Tag: Hacking

Categories
News

Beware! The Phishing Scam on Facebook is back!

Facebook users are being attacked yet again. Hackers launched their latest phishing drive yesterday and successfully gathered a number of passwords from different people from its 200 million user base. The site fought against a similar phishing scam a couple of weeks ago.

Hackers managed to break into the accounts of many Facebook members and sent emails to the user’s friends list recommending them to click on links to fake websites.

The Fake Facebook Website

ADVERTISEMENT
  1. These fake websites were designed to look like the Facebook home page.
  2. The victims were asked to login to the fake site, that actually took them to the malicious site controlled by the hackers
  3. The result – users unknowingly gave away their passwords.
  4. The fake domains include:

    Last year, hackers spread a malicious virus called Koobface. This was sent to the user as a link in an email that looked as if it had been sent by a friend on Facebook. When the user clicked on the link, the virus was downloaded on the user’s computer.

    The Motive

    ADVERTISEMENT

    The main motive for such attacks has been identified mainly as:

    1. Identify theft
    2. To spread spam hawking fake pharmaceuticals and other goods to Facebook members

    Damage Control

    Barry Schnitt, Facebook’s spokesman said that the site was in the process of cleaning up damage from the attack. Facebook was blocking compromised accounts, however, he did not say how many accounts had been compromised.
    Facebook has deleted all references to the fake domains that have been identified.

    Careful!

    So please be extra careful. Make sure you go to the main Facebook Homepage to login to your account. It is very important that we remember NOT TO log into a page that claims to be “Facebook” unless the URL is www.facebook.com.

    Categories
    Reviews

    Avsim: The largest flight simulation site destroyed by hackers!

    A very sad moment for the flight sim community and one of the largest flight simulation sites – Avsim, which has been effectively destroyed by malicious hackers. The site was launched in 1996 and covered all aspects of flight simulation, focusing mainly on Microsoft’s Flight Simulator.

    The shocking attack took down the site’s two servers, that had the library, email and web site, and the forum. Unfortunately, there was no external backup system established. The site had a very heavy participation with forums. The entire user generated content and tweets, etc. are all gone. This incident just goes to highlight the importance and critical need to take regular external back-ups for your data.

    Tom Allensworth, the site’s founder said:

    “Some have asked whether or not we had back ups. Yes, we dutifully backed up our servers every day. Unfortunately, we backed up the servers between our two servers. The hacker took out both servers, destroying our ability to use one or the other back up to remedy the situation.”

    ADVERTISEMENT

    The flight sim community remains shocked, like everyone who has heard about this. A temporary forum has been set by Tom Allensworth till the time they get to know how the future of the site will shape up to be.

    Allensworth added:

    “The method of the hack makes recovery difficult, if not impossible, to recover from… AVSIM is totally offline at this time and we expect to be so for some time to come. We are not able to predict when we will be back online, if we can come back at all.”

    One of the users on website said that “there’s a special place in hell for hackers who pull stunts like this”. Some others believe that they will we see the rise of Avsim like a phoenix from the ashes, into something bigger and better than ever before. Let’s hope they rebound.

    Lesson to learn: Let us religiously start taking regular backups of our important personal data. To know about a free online back up tool, read this post.

    (Source: bbc)

    Categories
    News

    Windows 7 and the War of Software Piracy

    With the release of Windows 7 RC, cyber-criminals have already started to monger it! There have been reports of illegitimate distributions of Windows 7 RC that have infected the user’s computers with malware. This could lead to potential identity theft, system failures and unrecoverable data loss. Not just that, it also costs the world economy more than 45 billion dollars annually.

    Windows 7 has anti-piracy guards that show pop-up boxes to warn people when unauthorized copies of software are spied on computers.

