INDIA USING INTERNET VIA MOBILE CAUSES CYBER ATTACKS

Hello, friends here is a good news that there are about 10.9 million apps which are available on about 200 app stores (from where we download apps for our smartphones. And the bad news is that a third of them about 3.4 million apps comes with malware in it, which can steal data, contacts, passwords, personal information (bank accounts etc.) and can cause much more harm to your smartphone.
  
There are about two third of people in India are accessing the internet nowadays through their smartphones. This shows how it is vulnerable to cyber attacks which take place in India.

 The latest survey by Internet security solutions firm Symantec’s Internet Security Threat Report indicates that dependency on mobile devices has gone up significantly in the last two years as mobile penetration increased significantly.

“The survey, conducted in 14 Indian cities in May, shows that people are checking the mobiles at least 41 times a day,” Ritesh Chopra, Country Manager (India) of Symantec told Business Line.

About 50 percent of people have 20 apps in their phones in which about 5 are mobile wallets and e-commerce apps which they use for their business and commercial purpose. People are unwittingly giving permissions to unknown and unverified developers to download apps. A good no. of apps are fake and can steal all this information and data from your phone and can make your life miserable
            There are a lot of cyber crime cases takes place nowadays in India. And half of them takes place from phones.


CONCLUSION: SO, THIS IS NECESSARY  TO ONLY DOWNLOAD THOSE APPS WHOM YOU TRUST AND NOT GIVE PERMISSIONS TO UNKNOWN AND UNVERIFIED DEVELOPERS TO DOWNLOAD APPS.

Read more

Hackers makes $7500 per month from ransomware

Cyber criminals who oversee "ransomware" campaigns, which hold data hostage for money, can make up to $7,500 per month using such schemes, according to a new report from Flashpoint.

“Ransomware is clearly paying for Russian cybercriminals," Vitali Kremez, cybercrime intelligence analyst for Flashpoint, said in a statement.

“Corporations and users are unfortunately faced with a commensurately greater challenge of effectively protecting their data and operations from being held ransom, with no guarantee that sending a ransom payment will result in return of the stolen data.”

The cyber intelligence firm monitored an organized ransomware operation out of Russia since December 2015, and were able to gain "significant visibility" of the tactics and techniques employed by what it called the campaign boss.

"Though the loss of data can be devastating, Flashpoint has observed that sending ransompayments does not always work. In the case of this particular criminal enterprise, this group often prefers to collect payments without ever providing decrypting tools or methods for affected victims," the report says.

Most cybersecurity professionals recommend not paying ransoms, since it usually just encourages attackers to keep up the practice. Instead, it's best to keep regular backups so a system can be restored to pre-ransomware status if it's compromised.

The lure of easy profits is certainly driving a rise in ransomware, which the FBI mentioned as one of the "hot topics" in its annual internet crime report. There were nearly 2,500 complaints of ransomware reported in 2015, amounting to $1.6 million in losses.

Hospitals are a particularly-favored target, since they are more willing to pay.

In March, Maryland-based MedStar Health acknowledged that malware had infected its systems and spread throughout its network of 10 hospitals.

It turns out the pay is pretty good for the boss: Flashpoint wrote that over an average month with around 30 ransom payments received at $300 each, the boss would take in about $7,500. He paid his crew a small percentage of the 

The scam works like this: The boss recruits lower-level players by offering "a lot of money" to those willing to help, and no hacking skills are required. The boss then gives custom ransomware to his new recruits and they try and get it onto victims' computers, through spam and phishing emails, or torrent sites.

Once a victim has their files encrypted, a text file tells them who to contact. It's the boss, who says he'll give the decryption key if the victim sends Bitcoin payment. Some pay, others don't, but it's clearly just a numbers game — the more computers compromised, the more money will surely come pouring in.

"If I’m some bad guy and I’m wanting to make a buck, I’m going to choose the easiest victim," said Malcolm Harkins, global chief information security officer for Irvine, California-basedCylance. "That calculus I would go through would be based upon how easy is it to get my [malware] installed, what my belief is that they will pay and how quickly they will pay, as well as what’s the likelihood I’m going to get caught?’”

