Hacking Victims Stories and Security Tips

Prorootect

Level 69
Thread author
Verified
Nov 5, 2011
5,855
Quote: 'Beware of your website security hack down! Recently there are lots of website been hacked. .. Each hacker has different photo to show off after they hack a website. .. Can you imagine how much money and time loss incur to recover them?' - here on ahtim.com: Website Security Hack Down !: http://www.ahtim.com/website-security-hack-down/

Some (safe!) examples I find today:

http://www.usbdrive.com.au/
http://zulema95.blogspot.com/
http://tinypad.info/

'I woke up to a BIG surprise this morning, as I opened my web browser to my homepage. Apparently my server was hacked by Tiger-M@te. WTF!?! I couldn’t remember the last time I had backed up my site, and thought I had lost everything. I immediately opened ..' - here: My Server Was Hacked by Tiger-M@te: http://theurbancowboy.net/2011/my-server-was-hacked-by-tiger-mte/

.. 'Then, one day, you load up your site in your browser, and find that it's not there, or it redirects to a porn site, or your site is full of adverts for performance-enhancing drugs. What do you do? Some steps to take' - here (codex.wordpress.org): FAQ My site was hacked: http://codex.wordpress.org/FAQ_My_site_was_hacked

.. 'Wednesday, my wife got up later than usual and didn’t check her e‑mail until around 8:30 a.m. The previous night, she had put her computer to “sleep,” rather than shutting it down. When she opened it that morning to the Gmail account that had been her main communications center for more than six years, it seemed to be responding very slowly and jerkily. She hadn’t fully restarted the computer in several days, and thought that was the problem. So she ..' -here (TheAtlantic.com): Hacked!: http://www.theatlantic.com/magazine/archive/2011/11/hacked/8673/4/?single_page=true

'.. my email, phone, text messages and Twitter DM’s starting lighting up with things like, “Dude, your site is throwing malware warnings” and “Why am I getting redirected to some Russian site when I go to your blog?” Hackers! Bastards.' -here (PhoenixRealEstateGuy.com): Hacked. Or, how I spent the last 60 hours: http://www.phoenixrealestateguy.com/hacked-or-how-i-spent-the-last-60-hours/

8 Security Tips to Secure your WordPress Blog (dailyblogging.org): http://www.dailyblogging.org/wordpress/security-tips-to-secure-your-wordpress-blog/

.. there are more and more examples ..
Then ultimate solution is here: Turn Off the Internet: http://www.turnofftheinternet.com/ ;)
 

Prorootect

Level 69
Thread author
Verified
Nov 5, 2011
5,855
Hacked by Google (perishablepress.com): http://perishablepress.com/hacked-by-google/

Quote:
'.. And then suddenly, traffic to my Demo page completely stopped, and I get a message from a few users saying something like:
Dude your plugin demo is flagged as an attack site by Google – better check it out..'


Is this my hacker? (Google Webmaster Forum): http://www.google.com/support/forum/p/Webmasters/thread?tid=67788f2afb32c03b&hl=en

Quote:
'www.lartdenature.com was flagged by Google's malware warning (Thank You Google..really I mean it!)'
'I did another search trying to find my original hacker. I was thinking they must have pride in their work? At any rate. I know my major exploit as many here- comes from blogs. So I did a search on: lartdenature photoblog and here is what I found: ( 2 from my web site at one time-which was never really from me) The first one listed ...IS THIS MY Hacker????' ..


The poor people, they will never forget this ..

Is this a photo of your hacker .. :
IX7rC.jpg
 

Prorootect

Level 69
Thread author
Verified
Nov 5, 2011
5,855
Even our beloved Microsoft succumbs to hackers .. :exclamation:

Microsoft's forums website got hacked on Tuesday, 8 November 2011 ( and Today: December 1, 2011 - is still hacked!).

The proof is here: defaced page today (it's safe for you): forums.microsoft.com.mk: http://forums.microsoft.com.mk/ (hacked by 'digital boys underground team' ).

