Leak | Hackmageddon.com

16-30 September 2012 Cyber Attacks Timeline

October 4, 2012 Paolo Passeri 2 comments

Part One with 1-15 September 201 Timeline Here.

September is over and it’s time to analyze this month from an Information Security perspective with the second part of the Cyber Attack Timeline.

Probably this month will be remembered for the massive outage of six U.S. Banks (Bank of America, JPMorgan Chase, Citigroup, U.S. Bank, Wells Fargo and PNC ) caused by a wave of DDoS attack carried on by alleged Muslim hackers in retaliation for the infamous movie (maybe this term is exaggerated) “The Innocence of Muslims”.

China has confirmed its intense activity inside the Cyber space. Alleged (state-sponsored?) Chinese hackers were allegedly behind the attack to Telvent, whose project files of its core product OASyS SCADA were stolen after a breach, and also behind a thwarted spear-phishing cyber attack against the White House.

Adobe suffered a high-profile breach which caused a build server to be compromised with the consequent theft of a certificate key used to sign two malware strains found on the wild (with the consequent necessary revoke of the compromised key affecting approximately 1,100 files).

Last but not least, the Hacktivism fever has apparently dropped. September has offered some attacks on the wake of the #OpFreeAssange campaign, and a new wave of attacks at the end of the month after the global protests set for September, the 29^th, under the hashtag of #29s.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

About these ads

Categories: Cyber Attacks Timeline, Security Tags: #29S, @DeleteSec, @r0gu3An0n, @RexMundi_Anon, @_s0lar_, Adobe, Afghanistan Hackers, ALZH3R, amchamfrance.org, Anonymous, Asus OpFreeAssange, Attorney, Australia, Bangladesh Cyber Army, Bank of America, bebeauty.com.sg, Bl4k3 Security, BNL, Brazil, BukSus, Canada, Canada OASyS SCADA, China, Citigroup, com.edu, consejo-estado.es, Cyber Espionage, DDoS, Defacement, Dell SecureWorks, Denial-of-service attack, Diaoyu Islands, Distributed Denial Of Service, Donnie Wahlberg, Egypt, fip.org, Foxconn, G.O.D., Godzilla, Golden Dawn, gppeuropeo.eu, Hacktivism, hcsr.gov.sy, hello-hello.com, Hmei7, Iran, Israel, Izz ad-Din al Qassam Cyber Fighters, Japan, jobmarket.com.my, John Cena, John Morrison, JPMorgan Chase, Karachi Stock Exchange, KINOZ95, krystalhost.com.mx, Leak, lincetoyota.com, m0le, Maxney, Mirage, MirageFox, Nigeria, NullCrew Cambridge University, nxm.mx, Pakistan Army, Philippines, phpMyAdmin, PNC, policia.es, pparagon.es, ppzamora.com, psoeguaro.es, PSYCHOLYZERN, RAT, raymond-lo.com, revolutiontt.me, Rex Mundi, Rexoman, SourceForge, Spain, Spear Phishing, SQLi, Steve-O, stratigraphy.org, swftools.com, Syria, tadmor4dev.sy, Taiwan, Targeted Attack, Telvent, Telvent Canada, th3inf1d3l, The Innocence of Muslims, The Usos Team, thepiratebay.se, thetablet.co.uk, Toyota, Transcend Capital, Tulsa, Turkish Ajan Hacker Group, Twitter, tycsports.com, U.S. Bancorp, U.S. Bank, United States, United States Department of Agriculture, University of Padua, University Of Technology Sidney., uts.edu.au, Wells Fargo, White House Military Office, WHMO, Xc0unt3r, Xception Code, xL3gi0n hacker, yabroud4dev.sy, YEIZETA

Sometimes They Come Back: Team GhostShell Leaks 120K Records from Top 100 Universities

October 3, 2012 Paolo Passeri Leave a comment

This summer, when Team GhostShell released one million accounts as part of their Project HellFire campaign, I was particularly impressed by one sentence contained in the pastebin statement which accompanied the release.

One million accounts/records leaked. We are also letting everyone know that more releases, collaborations with Anonymous and other, plus two more projects are still scheduled for this fall and winter. It’s only the beginning.

