Hackers get Shot in China

If you thought Bush's Patriot Act was bad news, count your lucky stars that you're not a hacker in the People's Republic of China.

The PRC has an interesting history regarding hackers. If they catch them they shoot them. In the late 1990s some employee at the Bank of China hacked into accounts and embezzled a large chunk of change. The hacker apparently experienced remorse and turned himself in. Bad call. He was summarily tried, found guilty, and shot. Then the hacker's family was sent a bill for the bullets expended.

Source: LiquidMatrix

Wireless Security

WHO = World Hackers Organization?

Hackers jack thousands of sites, including U.N. domains

by Gregg Keizer


April 23, 2008 (Computerworld) Large numbers of legitimate Web sites, including government sites in the U.K. and some operated by the United Nations, have been hacked and are serving up malware, a security researcher said today as massive JavaScript attacks last detected in March resume.

"They're using the same techniques as last month, of an SQL injection of some sort," said Dan Hubbard, vice president of security research at Websense Inc., referring to large-scale attacks that have plagued the Internet since January.

Among the sites hacked were several affiliated with either the U.N. or U.K. government agencies, said Websense.

The exact number of sites that have been compromised is unknown, said Hubbard. He estimated that it's similar to the March attacks, which at their height infected more than 100,000 URLs, including prominent domains such as MSNBC.com.

"The attackers have now switched over to a new domain as their hub for hosting the malicious payload in this attack," Websense said in an alert posted yesterday to its Web site. "We have no doubt that the two attacks are related."

Although the malware-hosting domain has changed, it's located at a Chinese IP address, just like the one used in March, Hubbard said. "It also looks like they're using just the one [hosting] site, but changing the link within the JavaScript," he added, talking about an obfuscation tactic that the attackers have used before.

When a visitor reaches one of the hacked sites, the malicious JavaScript loads a file from the malware-hosting server, then redirects the browser to a different page, also hosted on the Chinese server.

"Once loaded, the file attempts eight different exploits," noted the Websense warning, including one that hits a vulnerability in Internet Explorer's handling of Vector Markup Language (VML) that was patched in January 2007.

Another security researcher, Giorgio Maone, who also develops the NoScript Firefox add-on, said late Wednesday that although the U.K.-based sites appeared to have been cleansed of the malicious JavaScript, the U.N. sites had not.

Maone also said "I told you so" in his blog post yesterday. In an August 2007 entry, he had said that rather than fixing the underlying security problems on the U.N. site, the agency had simply deployed a "pretty useless" firewall that masked the most obvious attack surface.

However, even the disinfected sites could fall victim again, Maone maintained. "The sad truth, though, is that even those 'clean' sites are still vulnerable, hence they could be reinfected at any time," he said.

"Web site owners have to start securing their code," Hubbard noted.

Source: Computer World

Did Chinese hack MEA server for Tibet policy?

 

 

THE CHINESE hacked the servers of the Ministry of External Affairs (MEA) on Friday (April 11). Highly placed sources in the ministry state that sources of hacking were clearly linked to China.

 

Were the hackers trying to sniff into the Tibet policy related data in the MEA servers? Without disturbing anything they quietly came and left. What were the hackers looking for?  

 

The Chinese hackers cracked the security code of a computer network in Beijing. The saving grace, according to MEA sources, was that the hacker(s) could not get any classified information. Thus, no valuable data were stolen.

 

Initially, the government was not forthright with mentioning the name of China into the Friday hacking. There were oblique hints. India's soft attitude towards China should be shed and the government should call spade a spade.

 

Sample a GoI communiqué that states it's not only China that is trying to hack into the MEA server from around the world. In fact, hackers from all over the world, including those in UK and the US constantly try to break in and filch sensitive information. 

 

It was further stated that each official has in MEA has a backup computer. All sensitive material is in the offline computer.

 

 by   Aniruddha Roy   11 April 2008, Friday

 

Source: http://www.merinews.com/catFull.jsp?articleID=132322

 

 

Hack Whack!

| View | Upload your own

Is your site safe?

| View | Upload your own

Indian Govt plans to tackle Hackers

Hackers attempts @gov.org

Date:   Tuesday, March 11, 2008 

New Delhi: Nowadays, government departments are facing big threats from some hitherto unfamiliar elements. Remote injection, authorization bypass and Cult of the Dead Cow are those that make up a wider nightmare of departments of Railways, TRAI, Customs, among others, reported The Economic Times.

Website hacking has attained critical momentum in India. The last few months have seen hackers attacking the website of TRAI, Indian Railways, Department of Telecom, Air Cargo Customs, National Institute of Social Defence, Forward Markets Commission, National Institute of Health and Family Welfare and BSNL, among others.

The hackers even disfigured the website of department of information technology, the nodal agency that is supposed to solve the very issue of hacking. Hackers have also tampered with the website of the wireless planning and coordination wing of the Department of Telecom, the body which handles the sensitive issue of spectrum allocation.

To stop the menace, the DIT says it is in the process of hosting all the servers of the key ministries in the country itself.

"We have entrusted the National Informatics Centre (NIC) with this task and the servers of most of the ministries have been moved to the government body," a DIT official said. The Indian Computer Emergency Response Team (CERT-IN), a DIT body, is in the process of implementing a high-end attack detection solution to make the systems, especially government-owned ones, safer. CERT-IN is also installing a network flow-based threat assessment solution to check the vulnerability of a particular website.

Despite all these efforts, the number of security-related incidents (of hackers crashing Indian websites) has been growing steadily. In January, 87 security incidents were reported as compared to 45 in December 2007. Out of all the incidents, 47 percent were related to phishing, 21 percent unauthorized scanning, 25 percent incidents related to virus under the malicious code category and seven percent incidents were related to technical help under other categories, government data reveal.

In January, only 30 incidents of defacement were reported compared to 509 in December and 305 in November. According to industry sources, the government sector now accounted for 30 percent of all defaced Indian websites in 2007, when compared to about 27 percent in 2006.

 

Source:

 

http://www.siliconindia.com/shownews/40258