He added: “If I’m an intruder I’m doing a level of risk calculus, particularly if my goal is to profit.”

It's not very risky for the boss at all, it seems. Once the payment is received, the already-hard-to-trace Bitcoin is laundered through what's called a Bitcoin exchanger. Partners are paid from an untraceable Bitcoin wallet.

One noteworthy point in the conclusion is that, even if payment is made, there's no guarantee that files are going to be given back:

"Though the loss of data can be devastating, Flashpoint has observed that sending ransompayments does not always work. In the case of this particular criminal enterprise, this group often prefers to collect payments without ever providing decrypting tools or methods for affected victims," the report says.

Most cybersecurity professionals recommend not paying ransoms, since it usually just encourages attackers to keep up the practice. Instead, it's best to keep regular backups so a system can be restored to pre-ransomware status if it's compromised.

The lure of easy profits is certainly driving a rise in ransomware, which the FBI mentioned as one of the "hot topics" in its annual internet crime report. There were nearly 2,500 complaints of ransomware reported in 2015, amounting to $1.6 million in losses.

Hospitals are a particularly-favored target, since they are more willing to pay.

In March, Maryland-based MedStar Health acknowledged that malware had infected its systems and spread throughout its network of 10 hospitals.

A Kentucky hospital said it was operating in an "internal state of emergency" about a week prior, after it was infected by similar malicious software (Ars Technica reports it paid at least $17,000 to get its system back). And in February, hackers crippled a Hollywood, California hospital's systems and demanded $3.6 million in Bitcoin (It ended up paying $17,000).

Read more

HOW TO TRACK YOUR LOST ANDROID PHONE

 FARHAN AHMAD

Your Android phones are the most important things in our today's life. It contains all your important contacts and information. If you lose your equipment, you will be losing all those sweet memories with the photos and video. But there is some good news to android phone/tablet users, you can now easily find or at least know where your missing phone is with or without using android application.

Let’s first look at the way of finding your lost phone which doesn’t contain any app installed on it.

Use the IMEI Number

Every android phone carries a unique IMEI number (International Mobile Equipment Identity Number). It will be printed at the back of your device. If you are unable to find the number, you have to launch your phone app and dial the number *#06#. This will give you the IMEI number of your phone. Store this number in a safe place so that it helps you in locating your phone when it is lost.

When you file a complaint, this number has to be added in the report. Your service provider uses this number to track your phone and tell you where it is. No matter if the person using the phone is using a different SIM card or has switched off the phone. Once the device is traced, you can request your service provider to block it from using.

This is one of the easy ways of locating your lost Android phone or tablet.

Plan B

Another way of tracking your lost Android gadget in no time is through Plan B app. This app does not require you to install any recovery software previously but still helps in finding your lost phone. All you need to do is log on to your Google play account. Lookout mobile security offers free software called Plan B. Download the software from play store to your phone. This will be possible only if your phone is within the Internet coverage area. Wait for some time and then send the keyword “locate” without the quotes through SMS to your phone. And a map showing where your equipment is will be sent to your Gmail account. This app is very much useful in situations where you don’t have IMEI number.

If you have installed and configured any of these below android software previously, there is good chance of finding it.

You can log on to Google Play store > My Android Apps, on your computer and check if you have installed any of the following apps previously.

Lookout Security and Antivirus

Lookout is the best android app for security and antivirus. So far, it has received millions of downloads. Just recall if you have installed this on your phone.

If you have activated the option “Missing Device” in this app, it is easy to find your device. If you have also enabled “Signal Flare” option, you can trace the last known location of your android device. This is helpful in case your phone battery is dead or tablet is switched off.

Now sign in Lookout to locate your device. The map shows the location of your phone. If you are at a short distance from the tablet, you can choose Scream option to make a loud noise to find it.

Android Device Manager

Google has recently released a new locator feature for Android gadgets called Android Device manager, which helps its users locate their lost or stolen phones and tablets. It functions in the same way as Lookout and Samsung’s “Find My Mobile”. Here’s how to use Android Device Manager.

Go to the Google Settings app, then select Android device manager. By default the locator feature is activated but to activate remove data wipe, select the box next to “Allow remote factory reset”, then select “activate”.

