India | Hackmageddon.com

1-15 March 2013 Cyber Attacks Timeline

March 18, 2013 Paolo Passeri 2 comments

Other troubles for system administrators: March is confirming the 2013 dangerous trend with several high profile breaches against industrial, financial and governmental targets.

The first two weeks of March have begun with the breach to Evernote, and continued with (among the others) the third phase of the infamous Operation Ababil, targeting U.S. Banks and an alleged Chinese attack against the Reserve Bank of Australia.

Additional noticeable events include a wave of DDoS attacks against several Czech Republic’s targets (belonging to media, news and financial sector), a breach suffered by the NIST Vulnerability Database (unfortunately not an isolated example of the attacks against US governmental targets happened in these two weeks) and also the leak of 20,000 records from an Avast! German distributor.

Last but not least, the examined period has also confirmed the role of Twitter as the new mean to make resounding attacks against single individuals or organizations. Qatar Foundation, Saudi Aramco, and France 24 are only several of the organizations fallen victims of accounts hijacking.

Of course, these are only the main events, feel free to scroll down the list to analyze in detail what happened in these two weeks.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Once again, a special thanks to Kim Guldberg AKA @bufferzone for continuously advising me about significant cyber events through the Submit Form! Much Appreciated!

About these ads

Categories: Cyber Attacks Timeline, Security Tags: #OpIran, 2013, @dw_arabic, @France24_ar, @NullCrew_FTS, @observateurs, @Phr0zenM, @StateSecurityRS, @T3AMM3DU5A, aio.ir, Alladyn2, AngloAmerican, angloplatinum.co.za, angloplatinum.com, Anonymous, Anonymous Italy, Anonymous Philippines, Arnold Schwarzenegger, Ashton Kutcher, Australia, avadas.de, Avast!, Bank of America, BB&T, BCPP, Belgrade, Beyoncé, Bill Gates, Billboard, Bitcoin, BitInstant, Britney Spears, Casapounditalia.org, Ceskatelevize.cz, Chase Bank, Chevron Corporation, chevron.com, China, Colin Poweel, Colin Powell, Constantin Film, cpb.gov, csas.cz, CSOB, csob.cz, Ct24.cz, Cyber Attacks Timeline, Cypher, Czech Republic, denik.cz, Deutsche Welle, Donald Trump, Dpp.cz, drdo.gov.in, E15.cz, Equifax, eri.ir, Evernote, Experian, Facebook, Fifth Third Bank, Fio Banka, fio.cz, France 24 Arabia, France 24 observers, G.O.D., g1arng.army.pentagon.mil, Godzilla, Government, Hacker sTz, herzliyaconference.org, Hillary Clinton, HMP Isis, HSBC, Hulk Hogan, ical.ir, ict.org.il, idnes.cz, ihned.cz, India, Iran, isi.org.pk, Izz ad-Din al Qassam Cyber Fighters, Jay Z, Joe Biden, JPMorgan Chase & Co, karjera.ktu.lt, kb.cz, Kim Kardashian, Komerční Banka, ktu, lidovky.cz, majlis.ir, March, Maxney, Mel Gibson, Michelle Obama, mobilmania.cz, nationaljournal.com, natpdae.gov.bd, nespak.com.pk, Nicholas Webber, NIST, North Korea, novinky.cz, NullCrew, nvd.nist.gov, O2.cz, Oceaneering International, OpBlackSummer. Tunisian Cyber Army Al Qaida Electronic Army, Operation Ababil, Operation Green Rights, OpFuckMohammad, opm.gov, PAKbugs, Pakistan, Paris Hilton, Phr0zenMyst, PNC, Poland, Prague Stock Exchange, Pyongyang, Qatar Foundation, Raiffeisen Bank, Rasberry P, rb.cz, RBA, Reserve Bank of Australia, Robert Mueller, Sarah Palin, Saudi Aramco, seznam.cz, Soneri Bank, South Africa, South Korea, state.gov, supremecourt.gov.bd, Syrian Electronic Army, T-Mobile, T-mobile.cz, TEAM M3DU5A, th3inf1d3l, timewarnercable.com, TransUnion, Twitter, United States, US Bank, Watering Hole Attack, XSS, Zoosk, Živě.cz, Česká spořitelna

1-15 January 2013 Cyber Attacks Timeline

January 17, 2013 Paolo Passeri 4 comments

So here we are with the first Cyber Attacks Timeline for 2013 covering the first half of January.

