web analytics
April 30, 2016 / 22 Nisan, 5776

Posts Tagged ‘hackers’

Middle East Hackers Who Attacked Major Israeli Targets Exposed

Thursday, November 26th, 2015

(JNi.media) A new group of hackers which operated in the Middle East and attacked major Israeli targets has been exposed recently, Israel’s Clear Sky and Minerva Labs revealed this week.

A joint report the two companies issued states that this was a new Middle-Eastern cyber attack group, dubbed by researchers “CopyKittens,” which used malware to attack organizations in Israel and the rest of the region. The CopyKittens are estimated to have attacked dozens of targets, including government ministries in Israel, senior Israeli diplomats working in Europe, public organizations, and top academic researchers who specialize in the Middle East. The report does not reveal the identity of the attackers, but pc.co.il has learned that it is presumed to be Iranian — based on their targets and modus operandi.

According to the report, CopyKittens has been active since at least the middle of 2014. The Group operates in a focused manner against targets in Israel and the Middle East. The group usually attacks the target after gathering information about it, and spear phishing to transplant malware into the computers under attack. The companies’ joint research indicates a high probability that the Group’s activities are for the purpose of espionage and intelligence gathering. According to the report, the hackers rely on human weakness and social engineering for the initial infection.

According to the Clear Sky and Minerva researchers, one of the characteristics of this group is its proprietary malware, known as “Babushka.” This malware stays in the computer’s memory only, meaning it does not use the hard disk to save files. The malware communicates with command and control servers and leaks data it has drawn — through DNS queries. The report details the malware’s unique engagement with command and control servers of the group. The report also states that each component of the malware contains an additional component that depends on the previous one — like a Babushka doll.

The Group conducted usage and copying of parts of code from websites and groups that offer open sourced code, which comprise the malware. Hence the nickname CopyKittens.

The group’s level of sophistication, according to the Israeli researchers’ assessment, is moderate to good, and it improves with every new campaign. Their malware is unique, the researchers noted. “They are using DNS queries for the purpose of monitoring and control, as well as to leak information — which is a rare behavior.” The advantage of this approach is that most defense systems installed nowadays by major organizations do not monitor DNS queries.

In their recommendations the authors write that “It’s required that companies and organizations in Israel strengthen the monitoring of their DNS servers.”

The report ends with the remark that “the objective of the hackers is to steal information, but their identity is in doubt, as well as who is financing them. This is not the last time we’ll be hearing about them: they improve their attack performance and are expected to hit in the future.”

JNi.Media

Anonymous Declares Cyber War on ISIS [video]

Monday, November 16th, 2015

Hackers might be able to do to ISIS what the supposedly most powerful nations in the world cannot do. Kill them, not with bombs but with a virus.

The hacker organization known as Anonymous has sided with the good guys with a video warning that it will use its computer savvy to “unite humanity” and “hunt” down the Islamic State (ISIS).

Successfully hacking ISIS websites would be a lethal blow to the barbarians because they suck blood by recruiting screwed-up minds with promises of sex, money and glory on social media.

Anonymous announced to ISIS:

Anonymous from all over the world will hunt you down.

You should know that we will find you and we will not let you go.

Expect massive cyber attacks. War is declared. Get prepared.

The French people are stronger than you and will come out of this atrocity even stronger.

The Anonymous video, posted Sunday, features someone wearing the organization’s Guy Fawkes mask and speaking in French.

Anonymous previously has successfully hacked thousands of ISIS Twitter accounts following last January’s attack on the offices of the Charlie Hebdo satirical magazine.

Tzvi Ben-Gedalyahu

Iranian ‘Rocket Kitten’ Hackers De-Clawed in CyberSpy Operation

Monday, November 9th, 2015

A powerful Iranian government-backed hacker group, “Rocket Kitten,” has been de-clawed in a special operation carried out by police in Europe.

Sources from the Check Point Sofware company, a U.S.-Israeli security firm, were quoted by Reuters as saying they identified the threat presented by the hacker group linked to the Iranian Revolutionary Guards, as far back as early 2014.

“Rocket Kitten” had mounted some 1,600 attacks on powerful defense and political global leaders in the United States, Israel, Turkey, Saudi Arabia and Turkey, among other targets, according to the report.

