0.
Mass WordPress Attacks Spread, Brute-Forcing Admin Passwords
WordPress, the foremost site which serves as the centre of the blogging world, and is home to more than 64 million blogs has been attacked in a widespread attack by cyber miscreants. The cyber criminals have used brute force attacks to target the blogging site by constructing a ten thousand computers strong botnet, which has got many people worried. The attacks have been going on since the last week when WordPress decided to up the level of security measures on their site.
The attacks were spotted by CloudFlare and Hostgator, two web optimization firms who also specialize in
cyber security and they concluded that the attacks had been on for some time now and that a massive botnet was being used to perpetrate the attacks. Moreover, the culprits are also attacking other similar sites such as Joomla.
The attackers are using the conventional brute force, just on a bigger scale this time. They are trying to target usernames such as ‘admin’ while using thousands of various passwords to gain access to user accounts. CloudFare said in its blog that, “The attacker is brute-force attacking the WordPress administrative portals, using the username ‘admin’ and trying thousands of passwords,” and that “It appears a botnet is being used to launch the attack and more than tens of thousands of unique IP addresses have been recorded attempting to hack WordPress installs.”
This means that the millions of users are at risk of having their accounts hacked and accessed. About this development, the founder of WordPress Matt Mullenweg said that “Here’s what I would recommend: If you still use ‘admin’ as a username on your blog, change it, use a strong password,”
He further added that, “Most other advice isn’t great – supposedly this botnet has more than 90,000 IP addresses, so an IP-limiting or login-throttling plugin isn’t going to be great (they could try from a different IP [address] a second for 24 hours),”
The method the attackers have used to hack into the WordPress systems is not unique in any way. Experts refer to such attacks in which a botnet attempts to access accounts by punching in random passwords as a dictionary attacks
However, the fact that is baffling most people is the choice of WordPress as a target, as it seems an unlikely one. But the experts are of the opinion that the actual aim of this attack could be nothing ordinarily seen but it could be to amass a botnet of a much stronger proportions.
Matthew Prince, CEO of CloudFare, has suggested that , “One of the concerns of an attack like this is that the attacker is using a relatively weak botnet of home PCs in order to build a much large botnet of beefy servers in preparation for a future attack,” wrote Matthew Prince, CEO of CloudFare.
“These larger machines can cause much more damage in DDoS [Distributed Denial of Service] attacks because the servers have large network connections and are capable of generating significant amounts of traffic.”
Well, all WordPress users must immediately switch to passwords of higher strengths so as to stay clear of this imminent threat while the experts tackle with the situation.
cyber security and they concluded that the attacks had been on for some time now and that a massive botnet was being used to perpetrate the attacks. Moreover, the culprits are also attacking other similar sites such as Joomla.
1.istanbul official website hacked
The famous Turkish hacking group RedHack has defaced the official Government website of the Istanbul(istanbul.gov.tr ).The hacker group specified they hacked this website in retaliation of attacks on people at MayDay."Hacked in retaliation of attack on people at MayDay and to commemorate revolutionaries Deniz. Yusuf, Huseyin hanged on 6th May 1972" the tweet posted by the hacker group reads
An unknown hacker breached the website of the Prime minister Yingluck Shinawatra's office (opm.go.th/opminter/mainframe.asp) and posted abusive message with the altered photo of her."I’m a slutty moron” The offensive comment made by the cybercriminals in the defaced page. “I know that I am the worst
Prime Minister ever in Thailand history!!!”.Although the defacement sign says it was hacked by the hacker group "Unlimited Hack Team", the team denied the involvement in the security breach.
Prime Minister ever in Thailand history!!!”.Although the defacement sign says it was hacked by the hacker group "Unlimited Hack Team", the team denied the involvement in the security breach.
3.
An Anonymous-linked Twitter account has received £36,000 in funding to set up a website, in what could be the first step of the online hacktivist movement going mainstream.
A twitter account which is linked to the famous congregation of hackers Anonymous, has received funds worth more than 55,000 dollars or 36,000 GBP and this is a part of the scheme to finance the setting up of the website for the collective. Though it may seem odd that such a well known hacktivist organization as Anonymous does not have its own official website, but the reason for this seems rooted in the organizational philosophy of the group itself.
This is because the Anonymous have always claimed to be completely democratic with no member of the group getting some special rights and all are equal. Moreover, they have reiterated time and again that they do not have a fixed hierarchical structure at all and that anyone can be a part of Anonymous as long as they want to be a voice against injustice and oppression.
