seems to be purely a stop-gap measure while RefRef undergoes development.
LOIC was originally developed for network stress-testing, but later released into the public domain where, years later, it became a weapon of choice for hacktivists, most notably in the Operation Payback attacks against financial service organisations that blocked accounts controlled by Wikileaks last December following the controversial release of US diplomatic cables.
The problem with LOIC is that unless attacks are anonymised by routing them through networks, such as Tor, then users will be flinging junk packets that are stamped with their IP address at the targeted systems. These IP addresses can then be traced back to suspects by police.
Whether or not RefRef does a better job at anonymisation, by default, remains unclear but early experiments suggest that Anonymous is brewing a more potent attack tool. "Supposedly, the tool will DoS a targeted website with ease," Dancho Danchev, an independent cyber-threats analyst told El Reg. ®

DIY Spy Drone Sniffs Wi-Fi, Intercepts Phone Calls


LAS VEGAS — What do you do when the target you’re spying on slips behind his home-security gates and beyond your reach?
Launch your personal, specially equipped WASP drone — short for Wireless Aerial Surveillance Platform — to fly overhead and sniff his Wi-Fi network, intercept his cellphone calls, or launch denial-of-service attacks with jamming signals.
These are just a few of the uses of the unmanned aerial vehicle that security researchers Mike Tassey and Richard Perkins demonstrated at the Black Hat security conference here Wednesday.
At a cost of about $6,000, the two converted a surplus FMQ-117B U.S. Army target drone into their personal remote-controlled spy plane, complete with Wi-Fi and hacking tools, such as an IMSI catcher and antenna to spoof a GSM cell tower and intercept calls. It also had a network-sniffing tool and a dictionary of 340 million words for brute-forcing network passwords.
The GSM hack was inspired by a talk given at last year’s DefCon hacker conference by Chris Paget, who showed how to create a cellphone base station that tricks nearby handsets into routing their outbound calls through it instead of through commercial cell towers.
That routing allows someone to intercept even encrypted calls in the clear. The device tricks phones into disabling encryption, and records call details and content before they’re routed to their intended receiver through voice-over-internet protocol or redirected to anywhere else the hacker wants to send them.



The drone takes that concept and gives it flight. The plane weighs 14 pounds and is 6 feet long. Per FAA regulations, it can legally fly only under 400 feet and within line of sight. But the height is sufficient to quiet any noise the drone might produce, which the researchers said is minimal, and still allow the plane to circle overhead unobtrusively.
It can be programmed with GPS coordinates and Google maps to fly a predetermined course, but requires remote control help to take off and land.
The two security researchers created the spy plane as a proof of concept to show what criminals, terrorists and others might also soon be using for their nefarious activities.
Tassey, a security consultant to Wall Street and the U.S. intelligence community, told the conference crowd that if the two of them could think up and build a personal spy drone, others were likely already thinking about it, too.
The spy drones have multiple uses, both good and bad. Hackers could use them to fly above corporations to steal intellectual property and other data from a network, as well as launch denial-of-service or man-in-the-middle attacks. They could also transmit a cellphone jamming signal to frustrate an enemy’s communications.
“It’s hard to keep something that’s flying from getting over your facility,” Tassey said.
A drone could also be used to single out a target, using the target’s cellphone to identify him in a crowd, and then follow his movements. And it would be handy for drug smuggling, or for terrorists to trigger a dirty bomb.
But the drones don’t just have malicious uses. The researchers point out that they would be great for providing emergency cellular access to regions hit by a disaster.
The drones could also be outfitted with infrared cameras and shape-recognition technology to run search-and-rescue missions for lost hikers. The military could use them for electronic countermeasures to jam enemy signals or as communication relays flown over remote areas to allow soldiers on two sides of a mountain, for example, to communicate.
“You don’t need a PhD from MIT to do this,” Perkins said.
http://www.wired.com/threatlevel/2011/08/blackhat-drone/

Hackers attack Zim stock exchange site

     




Harare - Computer hackers have attacked the Zimbabwe Stock Exchange website, prompting the authorities at the bourse to shut down the site, chief executive Emmanuel Munyukwi said on Friday.

"Our website has been targeted by hackers and the last incident was on Wednesday," Munyukwi told AFP.

"We have taken it offline. Our hosts have recommended to us that the site is no longer safe and they notified us about this yesterday."

"They have also recommended that we need a new website," he added.

Munyukwi said the attack affected traders monitoring performance on the bourse with 79 listed companies.

ZSE does not conduct trading on the internet.

Early this year hackers attacked the website of Zimbabwe's finance ministry.

Hacker group Anonymous takes over Syrian Ministry of Defense website


A screenshot of the Syrian Ministry of Defense website after it was hacked by the 4Chan hacker group Anonymous

The loose band of global hackers known as Anonymous has claimed another scalp in its ongoing fight against tyrants, corporate crooks and naysayers, taking over the Syrian government Ministry of Defense website and replacing it with message of support for the Syrian people.
News of the hack, just the latest in a string of high profile takedowns that include Rupert Murdoch's News of the Word newspaper, Paypal and others, spread like wildfire over Twitter Sunday night as social media users echoed support.
The hacking excursion comes jus tours after Syrian forces were accused of firing on civilians, killing an estimated 50 people in the rebel-controlled city of Deir al-Zour.
Replacing the traditional website at http://mod.gov.sy/ was an adapted Syrian flag, now featuring the Anonymous logo, with a message below in Arabic and English, saying the following:
"To the Syrian people: The world stands with you against the brutal regime of Bashar Al-Assad. Know that time and history are on your side - tyrants use violence because they have nothing else, and the more violent they are, the more fragile they become. We salute your determination to be non-violent in the face of the regime's brutality, and admire your willingness to pursue justice, not mere revenge. All tyrants will fall, and thanks to your bravery Bashar Al-Assad is next."
It continued, "To the Syrian military: You are responsible for protecting the Syrian people, and anyone who orders you to kill women, children, and the elderly deserves to be tried for treason. No outside enemy could do as much damage to Syria as Bashar Al-Assad has done. Defend your country - rise up against the regime! - Anonymous"
This is just the latest incident in a weekend of hacker activity; On Friday, Anonymous hackers broke into the websites and emails of 70 U.S. police networks, and Saturday saw hackers at the DefCon convention run a contest to see which company had the most lax computer security. Oracle had the misfortune of winning the competition.


http://www.vancouversun.com/technology/Hacker+group+Anonymous+takes+over+Syrian+Ministry+Defense+website/5220327/story.html#ixzz1UQFZM0D9