Microsoft.com.my, Bing, Skype, Kaspersky local domains of "Malaysia" Hacked by TiGER-M@TE, Bangladeshi Hacker

Microsoft.com.my, Bing, Skype, Kaspersky local domains of "Malaysia" Hacked by TiGER-M@TE, Bangladeshi Hacker

TiGER-M@TE is considers as one of most dangerous blackhat of world. There is not any specific reason mention about this hack on deface page but this rise many questions for security experts that how much these hacker are getting powerful. All sites are still defaced at the time of publishing. Basically MYNIC is compromised. Few month ago same hacker attack Kenya and hack Google.co.mw and many more. 




Deface page say's:
"HackeD
By 
TiGER-M@TE

#Bangladeshi HackeR
Hello malaysia,you think you are more advanced than us? Respect our workers,we will respect you!

Running it since 2007 :)

Greetz : kinG oF coNTroL ; Barbaros-DZ ; F0RTYS3V3N ; aBu.HaliL501 ; W7sH.SyRiA ; h311 c0d3 ; m1l05 ; j0 ; l0calh0st ; Ne0-h4ck3r ;

# TiGER-M@TE
# localhost_80@programmer.net
© UNDERGROUND HACKERS 2007 - 2013

#EOF"

Hacked Sites List:
http://microsoft.com.my/
http://dell.com.my/
http://skype.com.my/
http://kaspersky.com.my/
http://msn.com.my/
http://bing.com.my/

Mirrors:
http://www.zone-h.org/archive/notifier=tiger-m@te

DNS spoofing Attack Detail's:

DNS spoofing (or DNS cache poisoning) is a computer hacking attack, whereby data is introduced into a Domain Name System (DNS) name server's cache database, causing the name server to return an incorrect IP address, diverting traffic to another computer (often the attacker's).
Every country have registrar server which return the IP of local huge sites like google, msn etc. If registrar sever is compromised then we can redirect all those domains to specific ip which make it believe that sites are hacked. Basically sites are functioning properly, only there ip is hacked to hacked ip.

Pakistani Hacker Sentenced 18 months in Prison due to Mutimillion Dollar ATM heists

Pakistani man "Imran Elahi" who was involve in two Multimillion-dollar ATM heists targeting debit card processors was sentenced in Brooklyn federal court on Friday to 18 months in prison.

Imran Elahi pleaded guilty last year to access device fraud and conspiracy, largely for his involvement in two precision strikes: a $9 million heist in 2008 involving RBS WorldPay and a $14 million hack in 2011 against Fidelity Information Services.


Investigators said these two incidents were similar to another massive heist for which 8 individuals were charged in May, 2013.

Elahi has helped investigators, so he might be released soon and sent back to Pakistan.

References: Softpedia, Reuters

Yahoo Advertising Service vulnerable to XSS attacks

yahoo-xss

Yahoo! Advertising Service has is vulnerable to cross-site scripting security bugs, discovered by Soumyodeep Mondal. Vulnerability is yet unfixed and exploitable using a simple payload as shown in screenshot. There is a demo video also available to show Proof of concept. Back in January, Yahoo! said that it had fixed a cross-site scripting (XSS) vulnerability in its webmail service which was blamed for a spate of account hijackings. The compromised accounts were used to send spam. Also The Yahoo! blog was vulnerable to XSS attacks because it utilized an outdated version of WordPress. 

Uganda Domain Registry Hacked By 1337 & r00x

Pakistani hackers went ahead and defaced over dozen Uganda websites of world’s top brands, including all Google.or.ug ,Microsoft , coca cola , Hotmail , Gmail , yahoo , Skype Nokia , intel, avast etc. 

This is not 1st time when Pakistani Black hats attack on any country cyber space.  Most likely, the attacker hasn't actually breached Yahoo! or Google severs. Instead, he gained access to DNS servers and altered the records to ensure that all visitors of msn.ug or Google.ug would be redirected to his defacement page.



Pakistani hackers stepped ahead and defaced all these large scale websites, owned by top brands. All the hacks appear to be affecting the .ug and .com.ug domains, suggesting this could be a DNS attack.