    Joe Williams, general manager, Worldwide Genuine Windows at Microsoft, says:

    “Ensuring that customers can trust the product they are using is particularly important since pirated software can contain malware and can threaten a user’s personal privacy and information. In fact, in the last few days we’ve seen reports of illegitimate distributions of the release candidate of our latest Windows operating system, Windows 7, being offered in a way that is designed to infect a customer’s PC with malware. This is why it’s so important for customers to get their copies of Windows from a trusted source.”

    ADVERTISEMENT

    Microsoft’s primary goals:

    1. To enable Windows to protect itself by detecting when attempts have been made to tamper with the technology
    2. To improve the experience of activating the product easily and, when necessary, to understand and resolve any issues they might face.

    There have been many instances where customers want to buy genuine software (and believed they did!) only to find out later that they were victims of software piracy. Microsoft has been focusing its anti-piracy efforts on protecting customers and partners from the evolving risks of counterfeit software and increasingly sophisticated piracy scams.

    (Source: Microsoft)

    Categories
    News

    Beware! Orkut Hackers Sending Fake eMails!

    Beware all Orkut users! Now hackers are sending friend request emails that look similar to any genuine Orkut email. Below are screen shots of emails sent by hackers:

    At first, you might find similarities in both the emails, but on a closer observation, I found that all the links in that mail that came to me are redirected to the following address

    http://www.l0gm3.h4ck3r.in/orkut/ServiceLogin.php?id=66

    Initially, I didn’t look for anything and just clicked on that link in the email and even typed my Login details in the fields. That is when I remembered that I had saved my Password and Username for Orkut in my Firefox Browser. I saw the URL and I was shocked to see it.

    Now, how does this work?

    Basically, hacking using fake Login pages is called as Phishing…

    • When you click on sign in, the Login form will go to another file. In this case the file name is process.php
    • Now this process.php file will contain the code in the below image.

      Now the highlighted FILENAME.TXT file’s name can be anything that can be kept as a secret.
    • The FILENAME.TXT file stores the Username and Password entered into the fields of the fake Login page

    Please be careful while logging into Orkut account. Just TRIPLE CHECK the URL if you see an Orkut Login page that you have not TYPED yourself in the in the address bar 🙂

    Still, I’m doing research on this site to crack out what that .txt filename is..!! 😛

    Categories
    Analysis

    Does using a Wi-Fi increase the chances of you being hacked?

    Today, I was at my dad’s office and interestingly the Wi-Fi locator on his notebook flashed a new network – ‘Hari Om’ it showed the holly network as unsecured! My curiosity got the better of me and I instantly double clicked and Wolla! It was connected with a signal strength of 80%.

    Although, I wasn’t hopping of any miracles but Firefox opened the default Google homepage and before I knew it internet was working on my laptop. I figured,”Essentially, I’d hacked into his Wi-Fi. Cool huh?”  His net connection was at my mercy. I could do anything, send emails to anybody and walk off without being traced.

    The point is, did I HACK his Wi-Fi or did he let his Wi-Fi get HACKED due to his own foolishness?

    What do you do with people who out of their own ignorance or complacency choose not to secure their own networks and cry fowl when somebody a little smarter gets the better of them. Is this hacking?

    ADVERTISEMENT

    Enabling WEP security is the least one can do. How hard is it to set an encrypted key once and note it down in your cell. I know people who blame technology when they themselves are oblivious to their own ignorance. Your own system is the first line of defense and acts like a sitting duck if not secured properly.

    Coming back to the ‘Hari Om’ network. I opened up Firefox and punched in : 192.168.1.1. It prompted for a username password. I ‘hacked’ that too. Wish to know how? Simple enough. It was what 80% people have, their default credentials :

    ADVERTISEMENT

    Username : admin
    Passswors :admin

    Then, it didn’t take much time for me to figure out his ISP – MTNL, the IP Address, his phone number (from the username), the plan he was using (using register.bol.net.in). Getting the password out of those *****(Astrix) was a simple task. There are many free tools available on the net which let you show the hidden password in the active window.

