Trend Micro has recently released a report that exposes the presence of 25,000 Indian email addresses and passwords on different hacker forums. The report states that the 25,000 Indian email addresses and passwords exposed are a mix of email ids and passwords from websites like Yahoo!, Gmail, Sify and a number of corporate email addresses.
According to Trend Micro researchers, the nature of the list indicates that the email providers themselves were not hacked, but third party websites on which these users were registered were compromised.
“This is similar to the cases of the ChristianSingles and Faithwriters websites in the USA last year, where a security issue with those websites allowed hackers to gain access to the complete user list and passwords for those websites,” commented David Peterson, Consumer Products Director, Australia and New Zealand, Trend Micro.
In the case of ChristianSingles and Faithwriters websites, the users had reused their email addresses and passwords across multiple websites and enabled the hackers to compromise the victims’ email accounts, social networking accounts, financial data through eBay and PayPal and even their business extranets.
“Internet users commonly register with dozens of websites and for convenience they typically use the same email addresses and passwords on each one of them. Many of these websites have adequate security measures in place, but those who do have adequate security mechanism, are putting their subscribers at a serious risk. Unfortunately, it is nearly impossible for a typical Internet user to assess the vulnerability risk level of such websites without some form of third-party accreditation system in place,” commented Peterson.
Trend Micro suggests that Internet users must use different passwords for each website that they sign up to. They should ideally have one password for social networking sites, another for e-commerce websites and a different one for work-related websites.
Source - Network Computing
Friday, January 22, 2010
India's 'Silent' Cyber Warriors
Who are our soldiers in the cyber war with Pakistan? Contrary to popular belief, the cyber war is not fought by hackers hired by the government but by software engineers loosely connected through anonymous chat severs who want to do "something for their country" in their own way and in their free time.
Meet Rahul Shekhar (name changed to protect identity), a 26-year-old software engineer with one of the top IT firms in India. Rahul is one of the many "soldiers" India has in its cyber war against known and unknown enemies.
A harmless coder of taxation-related software during the day, Shekhar tunes in to the cyber war by night. "I get home and relax for some time. Post an early dinner I spend three hours working on a form of attack, defence or training in India's cyber wars," he told DNA.
Globally, hackers not connected with the government machinery are known to supply intelligence to their governments. Like snipers on a tall building, computer hackers often act as cyber vanguards. Working in tandem with like-minded people worldwide, Indian and Pakistani hackers fight this silent battle round-the-clock. They keep tabs on each other's possible vulnerabilities and send in worms, viruses and other malware once vulnerabilities are confirmed.
According to Shekhar, hackers fighting for any country are of three kinds: Black hats, white hats and grey hats. In cyber parlance, black hats are hackers whose professional lives are spent trying to attack other systems. White hats defend against attacks. "I am of the third kind, the grey hat -- not a professional hacker but I pursue it seriously as a hobby and out of patriotism."
Source - DNA India
Meet Rahul Shekhar (name changed to protect identity), a 26-year-old software engineer with one of the top IT firms in India. Rahul is one of the many "soldiers" India has in its cyber war against known and unknown enemies.
A harmless coder of taxation-related software during the day, Shekhar tunes in to the cyber war by night. "I get home and relax for some time. Post an early dinner I spend three hours working on a form of attack, defence or training in India's cyber wars," he told DNA.
Globally, hackers not connected with the government machinery are known to supply intelligence to their governments. Like snipers on a tall building, computer hackers often act as cyber vanguards. Working in tandem with like-minded people worldwide, Indian and Pakistani hackers fight this silent battle round-the-clock. They keep tabs on each other's possible vulnerabilities and send in worms, viruses and other malware once vulnerabilities are confirmed.
According to Shekhar, hackers fighting for any country are of three kinds: Black hats, white hats and grey hats. In cyber parlance, black hats are hackers whose professional lives are spent trying to attack other systems. White hats defend against attacks. "I am of the third kind, the grey hat -- not a professional hacker but I pursue it seriously as a hobby and out of patriotism."
Source - DNA India
Thursday, January 21, 2010
Get BSNL/Airtel account passwords by Hacking into the Routers
This is yet another video which explains how you can hack any BSNL/Airtel Router(Modem) which is currently operating and has open ports. All you have to do is to have an IP Scanner. In this video, Angry IP Scanner has been used. Then you can find all the IPs in a particular range which have the Port 80 (web browser) port open. Just open that particular IP in the browser. Enter the Default Username/password which is admin/admin. (In some Beetel Modems provided by BSNL, the default Username/Password is admin/password.) You'll be able to login. Then by viewing source of the password field you can get to know about the Password of the BSNL/Airtel Customer. Easy as that.
PS -> Till about a year ago, this hack was working. But now, only some people can use this hack. This is because companies like BSNL have introduced Port Binding i.e on a certain telephone line, you can use only the assigned Username/Password. Anyways, Try it. Who knows you might be lucky enough to use this hack in your locality.
Tuesday, January 19, 2010
Hacking BSNL Broadband Passwords
This video explains how to hack BSNL Broadband Passwords. For this, you need a PortScanner Eg-> Blue's Port Scan. Then, you need an IP address range. Eg-> The hacker in the video is supposedly from Indore (MP). So, he uses an IP range from "59.95.84.x" After that, it is scanned on two ports - Port No. 23 (for Telnet) and Port No. 80 (for HTTP) Now, when you get an IP with both the ports open, copy and paste the IP in your Browser. Use Default Username - admin and Password - admin . After this, go to the WAN Settings in the Left Pane, you'll see the Username, and to see the Password, use a Password Revealer Script. Thats done, you have the Username and Password of the Broadband Customer.
Hack into anybody's BSNL/Airtel Broadband Router (Modem)
This video explains how to hack into any router with default Username and Password with special reference to BSNL Broadband/Airtel routers. In this, the hacker had already "scanned" the IP Addresses. Then the scanning results are shown. After that, the hacker runs some command in the command prompt and gets into a BSNL router via command prompt only. Then he accesses the router via a browser. Similarly, the hacker hacks into the BSNL Type - II (Wireless Modem) and an Airtel Router. So basically, the aim of this video is to explain how anyone can get into your Broadband Router (Modem) Just by using the default Username - admin and Default Password - admin
Subscribe to:
Posts (Atom)