HACKER NEWS

CNN's Twitter, Facebook and website hacked by Syrian Electronic Army

 
 
CNN website hacked by SEA
A well-known pro-Syrian hacker group known as Syrian Electronic Army (SEA), aligned with President Bashar al-Assad, who successfully attacked The New York Times, Huffington Post, and Twitter, BBC, National Public Radio, Al-Jazeera, Microsoft, Xbox, Skype and responsible for cyber-attacks against various other U.S media companies in the past.

First Ever Windows Malware that can hack your Android Mobile

 
 
Windows Malware infecting Android device
Hey Android users! I am quite sure that you must be syncing your Smartphone with your PCs for transferring files and generating backup of your device. 

If your system is running a windows operating system, then it’s a bad news for you. Researchers have discovered a new piece of windows malware that attempts to install mobile banking malware on Android devices while syncing.
Last year in the month of February, Kaspersky Lab revealed an Android malware that could infect your computer when connected to Smartphone or tablets.
 
Recently, Researchers at Symantec antivirus firm discovered another interesting windows malware called ‘Trojan.Droidpak’, that drops a malicious DLL in the computer system and then downloads a configuration file from the following remote server:
http://xia2.dy[REMOVED]s-web.com/iconfig.txt
The Windows Trojan then parses this configuration file and download a malicious APK (an Android application) from the following location on the infected computer.
%Windir%\CrainingApkConfig\AV-cdk.apk
To communicate with the mobile device a command line tool Android Debug Bridge (ADB) is required, that allows the malware to execute commands on Android devices connected to the infected computer. ADB is a legitimate tool and part of the official Android software development kit (SDK).
In the next step, the trojan downloads all the necessary tools including Android Debug Bridge and the moment you connect an android device having USB debugging Mode enabled, it initiates the installation process and repeats it until it ensure that the connected device has been infected and install an app that will appear as a fake Google App Store.
Android Malware
Such Windows Malware is first of its own kind, since attackers prefer to use the social engineering techniques to spread their fake malicious apps hosted on third-party app stores. The installed malware dubbed as "Android.Fakebank.B", able to intercept victim's SMS messages and then send them to the attacker's server located at:
http://www.slmoney.co.kr[REMOVED]
Anyway Relax, if you are not a Korean citizen, because the malicious APK actually looks for certain Korean online banking applications on the compromised device.
If you want to protect your Mobile and system from such Malware attack, Please consider a few points while connecting to a windows based computer:
  • Turn off USB debugging on your Android device, when you are not using it
  • Avoid connecting your droid with public computers
  • Only Install reputable security software
  • Keep your System, Softwares and Antivirus up-to-date.
Stay Safe!

Last evening, the Group claimed the responsibility for hacking another big media outlet “CNN”, compromised their Twitter, Facebook account and the website.

CNN’s twitter profile with 11.6 million followers saw a number of fake tweets from hackers, including allegations that the Central Intelligence Agency (CIA) is behind the Al-Qaida network
 
 
 

Snapchat's new Security feature Hacked in 30 Minutes; CAPTCHA Cracking tool published

 
 
Snapchat hacked
Snapchat suffered a massive data breach back in December in which 4.6 million usernames and phone numbers were compromised.

Earlier this month, the company launched an update to its iOS and Android apps, added a new security measure to ensure that new users aren't spambots or a robot. While signing up for the first time, it now displays nine images and then ask you to pick which images have a “ghost”.

Within 24 hours of Snapchat releasing an improved security feature, a developer has written a computer program capable of cracking it.

Another hacker, 'Steven Hickson' took only 30 minutes to write a script that can crack this new security feature. In this CAPTCHA feature, basically have you choose from amongst a bunch of images, identifying the ones that have the Snapchat ghost to prove you are a person.
"The problem with this is that the Snapchat ghost is very particular. You could even call it a template. For those of you familiar with template matching (what they are asking you to do to verify your humanity), it is one of the easier tasks in computer vision."
He wrote a script that can map out the exact shape of the Snapchat by matching it with the templates. Basically, he took an image of Snapchat's logo, then built a program that can identify certain points on the logo and match them to the images in the test.
He was able to effectively bypass Snapchat's test with 100 percent accuracy. "There is a ton of ways to do this using computer vision, all of them quick and effective. It's a numbers game with computers and Snapchat's verification system is losing."
 
 

FBI arrested 19-Year-old Hacker for Sextortion; allegedly Hacked into Miss Teen USA's Webcam

 
 
Sextortion Case   FBI arrested 19 Year old Hacker for Allegedly Hacking Miss Teen USA's Webcam
A College 19-year-old college student and Hacker from Temecula, California has been arrested for hacking the webcams of Miss Teen USA 'Cassidy Wolf' and other women to extort nude photos and videos from them.
Earlier this year Cassidy Wolf received an anonymous email in which the sender claimed to have stolen images from the camera on her home computer. According to the complaint, he threatened to turn her "dream of being a model ... into a pornstar."
Jared James Abrahams, 19 years-old man forced several women to strip. Based on an investigation launched in March the FBI raided THE suspect's home in June, seizing computers, cell phones and hacking software.
Abrahams is accused of hacking the computers of several young women and charged with extortion, that could send him to federal prison for up to two years.
Jared James Abrahams Sextortion Case
Abrahams used malicious software to disguise his identity in order to capture nude photos or videos of victims through remote operation of cameras on their home computers without their consent.

"He was later freed on $50,000 bail but a judge confined him to his family home, ordered him to wear a GPS monitor, and said he could only use the home computer for schoolwork, with software to be installed that will monitor its use." Fox News explained.

Investigators have identified several other victims in the case. The affidavit does not name the victims.

In Feb, 2013 - FBI arrested Karen 'Gary' Kazaryan, a 27-year old man, who blackmailed more than 350 women after convincing them to strip off in front of their webcams has been arrested in the US.