HackThis!! News

IRC Currently Offline Online

Mon, 05 Dec 2011 21:08:43 +0000

Our IRC server is currently offline, and will be until futher notice. There has been some problems for our provider and they are having to migrate to a new data center. The hardware should be moved this evening and back online tomorrow.

Update:

The server is now back online and fully functional. For those who would like to join us here are the details:
Server: irc.hackthis.co.uk
Port: 6667 (6697 SSL)
Channel: #hackthis

US Water Treatment Systems Hacked?

Mon, 21 Nov 2011 21:03:55 +0000

Hackers have allegedly destroyed a water pump used by US water utility in Springfield, Illinois. The hack exploited a SCADA (supervisory control and data acquisition) system that controlled the water pump and then set the pump to continually power on and off, burning out the water pump. According to the report by Joe Weiss, usernames and passwords were obtained from the softwares vendor. The attackers' identity is still unknown, but their IP was traced back to Russia.

Texas

This has already been followed by another attack against a water treatment facility in South Houston, Texas. A hacker by the handle "pr0f," has taken credit for this exploit on pastebin with screenshots of the exploited programmable logic controller.

"I wouldn't even call this a hack, either, just to say. This required almost no skill and could be reproduced by a two year old with a basic knowledge of Simatic."

He told Threatpost that the Siemens Simatic human machine interface software that he exploited was Internet-connected, and protected with only a three-character password.

Norway

PCMag have reported on a confirmed attack of Norway's oil, gas, and energy sectors. During the attack sensitive information was obtained. This has been confirmed by Norway's National Security Authority (NSM). Malware-infected emails that were sent to "selected individuals in large Norwegian companies."

test

Tue, 30 Nov 1999 00:00:00 +0000

[vimeo]25588544[/vimeo]

Duqu - new Stuxnet worm?

Wed, 19 Oct 2011 19:49:50 +0100

"Security researchers have discovered a new form of malware that appears to have been created by the same people behind the Stuxnet worm uncovered last year. The malware, named Duqu, gathers intelligence from industrial control system manufacturers, possibly for use in mounting Stuxnet-like attacks against facilitates such as power stations that use the industrial control systems.

Security firm Symantec reports that Duqu does not self-replicate, which means it is not a worm like Stuxnet, but was targeted at specific organisations. Also unlike Stuxnet, which was mainly found on systems in Iran, Duqu infections were detected on European computer systems." - newscientist.com

What was the Stuxnet worm?
When first discovered in 2010, the Stuxnet computer worm posed a baffling puzzle. Beyond its unusually high level of sophistication loomed a more troubling mystery: its purpose. Ralph Langner and team helped crack the code that revealed this digital warhead's final target -- and its covert origins. In a fascinating look inside cyber-forensics, he explains how.

Video from http://www.ted.com/

Read more:
http://www.bbc.co.uk/news/technology-15367816
http://www.newscientist.com/blogs/onepercent/2011/10/researchers-discover-the-new-s.html

Password Strength - xkcd

Fri, 12 Aug 2011 23:53:34 +0100

AntiSec Against News International

Tue, 19 Jul 2011 00:03:09 +0100

After much news coverage on News International and the phone "hacking" scandal, #AntiSec have shown where they stand with a number of attacks against the corporation.

Unlike their recent DDOS attacks they have moved on to more interesting antics. Taking control of thesun.co.uk, originally getting the home page point to an article reporting Rupert Murdoch's death [An screen shot of the article can be seen here]. Later redirecting all traffic to the @lulzsec twitter feed. Within 30 minutes the site was brought to its knees and is currently out of action.

Also leaking a number of usernames, hashes and salts including Rebeka Brooks. They have said that they also have a collection of emails stolen from News International servers, which they say they are "sitting on".

Apparently News International have released a statement regarding the attacks on The Sun, but LulzSec have started redirecting the page to its Twitter feed instead [Lulzsec Tweet].

Update

Thetimes.co.uk is also appearing to be down. Although anonymous are not taking the credit in one of their status updates. Seems to be part of the after affect of earlier events.

Related News

Sean Hoare...phone hacking whistleblower found dead - read more.

More to come soon...

The International Cyber Security Protection Alliance

Tue, 05 Jul 2011 22:41:06 +0100

A number of major security companies have annouced today that they will be involved in an organisation fighting cybercrime on a global scale. The International Cyber Security Protection Alliance (ICSPA) is a global not-for-profit organisation established to channel funding, expertise and assistance directly to assist law enforcement cyber crime units. As well as companies including McAfee and Trend Micro, Europol is also officially signed up...as well as support from the UK government.

"Our government has already injected an additional £650m to help improve our national infrastructure and protect against cybercrime, but the very nature of this threat calls for more than a national response; it demands a truly global response and that is what the International Cyber Security Protection Alliance is all about" - David Cameron, UK Prime Minister.

"We are not looking for new money here. There is quite a lot of money out there that isn't providing the best results" said John Lyons, chief executive of the ICSPA. They will be attempting to raise funds from both governments and private companies.