    So, now you tell me. Is this what you call HACKING? I guess, if you take care to secure your own network by following simple methods. It would take some serious hacking skills to get to the heart of your router. Keeping your WiFi open is like suicide. Just the same as keeping the door unlocked at night.

    If everyday, you can lock your doors before saying goodnight , is setting a one-time WEP key too much to ask for?

    Categories
    Tips

    Can you spot “Phishing” attack? Simple test to check your safety!

    Phishing is a type of fraud where bad person try to acquire your sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity such as your bank, your social network, etc. You can find more formal definition and technical information regarding phishing on wikipedia.

    Test how safe you are from phishing attack…

    More about phishing is posted below, but first take “fighting phishing” test by paypal. Its free and you don’t need any paypal account to take the that test.

    It just asks you 5 simple question and if you can answer all of them right then you don’t need to read further! Although most questions uses paypal in its name, they are equally true with all major social networks, banks and other portals. So go for test without any hesitation!

    ADVERTISEMENT

    Phishing Examples…

    Now hopefully you are done with test, let me give you 2 simple examples of phishing via email…

    • You get an email from your favorite social network with from email id like admin@facebook.com, saying we are deleting inactive users as part of our annual maintenance program. In case you want to retain you account, please verify your account by visiting http://www.facebook.com/verify
    • You get an email from your bank with from email id admin@icicibank.com, alerting you about an attempt to hack your account. As money is involved, you get panic! On next line, they say something like verify your account, blah blah! Again they give a link like http://www.icicibank.com/verify.

    In both cases, from email address and target of links are forged! You can click on above facebook or icici links and see where it takes you! 😉

    ADVERTISEMENT

    I posted 5 tips sometime ago where you can save yourself from such fake email ids as well as misleading links. Also read tips posted by Deepak while covering a recent phishing scam on Orkut.

    By the way, do let us know your score and any doubts you have against this rapidly growing scam on internet! Just for info, I scored 5/5! 😛

    Links: Phishing Test | What is Phishing?

    Related: 5 Simple Rules To Fight Against Phishing

    (image credit: hoax-slayer)

    Categories
    News

    Beware Orkuteers while Logging Into Orkut!

    With the growth of Orkut users, there are equal amount of rise in creation of fake profiles and malicious & other hatred activities being carried out inside this ‘so called’ Social networking sites.

    Recently Arpit sent me a profile link that automatically gets diverted to a page that is cloned exactly with that of Orkut’s login page and when you enter your Orkut login information into the cloned page, they seem to store your data and automatically divert you to the homepage of Orkut.

    So, this post is to aware you on how your password too, can be hacked within seconds. To prevent from such kind of hacking, you are requested, not to provide your Orkut login information in any other sites except in Orkut. As a precautionary measure, you should always punch in your password only in the login form that you get after typing www.orkut.com on the address bar.

    Those who want to have a look on the fake login page, its here. But make sure that you do not enter your correct password on the page if you don’t want to loose your Orkut account. Open the page on your own risk, OrkutDiary will not be responsible if anything wrong goes with your account.

    <

    p align=”justify”>Note: The link of the fake Orkut site is removed because it was not working any more. Still there are many more such sites, so beware while logging into Orkut.

    Categories
    News

    War Initiated between India & Pak in Cyber Space?

    Recently after attacks in Mumbai there were hot discussions going on between India and Pakistan, and from sources it was revealed that Pakistani hackers defaced a lot of Indian websites, blogs and even Orkut communities.

    Also there were a lot of complains in Orkut Help Group regarding, hacking of a famous Orkut Community “Dr. APJ Abdul Kalam’s Fan Club” having approximately 200 Thousand members.

    As per an article on Thaindian:

    The community group holds significance for the orkut members, as it is probably the biggest platform for the young fans of former President A.P.J Abdul Kalam. And, the most of the members of this community write in it with deep affection and respect for their ideal in life. There are 207,249 members in this group.

