What's new

Seven Indian missions' websites ''hacked'', data dumped online: Report

Hindustani78

BANNED
Joined
Apr 8, 2014
Messages
40,471
Reaction score
-47
Country
India
Location
India
Last Updated: Monday, November 7, 2016 - 19:06
http://zeenews.india.com/news/india...hacked-data-dumped-online-report_1947194.html

New Delhi: Two hackers allegedly from the Netherlands claimed to have broken into seven Indian High Commission websites , publishing online the login details, passwords and database containing names, passport numbers, email-IDs and phone numbers of people of Indian origin, media reported on Monday.

According to a report in E Hacking News website, the Indian High Commissions where data breach happened are in South Africa, Libya, Italy, Switzerland, Malawi, Mali and Romania.

The hackers with Twitter names Kapustkiy and Kasimierz L later dumped the database on Pastebin.com (which later removed the details).

"I am from the Netherlands. I`ve found several SQL on their websites and I reported it. But they ignored me so I dumped there db [database]," one of the hackers told E Hacking News in an email.

The hackers allegedly leaked details of 161 Indians living in South Africa, 35 in Switzerland, 145 in Italy, 305 in Libya, 74 in Malawi, 14 in Mali and 42 in Romania.

The Indian Embassy in South Africa (http://www.hcisouthafrica.in/) was the first one to be hacked.

The Indian Embassy in Bern (Switzerland) was the second target (http://indembassybern.ch/) which had three databases with 19 tables with total 35 entries and login details with passwords.

"The compromised data includes the name, last name, email id, address, college and a course where students are enrolled," the report added.

In Italy, the hackers entered into three databases with 149 entries, including the name, email-id, telephone numbers and passport numbers.

There was no official explanation from the Ministry of External Affairs on this development.

SQL (Structured Query Language) injection is one of the most widely exploited web application vulnerability used by hackers to steal data from online businesses` and organisations` websites.

This web application vulnerability is typically found in web applications which do not validate the user`s input.

"As a result, a malicious user can inject SQL statements through the website and into the database to have them executed," www.netsparker.com reported.

Earlier this year, there were multiple reports that websites of seven Indian embassies were hacked and defaced by a group claiming to be from Pakistan.

IANS

First Published: Monday, November 7, 2016 - 19:06
 
.
Thank God this one iS not done by Pakistanis... :D
 
.
Thank God this one iS not done by Pakistanis... :D

http://www.thehindu.com/news/nation...ites-of-7-of-its-embassies/article9319272.ece

Indian officials were trying on Tuesday to restore the websites of seven Indian embassies in Europe and Africa that were hacked and had data dumped online.

The security of the websites of Indian embassies in Italy, Switzerland, South Africa, Libya, Malawi, Mali and Romania was breached by hackers who identified themselves to the media as Kaputsky and Kasimierz L.

“We are aware of the problem and are trying to fix it,” External Affairs Ministry spokesman Vikas Swarup told reporters.

Attempts were being made to track the IP addresses of the hackers, who posted online the names, email addresses, phone numbers and passport numbers of some embassy staff members.

Several Indian websites have come under attack this year. Last month, Pakistan-based hackers targeted more than 7,000 Indian websites after India launched a series of attacks on terror camps in Pakistan. Also in October, the security of around 3.2 million debit cards in India was breached when hackers inserted malware through an ATM network.
 
. .

Yury Namestnikov, the head of Kaspersky’s Russian research and analysis department, speaks during an interview with AFP at the company’s headquarters in Moscow. — AFP
http://saudigazette.com.sa/world/russian-hackers-target-cash-politics/

MOSCOW — Just as the scandal over alleged Russian hacking of the US Democratic Party erupted in June, police in Russia were rounding up a group known as Lurk.

In the underground world of Russian hackers, a shadowland of anonymous internet forums where users exchange the latest malware, Lurk was legendary.

The group, active since 2011, was accused of stealing some three billion rubles ($47 million, 42.5 million euros) from Russian banks and aspiring hackers were keen to join.