Hacked Web Sites:

http://pepsi-cola.ug
http://acer.ug
http://norton.ug
http://googlegroups.ug
http://hackers.co.ug
http://microsoft.org.ug
http://root.co.ug
http://hackers.com.ug
http://nokia.com.ug
http://avast.ug
http://paypal.com.ug
http://cisco.com.ug
http://hp.com.ug
http://expedia.ug
http://sony.org.ug
http://kaspersky.com.ug
http://search.com.ug
http://intel.co.ug
http://skype.ug
http://yahoo.com.ug
http://gmail.com.ug
http://hotmail.com.ug
http://msn.com.ug
http://google.or.ug


Mirror notifier :

Rwanda Bing Hacked By Pakistani l33t H4x0r's






Website:
Mirror:


Message on Deface Page:


Hacked By THA DisasteR | 1337 | Invectus | H4x0rL1f3 | Shadow008 | THA Rude | THA Dark | Force Ex |







======================================================================

[#]root@nic's: Your system GoT 0wn3d By THA DisasteR | 1337 | Invectus | H4x0rL1f3 | Shadow008 | THA Rude | THA Dark | Force Ex | ! 





[#] Bing.rw Owned

[#] Where is the security ?/* */


[#] Geets To Pakistani H4x0r's : H4x0rL1f3 | InvectuS | Shadow008 | Dr.Z0mbie | b0x |
Simbaa - THA X-Haxor - DJArs Haxor - Waheed Gul - Reaper Grim - CoOl bOY Haxor - THA ZipCode - THA Mc Mods - THA Gi.igzy jc - Naino Diaster

======================================================================

Brazil Government Hacked By Muslim Cyber Sh3llz

Brazilian Hackers Hacked FIFA Official Website


Hackers have reportedly hacked the official website for the Brazil Football World Cup 2014 and replaced the site with a video of a violent police response to a peaceful protest.

According to News.com.au, the FIFA website was replaced with an embedded YouTube video, showing protesters marching, before riot police release tear gas and fire on the protesters with rubber bullets.

The report further said that protestors are seen shouting “sem violencia” throughout the video, which translates into ‘no violence’ in English.



However, the report added, the FIFA site has now been restored. According to the report, the protest in the video is apparently a part of the recent demonstrations across the country, sparked earlier this month by a hike in public transport fares, as well as government spending on the World Cup and the Olympics.

Google Uzbekistan DNS Hijacked By 1337, Pakistani Hacker





A Pakistani hacker, whose alias is 1337 claimed responsibility for what appeared to be a DNS Hijacked www.google.co.uz , the Uzbekistani version of Google’s search engine.

Google.co.uz Domain Details:

http://www.nic.uz/whois/?domain=google&zone=co.uz






US Govt is Watching Your Emails, Images, Videos, Search History, Skype Calls, Files, Chats



There are chances that you might have thought of being watched by US government through Gmail, Facebook and other internet giants who are holding your sensitive and most private data.

The news is that all your fears were real, as a new secret document has proven the existence of a US government program that grants NSA (National Security Agency) and FBI the direct access to the servers of Google, Facebook, Microsoft, Skype, Yahoo, Apple and other internet companies, from where they can extract any user information at their will.

Named as PRISM, the program was sanctioned by President Bush in 2007, which is now renewed again by President Obama in December 2012.

Under this program, tech giants gave the direct access to its servers to US government agencies, through which they can grab any information they want, without any hurdle.

The information that NSA can access may include your emails, chats, search history, images, videos, skype calls (even the content of skype calls), YouTube videos (even those which are private), files that are stored in your computer, call records of your smartphones, SMS, MMS, places you visit and much more.

Microsoft joined this program before anyone, followed by Yahoo and Google. Facebook, Skype, Youtube, AOL and Apple are also the program partners who have given the direct access and they can obtain information of any kind for any user who uses these services.

Dropbox is likely to be added in the list of partner companies soon.


PRISM enables US government agencies to reach directly into the servers of the participating companies and obtain both stored communications as well as perform real-time collection on targeted users.

Interestingly, US agencies call PRISM “one of the most valuable, unique and productive accesses for NSA”.

Another fact, which may worry our local “Privacy and Internet Freedom Activists” to a greater level is that Pakistan is second largest spying target of NSA, after Iran. Over 13.5 billion reports were gathered from Pakistan in March 2013 only.

Given the amount of data we share with these companies, including our personal and private information, this revelation is alarming and raise countless serious questions, concerning the morality of tech companies and US government.

Related Posts Plugin for WordPress, Blogger...