To use this feature, open the sitehttps://www.google.com/android/devicemanager and sign in to your Google account. You may be prompted for permission to allow Android Device Manager to use location data. Select the Accept tab to continue.

Now you will be provided with a map that shows the location of your device along with other details such as the name of the place, when it was last used and more. The location data doesn’t help you if your phone is misplaced somewhere in your home. Instead of making a call to your phone using other’s phone, you can call your phone directly from Android Device Manager. This will make your device to ring with high volume for 5 minutes, even if it’s in silent or vibrate mode.

One feature that is missing in Android Device Manager is remote locking, which can be useful in preventing a stranger from accessing your data, while you’re tracking its location.

Apart from these, there are other apps such as Android Lost, Where do My Droid and GadgetTrak that help you in finding your lost Android phone/Tablet.

hope you like it.   Don't forget to share and comment. 

FOLLOW ME FARHAN AHMAD.

Read more

Mark Zuckerberg's accounts hacked by OurMine hacking team

Facebook founder Mark Zuckerberg has been targeted by hackers who were  able to briefly gain control of several of his social media accounts, some of which were defaced.

Even the CEO of Facebook Mark Zuckerberg account is not safe.

His Facebook account was not among the compromised profiles, although his Pinterest, Twitter and LinkedIn were, according to Engadget, which was able to screenshot some of the hackers’ messages before they were removed.

A post on Zuckerberg’s Pinterest page credited the hack to a group called OurMine Team. An associated Twitter account the hackers were pointing to has since been suspended.

Last month a massive dump of hacked LinkedIn email and password data cropped up online, thought to date back to an earlier 2012 hack. Back then LinkedIn had stored passwords as unsalted SHA-1 hashes, enabling hundreds of thousands to be quickly cracked — and leaving a massive insecurity legacy by providing hackers with huge amounts of real-world password data to improve their password-cracking abilities.

It’s unclear if the Zuckerberg hack incident relates to the vast cache of compromised LinkedIn email and password data, but it’s possible it does given the timing of the hack — and the fact the hackers referred to the LinkedIn breach in a message tweeted from Zuckerberg’s account, which read: “Hey @finkd [Zuckerberg’s Twitter account name], you were in Linkedin Database”.

The hackers also posted what they claimed was the password associated with Zuckerberg’s LinkedIn account.

It’s possible Zuckerberg was using the same email and password for multiple social accounts, thereby enabling several of his social accounts to be compromised in succession. Re-using passwords is the sort of standard human error that the average, hard-pressed web consumer resorts to when faced with yet another service sign-up page. But it looks like even the CEO of the world’s biggest social network might not be above such password security lapses, at least for his lesser used social accounts.

A spokesman for Facebook declined to comment on the hacks.

Read more

MALWARE CAN STEAL YOUR DATA USING COMPUTER'S FANS

The cult of Edward Snowden will not be pleased with the news of a new malware, developed by a team of Israeli researchers, that can acquire data through the sound generated by the cooling fans installed inside a computer. 

The team in Israel's Ben Gurion University demonstrate the malware can work even on computers that are isolated or 'air-gapped'. The malware controls and listens to the speed of the fans, and does not require a speaker, camera or any other hardware. 

It transmits the data through Morse code to up to an 8 meter radius, for a smart phone to pick up the signals effectively and convert them into usable data. 

But for it to work, the malware has to be manually installed on the isolated computer, using an external storage device. Once let loose inside the system, it locates data on the computer and transmits them by controlling the CPU and the cooling fans. The acoustic waveforms that are generated, usually ignored by the user, can be picked up by a nearby listening device. 

Also, since it's just morse code, transmitted in speeds of about 900 bit per hour, hackers can't really do much with the information. Large chunks of data will not be possible to transmit. But it's just about enough to steal the passwords and encryption keys. 

Read more

TWITTER CO-FOUNDER EVAN WILLIAMS ACCOUNT HACKED

After a series of celebrity Twitter handle hacks over the past weeks, Evan Williams, the co-founder and former CEO of Twitter, had his account briefly compromised, a media report said.

