UGNazi | Hackmageddon.com

16-31 December 2012 Cyber Attacks Timeline

January 7, 2013 Paolo Passeri 1 comment

The year is gone, and here it is the last Cyber Attack Timeline for 2012 (first part here).

The most important cyber-events of this second part of December can be considered: the third phase of the operation Ababil carried on by the Izz ad-Din al-Qassam Cyber Fighters against U.S. Banks, the attacks of the Anonymous collective against the Westboro Baptist Church, and, last but not least the Cyberwar echoes coming from Iran.

The wave of DDoS attacks carried on by the Izz ad-Din al-Qassam Cyber Fighters has taken down Six U.S. Banks under the fists of DDoS attacks apparently unstoppable. Instead the Anonymous seem to have changed tactic in their personal fight against the Westboro Baptist Church, they did not limit to DDoS the church’s website, but also performed a couple of Twitter account takeover against some key persons (with the collaboration of UGNazi members).

Instead, on the Cyberwar front, Iran confirms to be a danger zone, with some reports of a new Wiper and a simil-Stuxnet malware (even if this second news has been downplayed in a second moment.

Other noticeable news include an alleged breach to Yahoo!, a massive breach against a Chinese HP domain and a strange, controversial breach against Verizon FiOS (with data apparently leaked six months ago).

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.

About these ads

Categories: Cyber Attacks Timeline, Security Tags: #GameOverDay, 0-Day, 2012, 2012obama.com, @CosmoTheGod, @DearShirley, @dswdserve, @gsec_, @LulzSecPeru, @Maxn3y, @nrtnz, @ThisIsGameOver, @TibitXimer, Account Hijacking, Aiplex, airport.ch, Al-Qaida, alwayson.hp.com.cn, an0nw3bc0d3r, Anonymous, Argentina, Australia, Bank of America, BB&T, Brazil, btflive.net, Bulgaria, Byron Bay Community School, C4ISR, CECOM, Central Intelligence Agency, CFR, cfr.org, China, CIA, Citi, Citigroup, Council on Foreign Relations, cpd.gov.kw, December, Denial-of-service attack, DiabloAnon, ebuyer.com, Egypt, Eletrobras, eln.gov.br, english.stanford.edu, Fred Phelps Jr., Fred Phelps Sr., Game Over, GameOverVirus, Grey Security, Heroes of Newerth, Hewlett Packard, Hormozgan, HP, ihya.org, India, Indian Express, Internet Explorer, Iran, islaam.net, ISNA, Israel, Izz ad-Din al Qassam Cyber Fighters, Jetro/Restaurant Depo, Jigsawhacker, JokerCracker, Kuwait, Lulz Security Peru, mantrackr.com, marvin.com.mx, Maxney, mindef.gov.ar, minfin.bg, mma.gov.br, MPAA, National University of Bangladesh, nu.edu.bd, Obama Must Go!, Operation Ababil, OpFuckMohammad, OpGreenRights, Philippines, PNC, Raj Musicals, rajmusicals.in, Ransomware, Renault, Renault.bg, Shirley Phelps-Roper, SQLi, Stanford, Stuxnet, th3inf1d3l, The Islamic Network, Tibit, Turkish Ajan Hacker Group, Twitter, ucsd.edu, UGNazi, United States, US Army, US Bank, Verizon FiOS, ViruS_HimA, WBC, Wells Fargo, Westboro Baptist Church, Wiper, Xc0unt3r, XL3gi0n, Yhaoo!, Zensis, zensis.com, zunal.com

June 2012 Cyber Attacks Timeline (Part II)

July 5, 2012 Paolo Passeri 1 comment

Part I (1-15 June) at this link

From an information security perspective, the second half of June has been characterized by the hacking collective UGNAZI (and its members) and also by an individual hacker: .c0mrade AKA @OfficialComrade.

Both entities have left behind them a long trail of Cyber Attacks against different targets (in several cases the real extent of the attack is uncertain) and with different techniques, although it is likely that the UGNAZI collective will be forced to change the plans after the arrest of the group’s leader, JoshTheGod, nearly at the end of the month (27^thof June), effectively they have considerably reduced the rate of their cyber attacks in the second part of the analyzed period.