I was wondering what else the hacking collective had in mind, and unfortunately I did not have to wait too long for the answer. As promised, at the beginning for this fall Team GhostShell returned with a new campaign called “ProjectWestWind”, aimed at “raising awareness towards the changes made in today’s education, how new laws imposed by politicians affect us, our economy and overall, our way of life”.

Their interpretation of their concept of “raising awareness” is a little bit complicated since, in order to raise awareness they hacked top 100 International Universities and leaked more than 120,000 accounts (leaving in their servers hundreds of thousands more). The list includes Harvard, John Hopkins, the University of Michigan, Tokyo University, New York University, Princeton and the University of Rome and leaked data contains email addresses, hashed passwords, IDs and names of students and faculty members.

It worth to mention that they claimed to have found a lot of servers infected with malware, and some other storing credit card information.

There is not so much to comment. I would prefer to limit myself to the Italian situation: when dealing with the quality of infrastructures, Italian Universities rank inevitably at the bottom of every possible chart, when dealing with being hacked, they rank inevitably at the top…

Categories: Security Tags: #ProjectHellFire, #TeamGhostShell, Leak, ProjectWestWind, University

August 2012 Cyber Attacks Timeline (Part I)

August 20, 2012 Paolo Passeri 4 comments

The first half of August has seen a revamping of Hacktivism, encouraged by the takedown of the famous Torrent Tracker Demonoid (and the consequent OpDemonoid targeting most of all Ukrainian sites), but also encouraged by OpAustralia, the wave of attacks against Australian Web Sites carried on against the Australian Internet Surveillance Law (apparently the latter operation was successful since the controversial law has been put on standby).

But Hacktivism was not the only “trend topic” for this period. The Middle East continues to be the cradle for unexpected cyber weapons threats. In August, two new occurrences of allegedly state sponsored malware: Gauss, a cyber-espionage tool targeting bank transaction, and Shamoon , a destructive malware targeting energy companies.

These are probably the most remarkable Cyber Events of this period, which has also seen a purported giant breach targeting Pearl.fr, a French e-commerce website whose 729,000 accounts, together with over 1 million bank transaction details, have been subtracted by hackers.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Categories: Cyber Attacks Timeline, Security Tags: #DoktorBass, #OpFreePalestine, #opfuckuganda, 2012, @AntiLeaks, @DramaSett3r, @_ignit3, Account Hijacking, afta.net.au, aibb.org.au, Amazon, Anonymous, apo.kiev.ua, Apple, asio.gov.au, AT&T, Atlanta Braves, August, Australia, Australian Institute of Business Brokers, AYYILDIZIIM-Gen~Reis, Battle.net, Blizzard Entertainment, cabledrum.net, Chicago Cubs, Chicago White Sox, ci.haines-city.fl.us, Clan VV3, Cyber Crime, dai.vn.ua, DDoS, Demonoid, Distributed Denial Of Service, dsd.gov.au, Dump, Education, Environmental Protection Agency, epa.gov, Facebook, fisu.gov.ua, Gauss, gclounge.com.au, Gizmodo, Hacktivism, Haines City, Hitcher, hptrainingcenter.com, Israel, JM511, Kapil Sibal, L0lz Security, L0lzSec, Lake City Police Association, lakecountysheriff.com, Leak, Lebanon, Los Angeles Angels of Anaheim, Malware, Mat Honan, Miami Marlins, Middle East, mil.gov.ua, National Council of Investigation and Security, nciss.org, Nepal, New York Yankees, nitc.gov.np, nnottscamra.co.uk, nrada.gov.ua, NullCrew, OpAustralia, OpDemonoid, Operation India, OpGreenRights, opmcm.gov.np, Palestinian Authority, PBBans, Pearl.fr, Phobia, Remember Emad, Reuters News, ReutersTech, RUTracker.org, San Diego Padres, San Francisco Giants, Saudi Aramco, scanbits.org, Shamoon, Siemens, Social Engineering, SQL Injection, SQLi, svalyava-vlada.gov.ua, Syrian Electronic Army, The Elite Society, Thomson Reuters, Torrent, Torrent Tracker, Trusteer, Twitter, uacrr.kiev.ua, uam.mx, Uganda, Ukraine, Universidad Autónoma Metropolitana, V0dka, Washington Nationals, WebGate, Wikileaks