Apparently the new year has begun with an intense activity by Cyber Crooks. Hacktivists and Cyber Criminals had many time to spend in front of their keyboards during the holiday break, and as a consequence the number of breaches with more than 10.000 accounts compromised is incredibly high. WWF China, the City of Steubenville, Ohio and The German Chamber of Commerce are only three examples of institutions that suffered massive breaches during the beginning of this year.

But the massive breaches are not the only remarkable events of this period: the waves of DDoS Attacks against US banks continued (and promise to extend also in the next weeks), Kaspersky Lab discovered a new massive Cyber Espionage Campaign dubbed “Red October”, and also the Japan Farm Ministry was hit by yet another Cyber Attack, allegedly originating from China…

If this is only the beginning… 2013 promises to be pretty much troubled for system administrators…

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.

Categories: Cyber Attacks Timeline, Security Tags: #AntiSec, #OpLeak, 2013, 53Bank, @AnonTitan, @AnonVoldemort, @anon_4freedom, @Anon_Acid, @DarkWebGoons, @Dysomnia_, @INST1NCT_, @irBreShiE, @Maxn3y, @OfficalNull, @RexMundi_Anon, @ThisIsGameOver, @XTnR3v0LT, Aaron Swartz, afca.gov.sa, africasia.com, ahk.de, Al-Qaeda, Ally Financial, Anonymous, AnonymousTitan, aoifeonline.com, Association of Irish Festival Events, atlantaperforms.biz, Bangladesh, BB&T, Blackmail, BoredGames.com, BreShiE, Capcom, Capital One, Capstone Turbine Corporation, Charles Schumer, Chile, China, COG, cotlook.com, csc.edu.sa, customs.gov.ye, CVE-2012-4792, Cyber Attack, Cyber Attacks, D35M0ND142, DarkWeb Goons, Debian, Defacement, Denial-of-service attack, dhs.gov, DOJ, Drake International, Durar Shamiya, Dysomnia, ejercito.cl, ejercito.mil.pe, eldorar.com, fibank.bg, Fifth Third, Fifth Third Bank, forensicexperts.in, France, G.O.D., Game Over, gdms.gov.sa, gdmw.gov.sa, German Chamber of Commerce, Godzilla, gov.ai, Hacktivism, HSBC, Human Mind Cracker, India, Indonesia, insight.mastercard.com, INST1NCT, Izz ad-Din al Qassam Cyber Fighters, January, Japan, Jefferson County Sheriff, jeffersoncountysheriff.com, Jember Hacker Team, jncasr.ac.in, JokerCracker, Justice.gov, Kaspersky, Kaspersky Lab, Kinros Tasiast, kinrosstasiast.mr, LulzSec Peru, maff.go.jp, Mastercard, MaX0xf, Maxney, mic.gov.sa, mic.org.sa, miestukarai.lt, mindefensa.gob.ve, MIT, Moin, NASA, nationalsecurity.lk, NaziGods, nitdgp.ac.in, NullCrew, OccupySteubenville, Ohio, Operation Ababil 2, OpFuckMohammad, OpIndia, OpRollRedRoll, OpSlaughterHouse, pakistanarmy.gov.pk, Panasonic, Peru, Philippines, Phone Hacking, PNC, police.ac.be, PoliceOne.com, presidensby.info, psmpq.org.sa, Python, Red October, Redhack, Rex Mundi, safous.gov.sa, Saudi Arabia, SEPO, servicehistorique.sga.defense.gouv.fr, SlixMe, SQL Injection, SQLi, Sri Lanka, Steubenville, SunTrust, Susilo Bambang Yudhoyono, Syrian Electronic Army, th3inf1d3l, The Saudi Ministry of Defense: moda.gov.sa, ThreatPost, Timeline, Tranzeo, tranzeo.com, Turkey, Turkish Ajan Group, Ubisoft, UNC, UNC Lineberger Comprehensive Cancer Center, University of North Carolina, Uplay, US Department Of Homeland Security, veterans.msstate.edu, Voldem0rt, Watering Hole Attack, Wells Fargo, Wiki, womvegas.com, WWF, wwfchina.org, Xl3gi0n hackers, XSS, YÖK, Zaxby’s, ZionsBank

16-31 December 2012 Cyber Attacks Timeline

January 7, 2013 Paolo Passeri 1 comment

The year is gone, and here it is the last Cyber Attack Timeline for 2012 (first part here).