Then more than 50 members, most of whom hailed from the Urals city of Ekaterinburg, were arrested in a sweeping raid that entailed 86 probes in 15 regions across the vast country.

But despite the eye-catching operation, the crackdown on Lurk only touched the tip of the iceberg of a lucrative criminal industry.

Moscow-based internet security giant Kaspersky has estimated that there are over 1,000 hackers in Russia specialising in financial crimes.

Between 2012 and 2015, by the company’s conservative estimate, Russian-speaking hackers stole at least $790 million across the globe.

Meanwhile, this type of illegal activity is flourishing.

“The number of financial cyber criminals is growing as the use of online banking rises,” explained Yury Namestnikov, the head of Kaspersky’s Russia research and analysis department.

Adding to security woes are also the prevalence of smartphones — which are less well protected than computers — and the rise in “ransomware”, a technique that allows hackers to steal data and then ransom it back to the owner.

“It is no secret that most of today’s crypto-ransomware has Russian roots, both in terms of the authors of the malicious code and of the actors who spread the malware and demand the ransom,” Kaspersky noted in a report.

For industry experts Russia’s dubious honour as a major power in the hacking world is no accident.

“We have good mathematics schools and Russians know how to code properly,” said Namestnikov. “What is special about the Russian hackers is that they have been active for so long.”

Artem Sychev is in charge of cyber security at Russia’s Central Bank and concurs that “Russian-speaking hackers were educated in the Soviet-style system,” whose emphasis on high-level maths and science continues today.

“They are most creative people, including unfortunately in the area of fraud,” he said.

The furore over the US election hacks has shone a spotlight on alleged ties between hackers and the Russian government.

Authorities in Washington have accused top-ranking Russian officials of directing attacks on the US aimed at undermining the election.

CrowdStrike, the security firm that uncovered the hacking of the Democratic National Committee, said that the group behind it, Cozy Bears, was linked to Russian military intelligence.

Another group, Fancy Bears — which has hacked targets including the World Anti-Doping Agency — meanwhile has ties to the FSB spy agency, according to Crowdstrike.

Russia has dismissed the allegations and said US politicians are blaming Moscow in a bid to drum up their polling numbers.

Local experts insist the vast majority of hacking in Russia is aimed at thieving cash — not interfering in politics.

“99 percent of internet pirates are looking to steal money,” said Ilya Sachkov, founder of Russian security firm IB-Group.

“There are no patriotic hackers.”

Even while the Kremlin is adamant in denying a role in any of the hacking scandals, the authorities are certainly struggling to tackle the issue — and often appear to turn a blind eye.

“Unfortunately, for Russian-speaking cybercriminals current conditions are more than favourable: the risk of prosecution is low while the potential rewards are high,” wrote Kaspersky.

As an example, Russian hacker Yevgeny Bogachev has a $3 million price on his head from the FBI.

His network of hackers — which operated from Ukraine and Russia before being dismantled in 2014 — stole more than $80 million from victims mainly in the US. Despite being wanted, Bogachev reportedly lives freely in the southern Russian city of Krasnodar. — Reuters
 
.
http://indianexpress.com/article/wo...ason-cases-linked-to-cia-say-reports-4501303/

Russian cybersecurity intelligence officers reportedly detained on treason charges are being accused of passing secrets to the CIA. Sergei Mikhailov and Dmitry Dokuchaev, who worked for the cyber wing of Russia’s FSB domestic intelligence service until their arrests in December, are accused of cooperating with the CIA, according to unnamed sources cited on Tuesday by Interfax news agency.

No officials have publicly commented, but Russian media outlets with links to the security services have reported in detail on the case. An executive from cyber-security firm Kaspersky Lab has also reportedly been arrested on linked treason charges.

US intelligence agencies have alleged that Russian President Vladimir Putin ordered a campaign to influence the US presidential election in favor of Donald Trump and that Russian spies hacked into the Democratic National Committee.
 
.
Back
Top Bottom