March 2012 Cyber Attacks Timeline (Part II)

April 2, 2012 Paolo Passeri Leave a comment

First Part: March 2012 Cyber Attacks Timeline (Part I)

It is time for the second part of the March 2012 Cyber Attacks Timeline, a month that will probably be remembered for the breach occurred to Global Payments, a credit card processor, whose aftermath may potentially affect up to 10 million credit card holders belonging, among the others, to Visa and MasterCard.

On the hacktivism front, not even three weeks after the arrest of several LulzSec members, a new hacking crew has appeared whose name, LulzSecReborn, clearly reminds the infamous collective and its Days of Lulz. They entered the scene with a noticeable, albeit discussed, leak: more than 170.000 records from a military dating site.

Other remarkable hacktivism-led cyber attacks include the so called #OpFariseo, a wave of Cyber Attacks targeting websites related to the visit of the Pope in Mexico, and a new cyber attack to PBS. It is also important to notice the debut of the Anonymous in China, a debut characterized by a massive wave of defacements.

Last but not least, among the events of this month there is one which in particular deserves a mention, and is the leak which targeted Vector Inc., a Japanese computer selling firm, potentially affecting more than 260,000 users.

As usual after the jump you will find all the references.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), and follow @pausparrows on Twitter for the latest updates.

Categories: Cyber Attacks Timeline, Cyberwar, Security Tags: #freetibet, #GlobalRevolution, #OpCorrupcionMexico, #SailingSaturday, #tibet, @anonopshispano, @AnonymousChina, @AnonymouysWiki, @Black Jester, @Black_J3StEr, @s3rverexe, @SONLCS, @ur0b0r0x, adultinsider.com, Anonymous Hispano, benedictomexico.mx, BlackJester, Bot, Canada, casamexico.mx, CBS, CECOM, CenturyLink, China, colmic.tv, CSS Corp, csscorp.com, Cyberwarfare, Data Leak, DDoS, Distributed Denial Of Service, emniyetyurdu.pol.tr, ESingles, Fox, Global Payments, guanajuato.gob.mx, HackerClaus Team, hacks e-ring.pl, Hong Kong, ipa-australiapolice.com.au, Japan, Justin Bieber, Le0n B3lm0nt, Leak, LulzSec, LulzSecReborn, LUN4T1C0, mace.ac.in, Mastercard, mediaportal.ro, Mexico, Michael McFaul, MilitarySingles.com, minimins.com, NASA, National Capital Planning Commission, ncpc.gov, NDP, NTV, NU.nl, Pastebin, PBS, PBS.org, peruanosonline.com, pgr.gob.mx, Police Association of Australia, Pope, Pope Benedict XVI, Procuradurìa General De La Repùblica, Qwest Communications International, Redhack, rondell.kiev.ua, Russia, S3rver.exe, Sinowal, Skatteverket, Skeptical Science, Softbank, Sony, SQL Injection, SQLi, Twitter, Unauthorized Access, US Army Communications and Electronics Command, Vector Inc, Visa, Warner Bros, Warner Music Group, waveneywholesale.com, Worm, xdev @ b4lc4nh4ck, ZCompany Hacking Crew, ZHC Miscreant

February 2012 Cyber Attacks Timeline

March 5, 2012 Paolo Passeri 1 comment

Find here February 2012 Cyber Attacks Timelime Part I.

With a small delay (my apologies but the end of February has been very busy for me and not only for Cybercrooks as you will soon see), here it is the second part of my compilation with the main Cyber Attacks for February 2012.

Easily Predictable, the Hacktivism is still the main concern for System Administrators, in particular for the ones of Stratfor who suffered a huge leak of 5 million of emails.

On the same front, the threats of the Anonymous for the Friday actions have come true and as a matter of fact Law Enforcement Agencies suffered other remarkable breaches in this month: Infragard for the second time and also Interpol (a new entry) that was taken down after the arrest of 25 members of the collective. Anti ACTA protest also continue to shake Europe as also the delicate economical and social situation in Greece.