The most important cyber-events of this second part of December can be considered: the third phase of the operation Ababil carried on by the Izz ad-Din al-Qassam Cyber Fighters against U.S. Banks, the attacks of the Anonymous collective against the Westboro Baptist Church, and, last but not least the Cyberwar echoes coming from Iran.

The wave of DDoS attacks carried on by the Izz ad-Din al-Qassam Cyber Fighters has taken down Six U.S. Banks under the fists of DDoS attacks apparently unstoppable. Instead the Anonymous seem to have changed tactic in their personal fight against the Westboro Baptist Church, they did not limit to DDoS the church’s website, but also performed a couple of Twitter account takeover against some key persons (with the collaboration of UGNazi members).

Instead, on the Cyberwar front, Iran confirms to be a danger zone, with some reports of a new Wiper and a simil-Stuxnet malware (even if this second news has been downplayed in a second moment.

Other noticeable news include an alleged breach to Yahoo!, a massive breach against a Chinese HP domain and a strange, controversial breach against Verizon FiOS (with data apparently leaked six months ago).

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.

Categories: Cyber Attacks Timeline, Security Tags: #GameOverDay, 0-Day, 2012, 2012obama.com, @CosmoTheGod, @DearShirley, @dswdserve, @gsec_, @LulzSecPeru, @Maxn3y, @nrtnz, @ThisIsGameOver, @TibitXimer, Account Hijacking, Aiplex, airport.ch, Al-Qaida, alwayson.hp.com.cn, an0nw3bc0d3r, Anonymous, Argentina, Australia, Bank of America, BB&T, Brazil, btflive.net, Bulgaria, Byron Bay Community School, C4ISR, CECOM, Central Intelligence Agency, CFR, cfr.org, China, CIA, Citi, Citigroup, Council on Foreign Relations, cpd.gov.kw, December, Denial-of-service attack, DiabloAnon, ebuyer.com, Egypt, Eletrobras, eln.gov.br, english.stanford.edu, Fred Phelps Jr., Fred Phelps Sr., Game Over, GameOverVirus, Grey Security, Heroes of Newerth, Hewlett Packard, Hormozgan, HP, ihya.org, India, Indian Express, Internet Explorer, Iran, islaam.net, ISNA, Israel, Izz ad-Din al Qassam Cyber Fighters, Jetro/Restaurant Depo, Jigsawhacker, JokerCracker, Kuwait, Lulz Security Peru, mantrackr.com, marvin.com.mx, Maxney, mindef.gov.ar, minfin.bg, mma.gov.br, MPAA, National University of Bangladesh, nu.edu.bd, Obama Must Go!, Operation Ababil, OpFuckMohammad, OpGreenRights, Philippines, PNC, Raj Musicals, rajmusicals.in, Ransomware, Renault, Renault.bg, Shirley Phelps-Roper, SQLi, Stanford, Stuxnet, th3inf1d3l, The Islamic Network, Tibit, Turkish Ajan Hacker Group, Twitter, ucsd.edu, UGNazi, United States, US Army, US Bank, Verizon FiOS, ViruS_HimA, WBC, Wells Fargo, Westboro Baptist Church, Wiper, Xc0unt3r, XL3gi0n, Yhaoo!, Zensis, zensis.com, zunal.com

July 2012 Cyber Attacks Timeline (Part I)

July 20, 2012 Paolo Passeri 1 comment

Update 08/02/2012: July 2012 Cyber Attacks Timeline (Part II)

Although the number of attacks has considerably diminuished, the first half of July has left several high-profile attacks which deserverd huge attention, exposing in theory more than 2,000,000 individuals. Yahoo! Voice, Android Forums, Nvidia, Formspring, Billabong and ASUS are several of the well-known names that were victims of the high-profile breaches in the first two weeks of July.

World Health Organization and PBS (once again) were also illustrious victims of Cyber Attacks.

Besides these remarkable events, it looks like the actions carried on by the Law Enforcement agencies in the last period led to some results since the number of incidents looks undoubtably smaller than the previous months.