On the other hand, hospitals, banks, several major airlines are only few examples of the preys fallen under the attacks carried on by .c0mrade. Plese notce that from Cyber Crime perspective, is also interesting to notice the High Roller Operation, a giant fraud against the banking industry, unmasked by McAfee.

Needless to say, the Cyber War front is always hot, most of all in Middle East, were several DDoS attacks targeted some Israeli institutions and, most of all, an alleged unspecified massive Cyber Attack targeted tje Islamic Republic of Iran.

The hacktitic landscape is completely different: maybe hacktivists have chosen to go on vacation since June 2012 has apparently shown a decreasing trend, in sharp contrast with an year ago, when the information security community lived one of its most troubled periods.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timeline.

Categories: Cyber Attacks Timeline, Security Tags: #DoktorBass, #OpBlitzkrieg, #OpJapan, #tibet, #WikiBoatWednesday, .c0mrade, @BZyklon, @digitalcorrupt, @Hex00010, @leaky, @LulzSecMx, @OfficialComrade, @rwandanhackers, @TeamIntricate, @TheWikiBoat, @Zer0Pwn, accord.nl, advantagepoint.org, American Airlines, American Nazi Party, AmeriCash Advance, AnonTeenUSA, Anonymous, Anonymous Colombia, APT, as.sjsu.edu, AT&T, AutoCAD, ‏@anon_n0n3, Bangkok’s cell towers, black market, Bosniaks.net, camara.gov.co, Central Bank of Iran, CISPA, Citibank, Cobank, Comcast, Computer crime, Cyber Crime, Cyberwarfare, CyberZeist, DDoS, Denial-of-service attack, Digital-Corruption, DIRECTV, DPJ, Echelon, ESET, Exxon Mobil, exxonmobil.com, Fiammatricolore.com, Flame, g4s.com, Glencore International, goldenshop.bg, Guardian Analytics, Hacktivism, High Roller, Hopsin, Iran, Israel, iwacu1.com, Japan's Finance Ministry, June, Kaspersky Labs, Ku Klux Klan, Kuwait, LDP, Le4ky, MAC OSX, Man-In-The-Middle, Mark Monitor, McAfee, Mercury Internet, Middle East, myfunkvolume.com, N4pst3r, New York Dispatch Radio Buses & Ground Vehicles, ntc.unl.edu, OpSaveTheArctic, Panda Security, Polish Military Medical Center, Rex Mundi, Sabre Airlines, San Jose State University, SCADA, schoolofbhagavadgita.org, Six Flags Entertainment Corporation, smartwebmove.navsup.navy.mil, SophosLabs, SpyEye, SQL Injection, SQLi, Supreme Court, Taylor Lautner, Team Digi7al, TechRadar, twicinformation.tsa.dhs.gov, Twitter, UGNazi, United Airlines, United Arab Emirates, University Of Nebraska, Uyghur, Vietnam Airlines, voip.ipvoice.att.com, XL3gi0n, Zeus

June 2012 Cyber Attacks Timeline (Part I)

June 18, 2012 Paolo Passeri Leave a comment

Update 07/05/2012: June 2012 Cyber Attacks Timeline (Part II)

A (first half of the) month living dangerously…

June has come and strongly confirms that Summer is the preferred month for Cybercrookers: just look back at June 2011 and you will probably remember the days of Lulz of the infamous LulzSec Collective (which curiously seems to be reborn!).

June 2012 has shown a remarkable number of incidents and is proving to be a mensis horribilis (horrible month) for Social Networks and Online Services in general, due to the high profile breaches of LinkedIn, Last.Fm, eHarmony and the online game League of Legends.

On a geographic scale, looks like China is becoming another important source of Cyber incidents, having been targeted from #TeamGhostShell, who claim, inside their #ProjectDragonFly, to have obtained up to 800,000 accounts from different sources.