Last but not least, this month has also seen an unforgettable leak, affecting potentially more than 1.000.000 Youporn users.

As usual, the chart does not include the events related to Middle East Cyber War Timeline, that you may find at this link, as they “deserve” a dedicated timeline.

After the jump you find all the references, follows @paulsparrows for the latest updates on a regular basis and also have a look to the 2012 Cyber Attacks Timeline Master Index.

Categories: Cyber Attacks Timeline, Cyberwar, Security Tags: #AntiSec, #FFBIFriday, #FFF, #OpApodacaSegura, #OpBlitzkrieg, #OpPiggyBank, @alsa7rx, @b4lc4nh4ck, @ItsKahuna, @muldaria48, @r00tw0rm, @Visi0nZ, Abu Nazir, ACTA, ANCMRR, Anonymous, Anonymous Srbija, Australia, Bangladesh Cyber Army, BCA, CabinCr3w, CAC, CCSU, Central Connecticut State University, D157UR83D, D35M0ND142, DarkComet, Defacement, FTC, GEO Group, geogroup.com, Goya Awards, gram24.pl, Greece, Hacktivism, hcisingapore.com, ias100.in, Information security, Infragard, infragard.dayton.oh.us, Inj3ct0r, Interpol, Israel, La Nacion, LABusinessConnect.com, lacpca.com, lanacion.com.ar, Law enforcement agency, Leak, Loongson, Los Angeles Police Canine Association, Malware, Mexico, Middle East, MIT, MySQL, oacp.ca, Ontario Association of Chiefs Of Police, Oracle, oso iSHAUN, Pastebin, RAT, Roland, Romania, Royal Navy, Security, Skype, springfieldmo.gov, SQL Injection, SQLi, Star Vault, Stratfor, Syria, System administrator, TeamAnarchyDumpz, TeamoSo, Telecomix, Teyana Taylor, Turkey Cyber Army, Twitter, UN, UNEP.org, United Nations, United Nations Environment Programme, Universal, Universal Music, University Of Washington, vita.pl, Wikileaks, xdev, Yamaha Commercial Audio Systems, Youporn, Z-Bot

January 2012 Cyber Attacks Timeline (Part 1)

January 15, 2012 Paolo Passeri 2 comments

Click here for part 2.

New year, new Cyber Attacks Timeline. Let us start our Information Security Travel in 2012 with the chart of the attacks occurred in the first fifteen days of January. This month has been characterized so far by the leak of Symantec Source Code and the strange story of alleged Cyber Espionage revolving around it. But this was not the only remarkable event: chronicles tell the endless Cyber-war between Israel and a Saudi Hacker (and more in general the Arab World), but also a revamped activity of the Anonymous against SOPA (with peak in Finland). The end of the month has also reserved several remarkable events (such as the breaches to T-Mobile and Zappos, the latter affecting potentially 24,000,000 of users). In general this has been a very active period. For 2012 this is only the beginning, and if a good beginning makes a good ending, there is little to be quiet…

Browse the chart and follows @paulsparrows to be updated on a biweekly basis. As usual after the jump you will find all the references. Feel free to report wrong/missing links or attacks.