For what concerns the cyber attacks driven by hacktivism, it is particularly important to notice #OpPedoChat, still ongoing, which caused many pedophiles to be exposed, in several cases with unpredictable consequences, as in Belgium where a far-right official resigned after Anonymous’ Paedophilia Claims.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Categories: Cyber Attacks Timeline, Security Tags: #OpLiberation, #OpPedoChat, #ProjectDragonFly, #ProjectGhostShell, #SaveTheArctic, #TeamGhostShell, #WikiBoatWednesday, .c0mrade, @AnonAntidote, @GoogleSWE, @gsec_, @ligatthacker, @OfficialComrade, @RedHack_EN, @Stat1cN1nja, @TeamSt34m, @TheAnon0ne, @TheWikiBoat, @TibitXimer, @Wikiboat, @Zer0Pwn, americannaziparty.com, Amit Agarwal, Anchorage, Android Forums, AndroidForums.com, Anonymous, Associated Content, Asus, Belgium, Billabong, bip.nl, boychat.org, BP, Carly Rae Jepsen, carlyraemusic.com, cbi.nic.in, China, Copyright Labs, Cyberwarfare, CyberZeist, D33Ds Company, Defacement, Denial-of-service attack, Formspring, Gazprom, Grey Security, High Tech Crime Solutions, hitechcrimesolutions.com, India, Innodata Isogen, Israel, jellis.com, July, Justin Bieber, justinbiebermusic.com, kpmg.com, Le4ky, Lemont, NullCrew, Nvidia, NVIDIA Developer Zone, Oak Creek Ranch School, Obama, ocrs.com, Paraguay Unlocker Security, PBS.org, presidencia.gov.py, public.mfa.gov.tr, Redhack, roatpkz.com, Rosneft, Shell, SQLi, StaticNinja, sunshinecoast.qld.gov.au, sykes.com, The Apollo Project, Tibit, Trend Micro, Twitter, University of Southern California, us.estore.asus.com, USC, Visakhapatnam, Wall Street Journal India, whitepowerforum.com, who.int, World Health Organization, Yahoo!

May 2012 Cyber Attacks Timeline (Part II)

June 4, 2012 Paolo Passeri Leave a comment

As usual, here it is the second part of the Cyber Attacks Timeline for the month of May 2012: a month particularly rich of Cyber Events. As you will probably know, the Flame malware has monopolized the attention, deserving the most attention from the Information Security Professional.

Nevertheless the scene has offered many interesting events, among which it worths to mention the breach of 123,000 federal employees records, the breach affecting University of Nebraska, and, last but not least, the breach against WHCMS (which, as we will soon see, has proved to be fatal for its author).

The hacktivist front is still hot and preannounces another hot summer. On the other hand the authors of several remarkable cyber-criminal actions are probably going to leave the scene: the long trail of arrests made by Law Enforcement Agencies against hackers has continued in this month and has hence led to the arrest of Cosmo, the leader of the infamous group UGNazi, which claimed to be the author of the Cyber Attack against WHCMS.

In your opinion are the arrests against hackers really going to stop the growing number of Cyber Attacks (acting as a deterrent)?

After the jump you find all the references, and at this link the first part covering 1-15 May.

Categories: Cyber Attacks Timeline, Security Tags: #DoktorBass, #FTPFriday, #MMM, #OpJailer, #OpLeveson, #OpLithChild, 123-reg.co.uk, @AnonNyre, @AnonymousSinn, @CosmoTheGod, @EcecusHxc, @k0detec, @nrtnz, @opindia_back, @planethacks, @rwandanhackers, @s3rverexe, @TheWikiBoat, @Vizi0, abcis.ca, Account Hijacking, Al-Qaeda, Alaska Large Structures, Alone Hacker, alphaunmannedsystems.com, altrec.com, American Advertising Federation, American Express, ANONDOG1, AnonTeenUSA, Anonymous, ANTIJEST, APT, Association of British Columbia Land Surveyors, ATeam, AZ.nl, BERRI, Bharatiya Janata Party, BitTorrent, bjs.ojp.usdoj.gov, Bureau of Justice Statistics, bzpower.net, Canada, CERT-In, Chicago Police Department, China, CISPA, Comcast, CrySyS Lab, Cyber Attacks Timeline, Cyber Crime, Cyber Warriors Team, Cyberwar, CyberZeist, DDoS, Defacement, dflvwclub.de, Distributed Denial Of Service, djartsgames.ca, eapolice.com, ECS Tuning, Education Ministry, eeas.europa.eu, EEKDAKAT, emcshoppe.co.uk, European External Action Service, EvilShad0w, Felix Roque, Flame, FOOLISH, GameArena, gamearena.com.au, gamereplays.org, Glade County, gladessheriff.org, GOGOBEANANON, gridironstrategies.com, Habbo Hotel, Hacktivism, Hillary Rodham Clinton, Hopsin, hyundai, IBM, ico.gov.uk, ilink.ph, India, Information Commissioner's Office, Iran, irimo.ir, iwacu1.com, Joseph Roque, Kaspersky Lab, kogler-natursteinwerk.at, Kosova Hacker Security, Law Enforcement, Mail Mayhem Monday, marionso.com, Metro Goldwyn Mayer, MyBB.com, NASA, NATO, NEURON, Norton-Z, NRAO, NRTN-Z, opm.gov, owegopolice.org, Palestinian Authority, pharmacist.com, Pizza Patron, Pizza Por Favor, PMDB do Maranhão, pmdbma.com.br, Quebec Liberal Party, rbi.org.in, recallroque.com, Reliance, Ronin Concepts Security Elite Ltd, roninconcepts.co.uk, Security, Serco, sex06.nl, sierracounty.ws, Social Engineering, solarimpulse.com, Soup.io, SQL Injection, SQLi, SSL, Stanford, Stanford University, teamskeet.com, Telstra, The Pirate Bay, Thrift Savings Plan, tmprotection.com, toplaughs.com, Torrent, U.S. Office of Personnel Management, uabonline.org, UGNazi, Union Of Arab Banks, University Of Nebraska, University of Thessaly, USAFIS, usafis.org, Voyager Mobile, w3schools.in, wafa.ps, West New York, WHMCS, whmcs.com, Wikileaks, Xception Code, you-r!-k@n