Researchers at Check Point had located the computers used to launch the attacks. National computer security response teams were informed in Britain, Germany and the Netherlands, the company said. The response teams in turn informed local police about the locations of the attacking “command and control” servers, controlled from Iran.

Among the high-profile personalities targeted by the Iranian hacker group were Israeli nuclear scientists, NATO officials, members of the Saudi Arabian royal family, wives of generals from unidentified nations and Iranian dissidents.

An advance copy of a report on the operation to be released Monday by Check Point explains how the security response teams were able to enter the hacker group’s database and remote-controlled computers to plant a malicious set of software tools.

The Israel Security Agency (Shin Bet), Europol and FBI have all declined comment on the report.

Hana Levi Julian

FBI: ‘Stop Tying Our Hands in Fight Against ISIS’

Wednesday, July 8th, 2015

The Federal Bureau of Investigation is getting fed up with trying to fight a war against terror with its hands tied behind its back.

FBI Chief James Comey told a U.S. Senate Judiciary Committee hearing on Wednesday that denying the agency access to encryption codes makes it easier for terrorist groups to carry out attacks – and makes it harder for law enforcement to prevent them.

“The tools we are asked to use are increasingly ineffective,” Comey said. “ISIL (another acronym for ISIS, or Da’esh) says, ‘Go kill, go kill.’ We are stopping these things so far… but it is incredibly difficult. I cannot see me stopping these indefinitely,” he said.

ISIS and other terrorist organizations are particularly adept at using social media and other electronic methods of communication in order to broadcast their intentions to their followers.

They communication further instructions via secure mobile devices that cannot be tapped by law enforcement without the use of encryption codes and other assistance from the companies who manufacture the devices.

But the companies have resisted requests to provide that assistance, claiming that allowing that access would weaken the systems and make it easier for computer hackers and other criminals to penetrate the networks.

Hana Levi Julian

IRS $50M Cyber Security Scandal Stretches to Russia

Thursday, May 28th, 2015

A major attack this year by cyber security criminals on the computer network at the U.S. Internal Revenue Service originated in Russia, sources confirmed to Fox News late Wednesday.

The Associated Press has also cited two anonymous sources who reported the IRS believes the hackers are part of a sophisticated criminal operation in Russia. Neither report connected the attack to the Russian government.

But both pointed out that this is not the first time that the IRS has been successfully breached by cyber thieves. Taxpayers whose accounts were accessed will be notified and provided with credit monitoring services, the IRS said.

The IRS inspector-general reported in 2012 hackers managed to manipulate the IRS system into sending 655 tax refunds to a single address in Lithuania. Another 343 tax refunds were sent to another address, this one in Shanghai. Following these attacks, system administrators tweaked the network safeguards to block other hackers.

This year’s attack began sometime in February, according to the report, and continued until mid-May. So far, the thieves have stolen at least $50 million in fraudulent tax refunds. That figure does not include the cost of tracking the breach, nor the expense involved in fixing it and preventing future attempts.

They used a software called “Get Transcript” to access the data. But in order to get into the records, the thieves first had to clear a security screen that required the use of taxpayer information such as a Social Security number, birth date, street address and tax filing number.

According to IRS Commissioner John Koskinen, the hackers used stolen Social Security numbers and other information to gain their access to taxpayers’ accounts. Then they used information from prior tax returns to file current fake returns seeking refunds.

“We’re confident these are not amateurs,” Koskinen told Fox News. “These actually are organized crime syndicates that not only we, but everybody in the financial industry are dealing with.” The IRS estimates that it paid out some %5.8 billion in 2013 to identity thieves, both foreign and domestic.

At least 104,000 taxpayer records dating back up to five years and perhaps more were stolen in the cyber heist, officials said.

The IRS notified the Department of Homeland Security following the breach, a federal law enforcement source said. The Senate Finance Committee has scheduled a June 2 hearing to question Koskinen and Treasury Inspector-General for Tax Administration J. Russell George on the issue.

“When the federal government fails to protect private and confidential taxpayer information, Congress must act,” Senate Finance Committee Chairman Orrin Hatch (R-UT) said Wednesday in setting the hearing.

Hana Levi Julian

Russian Hackers Reading Obama’s Personal E-mails

Sunday, April 26th, 2015

Russian hackers who invaded President Barack Obama’s personal e-mail last year were far more successful than previously reported, The New York Times reported Sunday.