They do however use other channels on the internet to spread their word such as Pastebin , YouTube and of all these the most prominent is their twitter handle @YourAnonNews which contains all updates on their latest operations and activities. The twitter account, which is believed to be operated by a prominent member of the congregation, is now being used to make funds available for the development of a site devoted to the group’s activities. The account on Twitter, which was established in 2011, has now more than 1 million followers and has become a symbol of Anonymous even though the group has never claimed it to be their official channel after it started gaining much attention worldwide. However, now the group is making use of its popularity and internet power to generate funds.
The motive of this funding campaign is to provide the twitter handle @YourAnonymousNews with a website. The propagators of the twitter account have stated that the site will allow them “to collect breaking reports and blog postings from the best independent reporters online.
“We’ll provide feeds for citizen journalists who livestream events as they are taking place, instead of the 10-second sound bites provided by the corporate media.”
The persons behind the twitter handle have claimed that they are not related to the hacktivist organization in any manner, most people will take them to be the Anonymous themselves given the similarity in their style to the group.
The funds were arranged using crowd funding on the Indiegogo website. Though the initial target was set at a very modest $2000, with $3600 in server set up fees, the final collection turned out to be much higher than YAN had hoped for, with more than $55,000 dollars already being collected.
This truly shows the support of netizens for a movement like Anonymous and the way they are willing to help them in keeping their hacktivism going strong. However, there has been only a very sketchy description of how the monies are going to be used, so there is some uncertainty on the authenticity aspect. But it seems that netizens are all for Anonymous and their social activism.
4.
4.
Japanese people who “abuse” the Tor anonymous browsing network could be blocked from using it.
The police in Japan have decided to target people, who are found abusing the anonymous Tor network,and block them from accessing the network. This development was reported in a recommendation made by a panel of experts from the technological to the National Police Agency, according to the Japanese daily The Mainichi. The panel, which was established with the sole purpose of coming up with new strategies for tackling crimes which were perpetrated using the Tor network. All this happened after the high profile case of the Demon Killer who used the Tor anonymous network to elude capture from authorities.
Tor, an abbreviation of The Onion Router, is a network which has features of anonymity for its users by redirecting the traffic to dedicated servers worldwide which provides for concealment of a user history and his location so that internet activity cannot be traced easily. The network works in layers of encryption as the name suggests i.e. like the layers of an onion peel, and the data is encrypted and re-encrypted repeatedly so that it cannot be deciphered during the transit process. The network has been around since 2002 and many versions have been released from time to time and there has been some controversy about the level of safety and anonymity on the network and its use for potentially illegal activities.
The anonymous has made investigation into cybercrime much difficult and perplexing and the noise around it was heightened during the recent case of the Demon Killer. Demon Killer, the notorious hacker who went around sending threat messages about bombing nurseries and schools on online discussion and chat forums. The Police had announced a reward of 3 million Yen or 20,000 dollars for information about the hacker’s whereabouts. When the police arrested four suspects, they were found to be innocent victims of the hacker who had compromised their machines using the virus iesys.exe and was using them to use Tor. The hacker sent taunting emails to the Police, which included riddles which took the investigators to an island near Tokyo and finally led them to a feline wearing a collar which had a memory card on it which included details of the virus used by the hacker. He was finally apprehended by the police soon after they studied the CCTV footage of the cat in which he featured. The hacker was a worker in the IT industry namedYusuke Katayama, aged 31.
It was after Katayama’s arrest that the NPA decided to get expert guidance to nab criminals who used similar means to elude the law and set up an expert panel. The panel has recommended a ban on networks like Tor or any other network which provides anonymity to the users.
The ISPs in Japan are not apparently happy with this recommendation of the panel, and an industry insider commented in a talk with the Mainichi that “Communication privacy is our lifeline. We won’t be able to accept such a request,”
Well, the merit of this recommendation will be understood only later after more reaction is observed and the opinion of other experts in industry is sought.
5.
After sitting in Swedish prison for months following a high-profile arrest and extradition from Cambodia, Gottfrid Svartholm Warg is expected to go to trial in May
The co founder of Pirate Bay Gottfrid Svartholm Warg was charged with having hacked into many Swedish corporations and has been accused of pilfering personal data as well. He has been indicted of hacking into the IBM mainframe system of Logica, which is an Income Tax consultancy firm in Sweden known for providing services to the Swedish government. Moreover, he also faces allegations of trespassing into many other agencies also and of trying to illegally transfer money from a local bank, according to the prosecutor appointed by the Swedish government. Warg, who is already been in Swedish prison for more than six months, is getting into more trouble it seems and his problems are far from ending.