A group by the name of OurMine the same group that claimed credit for compromising Facebook chief Mark Zuckerberg's social media accounts on Monday took credit for hacking Williams' account in a tweet on Wednesday, which was deleted minutes later, technology website Mashable reported on Thursday.

The company released a statement later saying it does not comment on individual accounts.

"A number of other online services have seen millions of passwords stolen in the past several weeks. We recommend people use a unique, strong password for Twitter," the company was quoted as saying.

This hack has added another name in the list of high-profile people whose accounts have been compromised recently. Singers Drake and Lana Del Rey and professional American football league NFL have all been hit in recent days.

In early 2015, Twitter's chief financial officer and head of Twitter Ventures, Anthony Noto's account was hacked that resulted in many spam messages.

Read more

Hackers Divert $50 Million in Blow to Virtual Currency: Report

Hackers have diverted more than $50 million in digital currency from an experimental fund meant to demonstrate that such money is safe for use, according to the New York Times reported.

The sum was stolen from a project called the Decentralized Autonomous Organization (DAO), which had collected the money in Ether, a form of currency similar to Bitcoin.

The hacking, which siphoned off a third of the project's digital money, is likely to doom the investor-funded project, the Times reported Friday.

Blockchain, the technol

ogy that drives cryptocurrency such as Ether, has recently been gaining traction in the world of finance, where it could one day prove potentially useful.

In recent months, however, computer scientists had indicated that vulnerabilities existed in the project's code, the Times reported.

Programmers Friday were debating whether to simply change the code so that the money could be recuperated, or whether such meddling broke with the project's basic tenets.

"I recognize that there are very heavy arguments on both sides, and that either direction would have seen very heavy opposition," Vitalik Buterin, the founder and lead programmer on the Ethereum project, which hosts Ether, said on Reddit.

The hack sent the price of Ether plunging Friday.

Similarly, Bitcoin took a hard hit after the Tokyo-based Mt Gox trading exchange declared bankruptcy early in 2014 due to a fortune in digital currency vanishing or being stolen.

Read more

GOOGLE CEO QUORA ACCOUNT HACKED BY OURMINE HACKING TEAM

I think you are aware of the name Sundar Pichai, Google CEO. You will become surprise to know that his account has been hacked recently by the hacking group OurMine. 

OurMine hacking team had also targeted Mark Zuckerberg (CEO of Facebook) accounts earlier this month. And Another week and another high-profile hack - and this time, the victim is Google CEO Sundar Pichai.

Alongside, the OurMine hacking team was able to publicise the fake Quora posts by tweeting them out of Pichai's Twitter account, which was associated with the crowdsourced answer site. The team announced the hack on its site on Monday, and said the Google CEO's "security was really weak."

Both Pichai's Quora and Twitter accounts have since been cleaned up, with no evidence remaining of a breach - however, a screenshot of his defaced Twitter profile was shared by OurMine. In a statement to The Next Web, the team said it had gained access to Pichai's Quora account by a vulnerability on the platform. It said the vulnerability had been reported by Quora, but that the team had yet to get a response.

The OurMine hacking group is eager to depict itself as a security firm, and advertises services on its site that scan websites, social media accounts, and companies for security vulnerabilities. Apart from Facebook CEO Mark Zuckerberg earlier this month, the team claims to have successfully hacked Twitter co-founder Evan Williams' Twitter account, Spotify CEO Daniel Ek's Twitter account, apart from Randi Zuckerberg and Channing Tatum.

In the meanwhile, if you have an account on Quora, we'd advise you head over and change your password. Do ensure you don't use the same password for other accounts, and follow security best practices for your primary email account - including two-factor authentication. Zuckerberg's hack was reportedly due to his details being found in a leaked LinkedIn credential cache from the professional network's 2012 breach.

