Monthly Archives: April 2017

  • 0
Unique Ransomware Vulnerability Attack

Unique Ransomware Vulnerability Attack

Category : Blog

Unique Ransomware Vulnerability Attack

In the Past few days, you might have heard about various news of hackers using malicious ransomware forcing users to pay huge amounts of money but  today’s scenario is something different. Today, we bring you a unique kind of ransomware which forces its victims to make a high score of at least 200 million points in popular Japanese video game TH12. This is a Unique Ransomware Vulnerability Attack.

Its sound’s strange but this is the reality. So be aware.

According to Malware Hunter Team, a popup started appearing on the victim’s devices informing them about the ransomware infection. Usually, when the device’s security is compromised by hackers, the users are asked to pay a ransom fee, but not in this case!!!

The popup stated: “Just play TH12 and score over 0.2 billion in lunatic level.”

Unique Ransomware Vulnerability Attack

Developer of this ransomware just wanted to have some fun and when the news went viral, its developer publicly apologized to the victims.

The mastermind behind this ransomware goes by the name “Tvple Eraser” on Twitter, who said that: “I made it for a joke, and just laughing with people who like Touhou Project Series,” Tvple Eraser stated.” So I distributed source code except for compiled binary on the web.”

He further said “A number of people blamed me. It’s natural because I made accident definitely wrong. I’m not sure this apology is enough to you. If not, then I apologize again… It didn’t mean to be evil. I hope you understand it.

Eraser also released a “Forcer” tool to ensure that users can get rid of this vulnerability as soon as possible and embedded the apology in the tool.

The apology seems truly genuine but one question arises here whether this was a prank or a marketing strategy to promote the game.

Most Popular Training Courses at Indian Cyber Security Solutions

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

CEH V9  training

Diploma in Network Security Training

Secured Coding in Java

Certified Network Penetration Tester 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 


  • 0
Smartphone Update Vulnerability Found

Smartphone Update Vulnerability Found

Category : Blog

Smartphone Update Vulnerability Found

A Google Project Zero researcher, Gal Beniamini has found some vulnerabilities including a remote code execution in Broadcom’s Wi-Fi system-on-chip (SoC) which if exploited can allow attackers to compromise Smartphone devices like iPhone, Samsung, and Google Nexus. Smartphone update vulnerability found.

Broadcom’s Wi-Fi chips are used in a number of well-known devices and any vulnerability makes millions of smartphones vulnerable which includes Samsung’s flagship Android smartphones, Google’s very own Nexus 5, 6 and 6P and iPhone devices starting from iPhone 4.

Beniamini explained the functionality and importance of Broadcom Wi-Fi chipset and how this vulnerability can be used to carry a remote code execution attack. The Google researcher is also working on the privileges from the SoC into the operating system’s kernel which will help to know how an attacker in the Wi-Fi range can take full control of a targeted device without user interaction.

Smartphone Update Vulnerability Found

Thanks to Beniamini’s findings because of which Samsung has released maintenance updates fixing all the vulnerabilities on its own and Google products, Apple has issued an emergency update for iPhone users while a lot of android flaws were patched during March security updates.

Last week Apple has an issue about their critical update for iOS. After Apple users were targeted with a fake ransomware scam using javascript from another domain. The update changed the way Safari browsers handled javascript in the past.

We will get back soon with some news updates and please update your Smartphone to avoid this vulnerability.

Most Popular Training Courses at Indian Cyber Security Solutions

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

CEH V9  training

Diploma in Network Security Training

Secured Coding in Java

Certified Network Penetration Tester 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

 


  • 0
North Korean hackers breached overseas banks

North Korean hackers breached overseas banks

Category : Blog

North Korean hackers breached overseas banks

North Korean hackers breached overseas banks to create a network of accounts to move around embezzled funds. CNN reported on Tuesday that “Funds from the operation are most likely being used to finance Pyongyang’s nuclear weapons development”.

According to Kaspersky, a Russian cybersecurity firm, North Korea is linked to cyberattacks on financial institutions in 18 countries, including Bangladesh, Ecuador, Philippines and Vietnam. Hackers were discovered to North Korea and a hacker from a group operation known as “Lazarus” connected from North Korea. Previously, the hackers had their pre-planned trap and routed their attacks from computer services in France, South Korea and Taiwan, making it hard for analysts to trace the origin of the breaches.

Lazarus did not begin to focus on banks until late 2015, right before North Korea conducted its fourth nuclear test then began to test-launch dozens of ballistic missiles in 2016.

North Korean hackers breached overseas banks

According to U.S. firm Symantec “Attacks on institutions in Vietnam, Gabon and Nigeria were mostly unsuccessful”.

“But Pyongyang has been linked to the theft from Bangladesh’s account at the New York Federal Reserve in 2016, and a researcher at FireEye, a U.S. cybersecurity firm”, said North Korea tried to move the money to a bank it infected in Southeast Asia. More sanctions have been placed against North Korea for its pursuit of nuclear weapons.

According to CNN ,“North Korea may have used electronics and shipping companies, for example, to transfer millions of dollars. The state also established front companies as subsidiaries in China and Malaysia”

The New York Times reported, “North Korea may also have begun selling surplus material that is being used to produce nuclear weapons”.

 

Most Popular Training Courses at Indian Cyber Security Solutions

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

CEH V9  training

Diploma in Network Security Training

Secured Coding in Java

Certified Network Penetration Tester 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

 


  • 0
Anonymous hacks ISIS website; infecting users with malware

Anonymous Hackers Hacked ISIS site

Category : Blog

Amaq, the official news agency of ISIS or Daesh terrorist group informed its users about a huge compromise in the security of its website. They said Anonymous Hackers Hacked ISIS site which is now infecting thousands of users.

When visiting the site, the following message keeps appearing:-

“The site ahead contains malware, and that attacker might attempt to install dangerous programs on your computer that steal or delete your information.” “

The site’s administrators had identified the hack on Thursday, told the media via a telegram channel and warned strictly to the users, not to download the flash player appearing on the site. They warned as the request to download flash player will result in the compromise of user devices.

Anonymous hacks ISIS website; infecting users with malware

Vocativ reported that several ISIS forums have also reported about the incident, and to a few forum users, the virus was impersonating as a Flashplayer.apk. APK (Android package kit), an Android operating system file format. They further claimed that the malware is designed to spy on the ISIS terrorist group’s members and that the malware could track user’s locations, read conversations and collect all the multimedia files on the user’s device.

Since the virus disguised as a Flash Player APK file, thousands of users are in huge trouble. One of the user also suggested that to get rid of the malware, one needs to reset the device to factory settings.

So far, no one has claimed the responsibility of the hack, but it is believed that it could be an anti-ISIS group running operation ISIS, #OPISIS is behind this hack. The people behind #OPISIS- an anonymous- affiliated anti-ISIS online campaign have been known to disrupt the ISIS’ online presence over the past few years.

The fact that Anonymous hackers left a message stating “We are coming for you,” could confirm that they are behind the hack.

 

 

Most Popular Training Courses at Indian Cyber Security Solutions

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

CEH V9  training

Diploma in Network Security Training

Secured Coding in Java

Certified Network Penetration Tester 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 


Show Buttons
Hide Buttons