No classified information was hacked, but the invaders were able to read President Obama’s personal correspondence with diplomats and e-mails concerning policy and legislation.

The hackers penetrated the State Dept.’s unclassified e-mail system and Obama’s unclassified account.

The invasion, although it did not reach classified information, could be extremely embarrassing for the Obama administration. It is assumed that the hackers were working with or for the Kremlin.

“This has been one of the most sophisticated actors we’ve seen,” one senior American official told the newspaper. “It’s the Russian angle to this that’s particularly worrisome,” another senior official said.

The president reportedly writes on personal emails about subjects ranging from his golfing to efforts by Republican Congressmen to hamper his proposed deal with Iran over its nuclear program.

If the mails reach the office of Russian President Vladimir Putin, he might learn secrets about how President Obama missed an easy putt on the 17th hole, or perhaps what he really thinks about Sen. Bob Corker, who initiated the bill that would require Obama to submit to Congress for review any final deal with Iran.

If President Obama wrote to a diplomat about what he really thinks about Putin, the Russian president will read some unflattering remarks, assuming Obama does not see him as a “warm friend.”

And what does Obama write about Prime Minister Binyamin Netanyahu in his emails? He also is probably not described as a “warm friend.”

The White House is not revealing the content of the material that was hacked in order not to hint to the Russians how much investigators know about the computer invasion.

And perhaps the Russian hackers now know what many Americans would like to know about Hillary Clinton’s use of her personal account for State Dept. correspondence.

President Obama not only knew about Clinton’s routine of using her personal account for government business but also wrote to her on her private account, “hdr22@clintonemail.com.”

After Obama told CBS News that it was “through news reports” that he’d learned that Clinton was using her personal account, White House Press Secretary Josh Earnest said, “The president — as I think many people expected — did over the course of his first several years in office trade emails with the secretary of state.”

The Republican National Committee accused Obama of misleading the American public by having said he knew of Clinton’s practice “through news reports.”

Any questions about Obama’s correspondence with Clinton can be directed to the Russian hackers.

Tzvi Ben-Gedalyahu

JewishPress.com Gets Spray Painted

Wednesday, April 15th, 2015

Pardon our disappearance, the JewishPress.com website was hacked overnight.

The attack was launched around 2:30 AM Israel time, at which point the hackers, who claimed to be from Gaza, caused a page in Arabic to display on top of the JewishPress.com page.

The main photo in their hack was an Islamist sitting on a horse carrying what appears to be an Islamic State (Da’esh) flag, while standing near the Dome of the Rock on a desolate and ravaged Temple Mount.

Strangely enough, the hack also displayed a whiny YouTube video flaunting their constant humiliation by the Zionists, a complaint that their fellow Islamists have abandoned them to the Zionists, and how they welcome the bliss of death by the Zionists. It sounded like they were saying Allah is a Zionist.

Go figure — It must be a cultural thing to wear your degradation on your (or someone else’s) sleeve.

As they spray-painted our page and slashed the tires, the hackers also tried to torch the entire site with their downloaded root-kit, but failed.

The hackers actually managed to kick themselves off our system in the middle of their vandalism.

That happens when junior hackers get their hands on sophisticated off-the-shelf hacking tools and weapons which they don’t really know how to use properly.

Certainly an apt analogy for not letting the Islamic Republic of Iran acquire nuclear weapons.

What they did was an annoyance, the equivalent of sticking chewing gum in your door locks and spray-painting graffiti on your storefront window.

But that’s why God created automated backups, though a site our size takes time to properly restore and secure.

Hackers and haters obsessively and relentlessly go after Jewish websites, and the bigger you are the more likely they are to specifically target you, as other large Jewish websites also recently discovered.

Over the past 4 years, hackers have repeatedly been trying to dig their tunnels into the JewishPress.com (and failing). Perhaps there’s just a little too much electricity flowing into Gaza, that this time they got lucky.

Thank you for giving us the opportunity to review our security and business continuity procedures.

Children with Dangerous Toys

Jewish Press Staff

Printed from: http://www.jewishpress.com/news/breaking-news/jewishpress-com-gets-spray-painted/2015/04/15/

Scan this QR code to visit this page online: