The email account of Syrian president was hacked by Anonymous along with other accounts on mail server of the Syrian Ministry of Presidential Affairs. The password of 33 accounts including the Syrian president’s one was 12345. Of course, very easy to remember but very easy to be hacked or guessed. 12345 is the second weakest password after 123 and almost half of the accounts on that mail server they were using it. Even if it was the default password nobody cared enough to change it. Hundreds of emails leaked and that could be prevented by a stronger password. Hackers gained access to 78 email accounts and the damage from leaked emails is very big. The lesson here is that you should use stronger passwords if you don’t want your emails fall into wrong hands.
University of Washington’s database was leaked
University of Washington has been hacked once again and their database was leaked. This time they were hacked by N0B0DY and N0LIFE. You can see the information they published on pastebin. You can see the users and WordPress users with their (encrypted) passwords and emails. Once again, hackers used SQL injection to gain access to university’s database. There are more than one vulnerable links that hackers can use to gain access to their database. It is very easy to prevent such attacks and there are more than one ways to do it. If you are too lazy to change your code at least validate the input values. The best way to do this is by using stored procedures and pass the values as parameters instead of building the command string to be executed. It is the most common vulnerability, we have seen hundreds hacks exploding SQL injection and yet there are many websites still vulnerable and just waiting to be hacked.
Greek Justice Ministry’s website was hacked by Anonymous
The website of the Greek Justice Ministry was hacked by Anonymous. The reason is that Greece joined the International Monetary Fund (IMF) which is basically sacrifices democracy for Greek people. The website was hacked by hacktivists from Greece and Cyprus that belong to Anonymous group. This was only the beginning and if Greece implement the ACTA anti-piracy treaty, hackers will attack again. ACTA is hurting the people and if your government agrees with that it makes people to react. Some people think that defacing a website doesn’t change anything but in my opinion they are mistaken. The attack is now known to most people in Greece and even the ones that didn’t know about IMF and ACTA, by learning about the attack they are informed. Also, defacing a website does hurt (even little) the owner of the website. It is not only about the defacement but the message that comes with it especially nowadays that internet is part of our lives.
Anonymous have recorded FBI conference call
Anonymous released a 16-minute FBI conference call which they discuss ongoing investigations with UK law enforcement officers according to hacking activities. A call that was about tracking and prosecuting hackers who belong in loose-knit hacking group. For such a serious things I thought it would be more official but they are joking and laughing. I didn’t know that arresting hackers was so funny for law enforcement officers. According to Anonymous the call is made on 17 January. It it very embarrassing for the FBI to have hackers listening to their call in which they are discussing about them. Everyone though that FBI would have a better security.
GrayHatz defaced large game sites
GrayHatz, a Turkish hacking group which was created on 2006, defaced nine of the largest game sites. Those websites are Call of Duty, X-Men Origins: Wolverine, Spider-Man: Edge of Time, Transformers: Fall of Cybertron, Prototype 2, Infinity Ward (Developer of Call of Duty), The Quantum Of Solace Game, Guitar Hero and DJ Hero 2. Even though I understand the attacks from hackers to some government websites and security companies, hacking game websites is in my opinion pointless. There is a reason behind an attack but that doesn’t mean that every reason is a right one.
Universal Music Portugal database hacked
Hackers have targeted media companies and this is another win for them. Hackers hacked into Universal Media Portugal website and gained access to their database. Hackers published 100 tables and 160 records of the beta_users table to a pastebin file. It includes emails/ids and passwords. The website was taken down right after the hack for maintenance. Of course if you ask the media company, they still believe that those hacks are a minor thing when you compare it with MegaUpload and they are right.
Another hack to give message to 0xOmar
Apparently the war between the hackers is not over and both sites continue their actions. The website of Saudi Arabia’s Presidency of Meteorology & Environment Protection was defaced by you-r!-k@n, an Israeli hacker. Yourikan defaced the website to give a message to 0xOmar and this was not the first time, Israeli hackers stroke back few days ago. In my opinion both sides should stop the retaliations and find a common enemy to attack instead of each other.
Clever phishing for Google accounts
Hackers found a way to successfully phishing Google users. They create a web page which looks exactly as the Google’s login page. This web page is not on Google so in order to appear as Google they use Google’s translation service and they put the URL that is returned by the translation. That URL starts with http://translate.googleusercontent.com/translate_c?hl=en and it is psychological manipulation. Some users think that the site is the original and they insert their credentials without second though. Hackers find more clever ways to gain what they want and users must be more careful with their personal details.
Another fake rumor that Anonymous is going to attack Facebook
This is not the first time we hear that Anonymous will attack Facebook but, just like the previous operation that was fake, this one is fake too. There are several reasons why someone spreads rumors for that. First of all, they get a lot of attention and thousand views on youtube which in most times means money. The second reason is that by telling that Anonymous will attack Facebook and nothing happens reduces the credibility of Anonymous. I have added the video for some of you that might want to watch it anyway but according to Anonymous on Twitter this attack will not happen and it is just another fake. Don’t get me wrong, some people may try to attack Facebook but it has thousands of servers and if Anonymous and their thousands of followers don’t participate do not expect to see Facebook down.
Someone tried to hack the website
Someone tried to hack the website but, since we follow several steps to secure a WordPress blog, the attacker failed. If you combine a strong password with the limit of login attempts then brute force attack is almost impossible. I don’t see the point on hacking a blog like this one but nice try. Such attacks make me happy because if you don’t have enemies then you are doing it wrong and you are not successful if you don’t have enemies. Maybe now that SOPA is on hold they try to find other targets to attack. For the hackers, even though the website is tracking any login attempt, I will not use it. Feel free to continue your tries to hack the blog and if you succeed tell me the security hole and system vulnerabilities so I can secure it even more.