Categories: Cyber Attacks Timeline, Security Tags: #AntiSec, #OccupyNigeria, #OpAmaZonaSave, #OpBlitzkrieg, #OpFreePalestine, #OpGoldenCoin, #OpHiroshima, 0xOmar, 100, 1M_vs_NATO, 2012 Cyber Attacks Timeline, @Jargon7, @muldaria48, @NaijaCyberHack, @p0keu, @YamaTough, @_AnonymouSTL_, Amazon, ambiente.gov.br, American Nazi Party, AnonFinland, Anonymous, Anonymous Finland, antipiracy.fi, ANZ, Apple, APT, Arab World, ArcelorMittal, Arenal de Sevilla, Aryan Books, Ashton Kutcher, Bar-Ilan University Geography and Environment Department, bklighting.com, Brazilian Ministry of Environment, CabinCr3w, cancaonova.com, Catalyst Gaming, Chliz Aceh [Indo Haxor], City Vibe, Credit Rating Agencies, CSLEA, cslea.org, Cyb3rSec, Cyber Attacks Timeline, Cyberwarfare, CYCADA, D35M0ND142, David Morgan, DDoS, Defacement, DevilzSec, Dump, Elal.co.il, Elisa, ErikandSons.de, Etrade, Exploit, Facebook, Finland, Fitch, Flame/FlameCoding, Foursquare, futureexpert.co.uk, game.co.uk, Gameover, group-xp, h4ckz0n3, Hijacking, home.geoenv.biu.ac.il, hqnaec.org, Huffington Post, hydrogensoftware.com, ifpi.fi, ILAN, ilan-israel.co.il, Indishell, Indonesian Ministry of Trade, Information security, Internet Storm Center, ISC, islaam.net, Islamic Network, Israel, Israel Aerline, Israel Institute of Technology Cancer and Vascular Biology Research Center, kemendag.go.id, kenjie miranda, l33ts.org/leetcoding, Leak, lemuse.info, lilupophilupop.com, Live Out Doors, Local 1488, Lords of Dharmaraja, LulzReborn, LulzSec, M4tr1xCh40s, MoDzHD1, Naija Cyber Hactivists, National University Of Singapore, Nationales Versandhaus, NATO, NBN, nbn.org.il, Nefesh B’Nefesh, Nigerian Army, Nightmare, Nokia, NPD Spender, NUS, NY Police Chiefs, nychiefs.org, Ohio State University Medical Center, Organic Emporium, Pakistan, Pakistan Horticulture Development, Pastebin, phdeb.org, Phishing, Premiere Bank of Philippines, Ramgen-Jenele Video Scandal, RIM, Saudi Arabia, SAVCE, SCADA, SEP, SNIP, snip.co.il, Sony Pictures, Sony Pictures Entertainment, SQL Injection, SQLi, STK, Stratfor, Symantec, Tase.co.il, technioncancer.co.il, Tel-Aviv Stock Exchange, THA, The Hacker Army, TopLinks, toplinks.co.il, Twitter, United States Marine Corps, unitedbeauty.co.uk, University of Victoria, US-CERT, USAA, USCC, WallRoad, Wendi Deng, World of Warcraft, WoW, WoW-Gold.de, Zappos, Zeus, Zhc BlackOne Haxor, Zhc Bozzerror

One Year Of Lulz (Part II)

December 26, 2011 Paolo Passeri 1 comment

Christmas has just gone and here it is my personal way to wish you a Happy New Year: the second part of my personal chart (first part here) of Main 2011 Cyber Attacks covering the time window from August to November 2011 (December is not yet finished, and featuring remarkable events, so expect an update very soon). This memorable year is nearly over and is time, if you feel nostalgic, to scroll down the second part of the list to review the main Cyber Events that contributed, in my opinion, to change the landscape and the rules of the (information security) game. Many events in this period among whom, IMHO, the most noticeable is the one carried on against Diginotar. Since then our trust in conventional authentication models is not (and will not be) the same anymore.

Of course this is my personal selection. Suggestions are well accepted and if you need more details about the cyber events in 2011, feel free to consult my 2011 Cyber Attacks Master Index. As usual after the page break you find all the references…

December 2011 Cyber Attacks Timeline (Part I)

December 21, 2011 Paolo Passeri Leave a comment

As usual, here it is my compilation of December Cyber Attacks.

It looks like that Christmas approaching is not stopping hackers who targeted a growing number of organizations including several security firms (Kaspersky, Nod 32 and Bitdefender) even if in secondary domains and with “simple” defacements.

Cyber chronicles report of Gemnet, another Certification Authority Breached in Holland (is the 12th security incident targeting CAs in 2011) and several massive data breaches targeting Finland (the fifth this year, affecting 16,000 users), online gambling (UB.com affecting 3.5 million of users), Telco (Telstra, affecting 70,000 users), and gaming, after the well known attacks to Sony, Sega and Nintendo, with Square Enix, which suffered a huge attacks compromising 1,800,000 users (even if it looks like no personal data were affected).