So where we go ..



EDIT: January 2, 2012 - is good now .. Microsoft has it's site content ..
.
 

Prorootect

Level 69
Thread author
Verified
Nov 5, 2011
5,855
.
Do you like puzzles?

Hacker who bypassed Facebook security pleads guilty: http://nakedsecurity.sophos.com/2011/12/14/hacker-facebook-security-pleads-guilty/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+nakedsecurity+%28Naked+Security+-+Sophos%29

Quote:
'A British student has pleaded guilty to charges that he breached security at Facebook earlier his year, despite arguing that his intentions were not malicious. ..

.. Mangham's defence team has argued that he was an "ethical" or "white-hat" hacker, whose intentions - rather than being malicious - were to uncover security vulnerabilities at Facebook with the intention of getting them fixed. ..

.. Mangham is scheduled to be sentenced on 17 February 2012.'
.
 

Prorootect

Level 69
Thread author
Verified
Nov 5, 2011
5,855
.
NEWS:

* FBI says hackers hit key services in three US cities: on bbc.co.uk: http://www.bbc.co.uk/news/technology-16157883

Quote:
'At a recent cybersecurity conference, Michael Welch, deputy assistant director of the FBI's cyber division, said hackers had accessed crucial water and power services.
The hackers could theoretically have dumped sewage into a lake or shut off the power to a shopping mall, he said.':dodgy:

* 'We could hack the Queen's medical records if we wanted': on nakedsecurity.sophos.com: http://nakedsecurity.sophos.com/2011/12/16/ournalists-under-the-spotlight/

Quote:
'BBC Radio 4 has broadcast a documentary claiming that computer hackers were used by the British press to spy on politicians and the military.'
.
 

Prorootect

Level 69
Thread author
Verified
Nov 5, 2011
5,855
.
Chinese Computer Hackers Hit U.S. Chamber of Commerce:

Read more: http://www.foxnews.com/scitech/2011/12/21/chinese-computer-hackers-hit-us-chamber-commerce/#ixzz1hIAyNg8Q
.
 

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Well users read articles hopefully were aware the things happened and having knowledge would prevent anything worse.
 

Prorootect

Level 69
Thread author
Verified
Nov 5, 2011
5,855
.
Totally amazing!:exclamation:

According to hacker's newspaper:

Recently, hackers have a new online tool at its disposal. This tool allows them to encode the viral code with multiple compression, making the detection impossible for any antivirus ..:huh:

Example here, before and after encoding: The comparison of detections by Anti-Virus scans:

Before: http://4.bp.blogspot.com/-vaW0ql1eG1E/TvieQC2qP1I/AAAAAAAAEJY/txJ-GzIDpmk/s1600/1.png
After: http://4.bp.blogspot.com/-bd5Vo-V-nhU/TviefW6Z9MI/AAAAAAAAEJk/cqtF01_S6fo/s1600/2.png

That's why we are against signature-based antivirus approaches - and for sandboxing and other no signature solutions of preventive defense.

We understand here the importance of sandboxing to keeping the Internet free of malware.;)
.
 

Prorootect

Level 69
Thread author
Verified
Nov 5, 2011
5,855
.
New site hacked: Xaiters.com: http://xaiters.com/ - :dodgy: 'UNDER CONSTRUCTION process. Please visit us later ..'

:s.. ' “and then we’re pwned”

“so what?”

“Hey idiot, I just told you, you’re pwned!”

“So what?”

“So a hacker’s on the box”

“So what? What’s on the box?”

“um, they could pull credentials off of it”

“okay, so what?”

…and the game continues.'



Here, The “So What” Methodology: on SIRA - SocietyInfoRisk.org: https://www.societyinforisk.org/content/%E2%80%9Cso-what%E2%80%9D-methodology


''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''


Try another topic here: Hackers abuse PHP setting to inject malicious code into websites: http://malwaretips.com/Thread-Hackers-abuse-PHP-setting-to-inject-malicious-code-into-websites
.
 

