Pallav Kaushish

We are starting a series in which we will be covering latest security breaches from time to time. So whenever you have to look up for the latest security breaches you can visit us and get a comprehensive list. The security breaches will be around the date mentioned in the heading of the article.

Official Website Of Dubai International Airport Hacked
Dubai International Airport website was hacked by Portugal Cyber Army in collaboration with HighTech Brazil Hack team. The hackers first notified E Hacking News about the breach through their twitter account (@Official_PCA) and directed them to a pastebin link containing over 50 official email addresses of Dubai International Airport which ends in Home - Dubai Airports

Though the leaked passwords are in encrypted format it is not difficult to decrypt them. The other twitter handles used by these hackers are @bycrazyduck @AlfabetoVirtual @LIberoamericaMu @L34NDR0 @Thiago_0k @CuriosityGroup @LulzSecPortgual @HackerArgentino

Nepal, Bangladesh and Vietnam Government Websites Hacked
A number of Nepal Government websites were hacked by a group of hackers called Muslim Cyber Sh3LL’z. The website was running on an outdated version of Joomla CMS which created a window of opportunity for the hackers to get in. The official websites that were affected are:

Apart from Department of Agriculture, Kanchanpur rest all the websites are still in the defaced mode at the time of writing this article. The main messages on the website says “Hacked By Shockwave Khan” and is followed with a logo of the Muslim Cyber Sh3LL’z hacker group. The website also shows the information of the visitor and at the end it gives credit to the following hackers:
  • Hax Seeker
  • Anon Rahm
  • Pl4Yb0Y
  • Cod3 burN3R
  • Cod3 m4triX
  • z3N17h
  • V4sp3r MCS
  • Red Lion
  • Sil3nt Hack3r

Before Nepal the same group of hackers hacked and defaced the following official Bangladeshi websites:
These hackers also defaced Vietnam Government website and one of the Indian Government website which have been resumed back to normal.

World Of Tanks Game Hacked
World of Tank which is a property of Wargaming faced a security breach which exposed email addresses and password hashes of their users. However they assured that no financial information has been leaked, which of course is a little relaxing. Immediately after the incident they asked their users (players) to change their password. To accomplish it in a better way they started a ‘Change Your Password Event’ in which they gave 300 points to players who changed their password. This was an innovative way to get the necessary thing done however the security flaw can’t be overlooked. They are also asking users to change passwords of other applications where they might have used the same password.

Linode Web Server Got Hacked
On 15th April Linode announced that their web servers have faced a security breach exposing credit card numbers and paswords of users. However they assured that credit card numbers are stored in encrypted format in their database using public and private key encryption. The private key is further encrypted with passphrase encryption and the complex  passphrase is not stored electronically.

Later a group called HTP claimed the responsibility for the attack. Hackers accessed Linode Manager web server, a part of their source code and ultimately their database by exploiting the zero-day vulnerability in the Adobe’s ColdFusion application server. The patch for this vulnerability was released by Adobe less than a week before this incident took place. They have forced a system wide password reset.

You can find the original article on our blog - Latest Security Breaches Around 20th April 2013| SmartSignin Blog
22 Apr, 2013136 Views