Hacking

Few years ago, gaining exploits was available only in some underground forums or chat rooms. Today there are many forums to get them and some hackers sell their founding. Some of them they even advertise them in public. Like “TheHell” which is showing a Yahoo! mail exploit and says that it sells it for $700. It is a cross-site scripting (XSS) vulnerability and according to the hacker, it works on all the browsers. What it does, it steals the cookie from the victim. Don’t be afraid just yet, in order to work the attacker must send a link to his victim and the victim click on that link. Of course it is very easy to create a website, offer something for free and have this link instead. Yahoo! is aware of that and they are working on a fix, I hope soon.

The hacker group Anonymous is going to create its own WikiLeaks and the project’s name is TYLER. This is a decision derived from the conflict of the Anonymous and Julian Assange for the forced funding. Anonymous will publish secret government documents to their own platform which is scheduled to the end of this year (21 December). Also, they don’t like when Assange was threatened to close WikiLeaks and they want to keep such information public and available to everyone. Maybe there is also the need to create another platform for secret commercial documents to see the dirty work of large organizations and their way to rule the world.

Anonymous took down several Greek government websites and the reason is maybe the visit of German Chancellor Angela Merkel. This is not the first time that Anonymous takes down Greek government webpages and if they continue to support the people of Greece then it will not be the last. A big percentage of the people there is fighting to survive and any kind of support is appreciated. Police and government didn’t upgraded their security enough since the last attack by Anonymous.

PhpMyAdmin is one of the most popular MySQL administration tools written in PHP. A compromised version of PhpMyAdmin was distributed via a SourceForge mirror and after a security issue was reported, malicious people exploited it. That version had server_sync.php modified and the backdoor is allowing to the attacker to execute PHP code remotely. Because of the fact that SourceForge is the largest open source software development website, if infected many systems. This is not the first time attackers exploit the open source community to distribute their backdoor.

F-Secure, a finnish security company recently found a malware which installs itself to almost all operating systems. It is a web exploit which recognizes the OS of the visitor and then installs the corresponding malicious code for that OS. This one is not installed on your system unless you approve a Java applet installation. In all operating systems the code does the same thing, it connects to a command and control server (with IP 186.87.69.249) and then it downloads additional code to execute. The name of this scary but intelligent malware is GetShell.A. There are millions of malware out there and you can’t be too careful.

Yahoo! Voice has been hacked and 400,000 passwords were leaked. If you use Yahoo Voice then you should change your password A.S.A.P. Also, if you are using the same password on other websites and services, now it is a good time to change those too. Once again, the hack was based on SQL injection. Yahoo! has released a statement where apologizes for the attack to the users. If hackers have the password of your email account then they can access any other accounts where you used this email to sign up.