Jump to content


  • Content Count

  • Joined

  • Last visited

Community Reputation

1 Neutral
  1. Cyber-policemen exposed the attacker who, with the help of a "virus", embezzled almost a million hryvnias. The man hacked into mobile phone accounts and collected personal data from users. Then he remotely reissued SIM cards and got access to online banking. Employees of the department for combating cybercrime of the Poltava region, together with the investigation department of the Kremenchuk police, exposed the fraudulent activity of a citizen. The 31-year-old man used malicious software to hack accounts and access users' phone books. It was preliminarily established that due to the hacker's fraudulent actions, about 100 people were injured. The total amount of damage reaches one million hryvnia. At the place of residence of the man, law enforcement officers conducted a search and seized computer equipment, mobile phones and bank cards. A special police battalion of the local police department was also involved in the searches. The hacker was announced on suspicion, he faces imprisonment for a term of three to eight years. __________________
  2. Attackers "poison" XML sitemaps, thereby lowering their SERP ranking. A new cybercriminal group attacks WordPress sites and installs hidden e-commerce stores on them, taking advantage of the site's search rankings and reputation for fraudulent purposes. The attacks were discovered earlier this month when malware hit the honeypot of Akamai security specialist Larry Cashdollar. According to him, attackers gain access to the accounts of site administrators using a brute force attack, after which they overwrite their main index files and add malicious code. Although the malicious code is heavily obfuscated, Cashdollar was able to figure out that its main purpose was to act as a proxy to redirect all incoming traffic to a C&C server controlled by cybercriminals. A typical attack looks like this: when a user wants to visit a compromised site, his request is redirected to the C&C server. If the user meets certain criteria, the C&C server instructs the site to respond to the request by sending an HTML file with an online store offering household goods. That is, instead of the legitimate site requested by the user, a fraudulent online store opens. According to the researcher, at the time the malware got into its honeypot, the attackers had installed more than 7 thousand e-commerce stores on the compromised resources. Among other things, hackers also generate XML maps of compromised sites containing fake store entrances along with original pages. The attackers generate a sitemap, submit it to a Google search engine, and then delete it to avoid detection. While this procedure looks harmless enough, it actually has a pretty big impact on WordPress sites, as it poisons their keywords with unrelated and fraudulent entries that lower their search engine result page (SERP) rankings. According to Cashdollar, this type of malware can be used in SEO-related ransomware schemes, in which cybercriminals deliberately change the ranking of a site in search results, and then ask for a ransom to fix the consequences. __________________
  3. Site: https://www.extremeheadphones.com/ Method: BILL=SHIP Pub CC Works. (TRY 2-3 TIMES ONLY, Clear Cookies after 3rd try & change IP)
  4. Criminals use SlothfulMedia malware to steal information, keylogging and modify files. The US Department of Defense and the US Department of Homeland Security spoke about malware that is being used by an unnamed group to carry out cyber attacks. CyberScoop sources said the criminals are attacking organizations in India, Kazakhstan, Kyrgyzstan, Malaysia, Russia and Ukraine. The malware, dubbed SlothfulMedia by the military cyber command, is an information theft tool capable of keylogging and modifying files. Agencies have uploaded a sample of malware to a repository on VirusTotal. The malware is being used in successful ongoing campaigns, but agencies have not disclosed which group is responsible for running them. The report also does not mention the specific goals of the criminals. Cyber Command first began exposing government-backed hacking campaigns in 2018. Earlier, the agency reported on hacker operations by foreign governments, including operations from North Korea , Russia , Iran and China . Chinese government-affiliated hackers previously attacked Malaysian and Indian organizations, while Russian hackers carried out cyber-espionage operations against targets in Ukraine, Kazakhstan and Kyrgyzstan. According to the departments, the malware downloads two files on the victim's device. One of them is a remote access Trojan that is capable of taking screenshots, modifying files on systems, killing processes, and running arbitrary commands. The Trojan, designated mediaplayer.exe, also appears to communicate with the attackers' C&C server using HTTP-over-TCP. The second file has a random 5-digit name and removes the bootloader as soon as the RAT gets persistence on the system. Persistence is achieved by creating a service named Task Frame, which ensures that the RAT is loaded after a system reboot. __________________