Timeline of Cyber War Between Bangladesh and India (Part II)

March 26, 2012 Paolo Passeri 1 comment

Part I: The list of Cyber Attacks Carried On by Bangladesh Hackers against India

The second part of this post covers the cyber attacks carried on by Indian hackers against Bangladesh. Apparently their number is smaller but a deeper analysis shows a sharper strategy focused on paralyzing the financial system of Bangladesh.

In this first quarter of 2012, the cyber war between the two countries went through two different phases: until the beginning of March, the two opposite factions faced themselves with sparse defacement and DDoS actions (unchained after the attacks following the India Republic Day). After March we entered the Cyber War 2.0 characterized by High Profile actions, most of all suffered by Bangladesh, that led to the takedown of the Stock Exchange and one important Bank.

Again, thanks to Catherine for collecting the data.

Of course do not forget to follow @paulsparrows for the latest updates on the (too many) Cyber Wars, being fought on the underground of our planet.

Timeline Of Cyber War Between Bangladesh and India

March 24, 2012 Paolo Passeri 6 comments

Update 03/26/12: List of Cyber Attacks Carried on by Pro-India Hackers against Bangladesh

Several days ago I tweeted a request of help to my tweeps for building a timeline of India and Bangladesh Cyber War Timeline.

Unexpectedly the day after I received a complete and detailed timeline from Catherine Anita. I was nearly risking to loose it since my Gmail account had marked the message as spam. As I do not completely trust the antispam engines and regularly check my Spam folder, fortunately I was able to retrieve her e-mail and the precious content.

Catherine did a complete review that I formatted according to my consolidated model, adding a couple of events for the last days.

Since the timeline of the mutual Cyber Attacks is quite long, I decided to divide it into two parts, the first one covering the cyber attacks carried on by pro-Bangladesh hacking crews against India (I used a rigorous alphabetical Order). Expect for tomorrow the update with attacks carried on from the other side.

As usual after the Jump you find all the references.

February 2012 Cyber Attacks Timeline (Part I)

February 16, 2012 Paolo Passeri 1 comment

February 2012 brings a new domain for my blog (it’s just a hackmaggedon) and confirms the trend of January with a constant and unprecedented increase in number and complexity of the events. Driven by the echo of the ACTA movement, the Anonymous have performed a massive wave of attacks, resuming the old habits of targeting Law Enforcement agencies. From this point of view, this month has registered several remarkable events among which the hacking of a conf call between the FBI and Scotland Yard and the takedown of the Homeland Security and the CIA Web sites.

The Hacktivism front has been very hot as well, with attacks in Europe and Syria (with the presidential e-mail hacked) and even against United Nations (once again) and NASDAQ Stock Exchange.

Scroll down the list and enjoy to discover the (too) many illustrious victims including Intel, Microsoft, Foxconn and Philips. After the jump you find all the references and do not forget to follow @paulsparrows for the latest updates. Also have a look to the Middle East Cyberwar Timeline, and the master indexes for 2011 and 2012 Cyber Attacks.

