About these ads

Archive

Posts Tagged ‘Lebanon’

16-28 February 2013 Cyber Attacks Timeline

It is time for the summary of the second half of February, two weeks of remarkable cyber attacks against high-tech giants, massive breaches and Twitter Account Hijackings.

Probably the most resounding events of this period (maybe more for the high profile of the victims than for the actual effects) are the two attacks, allegedly originating from China, (with a common root cause, the compromising of an iPhone developer forum) carried on against Apple and Microsoft.

But not only the two high-tech giants, other illustrious victims have fallen under the blows of hacktivists and cyber criminals. The list is quite long and includes Bank of America, American Express, Casio, ZenDesk, cPanel, Central Hudson Gas & Electric Corporation, etc.).

Last but not least, the unprecedented trail of Cyber attack against Twitter Profile belonging to single individuals (see Donald Trump) or Corporations (Burger King and Jeep). Maybe it is time to change the passwords…

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

A special thanks to Kim Guldberg AKA @bufferzone for continuously advising me about significant cyber events through the Submit Form! Much Appreciated!

16-28 February 2013 Cyber Attacks Timeline

Read more…

The Middle East Flame is Far from Being Extinguished

October 15, 2012 Leave a comment

Flame

Another day, another revelation inside the (in)visible Cyber War going on Middle East. Today Kaspersky Lab has announced the discovery of another strain of malware derived from the infamous Tilded-Platform family: the little brother of Flame, the so-called miniFlame (or “John”, as named by the corresponding Gauss configuration).

The malware has been discovered while looking closer at the protocol handlers of the Flame C2 Infrastructure. An analysis that had previously revealed four different types of malware clients codenamed SP, SPE, FL and IP, and hence the fragmented evidence of a new family of cyber weapons, where one only element were known at the time the FL client corresponding to Flame.

Exactly one month later, another member of the family has been given a proper name: the SPE element corresponding to miniFlame.

Unlike its elder brother Flame (and its cousin Gauss) miniFlame does not appear to be the element of a massive spy operation, infecting thousands of users, but rather resembles more a small, fully functional espionage module designed for data theft and direct access to infected systems. In few words: a high precision, surgical attack tool created to complement its most devastating relatives for high-profile targeted campaigns. The main purpose of miniFlame is to act as a backdoor on infected systems, allowing direct control by the attackers.

Researchers discovered that miniFlame is based on the Flame platform but is implemented as an independent module. This means that it can operate either independently, without the main modules of Flame in the system, or as a component controlled by Flame.

Furthermore, miniFlame can be used in conjunction Gauss. It has been assumed that Flame and Gauss were parallel projects without any modules or C&C servers in common. The discovery of miniFlame, and the evidence that it can works with both cyber espionage tools, proves that were products of the same ‘cyber-weapon factory’: miniFlame can work as a stand-alone program, or as a Flame or event Gauss plugin.

Although researchers believe that miniFlame is on the wild since 2007, it has infected a significantly smaller number of hosts (~50-60 vs. more than 10,000 systems affected by the Flame/Gauss couple). The distribution of the infections depends on the SPE variant, and spans a heterogeneous sample of countries: from Lebanon and Palestine, to Iran, Kuwait and Qatar; with Lebanon and Iran that appear to concentrate the bigger number of infected hosts.

Another evidence of the ongoing (since 2007) silent Cyber War in Middle East.

Middle East Cyber War Update (Part VII)

Updated on March 11 to include the latest cyber attacks to Israeli Websites by @CabinCr3w and Anonymous Crkvina

As reported on the last update, it looks like the Cyberwar between Israel and the Middle East (most of all Iran) has come to an apparent truce, at least from the Israeli Site. A trend confirmed also in this last period in which Israel did not perform any Cyber action, but suffered several sparse attacks (mostly defacements) and a new DDoS against AIPAC (American Israel Public Affairs Committee) with a new threatening message from the Anonymous. In the same time, many other countries all over the world suffered cyber attacks in name of the so-called #OpFreePalestine. These attacks were mainly carried on by a crew called Pak Cyber Pyrates who also defaced the isreaeldefenceforces.com webiste.

Is the static position of Israel a possible prelude for an Israeli Military Action against Iran in the real space? According to a panel of experts the  chance that the United States or Israel will strike Iran in the next year is 48 percent.

But Israel and Iran are not the only unstable zones in the Middle East Cyber Space: a new cyber war front is raising in Lebanon, which has become the target of several cyber-attacks, carried on by hacktivist hacking groups stressing the need of more democracy, rather than by foreign countries.A front joined by the Anonymous who declared the start of #OpLebanon.

Last but not least, although not reported on the chart, I also found a Lebanese Cyber Army that hacked several Facebook accounts belonging to Israeli people.

At this link the complete timeline at the Middle East Cyberwar Timeline and follow @paulsparrows for the latest updates.

Read more…

Follow

Get every new post delivered to your Inbox.

Join 3,088 other followers