Read more about ICSPA: https://www.icspa.org/about-us/

WikiLeak Video

Mon, 04 Jul 2011 18:46:08 +0100

Citi hackers made $2.7 million

Wed, 29 Jun 2011 18:51:30 +0100

"Citigroup suffered about US$2.7 million in losses after hackers found a way to steal credit card numbers from its website and post fraudulent charges.

Citi acknowledged the breach earlier this month, saying hackers had accessed more than 360,000 Citi credit card accounts of U.S. customers. The hackers didn't get into Citi's main credit card processing system, but were reportedly able to obtain the numbers, along with the customers' names and contact information, by logging into the Citi Account Online website and guessing account numbers."

Read more: http://www.computerworld.com.au/article/391482/citi_hackers_made_2_7_million/1309107077

LulzSec quit after 50 days

Sun, 26 Jun 2011 00:46:05 +0100

Recent developments from LulzSec makes it look like that after 50 days they have abandoned ship. http://pastebin.com/1znEGmHa was posted less than an hour ago saying farewell. Even though stating earlier today that they were preparing for a release on Monday they say in their latest release it was all planned to finish today - "Our planned 50 day cruise has expired".

All though there presence was short their impact was far greater than anyone expected. With many high profile attacks, from Sony to the US Senate and CIA. As well as direct attacks they also effected decisions by Australian ISP to halt web censorship [www.zeropaid.com].

"We hope, wish, even beg, that the movement manifests itself into a revolution that can continue on without us. The support we've gathered for it in such a short space of time is truly overwhelming, and not to mention humbling. Please don't stop. Together, united, we can stomp down our common oppressors and imbue ourselves with the power and freedom we deserve."

Pastebin: http://pastebin.com/1znEGmHa
Torrent: http://thepiratebay.org/torrent/6495523/50_Days_of_Lulz

Addition:
Follow up from Sabu: http://twitter.com/#!/anonymouSabu/status/84765521953828864

What is in their final release?
The torrent contains over 750,000 account details as well as a variety of other documents - What's inside LulzSec's final data dump

Searchable list of all compromised accounts - http://dazzlepod.com/lulzsec/final/

TeaMp0isoN poised to expose LulzSec?

Sat, 25 Jun 2011 15:14:16 +0100

TeaMp0isoN claimed that it has managed to break into Lulzsec, posting a message on an alleged Dutch Lulzsec members site. Sven Slootweg quickly denied the accusations, and a statement posted on his website [sven-slootweg.nl] states "I am not a member of LulzSec (a statement I have made several times before in various places)." The page has since been taken down, but can be seen below.

TeaMp0isoN say they will be releasing a follow up document exposing LulzSec members, including pictures, addresses and passwords. Is this the end of LulzSec or another empty claim for exposure?

"We're here to show the world that they're nothing but a bunch of script kiddies"

Stay tuned: @TeaMp0isoN_
Read more: http://www.foxnews.com/scitech/2011/06/23/hacker-vs-hacker-group-races-police-to-expose-lulzsec/

A brief Sony password analysis

Tue, 07 Jun 2011 18:10:58 +0100

"I thought it would be interesting to take a look at password practices from a real data source. I spend a bit of time writing about how people and software manage passwords and often talk about thing like entropy and reuse, but are these really discussion worthy topics? I mean do people generally get passwords right anyway and regularly use long, random, unique strings? We've got the data - let's find out."

Read More: http://www.troyhunt.com/2011/06/brief-sony-password-analysis.html

LulzSec claims FBI affiliate hacked, users exposed

Sat, 04 Jun 2011 15:41:00 +0100

"Lulzsec recently defaced PBS's website and stole more than 1m user records and coupon codes at Sony Pictures Entertainment's.

The data posted online includes the personal info for 180 users at Infragard, which is a private-public partnership between the FBI and U.S. businesses "designed to protect IT systems from hacker attacks and other intrusions."

It also includes purported chatlogs with Hijazi; and more than 700MB of internal emails discussing the operations of his company, which include references to network surveillance of Libyan interests."

Read More: http://www.boingboing.net/2011/06/03/lulzsec-claims-fbi-a.html

Chat Offline

Sat, 28 May 2011 18:08:45 +0100

The sidebar chat box will not be working until further notice. If you need help please click help -> irc or connect your IRC client to irc.hackthis.co.uk #hackthis

Hijacking LinkedIn Cookies

Mon, 23 May 2011 22:32:08 +0100

"Vulnerabilities in how cookies were handled on LinkedIn profiles laid user profiles at risk of tampering, a security researcher said. Rishi Narang, a former senior consultant for financial service firm Deloitte and Touche said accounts could be hijacked for up to a year by intercepting cookies that tracked user sessions.

An attacker could keep accessing to an account on the site despite a password reset because cookies were still valid after the change.

Cookies were vulnerable to man-in-the-middle-attacks because the website reverted to hypertext transfer protocol after users logged in through its secure cousin, HTTPS."

Read more: http://www.scmagazine.com.au/News/258269,linkedin-profiles-at-hijack-risk.aspx