Online Payment services were also targeted by Cybercrookers: a Visa East European processor has been hit by a security breach, but also four Romanian home made hackers have been arrested for a massive credit card fraud affecting 200 restaurants for a total of 80,000 customers who had their data stolen.

As usual, hacktivism was one of the main trends for this first half of the month, which started with a resounding hacking to a Web Server belonging to ACNUR (United Nations Refugees Agency) leaking more than 200 credentials including the one belonging to President Mr. Barack Obama.

But from a mere hactvism perspective, Elections in Russia have been the main trigger as they indirectly generated several cyber events: not only during the election day, in which three web sites (a watchdog and two independent news agencies) were taken down by DDoS attacks, but also in the immediately following days, when a botnet flooded Twitter with Pro Kremlin hashtags, and an independent forum was also taken down by a further DDoS attacks. A trail of events which set a very dangerous precent.

Besides the ACNUR Hack, the Anonymous were also in the spotlight (a quite common occurrence this year) with some sparse attacks targeting several governments including in particular Brazil, inside what is called #OpAmazonia.

Even if not confirmed, it looks like that Anonymous Finland might somehow be related to the above mentioned breach occurred in Finland.

Other interesting events occurred in the first two weeks of December: the 0-day vulnerability affecting Adobe products, immediately exploited by hackers to carry on tailored phishing campaigns and most of hall, a targeted attack to a contractor, Lockheed Martin, but also another occurrence of DNS Cache Poisoning targeting the Republic of Congo domains of Google, Microsoft, Samsung and others.

Last but not least, the controversial GPS Spoofing, which allegedly allowed Iran to capture a U.S. Drone, even the GPS Spoofing on its own does not completely solve the mistery of the capture.

Other victims of the month include Norwich Airport, Coca Cola, and another Law Enforcement Agency (clearusa.org), which is currently unaivalable.

As usual after the page break you find all the references.

Categories: Cyber Attacks Timeline, Cyberwar, Security Tags: #AntiSec, #OpAmazonia, #OpCorrupcion, 0-Day, 18eighty.com, @AnonHex, @AntiSecBrTeam, @exphin1ty, @Herxode, @ihazcAnNONz, @ItsKahuna, @_V4ND, Abhaxas, ACNUR, Adobe, AlpHaNiX, Anonymous, Attrition.org, Austria, Barack Obama, Bitdefender, Blackpoolpleasurebeach.com, Bolivia, Botnet, Brazil, Breach, Brwsk007, Ceostrategist.com, clearusa.org, Coalition of Law Enforcement And Retail, Coca Cola, CPPS, D35M0ND142, DarkbiteX, Data Breach, Dawn.com, Democratic Republic of Congo, Denial-of-service attack, DNS Cache Poisoning, Drone, Dump, Ekho Moskvy, EL Salvador, ENPI, FBI, Finland, Florida Family Association, G2 Secure, G2securestaff.com, Gemnet, Gmail, Golos, Google, GPS Spoofing, Greek Hacking Scene, GstarCAD, Guyana, Gwinnet Medical Center, Hacking, Hotmail, IFC, India National Congress, Indishell, International Checkout, Iran, Kaspersky, Khantastic, Law enforcement agency, Leak, Linux, Lockheed Martin, LulzSec Guatemala, Mexico, Microsoft, MoneyGram International, Mygames.com, MySQL.com, napsu.fi, Nishna Valley Family YMCA, NOD 32, Norwich International Airport, op.gov.gy, orangemusicstore.com, Over-X, Pakistani Cyber Army, Phishing, portalmercosur.com, Russia, saintsite.com, Samsung, SCADA, SECTORLEAKS404, Sector_404, slon.ru, Sony, South Central SHA, Spain, specialforces.com, SQL Injection, SQLi, Square Enix, Subway, Superjedi.ru, SweetTooth, SwichSmoke, Telstra, Telstra Bigpond, Testville, The Hackers Army, Toronto, Tringle2011, Twitter, UB.com, UNICEF, USA, V!ruz, Visa, Yahoo!, Yamaha Racing Factory, Youtube, Zero Cool, ZeroHack2

November 2011 Cyber Attacks Timeline (Part II)

November 30, 2011 Paolo Passeri Leave a comment

The second half of November has confirmed the trend seen in the previous report covering the first half of the month. The period under examination has confirmed a remarkable increase in Cyber Attacks from both a quality and quantity perspective.