    The hackers have renamed the community originally named Dr. APJ Abdul Kalam as Indian and now using it as a platform for malicious and objectionable content.

    ADVERTISEMENT

    Though, the name of the community has been restored to what it was, and the homepage of the community reads “We have got control back from Pakistani hands” still many Orkut experts suspect that the Community is still with Pakistanis disguised as Indians..

    So the question is, why those unethical Pakistani hackers are targeting more and more Indian websites, blogs, Orkut communities and at the top of it eminent Indian personalities?

    Has war being initiated between India and Pakistan in the cyber space?

    Do let us know what do you think!!

    Categories
    News

    Is Gmail security moved to labs?

    Google has a tendency of launching new services with ‘labs’ tag on it which are unreliable and incomplete and may have some loopholes, bugs and security flaws. So, there would be a big question mark onto whether the Gmail security too moving towards labs? If you remember, earlier this month we mentioned how MakeUseOf domain was hacked and the doubt behind the whole hacking, though not sure about it, was due to some flaws in Gmail. But recently, MakeUseOf website confirmed that, there are surely flaws in Gmail itself, as a result many more domains get stolen. According to them, this month alone, atleast 3-4 domains were hacked and all were some how related with Gmail. Before this post in MakeUseOf.com, Blogoscoped mentioned how malicious filters could be set on your Gmail account to forward a set of mails to another id. Also, Bradon at Geekcondition explains how it is possible. According to him, by directing you to some external links one can force you to create filters in your inbox, importantly without your knowledge.

    But a recent post in Google security blog, claims that there are no such flaws in Gmail rather those are just a case of phising activity. The targeted users are directed towards an external link to hack their login information and no filters  can be set by them. To prevent you from any such menace Google has put an advisory on their blog, also they say:

    To keep your Google account secure online, we recommend you only ever enter your Gmail sign-in credentials to web addresses starting with https://www.google.com/accounts, and never click-through any warnings your browser may raise about certificates.

    But still there is a big question as to whether the statement by MakeUseOf and Bradon is correct or the one given by Google is correct. What do you think..? Is Gmail security moved to labs??

    Categories
    Analysis

    Domain hijacking menace is still on; flaws in Gmail?

    Many of us are aware of the fact that the domain of a popular tech blog – makeuseof was being hacked just a couple of days ago. As per sources, the name of the domain owner ‘Aibek’, was impersonated to make a request to their domain provider (Godaddy) for transfer of the domain to another web hosting company. Also it was revealed that, the domain was being transferred by Ali Ferank to a Dubai based web hosting company. But Aibek was yet confused, whether his domain was expired and immediately purchased by some one or it was a case of hijacking.

    The actual hassle began when the hacker mentioned about the domain hijacking and demanded a huge ransom. The mail that the hackers sent to Aibek reads:

    Hi there,
    I said it very simply and very easily !
    2 K !
    Deal or not ?!
    You own the domain I get the money…

    Regards

    Ultimately Aibek got his domain back as he owned it legally, but the point that Aibek explains now will scare you.. He says, the hackers somehow managed to get access to his Gmail account that was linked with Godaddy, and set it such that all incoming mails with certain keywords or from Godaddy were forwarded to their inbox leaving no trace on the primary mail id. And ultimately they requested Godaddy to get the domain transferred by authenticating the request from the hacked Gmail id. Though Albek is not yet sure whether the hackers really used his Gmail id.

    ADVERTISEMENT

    Let me also tell you, this is not the first time that a G-mail flaw was exploited. Exactly a year ago, another popular blog – Davidairey too, was trapped under a similar circumstance, wherein the hackers got access to the owner’s Gmail account and used the same method to hack down his domain. Details about it is here.

    <

    p align=”justify”>Well, we are here not to make you scared, our intention is just to aware you that, your Gmail account too may be hacked or misused to gain access to all your important information and data..
    So its a high time to ensure that your mail account is never being shared with anyone and you regularly keep on checking all filters, settings, and forwardings.