Russian hackers stole personal details of 54 millions Turkish Citizens

The Publicized Hacks, Cyber attacks and Data breaches continue to increase, and the majority of attacks are from outsiders.

Recently, Some unknown Russian hackers have reportedly stolen Personal details of nearly 54 million Turkish citizens, about 70% of the whole Turkish population.

According to a report published by 'Hurriyet News', Researchers from KONDA Security firm revealed that the hackers have stolen data from a political party's vulnerable system that include Name, ID numbers and address of 54 million voters across the Nation.

Researchers claimed that the hacked system (being used for Database and website Management) did not have any antivirus product installed and voter information was also uploaded online on a vulnerable website.

This was really a bad idea, and they mentioned that “in two hours hackers downloaded all the information.”

In another statement, they mentioned that some government institutions share citizen’s personal data online with other public and private bodies without ensuring the protection of data.

It’s tough to accept, but you cannot protect all data. Data breaches will keep striking in 2014 also, but we will never know Where, When and How. Attackers are getting smarter, developing new advanced persistent threats, so Data breaches continue to become increasingly sophisticated.

It is always important to take steps to enable encryption for Data and Devices, educate and aware the end users about the latest threats and basic necessary actions to protect the key data.

How to Install BackTrack on Android Mobile and Tablet

BackTrack is one of my favorite OS. First reason is it is made by world class hackers and second one is all hacking tools are available and last and third one, it is flavor of Linux. I can use it only on PC, Android is booming now these days... 

Now you can Install Back Track Linux OS on Android smartphones and tablets. Now it is possible to install and run Backtrack on your Android devices.

Requirements: 
Root 

   1GHZ processor (recommended)

   512MB Ram (recommended)

   Android 1.6 or higher

   Back Track R3  click here

   Kernel will loop device support (this is included in most custom ROM’s)

   SD card with at least 3.5GB of free space

   Data connection on your device

   Following Android Apps:

1.       BUSY BOX : It acts like a installer and uninstaller.it needs root permission to run.it has CPU cores and can  run Linux kernels on android. click here

2.       Superuser : This app just grants a superuser power to your phone just like "su " does for Linux. click here

3.       Terminal Emulator : Terminal Emulator is app that runs a terminal console in android. click here

4.       Android VNC : Android VNC is a tool for viewing VNC in Android.click here

How to Install Backtrack on Android Tablet or Phone?

1. Extract BT5-GNOME-ARM.7z to folder, for example “BT5? folder and then put on Galaxy Tab root directory.
2. Open Terminal Emulator on Galaxy Tab then go to BT5 folder with command prompt.   Here the command . cd sdcard/BT5
3. Then run this following command and you will see
   root@localhost
   Here the command
   su
   sh bootbt
4. Now lets run Backtrack GUI with VNC viewer
   Here the command :
   startvnc
5. To connect wth VNC we must know the port where VNC listening. Run netstat -anpt and remember the port where VNC listening. In this case the port is 5901
6. Open AndroidVNC and fill the form like this:
   Nickname : BT5
   Password : toortoor
   Address : 127.0.0.1
   Port : 5901
7. Connect it and you will see Backtrack 5 interface.

Now you have just installed Backtrack5 on your Android Tablet i.e you now have one of Linux Penetration testing OS on your phone used by hackers.

Use responsibly, Mosec-Lab will not be held responsible for any damaged caused by it.

 

Penetration Testing Tools for PENTESTER "LINUX"

P-DiggEr v4.o
[+] The Weapon Of Mass Destruction IP-DiggEr v4.0 Released xD
[+] Project Name :- IP-DiggEr v4.o The Next Level
Features Of IP-DiggEr v4.0 The WeB Xploit3r The Next Level

FTP Brute Force
Admin Panel Finder

Website Vulnerability Scanning To0ls
--------------------------------------------
Joomla Vulnerability Scanner
Wordpress Vulnerability Scanner
UniScan -> Web Vulnerability Scanner
--------------------------------------------
Uploaded Shell Finder ( Website )
--------------------------------------------

Web-Backd0or ( Weevely )
--------------------------------------------
Web Backd0or Generator ( Weevely )
Web Backd0or Server Connect0r ( Weevely )

Other Hacking To0lKit
--------------------------------------------
W3bSploit T0olkit by 0x0ptim0us
==============================================
Ip- DiggEr v4.0 The WeB Xploit3r The Next Level
Download Link :- http://www.mediafire.com/?o3xsujs841gno79

MisoSMS: New Android Malware Disguises Itself as a Settings App, Steals SMS Messages

 

FireEye has uncovered and helped weaken one of the largest advanced mobile botnets to date. The botnet, which we are dubbing “MisoSMS,” has been used in at least 64 spyware campaigns, stealing text messages and emailing them to cybercriminals in China.

MisoSMS infects Android systems by deploying a class of malicious Android apps. The mobile malware masquerades as an Android settings app used for administrative tasks. When executed, it secretly steals the user’s personal SMS messages and emails them to a command-and-control (CnC) infrastructure hosted in China. FireEye Mobile Threat Prevention platform detects this class of malware as “Android.Spyware.MisoSMS.”

Here are some highlights of MisoSMS:

• We discovered 64 mobile botnet campaigns that belong to the MisoSMS malware family.
• Each of the campaigns leverage Web mail as its (CnC) infrastructure.
• The CnC infrastructure comprises more than 450 unique malicious email accounts.
• FireEye has been working with the community to take down the CnC infrastructure.
• The majority of the devices infected are in Korea, which leads us to believe that this threat is active and prevalent in that region.
• The attackers logged in from Korea and mainland China, among other locations, to periodically read the stolen SMS messages.

MisoSMS is active and widespread in Korea, and we are working with Korean law enforcement and the Chinese Web mail vendor to mitigate this threat. This threat highlights the need for greater cross-country and cross-organizational efforts to take down large malicious campaigns.

At the time of of this blog post, all of the reported malicious email accounts have been deactivated and we have not noticed any new email addresses getting registered by the attacker. FireEye Labs will closely monitor this threat and continue working with relevant authorities to mitigate it.

Technical Analysis

Once the app is installed, it presents itself as “Google Vx.” It asks for administrative permissions on the device, which enables the malware to hide itself from the user, as shown in Figure 2.

Once the user grants administrator privileges to the app, the app shows the message in Figure 3, which translates to “The file is damaged and can’t use. Please check it on the website”” and an OK button. Then is asks the user to confirm deletion, ostensibly offering the option to Confirm or Cancel. If the user taps Confirm, the app sleeps for 800 milliseconds then displays a message that says “Remove Complete.” If the users taps Cancel, the app still displays the “Remove Complete” message.

In either case, the following API call is made to hide the app from the user.

12MainActivity.this.getPackageManager().setComponentEnabledSetting
MainActivity.this.getComponentName(), 2, 1);

This application exfiltrates the SMS messages in a unique way. Some SMS-stealing malware sends the contents of users SMS messages by forwarding the messages over SMS to phone numbers under the attacker’s control. Others send the stolen SMS messages to a CnC server over TCP connections. This malicious app, by contrast, sends the stolen SMS messages to the attacker’s email address over an SMTP connection. A South Korean company described a similar SMTP-based exfiltration technique in its blog. Most of the MisoSMS-based apps we discovered had no or very few vendor detections on VirusTotal. Visit http://www.fireeye.com/blog/technical/botnet-activities-research/2013/12/misosms.html to read more.