Prorootect

Level 69
Thread author
Verified
Nov 5, 2011
5,855
.
Have you read my post 9? Here you have similar information: no encryption, but use of passwords for hackers' files: on ehackingnews.com:


Password-protected Documents is safest place for Malwares ~Undetectable: http://www.ehackingnews.com/2011/12/password-protected-documents-is-safest.html


Quote:
'Symantec security researchers discovered malware in the wild in the form of document files, such as PDF and Word, using password protection. The malware are used as attachments in email in limited, targeted attacks.'
.
 

Prorootect

Level 69
Thread author
Verified
Nov 5, 2011
5,855
A Little Hacking History!

A Little Hacking History posted by Slippery Slim on December 29, 2011, on CLEANbytes.net: http://cleanbytes.net/a-little-hacking-history

Very good read for you.
 

Prorootect

Level 69
Thread author
Verified
Nov 5, 2011
5,855
.
White-hot Israel vows to treat hackers like terrorists: on The Peace Times, peacetimes.net of course: http://peacetimes.net/2012/01/white-hot-israel-vows-to-treat-hackers-like-terrorists/

Quote:
'In the wake of a massive online dump of Israeli credit card details by hackers, Tel Aviv says it will treat cyber attacks as acts of terror. It has also commended the US, who has hinted at retaliating for such assaults with military action.

Cyber attacks amount to “terrorism that must be treated as such. In cyberspace, we have active capacities and we can hit those who try to hit us,” said Deputy Foreign Minister Dany Ayalon ..'

'“The US has announced that any attack on its cybernetic space would be considered a declaration of war, and that it would go as far as firing missiles to respond to such an attack. This is a good criterion for us all,” the deputy FM added.'

'.. after some 20,000 Israeli credit cards and other sensitive data were leaked online .. Israel says the hacking team is taking good precautions in order to avoid being caught quickly. Tel Aviv is considering turning to Interpol to catch them.'


But for the moment - you have the image of soldiers dealing with by hack:

"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
BMssl.png

.
 

Prorootect

Level 69
Thread author
Verified
Nov 5, 2011
5,855
New mode of DoS attack: 'Slow Read" Denial of Service Attack!


Cute description of Mitigation of 'Slow Read" Denial of Service Attack: on blog.spiderlabs.com: http://blog.spiderlabs.com/2012/01/modsecurity-advanced-topic-of-the-week-mitigation-of-slow-read-denial-of-service-attack.html

Quote:
' This time, the attack centers on a method of slowing down the rate at which the client (attacker) is able to consume the response data sent back by the web server - hence the name "Slow Read" DoS.'
 

Prorootect

Level 69
Thread author
Verified
Nov 5, 2011
5,855
WHY I love you!..:huh:

- look here: http://www.asrejavanhosting.com/Alin.php

- so it's Alin message to you.

- And then?

- Hello Word! Keep Safe!
 

Prorootect

Level 69
Thread author
Verified
Nov 5, 2011
5,855
.
An analysis of hacker mentality: on Securelist.com: http://www.securelist.com/en/threats/vulnerabilities?chapter=39

QUOTE:
'The truth is that in hours of a machine being connected to the Internet, somebody will scan it with an automated vulnerability probing tool, looking for ways to get in.'

'Premeditated, criminal, hacking is obviously even worse.'

'Another hacker motivation may be hooliganism, or digital graffiti, which can be summed up as hacking into systems to cause damage. Web site defacement is a very popular form of digital graffiti and there are some hacking groups which focus on this task alone. Just as in the physical, non-cyber world, catching the hooligans is a tedious task which usually doesn't repay the effort or resources expended.

Whatever the reasoning, be it 'to help others', 'security heads-up!', 'hooliganism' or 'criminal intent', hacking is a phenomenon which is deeply rooted in the world of computing and will probably never die. There will always be people immature enough to abuse public resources, self-proclaimed 'Robin Hoods' and criminals hiding in the dark alleys of cyberspace.'