Although the month has been characterized by many small attacks, several remarkable events have really made the difference.

Among the victims of the month, Finland deserves a special mention in this unenviable rank: the second half of the month has confirmed the emerging trend for this country, which suffered in this period two further breaches of huge amounts of personal data, for a global cumulative cost, computed on the whole month, around $25 million.

But Finland was not the only northern European country hit by cybercrookers (maybe the term cyberprofessionals would be more appropriate): Norwegian systems associated with the country’s oil, gas and energy sectors were hit with an APT based cyber attack resulting in a loss of sensitive information including documents, drawings, user names and passwords.

But once again the crown of the most remarkable breach of the month is placed upon the head of South Korea which suffered another huge data dump affecting users of the popular MMORPG “Maple Story” affecting theoretically 13 million of users, nearly the 27% of the Korean population, for an estimated cost of the breach close to $2.8 billion.

The list of affected countries this month includes also 243,089 Nigerian users, victims of the hack of Naijaloaded, a popular forum.

Microsoft has been another victim in this November, with a phishing scam targeting Xbox Live users. Details of the scam are not clear, although each single affected user in U.K. might have lost something between £100 and £200 for a total cost of the breach assimilable to “million of Pounds”.

November will make history for showing for the first time to information security professionals the dangers hidden inside the SCADA universe (and not related to Nuclear Reactors). The echo of Stuxnet and Duqu is still alive, but this month was the the turn of SCADA water pumps, that have suffered a couple of attacks (Springfield and South Houston), the first one allegedly originated from Russia and the second one from a “lonely ranger” who considered the answer from DHS concerning the first incident, too soft and not enough satisfactory. My sixth sense (and one half) tells me that we will need to get more and more used to attacks against SCADA driven facilities.

The Anonymous continued their operations against governments with a brand new occurrence of their Friday Releases, targeting a Special Agent of the CA Department and leaking something like 38,000 emails. Besides from other some sparse “small” operations, the other remarkable action performed by the Anonymous collective involved the hacking of an United Nations (old?) server, that caused personal data of some personnel to be released on the Internet.

November Special mentions are dedicated (for opposite reasons) to HP and AT&T. HP for the issue on their printers discovered by a group of Researchers of Columbia Univerity, which could allow a malicious user to remotely control (and burn) them. AT&T deserved the special mention for the attack, unsuccessful, against the 1% of its 100 million wireless accounts customer base.

In any case, counting also the “minor” attacks of the month, the chart shows a real emergency for data protection issues: schools, e-commerce sites, TVs, government sites, etc. are increasingly becoming targets. Administrators do not show the deserved attention to data protection and maybe also the users are loosing the real perception of how much important is the safeguard of their personal information and how serious the aftermaths of a compromise are.

As usual, references for each single cyber attack are reported below. Have a (nice?) read and most of alle share among your acquaintances the awareness that everyone is virtually at risk.

November 2011 Cyber Attacks Timeline (Part I) (paulsparrows.wordpress.com)