Hacktivism-led actions seem (apparently) to decline, whilst, on the Cyber Crime front, a new collective, UGNazi, is taking the scene, having confirmed, in the first part of June, the wake of cyber attacks, we have become familiar with for some time.

Another Infosec Summer promising to be very hot!

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timeline.

Categories: Cyber Attacks Timeline, Security Tags: #DoktorBass, #FTPFriday, #opQuebec, #OpUkraine, #ProjectDragonFly, #ProjectGhostShell, #TeamGhostShell, .c0mrade, 2012, 3xp1r3 Cyber Army, 4chan.org, 4J Eugene School District, @Codeinesec, @D1str4ct1on, @GoogleSWE, @k0detec, @MrBombillo, @MrSecurity2, @nrtnz, @Reckz0r, @RedHack_EN, @SunkiAnonymous, @SwaggSec, @TeamDigi7al, @TheWikiBoat, @VenezuelanH, Account Hacking, Account Hijacking, AK-88, Allfreelancework.com, AnonTeenUSA, Anonymous, Anonymous Australia, Anonymous India, bearing.com.cn, Black Tiger Security, ca.gov, Canberra craft and design centre, CERT-In, chalco.com.cn, Channel V, channelv.in, China, China Telecom, City of Clarksville, CloudFlare, College of Engineering, Computer crime, craftact.org.au, ctemag.com, CustomCoD.com, Cutting Tool Engineering, Cyber Attacks Timeline, Cyber Crime, Cyberwarfare, D35M0ND142, dabi.gov.ua, DDoS, defense.gov, destinypatrolsoftware.com, digitword.com, DNS Poisoning, Dropbox, eHarmony, Fleetwood School District, Formula 1, formulatours.com, freemason.org, gema.de, Gmail, Google, greenbergresearch.com, Hacktivism, Haniko Yunokawa, Health Council Of Canada, healthcouncilcanada.ca, Holy Lulz, Hotmail, icdalian.com, Intel, June, kieveuro2012.org, ksrmce.ac.in, Last.fm, Law Enforcement, law.com, League of Legends, LinkedIn, lohud.com, LulzSec, LulzSec Reborn, Lustigen Taschenbuch, Masons Of California, Matthew Prince, Merco Tour, mercotour.com, Microsoft, Mitt Romney, MOAB Training, moabtraining.com, Montreal, motorcycleindustryjobs.com, MTNL, MTV Asia, myarcade.nl, National Health Service, navy.mil, NHS, Norton-Z, of Call Of Duty, Online game, Operation Green Rights, Penn Station Inc., Poltergeisth4cker, ri.gov, seprelad.gov.py, Service de Police de la Ville de Montreal, SHA-1, sisaketedu1.go.th, Social Action Secretariat, Social Network, SpexSec, spvm.qc.ca, SQL Injection, SQLi, suteym.org.mx, Team Intricate, TeamDeathH4X0R, The Unknown, The Unknowns, therfl.co.uk, Toronto Police Department, Transportation Worker Identification Credential, TweetGif, TWIC, Twitter, ua.edu, udch.edu.pe, UGNazi, UNF, United States Department of Defense, Universidad De Chiclayo, University of Alabama, University of North Florida, US Immigration Services, usatoday.com, uscis.gov, uslandandhome.com, veluwe.info, VoxAnon.org, Warner Bros, wawa.com, weather.gov, wepay.com, Westboro Baptist Church, William Ray Norwood Jr, woundedwarriorproject.org, XPerf3cti0n

May 2012 Cyber Attacks Timeline (Part II)

June 4, 2012 Paolo Passeri Leave a comment

As usual, here it is the second part of the Cyber Attacks Timeline for the month of May 2012: a month particularly rich of Cyber Events. As you will probably know, the Flame malware has monopolized the attention, deserving the most attention from the Information Security Professional.

Nevertheless the scene has offered many interesting events, among which it worths to mention the breach of 123,000 federal employees records, the breach affecting University of Nebraska, and, last but not least, the breach against WHCMS (which, as we will soon see, has proved to be fatal for its author).