So .. hack the hackers:
obl83.jpg

.
 

Prorootect

Level 69
Thread author
Verified
Nov 5, 2011
5,855
.
Hacking - this is another form of taking drugs for these kids ..

Detox the hackers:
Axayx.jpg


So should they take a cure for addiction. Hack your brain rather - the mental detox now! .. Get clean: Is There a Cure for Addiction? : http://www.howtohelpadrugaddict.com/05127-is-there-a-cure-for-addiction/
.
 

Prorootect

Level 69
Thread author
Verified
Nov 5, 2011
5,855
.
Bad News Today:

Hackers are winning security battle : on gadgets.ndtv.com : http://gadgets.ndtv.com/shownews.aspx?id=GADEN20120195905&Sec=NEWS&nid=182544&pfrom=home-otherstories

QUOTE:
'Technology security professionals seeking wisdom from industry leaders in San Francisco this week saw more of the dark side than they had expected: a procession of CEO speakers whose companies have been hacked.

"It's pretty discouraging," said Gregory Roll, who came for advice and to consider buying security software for his employer, a large bank which he declined to name because he was not authorized to speak on its behalf. "It's a constant battle, and we're losing." ..

'The opening presentation by Art Coviello, executive chairman of conference sponsor and recent hacking victim RSA, set the tone with the Rolling Stones song "You Can't Always Get What You Want." '

So for you - this memorable song: You Can't Always Get What You Want - The Rolling Stones (cover) : http://www.youtube.com/watch?v=E3eHBbbKKfg&feature=related -look on text too, please ..

.. and another interpretation of this song: Rolling Stones - You Can't Always Get What You Want - Live '03 London : http://www.youtube.com/watch?v=Opa8WMCVcd8&feature=related :D

OK., returning to our sad read:

' Some 70 percent of employees in one survey he cited admitted to subverting corporate rules in order to use social networks or smartphones or get access to other resources, making security that much harder.

"Our networks will be penetrated. People will still make mistakes," Coviello said. He argued that with better monitoring and analysis of traffic inside company networks, "we can manage risk to acceptable levels." '

'FBI Director Robert Mueller spoke on Thursday, warning that he expected cyber threats to pass terrorism as the country's top threat.'

"The Net is inherently insecure," Hayden said. "We need to quit admiring the problem and move out. No position could be worse than the one we're in now."

""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
wX07Q.gif

.
 

Prorootect

Level 69
Thread author
Verified
Nov 5, 2011
5,855
.
We Got Hacked for SEO, Here's what We Found on TheNextWeb ..

We got hacked for SEO, as did other major technology sites : on TheNextWeb.com/Insider : http://thenextweb.com/insider/2012/04/05/we-got-hacked-for-seo-as-did-other-major-technology-sites/

'Last week we discovered that the owner of SEOnix.org hacked in to our backend and threw himself a sweet SEO party. The only invitee was obviously his own website, but he still managed to have a good time all alone. In the last 3 months he got a couple of nice gifts from us in the form of juicy links and an occasional canonical tag.

But it wasn’t only us. He managed to do the same on other authorative sites as well. We’re leaving the names out to protect the innocent. In total he has injected several hundred posts, getting links from 25 domains, most of which it’s safe to assume weren’t earned like you or I would earn them.


So What Happened?

This person managed to get in via one of our editors’ logins and put links to his own site in 124 posts. And not just links; he went on to add some nice anchor texts like ‘search engine optimization’, ‘SEO’ or ‘movie downloads’. But it wasn’t just a matter of inserting links, he also scraped content from our site, as well as many others.

Content scraping is nothing new, and it happens to us all the time. But usually scrapers aren’t able to change the canonical links on the site they scrape. This guy obviously was. In doing so, what he essentially accomplished was to tell Google and other search engines that our post wasn’t the original, and in fact his own was.

Here’s a good example' ..
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top