Translate

Official twitter Account of Vodafone India hacked, used to send inappropriate tweets and messages

07:58 Abhishek kumar 0 Comments
Official twitter Account of Vodafone India was hacked over the weekend and was used to send inappropriate tweets and messages to its  followers.

The Vodafone India twitter account which is verified and has more than 195 K Follwers, started tweeting and messaging its followers to follow Random Girls on KIK messenger, all the tweets and messages contained a similar pattern 
@xxxx Hey this Horny chick on KIK wants to chat with you ;) her username is xxxxxx
Official twitter Account of Vodafone India hacked used to send inappropriate tweets and messages
The tweets and messages started flowing rapidly for more than 2 hours before it came to the notice of Vodafone India twitter handler.

By the time Vodafone India managed to delete all the tweets, the hack was already noticed by thousands of its followers of which many started making fun of the tweets by the Vodafone India.
Official twitter Account of Vodafone India hacked used to send inappropriate tweets and messages
Later on Vodafone India deleted all the unrelated tweets and Confirmed the hack in next few tweets.


It is not known how the account was hacked, but a rogue app or phishing website could be the reason behind the hack.


Facebook video scam containing a funny video is a Trojan which steals your Facebook information

23:26 Vijay Prabhu 0 Comments
You may have heard about lot of Facebook Scamsters making use of different tragedies around to the world to profit themselves. Here is a report of quite opposite being used by the scammers. A new funny video spreading on Facebook and spreading virally.  It is supposed to amuse the Facebook users and sharers but instead leaves a not-so-hilarious Trojan in its wake on users’ computers. The scam was discovered security research firm Bitdefender. 
Facebook video scam containing a funny video is a Trojan which steals your Facebook information
Bitdefender says that the malware believed to originate from Albania, can access a large amount of data from the user’s internet browser.  As with the tragic video scams perpetrated on Facebook, this scam begins with a message of a funny video from a known Facebook friend. Humor is the quickest way to garner attentions and once the victim clicks on the video, he/she is directed to a clone YouTube page.  This page redirects the victims to them to a malicious Flash Player.exe for an Adobe update after stating that their Flash Player is not upto date.

Catalin Cosoi of Bitdefender stated that, “Scammers have created over 20,000 unique URLs that redirect victims to malicious websites and a fake alluring YouTube video, showing a woman taking her clothes off on a webcam. The video seems to actually play for a couple of seconds to entice male users to click. Malware writers faked the number of views so the video seems to have been watched by over a million users.”

Catalin further added, “After stealing Facebook information, victims’ profile names are added into the fake YouTube URL parameters. This enables them to make the video seem more legitimate, as it looks like it is posted by users’ friends.”

In an attempt to bypass security, the hackers got their hands on over 60 bit.ly API keys that helped them generate shortened URLs. The unique links are then spread on Facebook timelines. As API keys are randomly selected, blacklisting a couple does not stop the scam from spreading. Bitdefender has reported that it has notified bit.ly of the issue and made them aware of the bit.ly links being used to scam innocent victims.

The malware author has used an add-on framework while writing the malware code.  The benefit of this is that, it allows their code to function on several browsers. As with Google Chrome, the malicious YouTube video redirects users to a fake FlashPlayer install. The installed file was detected by Bitdefender as Trojan.Agent.BDYV.  This trojan drops a password-protected archive on the computer and a .bat file, designed to run the executable in the archive after providing the password as a parameter. On victims using Firefox, the page prompts for a malicious add-on install which when clicked installs Trojan.Agent.BDYV.

After download, it also tags 20 Facebook friends at a time and injects ad services into the page in both the browsers. The Add on extension also recodes the social network’s functionalities so that users can't delete the malicious posts from their timeline and activity log.

“We advise users to exercise caution before clicking on Facebook videos,” adds Catalin Cosoi. “Keep your antivirus solution and other software updated and warn your friends if you believe they are at risk of becoming malware victims.”

Techworm would only advise viewers not to fall prey to such scams by opening videos or files from unknown sources even if they are shared by a very best friend.


Anonymous hacks Official twitter Account of Kenya Defence Forces

07:29 Abhishek kumar 0 Comments
The Official twitter account of Kenya Defence Forces has been hacked by Anonymous affiliated hacker going with the twitter handle @Anon_0x03
Anonymous hacks Official twitter Account of Kenya Defence Forces
Several tweets were fired from the hacked account which carries more than 65.7K followers. 
The hack came as a protest to the Army wasting money over arms/guns while the country still needs to fight out Poverty.
  
Anonymous hacks Official twitter Account of Kenya Defence Forces

Anon_0x03 also hacked the twitter account of Major E K Chirchir Spokesperson of the Kenya Defence Forces who works at Protocol/Liaison Office Defence Headquarters.

More than 5 hours have passed since the hack, the Compromised account still carries the tweets and has not been recovered yet.

Anon_0x03 told techworm that he has access to the email associated with the account, which he hijacked using phishing attack.

A screenshot from the hijacked email account of Major E K Chirchir is posted below, The email associated comes from the email portal of Ministry of defense of Kenya.  
Anonymous hacks Official twitter Account of Kenya Defence Forces
(Screenshot of the hijacked email provided by Anon_0x03 exclusively to Techworm)
It is possible that the hijacked email can contain several important mails. however Anon_0x03 refused to tell anything on what the email contained.

Update:
Almost after 24 hours Kenya Defence Forces twitter account managers were able to recover the account, however that didn't lasted long as the Account is hacked again.


Anonymous CCG, Colombian Hackers & Team Hack Argentino unites to hack Colombian Government websites under Operation #FalsaIndependencia

Team of three of the pro hacker groups has united and launched a cyber attack over the Colombian Government.

Anonymous CCG, Colombian Hackers & Team Hack Argentino has started a cyber operation dubbed as"Op #FalsaIndependencia".
Anonymous CCG, Colombian Hackers & Team Hack Argentino unites to hack Colombian Government websites under Operation #FalsaIndependencia
(Screenshot taken from one of the defaced website)
The Operation is organised on 20 July, Independence Day in Colombia. the Goal behind the operation is to attack the servers of the Colombian Government, said Max_Hcz fonder of team Anonymous GCC. this year Anonymous CCG, Colombian Hackers & Team Hack Argentino are united for the operation, he added.

One of the hacked website carried a deface message,
Happy Independence Day. 
An idiot is an idiot. Two idiots are two idiots. But ten thousand idiots are a political party. One of my intentions is to warn security holes. What profession has all these senators, politicians and deputies? lawyer, attorney, advocate, adm. Company lawyer ... Where are the philosophers, artists, where is the rest of life?

Several Government websites of Colombia were hacked and defaced as the operation commenced, List of websites defaced can be seen below:
[1] http://armenia.gov.co/ 
[2] http://www.contraloriapereira.gov.co/index.php 
[3] http://concejodefiravitoba.gov.co/ 
[4] http://www.contraloriands.gov.co/html/ 
[5] http://alcaldianeiva.gov.co/ 
[6] http://bolivar.sena.edu.co/index.html 
[7] http://comunica.sena.edu.co/index.html 
[8] http://sig.fvs.gov.co/Colhacker.html 
[9] http://sigc.cancilleria.gov.co/index.html 
[10] http://caqueta.gov.co/

The operation has just started, So more websites are expected to be hacked as the Operation continues for entire day.

At the time of writing the article all the websites carried the deface page.