Category Archives: Hackers

We will cover current issues about hacker groups around the world who act behind the scenes and commit cybercrimes.

16-year-old hacker allows police to identify rape perpetrators

Guilty of rape and indecent acts on a minor have been identified by the exploits of a 16-year-old hacker.

The events take place in Besançon, Essonne. Two juveniles suspected of rape were arrested at the time and put behind bars.

This article will also interest you: 4 facts that prove that this is the man's main security flaw

Local police said they had received help from the 16-year-old pirate. the victim is believed to be a teenage girl who lives in the city of Morsang-sur-Orge. The young hacker reported that he had referred to a video posted on social media to locate and identify the two culprits of this despicable crime. And it only lasted one night. The young hacker explained on the channel of France info where he was questioned, that he does not fully have only legal methods. "I saw the video and saw two young people tangleing a girl, and I saw that there was a rape story," he says. "We started investigating, we found his Snap, his first name. With the first names and the city, and with databases that we had hacked long before, we found their identity. ».

If the young pirate acknowledged in a certain sense that the process used was against the law, he also emphasized the fact that he has the merit of efficiency. "If we hadn't given, nothin[leur identité]g would have advanced, at least not in such a short time. In one evening we managed to find them. ». Fact that can't be denied.

We remember that rape has a place, there is now a week in the town of Morsang-sur-Orge, in the Essonne region. The culprits were identified through the Pharos. The perpetrator of the rape and his accomplice, the one who filmed the scene was stopped by police last Friday after being taken to the police station by their own parents. Their public identification resulted in a series of threats that could lead to reprisals. the indictment was carried out on Sunday followed by official detention temporary. The charges against them include "rape" meeting" and the "recording or dissemination of an image of breach of integrity of a person."

For the little hacker, who is the star of his arrests, nothing has been said yet. One wonders if he will be prosecuted for computer hacking. For, even though he helped, he did not violate the law. And according to him his own statements, it would seem that this is not the first time. And this is not likely to be the last. However, this story is a nice illustration of the use of computer piracy as a means of participating in the regulation of society.

Now access an unlimited number of passwords:

Check out our hacking software

Chinese hackers get around double authentication

A group of Chinese called APT 20, known by the media as being linked to the Chinese government, specializes in hacking of public institutions and industrial enterprises.

They are considered to be very effective in taking control of service providers. And now we're discovering a new string to their bow. It would be able to bypass the famous dual-factor authentication.

This article will also interest you: APT41, a group of Chinese pirates discovered

For some time now, security experts have been announced that there is a Successful Chinese Group where was able to circumvent the security offered by dual authentication factor. during a wave of attacks that took place during the year. "These attacks are attributed to the APT20 group, tracked down by the cybersecurity, and which would operate on the orders of the Chinese government. According to the Dutch IT security company, Fox-IT in its report published the week before.

The hacker group has mainly targeted institutions government, service providers in a number of areas, such as health, aviation, finance, energy, insurance, and even the bets.

According to the computer security company, hackers Chinese have been very active in recent years. we can go back to 2011 with the first shot of hacking of the group. however around 2016 and 2017, cybercriminals stopped making of them, surely with a view to changing the modus operandi. It is surely the last two years, that is, 2018 and 2019 that these groups pirates have been genuinely active on different bases. The Dutch company cybersecurity says APT 20 is using the web server as soon as they have gained access to their targets' systems. The illustration was given with the attack of the platform referred to as JBoss, which is widely adored by networks of governments and private companies. "APT20 has exploited vulnerabilities to access servers, then installed web shells, and then spread laterally into the target's internal system," Fox-IT noted. Once their intrusion was successful, the Chinese hackers automatically seized the passwords and other identifiers needed to be able to easily access the system and take over user accounts. in short he just wanted recover the identifiers that access to the VPN. In this way, it would be easy for them to have access to fairly secure and impregnable parts of their infrastructure victims, in "stay off the radar." To succeed in this masterstroke, they preferred to use software already installed on the various terminals that he had managed to hack, instead of viruses that they could have conceived themselves, because it would be risky and it could have been done detect.

but in all this what it must be remembered and what seems really essential is that this group of hackers has indeed succeeded bypass multi-factor authentication. According to the company Dutch computer security, there would be evidence that hackers Chinese had managed to log into VPN accounts that were secured by the family multiple authentication.

According to the Fox-IT theory, APT 20 stole a software token from which single-validity code could be generated, to help them exceed the security measures required by dual-factor authentication. If in principle it is impossible to do so to circumvent the dual authentication, foxit tries to explain the reasons that legitimize the success of the Chinese hackers: "The token is generated for specific variables of the system, but obviously these variables can be recovered by the attacker when he has access to the victim's system. (…) In short, the attacker simply needs to steal a token from the RSA SecurID software and patch an instruction to generate valid tokens. »

Now access an unlimited number of passwords:

Check out our hacking software

When hackers try to have fun by publishing data

In recent weeks, hackers have had fun publishing thousands of identifiers linking to Ring camera accounts.

It was a question of valid identifiers, and it was published on a dark web forum. The media think they did it mainly for the purpose of getting people talking about them, but also "to make people laugh". It is believed that they had in their plan, the fact that users who had their data published were tracked by potential hackers.

This article will also interest you: Personal information related to French patients published online

The hackers succeeded by using a technique called "credential stuffing". this required them to use software and tools that were special enough to successfully compile the necessary information from several other data leaks. This being a success, they simply test their system at Ring authentication. So every time an identifier managed to pass, they automatically published it. That is not all. Hackers also allowed themselves to publish the tools they used to allow other hackers to try. BuzzFeed published a list of more than 3,600 accounts. For his part the site TechCrunch published him in an article a second list in which he had exactly 1,500 Ring account.

For its part, Ring has begun to reset all of The informing users of the problem.

According to Ring, there were only 4,000 entries that were really valid on the hundred thousand identifiers that were published. Although the company said it was not aware of the list that was circulating after being contacted by several media outlets regarding the data leak, it still meant that it had already reset all of its users' passwords. In other words, the people concerned were already on the alert even before the leak in question. If data leakage there was actually.

In addition, some users have indicated that they have reused their same password. However others have exchanged their login credentials since they read articles about the hacks it has various leaks that have been published in the media.

It is known that the hacker who is behind the publication of more than 100,000 ring accounts has also published a tool call it "Ring config." This tool, it must be made clear, helps to automatically make the task of hacking Ring accounts.

On this issue, the authorities have not yet reacted. We are waiting for a return on the identity of hackers and the real reason why they are motivated. For while it is pointed out that the data leak was intended to amuse the gallery, the fact remains that hackers had motivated others to continue to hack into the Ring account. Which implies that there is bound to be a hidden goal behind all of this.

Now access an unlimited number of passwords:

Check out our hacking software

2 Russian pirates batted in American justice

They are named respectively Maxime Iakoubets and Igor Tourachev.

Since 5 December, they have been under an international arrest warrant issued by the Federal Police American.

The reason for this arrest warrant is in the field of computer security. Indeed, they are recognized as dangerous hackers who have made more than a hundred thousand computers. They managed to earn more than $100 million in their misdeeds in just a decade.

This article may also be of interest to you: An APT hacker group identified by the Russian firm Kasperky

It should also be noted that these hackers are suspected of making from a team of computer scientists Russia's spy service. Arrested, they are charged in the United States at present.