Addendum: of course it is impossible to keep count of the huge amount of sites attacked or defaced as an aftermath of the Anti ACTA movements. In any case I suggest you a couple of links that mat be really helpful:

List of all vulnerable websites attacked by anonymous Part II (updated daily) (via cylaw.info)
List of Websites Hacked, Defaced & Taken Down By Anonymous (via valuewalk.com)

Categories: Cyber Attacks Timeline, Cyberwar, Security Tags: #AntiSec, #FFF, #OpChina, #OpMexico, #OpNigeria, #OpPiggyBank, #SuperLeakSunday, #W0rmer, @AgentAnonHacker, @alsa7rx, @Anonw0rmer, @Codeinesec, @d4op, @EgyptAnonops, @Herxode, @ItsKahuna, @LulzFinancial, @LulzPirate, @OccupyAllSt, @r00tw0rm, @RevolutionSec, @SwaggSec, @_TeaMp0isoN, ACTA, Alabama, Alabama Department of Public Safety, Alarabiya, Anonymous, Anonymous Mexico, Appke, Bank of America, Bashar al-Assad, Boston Policy Department News, Brazzers, Burlington, CabinCr3w, China, Chinese Government Trade, CIA, Combined Systems, Cryptome, Daily Mail, Dallas Police, DDoS, Defacement, Devil’s Café, DHS, Digital Tornado, Distributed Denial Of Service, DreamHost, Economic Development Administration, Egypt, Epoch, Evil Shadow Team, FBI, Federal Bureau of Investigation, FFFriday, Fiat, Foxconn, Gossip Girl, Greece, Hacktivism, Haditha, Hax.r00t, Hijacking, Homeland Security, Horde, iepct, IFPI, IKN, India, Intel, ITCA, iTunes, KPN, L0NGwave99, LatinHackteam, Law enforcement agency, macforbeginners.com, McDonald, Mexican Chamber of Mines, Microsoft, Mobile Police Department, Morocco, NASA, Nasdaq, Nigeria, NOAA, Nortel, Nortel Networks, Operation Digital Tornado, OpIreland, Pakistan, Philips, PIPA, Prophon, puckett & faraj, Romania, Saadi, Salt Lake City Policy Department, Scotland Yard, SECTOR404cl, SOPA, SQLi, Super Bowl, Sweden, Syracuse Police, Syria, TeamPoison, Texas, Texas Department of Public Safety, Texas Police Association, Ticketweb, Toyota, Turkey, Turkey Cyber Army, United Nations, United States Census Bureau, Venezuela, West Virginia Chiefs of Police Association, Westboro Baptist Church, Wisconsin Chiefs of Police Association, xdev @ b4lc4nh4ck

December 2011 Cyber Attacks Timeline (Part II)

December 30, 2011 Paolo Passeri 2 comments

This infamous 2011 is nearly gone and here it is the last post for this year concerning the 2011 Cyber Attacks Timeline. As you will soon see from an infosec perspective this month has been characterized by two main events: the LulzXmas with its terrible Stratfor hack (whose effects are still ongoing with the recent release of 860,000 accounts), and an unprecented wave of breaches in China which led to the dump of nearly 88 million of users for a theoretical cost of nearly $19 million (yes the Sony brech is close). For the rest an endless cyberwar between India and Pakistan, some hactivism and (unfortunately) the usual amounts of “minor” breaches and defacement. After the page break you find all the references.

Last but not least… This post is my very personal way to wish you a happy new infosec year.

Categories: Cyber Attacks Timeline, Cyberwar, Security Tags: #AntiSec, #OpFreePalestine, 178.com, 2011 Cyber Attacks Timeline, 7k7k.com, @DestructiveSec, @OpLatinoAmerica, @stramble, @Thorwed, @_T0x1c, @_TeaMp0isoN, Abhaxas, Advanced Persistent Threat, Amnesty International, Anonymous, APT, Asus, Biclopsgames, Bullshouse, Butler Schein Animal Health, Campus100.in, Care2, China, China Software Developed Network, CIA, Colombia, CopSeek, CSDN, D157UR83D, D35M0ND142, Data Breach, Data Leak, DDoS, Defacement, Denial-of-service attack, Digital Underground Team, duowan.com, Edinburgh, Edinburgh City Council Debt, Egypt, EL Salvador, Facebook, Gray Hatz, Hacktivism, hemmelig.com, iBAHN, India, Indian Stock Exchange, Indishell, Information security, inzit.gob.ve, Israel, Karmafilms.es, K|nG, Lady Gaga, LulzSec Guatemala, LulzXmas, Manchester, Mexico, Microsoft, NASA, NDAA, Oxford, Pakistan, Potent Security, Promo-Web.org, Promoweb, qualitapa.gov.it, Renren, Restaurant Depot, Russia, Sarah Palin, Sector 404, sefh.es, Siemens, Sony, SOPA, specialforces.com, SQL Injection, SQLi, Stanford, Stratfor, Taishin Bank, Team Gray Hat, thehosting.me, tianya.cn, Toxic Ven0m, Trion World, Twitter, U.S. Chamber Of Commerce, U.S. Senate, unifg.it, Valerie Boyer, valerieboyer.fr, Vermont.gov, Zuliano Institute For Technological Research