  5. The SilentFade group used malware to buy ads on behalf of the hacked users. At the Virus Bulletin 2020 security conference, Facebook security team members revealed details of one of the most sophisticated malware campaigns ever to target Facebook users. The cybercriminal group, dubbed SilentFade, used malware to buy ads on behalf of hacked users from late 2018 to February 2019. SilentFade used a combination of Windows Trojan, browser injections, scripts and vulnerabilities in the Facebook platform, demonstrating a sophisticated method of operation rarely seen by criminals. The goal of SilentFade was to infect users with a Trojan, take over control of the browser, and steal passwords and browser cookies of users in order to gain access to Facebook accounts. After gaining access, the criminals began looking for accounts with a payment method linked to their profile and used the victim's funds to post malicious ads on the social network on their behalf. Despite the fact that the campaign lasted only a few months, the criminals managed to steal more than $ 4 million from users. According to experts, the criminals were distributing a modern version of the SilentFade malware bundled with legitimate software that they offered to download on the Internet. As soon as the SilentFade Trojan entered a user's Windows device, the hackers gained control over the victim's computer. However, instead of abusing the system for more intrusive operations, the malware only replaced legitimate DLL files in browser installations with malicious copies, allowing SilentFade to control the browser. As noted on Facebook, the malware used scripts to disable many of the social network's security features and even discovered and then exploited a vulnerability in the platform to prevent users from re-enabling disabled features (site notifications, chat notification sounds, SMS notifications, email notifications). mail, notifications from the page). Knowing that Facebook's security systems can detect suspicious activity and logins and notify the user through a private message, the SilentFade gang also blocked Facebook for business and Facebook Login Alerts, which sent alerts in private messages in the first place. They investigated and found a GitHub account that allegedly hosted many of the libraries used to create the SilentFade malware. Facebook traced this account and the SilentFade malware back to ILikeAd Media International Company, a Hong Kong-based software company founded in 2016, and two of its employees, Chen Xiao Kong and Huang Tao. Facebook sued the company and two developers in December 2019, and the lawsuit is still ongoing. __________________
  6. If the purchase of US TikTok operations does not meet national security requirements, the app will be closed. Oracle's purchase of TikTok's US operations and spinning them off as a separate company turned out to be tricky. The fact is that the parties to the transaction currently interpret the preliminary agreements differently. For example, the Chinese company ByteDance, which still owns TikTok, wants to retain 80% of the shares of the new company TikTok Global, while the American authorities demand full control over the application code. “The USA should have all the code. Oracle will be responsible for modernizing the code, cleaning up the code and keeping it secure in its cloud and… meeting all of our requirements, ”US Treasury Secretary Stephen Mnuchin said during the CNBC Investor Conference on Wednesday, September 30. In other words, the US government is not prepared to share pieces of TikTok's code and let China retain control of the recommendation algorithm. According to Mnuchin, if the deal does not meet national security requirements, then TikTok will be closed in the United States, writes Reuters. It is worth noting that ByteDance is ready to give Oracle a 12.5% stake in the new company TikTok Global and control over code updates, as well as allow it to store application user data on its servers in the United States. As for control over the recommendation algorithm, ByteDance intends to keep it for itself. This condition was imposed by the Chinese authorities, wishing to prevent the transfer of important intellectual property abroad without special permission. __________________
  7. RDP | China | Administrator, Windows 2003 Cracked No blacklist | | Administrator | Qijenanen.123 RDP | China | Administrator, Windows 2003 Cracked No blacklist | | Administrator | 520520 RDP | China | Administrator, Windows 2003 Cracked No blacklist | | Administrator | qq1234567 RDP | China | Administrator, Windows 2003 Cracked No blacklist | | Administrator | w2sx3edc RDP | China | Administrator, Windows 2003 Cracked No blacklist | | Administrator | a123456 RDP | China | Administrator, Windows 2003 Cracked No blacklist | | Administrator | 0000 RDP | China | Administrator, Windows 2003 Cracked No blacklist | | puji | puji RDP | China | Administrator, Windows 2003 Cracked No blacklist | | puji | puji RDP | China | Administrator, Windows 2003 Cracked No blacklist | | qingwa | qingwa RDP | China | Administrator, Windows 2003 Cracked No blacklist | | qingwa | qingwa RDP | China | Administrator, Windows 2003 Cracked No blacklist | | veronica | veronica RDP | China | Administrator, Windows 2003 Cracked No blacklist | | scans | scans RDP | China | Administrator, Windows 2003 Cracked No blacklist | | tempo | tempo RDP | China | Administrator, Windows 2003 Cracked No blacklist | | claudio | claudio RDP | China | Administrator, Windows 2003 Cracked No blacklist | | Administrator | Aweasd123 RDP | China | Administrator, Windows 2003 Cracked No blacklist | | softland | softland RDP | China | Administrator, Windows 2003 Cracked No blacklist | | Administrator | 123123 RDP | China | Administrator, Windows 2003 Cracked No blacklist | | admin | Password@123