The two Russian hackers were found to be at the head of a group of cyber criminals with the name " Evil Corp." It's a group of cyber criminals having the notoriety to attack financial institutions, banks, companies and other private organisations as well as local authorities. Their favorite method of hacking is phishing, also known as "the phishing." According to the accusations of the American justice, the Russian group led by the two accused is said to have caused the spread of several malware around the world for 10 years now. Among the malware they allegedly leaked, we can including the Zeus, Bugat and Dridex programs. They are generally used by the phishing method behind email attachments. those software software had the particularity of stealing financial data (from bank account numbers, login credentials, secret codes, etc., etc. They then use it to rob their victims, empty their accounts fraudulently transferring their funds to the bank their. For example, the Zeus malware was used from 2009 in the U.S. to steal more than $24,000 from the Franciscan Sisters' Account based in Chicago. It has been analysed that the most recent attacks of this group date back to the month of May this year.

Maxime Iakoubetselle is considered by the U.S. judicial authorities to be the head of The Evil Corp's hacker group. He would then be "responsible for management and supervision of the group's malicious activities (…) and Igor Tourachev as one of the administrators (…) having control over the Dridex software" . Maxime Iakoubets "is a true criminal of the 21st century who, by pressing a button and clicking on his mouse, committed computer crime around the world," said Brian Benczkowski, the Minister of Justice during a press conference. "Each of the computer intrusion was actually a bank robbery assisted by computer. The latter apparently collaborated with the services (FSB) "from 2017 (…) on plans for the government," explained the U.S. Treasury.

In addition, the U.S. Treasury has put in place several sanctions to direct to 17 individuals and 7 organizations with an affinity with Evil Corp.

Now access an unlimited number of passwords:

Check out our hacking software

APT hacker group identified by Russian firm Kasperky

Russian computer security company Kaspersky has announced that it has unmasked a group of APT-type hackers.

The hacker group is believed to have been implicated in a data leak involving Shadow Brokers, which took place in 2017. It turns out that this is a group of hackers that had been observed for a very long time by the American aerospace agency the NSA.

This article will also interest you: A flaw in Kaspersky software that allows websites to collect personal data about users

The facts are happening exactly in 2017. A group of specialized hackers named Shadow Brokersen is the main actor. The group had published secret information from the National Security Agency (NSA) on the Internet, allowing a large number of people to access it. This information, which was published, consisted of a set of exploits and several tools used for computer hacking, including one of the most famous known as "EternalBlue. ", malicious code that had been used in the design of the WannaCry ransom program and two other infamous malware NotPetya and Bad Rabbit in 2017.

Also among the published data, there is not particularly a file that has attracted attention. It is called "," which presents itself as a goldmine for information and information on transmissions. It's a program that has a feature that resembles that of a malware scanner. it is known that the U.S. intelligence agency used it for the purpose of analyzing the terminals infected with themselves, to see if these machines were already affected by programs produced by groups of hackers such as the APT "Advanced Persistent Threats".

The script was built on the inclusion of certain signatures, which were completely unknown to the world of computer security until 2017, which clearly demonstrated that the U.S. agency was ahead of the curve in protecting computer security systems on private cybersecurity companies. which is shocking when you consider that the NSA could for a very long time detect and even observe the operations carried out by different groups of hackers, especially those with hostile interests.

However, in a report published last month, the elite unit, dedicated to the hunt for hackers, of the Private Security Agency Kaspersky, GReAT, had announced that it was in the footsteps of the mysterious pirate group, that is, the group of hackers who was being hunted by the NSA script. For researchers Kaspersky, script number 27 has identified files that make part of an organization called the "DarkUniverse" which consist of malware framework and also names that identify the group of pirates and their activities.

Note that this group of pirates was active in the vicinity of 2009 until 2017, and we always knew how to keep a low profile to avoid drawing the maximum attention to them, especially after the data leak "Shadowbrokers: "The suspension of its operations could be related to the publication of the leak "Lost in Translation ", or the attackers might simply have decided to move to more modern approaches and start using tools more widely available for their operations," the GReAT team said in an article detailing the darkUniverse malware framework.

Now access an unlimited number of passwords:

Check out our hacking software