November 2011 Cyber Attacks Timeline (Part II)

November 30, 2011 Paolo Passeri Leave a comment

The second half of November has confirmed the trend seen in the previous report covering the first half of the month. The period under examination has confirmed a remarkable increase in Cyber Attacks from both a quality and quantity perspective.

Although the month has been characterized by many small attacks, several remarkable events have really made the difference.

Among the victims of the month, Finland deserves a special mention in this unenviable rank: the second half of the month has confirmed the emerging trend for this country, which suffered in this period two further breaches of huge amounts of personal data, for a global cumulative cost, computed on the whole month, around $25 million.

But Finland was not the only northern European country hit by cybercrookers (maybe the term cyberprofessionals would be more appropriate): Norwegian systems associated with the country’s oil, gas and energy sectors were hit with an APT based cyber attack resulting in a loss of sensitive information including documents, drawings, user names and passwords.

But once again the crown of the most remarkable breach of the month is placed upon the head of South Korea which suffered another huge data dump affecting users of the popular MMORPG “Maple Story” affecting theoretically 13 million of users, nearly the 27% of the Korean population, for an estimated cost of the breach close to $2.8 billion.

The list of affected countries this month includes also 243,089 Nigerian users, victims of the hack of Naijaloaded, a popular forum.

Microsoft has been another victim in this November, with a phishing scam targeting Xbox Live users. Details of the scam are not clear, although each single affected user in U.K. might have lost something between £100 and £200 for a total cost of the breach assimilable to “million of Pounds”.

November will make history for showing for the first time to information security professionals the dangers hidden inside the SCADA universe (and not related to Nuclear Reactors). The echo of Stuxnet and Duqu is still alive, but this month was the the turn of SCADA water pumps, that have suffered a couple of attacks (Springfield and South Houston), the first one allegedly originated from Russia and the second one from a “lonely ranger” who considered the answer from DHS concerning the first incident, too soft and not enough satisfactory. My sixth sense (and one half) tells me that we will need to get more and more used to attacks against SCADA driven facilities.

The Anonymous continued their operations against governments with a brand new occurrence of their Friday Releases, targeting a Special Agent of the CA Department and leaking something like 38,000 emails. Besides from other some sparse “small” operations, the other remarkable action performed by the Anonymous collective involved the hacking of an United Nations (old?) server, that caused personal data of some personnel to be released on the Internet.

November Special mentions are dedicated (for opposite reasons) to HP and AT&T. HP for the issue on their printers discovered by a group of Researchers of Columbia Univerity, which could allow a malicious user to remotely control (and burn) them. AT&T deserved the special mention for the attack, unsuccessful, against the 1% of its 100 million wireless accounts customer base.

In any case, counting also the “minor” attacks of the month, the chart shows a real emergency for data protection issues: schools, e-commerce sites, TVs, government sites, etc. are increasingly becoming targets. Administrators do not show the deserved attention to data protection and maybe also the users are loosing the real perception of how much important is the safeguard of their personal information and how serious the aftermaths of a compromise are.

As usual, references for each single cyber attack are reported below. Have a (nice?) read and most of alle share among your acquaintances the awareness that everyone is virtually at risk.