  8. REvil operators are looking for teams of experienced hackers for penetration testing. The operators of the ransomware REvil have made a $ 1 million deposit in bitcoin on a Russian-speaking hacker forum with the aim of hiring experienced hackers. Many ransomware operations are carried out as part of the Ransomware-as-a-Service (RaaS) business model, in which developers are responsible for developing ransomware and payment sites, and affiliates are hired to hacking enterprises and encrypting data on their devices. Under the terms of such an arrangement, malware developers receive 20-30% of the total income, and affiliates receive 70-80% of the ransom payments they generate. As part of this recruiting campaign, REvil is seeking teams of experienced hackers for penetration testing, or just experienced professionals. "1. Teams that already have experience and skills in penetration testing work with msf / cs / koadic, nas / tape, hyper-v and analogs of the listed programs and devices. 2. People who have experience, but do not have access to work, "- reads the announcement of operators REvil on the hacker forum. Having made a deposit of $ 1 million to the hacker forum, the REvil operators decided to show potential partners the seriousness of their intentions. This forum allows members to deposit bitcoins into a wallet hosted on the site. Members can see the deposits of other users, and the invested bitcoins can be used to privately buy and sell illegal services or data through the forum. __________________
  9. Site: https://freerdpserver.com/ Register and setup your RDP free!
  10. Singapore-based cryptocurrency exchange KuCoin disclosed a major security incident, the hackers breached its hot wallets and stole all the funds, around $150 million. twitter.com Deposits and withdrawals have been temporarily suspended while the company is investigating the security incident.“We detected some large withdrawals since September 26, 2020 at 03:05:37 (UTC+8). According to the latest internal security audit report, part of Bitcoin, ERC-20 and other tokens in KuCoin’s hot wallets were transferred out of the exchange, which contained few parts of our total assets holdings.” reads a statement published by the company. “The assets in our cold wallets are safe and unharmed, and hot wallets have been re-deployed.”Hot wallet refers to any cryptocurrency wallet that is connected to the internet, for this reason, they are more exposed to cyber attacks.Hot wallets are used as temporary storage systems for assets that are currently being exchanged on the exchange.Cold storage refers to any cryptocurrency wallet that is not connected to the internet, for this reason, they are considered more secure. They usually don’t contain as many cryptocurrencies as do many of the hot wallets.KuCoin discovered the security breach on September 26 when its staff noticed some large withdrawals from its hot wallets.The exchange immediately investigated the anomalous operations and discovered the cyber heist of Bitcoin assets, ERC-20-based tokens, along with other cryptocurrencies.The overall amount of funds stolen by the hackers is greater than $150 million, based on an Etherium address where the stolen funds were transferred. twitter.com Today (September 26, 2020), KuCoin CEO Johnny Lyu will provide additional details about the incident in a live stream at 12:30 (UTC+8).The exchange plans to refund its users using its cold wallets.This incident is one of the biggest hack ever reported, below a list of most prominent incidents. twitter.com __________________
  11. Hungary's largest telecommunications operator Magyar Telekom has announced a cyber attack on some banking and telecommunications networks. As "Evropeyskaya Pravda" writes with reference to Reuters, the operator said this on Saturday, September 26. The attacks themselves occurred on Thursday, September 24, causing systems to malfunction. According to the operator, the DDoS attack was carried out from servers located in Russia, China and Vietnam. "This was one of the largest cyberattacks in the country's history, both in scale and complexity," the company said. "Russian, Chinese and Vietnamese hackers attempted a DDoS attack against Hungarian financial institutions and also targeted Magyar Telekom's networks." It should be noted that the location of the servers does not necessarily mean that the attackers themselves were located in those countries. The volume of data traffic used during it was 10 times higher than usual, and the attack itself occurred in several "waves". Hungarian OTP Bank also confirmed that it was attacked. "On Thursday, a DDoS attack was carried out on telecommunications systems serving one of our banking services. We repulsed the attack together with Telekom, which was also affected, and a short service outage in the afternoon was fixed," OTR said. __________________
  12. smtp.rsnweb.ch|587|marion.fluri@rsnweb.ch|hennessy01 mail.tbnw.jp|587|kappy104@tbnw.jp|hzl023322hzl023322 smtp.trattoriasanmartin.it|587|info@trattoriasanmartin.it|7GiaNobil quefaz.com.br|587|quefaz@quefaz.com.br|wander01 epost.no|587|jan.hagen@epost.no|72joja smtp.brainy.cz|587|filip@Brainy.cz|sosofous mail.wideband.net.au|587|kenyandle@wideband.net.au|explorer smtp.hi-ho.ne.jp|587|y-maki2@hi-ho.ne.jp|surf99081q servcom-ap.com.br|587|valdercunha@servcom-ap.com.br|dell@1955 mail.ncbb.net|587|shelley@ncbb.net|Stinker4091! smtp.gchambon.com|587|mail@gchambon.com|00161600 mail.duracom.net|587|penguinkitty@duracom.net|5641564 mail.hardy.com|587|loulou@Hardy.com|170995 smtp.digis.net|587|lathanthompson@digis.net|lathan1234 mail.kgldcable.com|587|bates03@kgldcable.com|couper smtp.ig.com.br|587|rafa-20rj@ig.com.br|59254 mail.eatel.net|587|lrheath@eatel.net|Lh796156 uf-fan.com|587|jerry@uf-fan.com|GTI7321CLr derpymail.org|587|sploogethefish@derpymail.org|baker3 smtp.drakaina.com|587|drakaina@drakaina.com|0130
  • Create New...