The hacktivist front is still hot and preannounces another hot summer. On the other hand the authors of several remarkable cyber-criminal actions are probably going to leave the scene: the long trail of arrests made by Law Enforcement Agencies against hackers has continued in this month and has hence led to the arrest of Cosmo, the leader of the infamous group UGNazi, which claimed to be the author of the Cyber Attack against WHCMS.

In your opinion are the arrests against hackers really going to stop the growing number of Cyber Attacks (acting as a deterrent)?

After the jump you find all the references, and at this link the first part covering 1-15 May.

Categories: Cyber Attacks Timeline, Security Tags: #DoktorBass, #FTPFriday, #MMM, #OpJailer, #OpLeveson, #OpLithChild, 123-reg.co.uk, @AnonNyre, @AnonymousSinn, @CosmoTheGod, @EcecusHxc, @k0detec, @nrtnz, @opindia_back, @planethacks, @rwandanhackers, @s3rverexe, @TheWikiBoat, @Vizi0, abcis.ca, Account Hijacking, Al-Qaeda, Alaska Large Structures, Alone Hacker, alphaunmannedsystems.com, altrec.com, American Advertising Federation, American Express, ANONDOG1, AnonTeenUSA, Anonymous, ANTIJEST, APT, Association of British Columbia Land Surveyors, ATeam, AZ.nl, BERRI, Bharatiya Janata Party, BitTorrent, bjs.ojp.usdoj.gov, Bureau of Justice Statistics, bzpower.net, Canada, CERT-In, Chicago Police Department, China, CISPA, Comcast, CrySyS Lab, Cyber Attacks Timeline, Cyber Crime, Cyber Warriors Team, Cyberwar, CyberZeist, DDoS, Defacement, dflvwclub.de, Distributed Denial Of Service, djartsgames.ca, eapolice.com, ECS Tuning, Education Ministry, eeas.europa.eu, EEKDAKAT, emcshoppe.co.uk, European External Action Service, EvilShad0w, Felix Roque, Flame, FOOLISH, GameArena, gamearena.com.au, gamereplays.org, Glade County, gladessheriff.org, GOGOBEANANON, gridironstrategies.com, Habbo Hotel, Hacktivism, Hillary Rodham Clinton, Hopsin, hyundai, IBM, ico.gov.uk, ilink.ph, India, Information Commissioner's Office, Iran, irimo.ir, iwacu1.com, Joseph Roque, Kaspersky Lab, kogler-natursteinwerk.at, Kosova Hacker Security, Law Enforcement, Mail Mayhem Monday, marionso.com, Metro Goldwyn Mayer, MyBB.com, NASA, NATO, NEURON, Norton-Z, NRAO, NRTN-Z, opm.gov, owegopolice.org, Palestinian Authority, pharmacist.com, Pizza Patron, Pizza Por Favor, PMDB do Maranhão, pmdbma.com.br, Quebec Liberal Party, rbi.org.in, recallroque.com, Reliance, Ronin Concepts Security Elite Ltd, roninconcepts.co.uk, Security, Serco, sex06.nl, sierracounty.ws, Social Engineering, solarimpulse.com, Soup.io, SQL Injection, SQLi, SSL, Stanford, Stanford University, teamskeet.com, Telstra, The Pirate Bay, Thrift Savings Plan, tmprotection.com, toplaughs.com, Torrent, U.S. Office of Personnel Management, uabonline.org, UGNazi, Union Of Arab Banks, University Of Nebraska, University of Thessaly, USAFIS, usafis.org, Voyager Mobile, w3schools.in, wafa.ps, West New York, WHMCS, whmcs.com, Wikileaks, Xception Code, you-r!-k@n

May 2012 Cyber Attacks Timeline (Part I)

May 17, 2012 Paolo Passeri 1 comment

Update June 4 2012: May 2012 Cyber Attacks Timeline (Part II)

As usual here it is the timeline of the Main Cyber Attacks occurred in May (at least according to my evaluation criteria).