Read more

BLACKBERRY SECRET CODES

The blackberry secret codes are used in blackberry phones. There are a lot of codes u can use for your blackberry phones. Some of these are here:

Name	Description	How-to
Address Bookdata structure rebuild	Forces a data structure re-build in the Address Book	In the Address Book, hold "Alt" and press "R", "B", "L", "D".
Address Bookfile verification.	Checks the data in your Address Book for inconsistencies.	In the Address Book, hold "Alt" and press "V", "A", "L", "D".
Decibel meter.	Displays your signal strength in decibels, instead of bars.	Hold "Alt" and press "N", "M", "L", "L" (repeat to reverse the effect).
View website source code.	Displays the source code of a Web page.	In the Browser, hold "Alt" and press "R", "B", "V", "S".
Help Me! menu.	Provides crucial technical information about your device.	Hold "Alt" and (left) "shift", then press "H".
IMEI display.	Displays your device's international mobile equipment identity (IMEI – your serial number) on-screen… Also works from all other GSM handsets.	Type "*", "#", "0", "6", "#" on the Home screen.
"Soft" reset.	Performs a "soft" reset of your device; the equivalent of doing a "battery pull" (ie. Removing the battery for a few seconds).	Press-and-hold "Alt", then press-and-hold (left) "shift", then press-and-hold "Del".
Event Log.	Displays event logs of all the system-level events that occur on your device.	Hold "Alt" and press "L", "G", "L", "G".
add a category titled "Buyer's Remorse"	tell how many hours of phone use and whether there is an ITpolicy on the phone.	Go to menu options "Options" "Device" "Device and Status Information" Now type the following letters on the keypad: buyr

All of these secrets have been tested on my BlackBerry 8900;

The above secrets may or may not work on BlackBerry Pearl series handsets.

In some cases, you will need to be on the Home screen when you enter these codes.

Hope it useful 
Pls share and comment...

Read more

Top 10 hacking apps for android phones

In this post, i am going to write about the best android hacking apps for your android smartphones. Now, days you see Pc and mobile distance is almost nill. You can do everything with your android mobile smartphones that can your PC do. Android Mobiles can also run penetration testing and security test from hacking android apps. As you know that today, almost every person have android phones as it is portable, easy to carry and we can do a lot of thing in smartphones nowadays. So, If you really want to see what is hacking and if you are a security analyst download these amazing hacking android apps in your phone.

Download 10 Best Android Hacking Apps for Android Mobile

1. WiFi Kill

WiFi Kill is one of the best apps for disabling other user wifi connection from your android mobile. You just need to download this amazing android app on your phone and you can easily kick off another user from connected wifi . Make sure your phone is rooted and if not follow our guide for rooting android phone.

WiFi Kill

Download WiFi Kill Android App

You can also hack from android mobile without rooting your android mobile phone.
You don't need to root your android phone for hacking wifi from this method.
So you can easily hack wifi password without rooting your android mobile phone.

How to Hack wifi password using Android Phone without Root

2. WiFi Inspect 

WiFi inspects android app scan your wifi networks for vulnerability. You can see other user IP address from this android app. Basically, this android app scans other IP address, mac address and device name.

WiFi Inspect

Download WiFi Inspect Android App

3. DroidSqli Android App

Droidsqli android app helps you in finding vulnerable websites. You can easily hack websites that vulnerable from sqli with this amazing android app. 

Download Sqli Android App

4. NMAP for Android

If you run backtrack and kali in pc , you must know about what is the importance of NMAP tools in hacking. You can also download this tools for android mobile. You can scan networks for finding ports open  and system details with NMAP android app.

Download Nmap Android App

5. Shark for Root

Like the name this android app work with Wireshark software. If you ever run wireshark software in your pc , you must know about dump files that we created from wifi sniffing. With this tools you can sniff any networks and collect lots of data from any wifi network. Later you can read your data in PC from Wiresharek Software.

Download Shark for Root Android App

6. Fing Networks Tools

Fing is a yet another android apps like wifi inspector but this one is bit different from that. You can scan the whole network from various scans with this android hacking app. This app is totally free and comes with without ads. You can see every connected user ip , mac, vendor name and lots of info with this android app.

Fing Network Tools

Download Fing Network Tools

7. inSSIDer

Inssider helps you in finding hidden wifi in your area. If a smart wifi admin lived in your area they set wifi ssid ti hidden, normally you can't see wfi name and signal in your pc and android mobile. But If you download this amazing app , you can see hidden ssid wifi signal and also find low range wifi signal in your area, With this android app you can also see lots of info related to wifi connection.