Henrik Olin, the public prosecutor, said in an interview to a leading Swedish daily that “A large amount of data from companies and agencies was taken during the hack, including a large amount of personal data, such as personal identity numbers (personnummer) of people with protected identities,” and he commented that “I’d say that Svartholm Warg is the main person and brains behind the hacker attack.”
Gottfrid has been indicted together with three other co defendants, so that brings the total to four people. The four defendants have been charged with charges of serious fraud, attempted fraud, and abetting attempted fraud. Gottfrid himself has been charged on three counts of computer hacking, a case of serious fraud, and another one of attempted aggravated fraud, according to the Swedish news site.
The first count of hacking on the Pirate bay founder corresponds to illegally using the username and password of another person to conduct search on Infotorg, which is a database of private companies, individuals, and properties etc. The second count is the one related to Logica, the IT firm which caters to Swedish government which was attacked in the March of 2012, during which more than personal details of more than 10,000 people were leaked to the public and these two charges are from sometime between 2010 and 2012.
The final charge is for gaining unauthorized access into the machines of Nordic bank Nordea and attempting to conduct and unlawful transaction of transferring money to some other banks, which have been alleged to amount to up to 5.7 million Swedish kronor, though actually only 27,000 kronor was found to have been transferred.
Gottfrid who is already in prison after he was extradited from Cambodia in September 2012 after he was sentenced for his role in the 2009 leak of copyrighted content on the internet was sentenced heavily initially but later the jail time was reduced by the court in lieu for an increased fine.
The court has scheduled the hearing of the case during the month of May this year. While Gottfrid’s lawyer has abstained from making any comment, the other co founder of Pirate bay Peter Sunde said that “I’m not saying that Gottfrid is innocent (or guilty). But I’m seriously questioning the charges.”
Well, the fate of Gottfrid and the extent of his legal troubles will be revealed only at the time of court ruling.
6.
Anonymous hackers launch massive cyber assault on Israel Cyberspace, #OpIsrael
Anonymous perpetrated a widespread attack on Israel for the second time and have threatened to wipe Israel from the cyberspace. The attacks are supposedly retaliation for the inhumane treatment of Palestinians at the hand of Israeli government. In fact a lot of the websites operated by the Israeli government were not accessible on Sunday.
The group had warned of the attack in a video pasted on YouTube and gave a message to the Israel government that “You have NOT stopped your endless human right violations. You have NOT stopped illegal settlements. You have NOT respected the ceasefire. You have shown that you do NOT respect international law.”
Moreover, the collective warned that on the 7th of April, “elite cyber-squadrons from around the world have decided to unite in solidarity with the Palestinian people against Israel as one entity to disrupt and erase Israel from cyberspace.” A group affiliated with the Anonymous calling themselves the N4m3le55 cr3w had stated on stated on Saturday that they have made all the preparations for a massive attack and that they“have gathered 600 websites and 100 plus servers we will be attacking” throughout Israel. The list includes banks, schools, businesses and a host of prominent government websites. “That is just our targets,” and added that “We cannot speak on what the rest of Anonymous will be attacking but we can guarantee it will be in the 1000′s.”
The attacks fall on the eve of Holocaust Memorial day in Israel and Anonymous has accused the Israeli state of human rights violations, and ill treatment of its own people and neighboring countries.
Apparently the group claimed on Saturday to have brought down the sites of the Prime Minister’s office, the Central Bureau of Statistics, Israel Securities Authority, and other sites such as the Education ministry and the defense ministry seem to have been affected as well though the government is ardently denying these claims.
The expert opinion on these attacks seems to be divided as some of them are taking these attacks as a serious threat and have advised preventive steps. But there are others who believe that the worst that the hackers can do is to carry out DDoS attacks, which are not really a big threat as such.
However, more than 700 websites have been affected and defaced in the cyber attacks.
Yitzhak ben Yisrael, of the National Cyber Bureau is of the opinion that the hackers have failed in their attempt to bring down major sites. He said that “So far it is as was expected, there is hardly any real damage,”. He also added that “Anonymous doesn’t have the skills to damage the country’s vital infrastructure. And if that was its intention, then it wouldn’t have announced the attack ahead of time. It wants to create noise in the media about issues that are close to its heart,”
Well, this is the second instance that Israel has been attacked by the Anonymous and even if the government is downplaying the damage done by the attack, it is commendable on part of Anonymous to have brought down a country which is well known for launching cyber attacks on other countries.
No comments:
Post a Comment