This first half of the month has seen the arrival of a new hacking collective, “The Unknowns”, who has performed an impressive trail of attacks during the first days of May, targeting Space Agencies, Universities, and several other organizations. Although these events appear to be closer to cyber crime actions rather than hactivistim-driven attacks, they have not been the most remarkable ones of these days: as a matter of fact chronicles report of a massive breach at the Hangzhou Dianzi University, targeting approximately 150.000 acccounts.

As far as hacktivism is concerned, this first half of May has confirmed the constant trend of DDoS attacks targeting high profile websites such as SOCA and CIA (once again) and the Supreme Court in retaliation for the U.K. extradition laws.

Interesting to mention is also an alleged Cyber Espionage campaign targeting networks belonging to US natural gas pipeline companies.

Categories: Security, Cyber Attacks Timeline Tags: Malware, NASA, Google, Twitter, DDoS, APT, Anonymous, SQL Injection, Distributed Denial Of Service, Bahrain, Cyberwarfare, RAT, Sony, Denial-of-service attack, Central Intelligence Agency, CIA, TeaMp0isoN, Pastebin, Bitcoin, SQLi, Renault, Amnesty International, Websense, Panasonic, @s3rverexe, Redhack, The Pirate Bay, Computer crime, Cyber Espionage, MI6, Malsec, #OpTrialAtHome, University of Arkansas, UGNazi, Hangzhou Dianzi University, Supreme Court, The Unknowns, The Unknows, ESA, French ministry of Defense, Harvard, Thai Royal Navy, Kosova Hacker’s Security, OTE, DAMT, Ministry of Education Lifelong Learning and Religion, eUKHost, UrduHack, DMT, Team Dig7ta, National Film Board of Canada, Atlanta, Jonathan Shaw, U.K. Ministry of Defence, mod.uk, INSS, Poison Ivy, ISL Incorporating Services, Elantis, SOCA, U.K. Supreme Court, Australian Government, United Nations World Health Organization, Christian Science Monitor, GoSt, Solgryn.org, @DeadMellox, #TeamGhostShell, fxtraders.eu, Mark Ruffalo, The Avengers, Account Hacking, friendping.com, #AnonymousNepal, Gobernacion del Huila, @_Echel0n, Virgin Media, The Best YoVille Hackers, YoVille, Zynga, Plaxo, kremlin.ru, президент.рф, Opening Ceremony, University of Maine, Department of Education, ed.gov, Gh0st, York County, @Reckz0r, Bitcoinica, Le4ky, Washington Military Department, Albanian Office for Copyright, North Las Vegas Police Department, joinnlvpd.com, University Of New Mexico, University of New Brunswick, unb.ca, Theresa May, isWinker, Sempra.com, Arizona State Legislature, Panpacific University

April 2012 Cyber Attacks Timeline (Part II)

May 3, 2012 Paolo Passeri 2 comments

Here the first part covering the cyber attacks from 1 to 15 April.

April is over and here it is the second half of the Cyber Attacks Timeline covering the time period spanning from 16 to 30 april 2012.

The last two weeks of this month have been characterized by several remarkable events (at least for the newspapers), such as the #OpBahrain which unleashed a trail of attacks from the Anonymous against websites related to the Formula 1 GP in Bahrain. Other noticeable events triggered by hacktivism include several DDoS attacks against CIA, MI6, Department of Justice, and a couple of Law Enforcement Agencies which continue to be a preferred target for hackers.

On the Cyber Crime front (still the major apparent motivation for the attacks) this month reports, among the events, a breach to Nissan and other DDoS attacks against the District of Columbia, the State of Washington and Nasdaq (I would not define them just motivated by hacktivism). Other events include a couple of 0-day vulnerabilities targeting popular e-mail services and affecting potentially million of users.

Last but not least, April has brought a new cyber attack to Iran crude oil industry, despite, so far, there are no clear evidences of a new Stuxnet-like Cyber Attack. This is not the only episode targeting Iran which also suffered 3 million of banks accounts compromised.