Inssider

Download inSSIDer Android App

8. ZAnti Penetration Testing Android Hacking Toolkit

This is one of the favourite tools for hacking networks and run security tests on wifi networks. You can find almost all security tools related to hacking any wifi networks from this android app. ZAnti is one of the most impressive android app related to hacking from android phone.

ZAnti

Download ZAnti Android App

9. Install Backtrack on Android Mobile

Like we all know backtrack is full devoted for security testing and finding out vulnerabilities in system. You can download and install this fully featured hacking os in your mobile from this guide.

Backtrack on Android Mobile

Install Backtrack Linux OS in Android Mobile

10. WPS Connect

If you really want to hack wifi password from android mobile download WPS connect wifi password hacking android app. You can easily connect any wifi  network without password from this wifi hacking apk. But make sure that wifi runs on wps security. This android app has a collection of master key routers that runs in wps security mode. So you can easily hack any wps networks and bypass security and connect your android mobile device with wifi.

WPS Connect

Download WPS Connect Android App

Read more

HOW TO DISABLE WINDOWS 10 UPGRADE FOREVER

If you are a Windows 7 or Windows 8.1 user, who don't want to upgrade to Windows 10 now or anytime soon, you might be sick of Microsoft constantly pestering you to upgrade your OS.

Aren't you?

With its goal to deploy Windows 10 on over 1 Billion devices worldwide, Microsoft is becoming more aggressive to convince Windows 7 and 8.1 users to upgrade to its newest operating system, and it is getting harder for users to prevent the OS being installed.

But if you're worried that this out of control Windows 10 upgrade process will force you into downloading an unwanted OS; I have an easier solution to block Windows 10 upgrade on your PCs.

A new free tool, dubbed Never10, provides the user a one-click solution to disable Windows 10 upgrade until the user explicitly gives permission to install Windows 10.

Never10 has been developed by Steve Gibson, the well-known software developer and founder of Gibson Research, which is why the tool is also known as "Gibson's Never10."

How to Disable Windows 10 Upgrade on Your PCs

1. Go to Gibson's Never10 official site and click on the Download.
2. Once downloaded, the program detects if the upgrade to Windows 10 is enabled or disabled on your system and then shows a pop-up. If enabled, Click 'Disable Win10 Upgrade' button.
3. You’ll again see a pop-up that now shows Windows 10 upgrade is disabled on your system, with two buttons to 'Enable Win10 Upgrade' and 'Exit.' Click on Exit button.

That's it, and you have successfully disabled Windows 10 Upgrade on your PC.

Here's the kicker:

The best part of this tool is that you don't have to install an application on your PC to do this. Gibson’s Never 10 is an executable. So you just need to run it, and it doesn’t install anything on your computer. You can delete it when you're done.

"The elegance of this 'Never 10' utility is that it does not install ANY software of its own. It simply and quickly performs the required system editing for its user," Gibson writes on his page about the new utility.

According to Gibson, Never10 will be a great help to inexperienced users while advanced users will likely appreciate the fact that no additional software is installed and will be able to refer their family and friends to this easy-to-use utility.

For more technical details on how this tool works, you can head on to this link.

Unlike other available Windows 10 blocker tools, Never10 blocks the Windows 10 upgrade, but at the same time, the tool allows you to start the update process in case you change your mind, according to Windows watcher Paul Thurrott.

However, the primary purpose of Gibson's Never10 is to prevent Windows 7 and Windows 8.1 operating system from being upgraded to Windows 10. As Gibson says:

"Many users of Windows 7 and 8.1 are happy with their current version of Windows and have no wish to upgrade to Windows 10." 

"There are many reasons for this, but among them is the fact that Windows 10 has become quite controversial due to Microsoft's evolution of their Windows OS platform into a service which, among other things, aggressively monitors and reports on its users' activities."

Moreover, just a month ago, Microsoft was caught displaying unsolicited advertisements on its Windows 10 users' desktops.

These reasons are enough for many users to stay on their previous versions of the Windows operating system.

Read more