2016-07-18

US Voters’ registration records for sale on dark web- A hacker going by the name of “DataDirect,” is currently selling US Voters’ registration records for sale on dark web. The hacker is offering buyers state by state voters’ records where the price for each state is 0.5 BTC ($340.38).Whether the data is genuine or not is yet to be established. It is possible, however, that the hacker downloaded the records in December last year when 191 million US voter registration records were found online in an unprotected folder by researcher Chris Vickery.New insider threat trojan discovered- A Trojan designed to help attackers recruit insiders has been discovered by Israel-based treat intelligence firm Diskin Advanced Technologies.The bot, named “Delilah [1],” is delivered through adult and gaming websites. It steals personal information that it may require to manipulate or blackmail the targeted insider. Delilah is also able to capture video from the victim’s webcam.More details here [2].Chinese hackers suspected of Philippines government website hack- Chinese hackers are suspected to be behind attacks on a trio of the Philippine government’s websites that took place this month. Suspicion around the Chinese has been raised since the breaches came just days after the Permanent Court of Arbitration at The Hague ruled in favour of the Philippines over the South China Sea dispute.An image of the Guy Fawkes mask associated with Anonymous appeared on the compromised site with the message: "Nobody can give you freedom. Nobody can give you equality or justice. If you are a man you take it. - Chinese government."According Softpedia’s report [3], the message linked to a Twitter account that appears to belong to an Anonymous member from Brazil. It is not known whether this hacker was actually involved or his account was breached.Pokemon Go servers crash after possible DDoS- The suspected attack, claimed by hacking group PoodleCorp [4], took place just hours after the augmented reality game was made available to 26 countries in Europe on July 16th.Ubuntu online forums hackedA security breach on the Ubuntu online forums has exposed data of more than 2 million users. Attackers exploited an SQL injection vulnerability, injecting formatted SQL to the Forums database, accessing the entire archive and included data. This was a known vulnerability in the Forumrunner add-on which had not yet been patched. The Forums were shut down as a precautionary measure, but attackers were only able to gain access to usernames, email addresses and IPs, no user passwords. Read the original report. [5]Fake Pokemon Go apps in Google StoreEset researchers have discovered a malicious app called "Pokemon Go Ultimate" in the Google Play store. The app locks the screen of the devices immediately after being installed. Infected phones can be unlocked by removing the battery, but after restarting, the malicious app still runs in the background, clicking on ads to generate revenue for its creators. Two other fake apps were discovered, called “Install Pokemon Go” and “Guides & Cheats for Pokemon Go”, both with fraudulent ads and scareware popups.More details here [6].RT targeted by DDoS attackA massive DDoS attack was staged on the servers providing web streaming for the RT TV channel on Friday as the attempted coup in Turkey was unfolding. The stream was taken offline for a total of three hours, in two separate attacks. It is unclear who was responsible for the attack, but streaming has been fully restored. New version of Peyta ransomwareA new version of the disc-encrypting ransomware, Peyta [7], has been released, fixing a weakness in its encryption algorithm. Previous versions of the ransomware were not properly implementing the Salsa20 encryption algorithm, used to encrypt the drive and verify correct ransom keys. The bug has now been fixed, removing the previously exploitable weaknesses. Anonymous launch OpNiceAnonymous have launched “OpNice" [8] following the attack in Nice last week. The hacktivist group released a video vowing to track down members of the terrorist group responsible for the attacks, in a campaign similar to that of OpParis [9] and OpBrussels [10]. Anonymous claim to have taken down thousands of pro-ISIS Twitter accounts, in a battle to stop spreading propaganda and recruiting.  The Silobreaker TeamDisclaimer: Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

[1] https://my.silobreaker.com/view360.aspx?item=11_1040593515#?q=Keyphrase:%22Delilah%20Malware%22&rd=true
[2] http://blogs.gartner.com/avivah-litan/2016/07/14/meet-delilah-the-first-insider-threat-trojan/
[3] http://news.softpedia.com/news/chinese-hackers-deface-two-philippines-government-websites-506385.shtml
[4] https://my.silobreaker.com/view360.aspx?item=11_1030735411#?q=Organization:%22PoodleCorp%22&rd=true
[5] http://betanews.com/2016/07/15/ubuntu-linux-forums-hacked/
[6] http://www.welivesecurity.com/2016/07/15/pokemon-go-hype-first-lockscreen-tries-catch-trend/
[7] https://my.silobreaker.com/view360.aspx?item=11_985863942#?q=Keyphrase:%22Petya%20Ransomware%22&rd=true
[8] https://my.silobreaker.com/view360.aspx?item=11_1039831067#?q=Keyphrase:%22OpNice%22&rd=true
[9] https://my.silobreaker.com/view360.aspx?item=11_929019930#?q=Keyphrase:%22OpParis%22&rd=true
[10] https://my.silobreaker.com/view360.aspx?item=11_985249264#?q=Keyphrase:%22OpBrussels%22&rd=true

Show more