Categories: Cyber Attacks Timeline, Security Tags: #opRobinHood, 0-Day, 0-Day Vulnerability, 101domain.com, @d4op, @FailRoot, @ItsKahuna, @xDarkSton3x, Advanced Persistent Threat, Anonymous, Anonymous Dominicana, Anonymous_DR, APEC, APT, Ashiyane, Asia Pacific Economic Cooperation, AT&T, Australia, bayareaconnection.net, Bhutan, BIND, BIND 9, Bishop McDevitt Catholic High School, Black Friday, Brazil, Breach, CA Department Of Justice, Canadian Foundation for Economic Education, Carbajal Realty, CLGCA, Club Penguin Private Servers, Columbia University, CTE, Curran-Gardner Public Water District, DDoS, Defacement, Distributed Denial Of Service, DNS, DrumMusic.TV, evidalia.es, File Recursion, Finland, globeclassroom.ca, Godzilla, Guatemala Congress, Hacking, Harvard School of Engineering And Applied Sciences, havij, Host Booter, HP, Humormillnews.com, Huoltamo.com, Hyderbad Alumni Association, India, itcgcesaro.gov.it, itcpantaleo.gov.it, itimarconi.gov.it, iTunes, Jackeh, Japan, Johns Hopkins University, Kimallus.fi, Leak, LulzSec Portugal, Lumen Christi College, macromatic.com, Maharashtra Highway Police, Malware, MapleStory, Maricopa Community Colleges, math2020.com, mcdevitths.org, MetalSoft team, Microsoft, MMORPG, Naijaloaded, Nec, Netcar.fi, NEWWBIE3vilC063S, Nexon, Nike-free-run.us, Norway, Norway's National Security Authority, NSM, Pakistan, Parks.it, Pastebin, Phishing, Poliklinika.fi, powerin10, relayspec.com, SCADA, Singlehanded Sailing Society Forum, Sinterklaas, Sitcoms Online, South Houston's Water Supply Network, SQL Injection, St0rm, Stanford University, Stomp, Sudan Airways, Sudan Cyber Army, TeaMp0isoN, Terkkari.fi, Terve.fi, Terve24.fi, TheMrX, thereadersweb.com, Tohtori.fi, UN, Unicersity Of Washington, United Nations, Univeristy Of California Riverside, Univeristy Of Oregon, University Of Melbourne, Vagus Cosmetics, Verkkoklinikka.fi, Xbox Live

About these ads

May 2013
M	T	W	T	F	S	S
« Apr
	1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31

Twitter

RT @marco_cova: IE8 0-day exploit (CVE-2013-1347) analyzed on Wepawet: bit.ly/13IZs2E - 9 hours ago
RT @jc_vazquez: Vista Equity Partners to Buy Websense #News #InfoSec on.wsj.com/13BfWaw via @WSJ - 1 day ago
Pentagon OKs Androids, BlackBerrys for soldiers nakedsecurity.sophos.com/2013/05/07/pen… - 3 days ago
April 2013 Cyber Attacks Statistics wp.me/p14J6X-2oX - 3 days ago
RT @LastlineLabs: Marco Cova from Lastline talking about hacktivism on Italian TV ow.ly/l8Az6 - 4 days ago
RT @lastlineinc: Malware can make itself invisible: in the case of RSA security's breach, malware went undetected for 1/2 year http://t.co/… - 4 days ago
RT @gianlucaSB: SMS-based command and control protocols are here ow.ly/l47Ye - 6 days ago
Skype with care Microsoft is reading everything you write h-online.com/security/news/… - 1 week ago
How the Syrian Electronic Army Hacked The Onion - Onion Inc.'s Tech Blog theonion.github.com/blog/2013/05/0… - 1 week ago
@Xyri3 sorry I forgot :) Done! - 1 week ago

Follow @paulsparrows

Hackmageddon.com

Archive

16-30 September 2012 Cyber Attacks Timeline

Sometimes They Come Back: Team GhostShell Leaks 120K Records from Top 100 Universities

March 2012 Cyber Attacks Timeline (Part II)

February 2012 Cyber Attacks Timeline

One Year Of Lulz (Part II)

December 2011 Cyber Attacks Timeline (Part I)

November 2011 Cyber Attacks Timeline (Part II)

Related articles

About The Author

Stats

Support My Work!

Share:

Stay Tuned!

Interesting Links

News

About This Blog

Calendar

Archive

Tag

Recent Posts

Top Posts & Pages

Visitors from…

Twitter

Follow “Hackmageddon.com”

Archive

Share:

Like this:

Share:

Like this:

Share:

Like this:

Share:

Like this:

Share:

Like this:

Share:

Like this:

Share:

Like this:

Share:

Like this:

Related articles

Share:

Like this:

About The Author

Stats

Support My Work!

Share:

Stay Tuned!

Interesting Links

News

About This Blog

Calendar

Archive

Tag

Recent Posts

Top Posts & Pages

Visitors from…

Follow “Hackmageddon.com”