Month: December 2015

State-sponsored hackers spread backdoors in Middle East

APT28-Russian-hacker-cyber-espionage

Symantec’s threat report revealed that two hacking groups of state-sponsored threats have been using backdoors to spy on targets in Iran and other nations in the Middle East.

The two groups are known as ‘Cadelle’ and ‘Chafer’ and each of them uses their custom-developed backdoors. While Cadelle with its five member team uses backdoor ‘Cadelle’, Chafer’s backdoors are known as ‘Remexi’ and ‘Remexi B’ developed by its ten member team.

Both backdoors are capable enough to open connections and help attackers steal data from infected systems.

Reports by Symantec are of the view that the two groups which are targeting political dissidents from Iran and airports and telecommunications companies from other Middle East countries may be doing so with the intention to keep an eye on the movements of their targets.

Chafer has been using SQL injection attack to compromise servers and drop Backdoor, Remexi  to infect its targets but the technique of Cadelle is not known yet.

After infecting targets, the backdoors can harm hugely. They can be used to gather and steal passwords, intercept document print commands, record audio via infected devices, take screengrabs, record webcam feeds, log keystrokes, log opened applications, and gather system and clipboard information.

First attackers using these backdoors were spotted in 2014 but the clues from each group’s code reveal that they might have used it in 2011.

Advertisements

Indian hackers attack Pakistan websites to pay tribute to people killed in 9/11

image

In order to mark the fourth anniversary of the Mumbai terror attack famous as 9/11, which took place on 26 November, 2008, two Indian hacking groups on Thursday targeted more than 130 governmental and non-governmental websites of Pakistan.

After the cyber-attack, it seems the enmity between Pakistan and India has gone up to the next level. The cyber-attack was not the new case for both of the countries.

A hacker group called Mallu Cyber Soldiers had attacked many Pakistani websites, including official government portals such as pakistan.gov.pk, president.gov.pk and cabinet.gov.pk, as a response to the attack on the Kerala government website on 27 September.

During that attack, those Pakistani hackers had displayed a message, praising Pakistan, along with a picture of a burning Indian National Flag.

A message like “Struck By Faisal 1337. Official Website Government of Kerala Hacked! Pakistan Zindabad. We Are Team Pak Cyber Attacker. Security is just an illusion”, was posted in the website.

Now, the hacking groups were identified as Indian Black Hats (IBH) and Kerala Cyber Warriors (KCW). Both of them said to have attacked the websites in order to pay tribute to the dead people during the Mumbai attack.

“It is cyber pay back for 26/11 Mumbai attack against Pakistan,” a hacker of Kerala Cyber Warriors team told IBTimes India. It just took a day for us to hack all these 125 sites with the background song “Oru Yathramozhiyode from Mohanlal’s Kurukshetra movie. We have access to many Pakistan servers, so the defacing was easy.”

On the same day, another hacking group IBH attacked almost 10 Pakistani websites and other domains.

“Indian Black Hats is a team with members from all over India and it is in cyber space from 2011 with the name Indian Cyber Devils. Now this year the name was changed to the recent one. We have not harmed these websites, but just uploaded a file as a pay back for 26/11 attacks,” one hacker of IBH told IBTimes India.

——–myabhya——–
(Perfect Training Center)