November 2011 Cyber Attacks Timeline (Part I) (paulsparrows.wordpress.com)

Categories: Cyber Attacks Timeline, Security Tags: #opRobinHood, 0-Day, 0-Day Vulnerability, 101domain.com, @d4op, @FailRoot, @ItsKahuna, @xDarkSton3x, Advanced Persistent Threat, Anonymous, Anonymous Dominicana, Anonymous_DR, APEC, APT, Ashiyane, Asia Pacific Economic Cooperation, AT&T, Australia, bayareaconnection.net, Bhutan, BIND, BIND 9, Bishop McDevitt Catholic High School, Black Friday, Brazil, Breach, CA Department Of Justice, Canadian Foundation for Economic Education, Carbajal Realty, CLGCA, Club Penguin Private Servers, Columbia University, CTE, Curran-Gardner Public Water District, DDoS, Defacement, Distributed Denial Of Service, DNS, DrumMusic.TV, evidalia.es, File Recursion, Finland, globeclassroom.ca, Godzilla, Guatemala Congress, Hacking, Harvard School of Engineering And Applied Sciences, havij, Host Booter, HP, Humormillnews.com, Huoltamo.com, Hyderbad Alumni Association, India, itcgcesaro.gov.it, itcpantaleo.gov.it, itimarconi.gov.it, iTunes, Jackeh, Japan, Johns Hopkins University, Kimallus.fi, Leak, LulzSec Portugal, Lumen Christi College, macromatic.com, Maharashtra Highway Police, Malware, MapleStory, Maricopa Community Colleges, math2020.com, mcdevitths.org, MetalSoft team, Microsoft, MMORPG, Naijaloaded, Nec, Netcar.fi, NEWWBIE3vilC063S, Nexon, Nike-free-run.us, Norway, Norway's National Security Authority, NSM, Pakistan, Parks.it, Pastebin, Phishing, Poliklinika.fi, powerin10, relayspec.com, SCADA, Singlehanded Sailing Society Forum, Sinterklaas, Sitcoms Online, South Houston's Water Supply Network, SQL Injection, St0rm, Stanford University, Stomp, Sudan Airways, Sudan Cyber Army, TeaMp0isoN, Terkkari.fi, Terve.fi, Terve24.fi, TheMrX, thereadersweb.com, Tohtori.fi, UN, Unicersity Of Washington, United Nations, Univeristy Of California Riverside, Univeristy Of Oregon, University Of Melbourne, Vagus Cosmetics, Verkkoklinikka.fi, Xbox Live

Older Entries

About these ads

May 2013
M	T	W	T	F	S	S
« Apr
	1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31

Twitter

RT @LastlineLabs: Marco Cova from Lastline talking about hacktivism on Italian TV ow.ly/l8Az6 - 1 day ago
RT @lastlineinc: Malware can make itself invisible: in the case of RSA security's breach, malware went undetected for 1/2 year http://t.co/… - 1 day ago
RT @gianlucaSB: SMS-based command and control protocols are here ow.ly/l47Ye - 3 days ago
Skype with care Microsoft is reading everything you write h-online.com/security/news/… - 4 days ago
How the Syrian Electronic Army Hacked The Onion - Onion Inc.'s Tech Blog theonion.github.com/blog/2013/05/0… - 1 week ago
@Xyri3 sorry I forgot :) Done! - 1 week ago
@Xyri3 sure when you want. - 1 week ago
RT @LastlineLabs: NPR story about new Pentagon report on Chinese intellectual property theft ow.ly/kNdew - 1 week ago
An interesting novel approach to detect compromised accounts on Social Networks: seclab.cs.ucsb.edu/media/uploads/… - 1 week ago
16-30 April 2013 Cyber Attacks Timeline wp.me/p14J6X-2oH - 1 week ago

Follow @paulsparrows

Hackmageddon.com

Archive

1-15 March 2013 Cyber Attacks Timeline

1-15 January 2013 Cyber Attacks Timeline

16-31 December 2012 Cyber Attacks Timeline

July 2012 Cyber Attacks Timeline (Part I)

Timeline of Cyber War Between Bangladesh and India (Part II)

Timeline Of Cyber War Between Bangladesh and India

February 2012 Cyber Attacks Timeline (Part I)

November 2011 Cyber Attacks Timeline (Part II)

Related articles

About The Author

Stats

Support My Work!

Share:

Stay Tuned!

Interesting Links

News

About This Blog

Calendar

Archive

Tag

Recent Posts

Top Posts & Pages

Visitors from…

Twitter

Follow “Hackmageddon.com”

Archive

Share:

Like this:

Share:

Like this:

Share:

Like this:

Share:

Like this:

Share:

Like this:

Share:

Like this:

Share:

Like this:

Share:

Like this:

Share:

Like this:

Related articles

Share:

Like this:

About The Author

Stats

Support My Work!

Share:

Stay Tuned!

Interesting Links

News

About This Blog

Calendar

Archive

Tag

Recent Posts

Top Posts & Pages

Visitors from…

Follow “Hackmageddon.com”