For the chronicle I decided to insert in the timeline also the breach to the game publisher Cryptic Studios. Although it happened in 2010 (sic) it was discovered only few days ago…

Categories: Cyber Attacks Timeline, Security Tags: #OpAap, #OpBahrain, #OpTrialAtHome, @5orrow, @EvilSecurity, @Havittaja, Account Hijacking, Al Arabiya, AlQaedaSec, Andy Palmer, Anonymous, AOL Mail, Bahrain, Berrien County Sheriff's Department, boxun.com, California State University San Marcos, CIA, CoD3X, Cryptic Studios, CsGameServers, Cyber Attacks Timeline, Cyber Crime, Cyberwarfare, dc.gov, Defacement, Denial-of-service attack, Department of Justice, District of Columbia, DOJ, El Emara, f1-racers.net, Formula 1, French Minister of Budget, Government, Greece's Finance Ministry, Hacksoft, Hotmail, International Police Association, IPA, Iran, Khosrow Zarefarid, La Nueva Casa de Amigos Eye Clinic, Lake County Sheriff's Office, Law enforcement agency, LCSO.org, LEA, Lebanon, live-timing.formula1.com, LulzSec Peru, Matt Weaver, MI6, NASA, Nasdaq, Nissan, Noticaribe, nyc.gov, palermo.edu, Pastie.org, Political Economy Research Institute, Raise Your Voice, SQL Injection, SQLi, Stichting Brein, Stuxnet, SweDreamz.com, Team Dig7tal, Team GhostShell, Texas Department of Transportation, Three Rivers Park District, Trinidad and Tobago, Twitter, Two Plus Two, UGNazi, UK2.NET, University of Arkansas, University of Houston College of Optometry, University of Massachusetts, University of Palermo, wa.gov, Yahoo!, Zscaler

About these ads

May 2013
M	T	W	T	F	S	S
« Apr
	1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31

Twitter

1-15 May 2013 Cyber Attacks Timeline hackmageddon.com/2013/05/23/1-1… #Infosec - 1 day ago
Apparently someone flags the Cisco Website as malicious... virustotal.com/en/url/fb74e6d… - 1 day ago
RT @marco_cova: IE8 0-day exploit (CVE-2013-1347) analyzed on Wepawet: bit.ly/13IZs2E - 2 days ago
RT @jc_vazquez: Vista Equity Partners to Buy Websense #News #InfoSec on.wsj.com/13BfWaw via @WSJ - 4 days ago
Pentagon OKs Androids, BlackBerrys for soldiers nakedsecurity.sophos.com/2013/05/07/pen… - 5 days ago
April 2013 Cyber Attacks Statistics wp.me/p14J6X-2oX - 5 days ago
RT @LastlineLabs: Marco Cova from Lastline talking about hacktivism on Italian TV ow.ly/l8Az6 - 6 days ago
RT @lastlineinc: Malware can make itself invisible: in the case of RSA security's breach, malware went undetected for 1/2 year http://t.co/… - 1 week ago
RT @gianlucaSB: SMS-based command and control protocols are here ow.ly/l47Ye - 1 week ago
Skype with care Microsoft is reading everything you write h-online.com/security/news/… - 1 week ago

Follow @paulsparrows

Hackmageddon.com

Archive

16-31 December 2012 Cyber Attacks Timeline

June 2012 Cyber Attacks Timeline (Part II)

May 2012 Cyber Attacks Timeline (Part I)

April 2012 Cyber Attacks Timeline (Part II)

About The Author

Stats

Support My Work!

Share:

Stay Tuned!

Interesting Links

News

About This Blog

Calendar

Archive

Tag

Top Posts & Pages

Visitors from…

Twitter

Follow “Hackmageddon.com”

Archive

Share:

Like this:

Share:

Like this:

Share:

Like this:

Share:

Like this:

Share:

Like this:

Share:

Like this:

About The Author

Stats

Support My Work!

Share:

Stay Tuned!

Interesting Links

News

About This Blog

Calendar

Archive

Tag

Top Posts & Pages

Visitors from…

Follow “Hackmageddon.com”