Google.sm San Marino Domain Hacked By MCA-CRB, Algerian Hacker

Google.sm hacked and defaced by  MCA-CRB, Algerian Hackers. Technically Registrar server is hacked using SQL Injection and hackers change DNS information about sites. There is not any specific reason mention about this hack on deface page but this rise many questions for security experts that how much these hacker are getting powerful.

Deface Page Say's:

"T0TAL C0NTR0L

By MCA-CRB

Algerian Hacker

Not Panic

It's A New Generation 0f Hackers 

Greets t0 => My Best Friend Mr-AdeL & i-Hmx & Kader11000 & SPouPouH & Pirou 

And my little brother Dz-Black All Members Sec4... <= 

To Be Continued .... Forza-Dz"

Hacked Site:

http://www.google.sm/

Mirror:

http://www.zone-h.org/mirror/id/19300905

DNS spoofing Attack Detail's:
DNS spoofing (or DNS cache poisoning) is a computer hacking attack, whereby data is introduced into a Domain Name System (DNS) name server's cache database, causing the name server to return an incorrect IP address, diverting traffic to another computer (often the attacker's).
Every country have registrar server which return the IP of local huge sites like google, msn etc. If registrar sever is compromised then we can redirect all those domains to specific ip which make it believe that sites are hacked. Basically sites are functioning properly, only there ip is hacked to hacked ip.

135+ Israel Websites Hacked & Defaced by CapoO_TunisiAnoO, Tunisia Defacer

CapoO_TunisiAnoO Hacked 135 plus Israel sites to protest against attacks on "Syria".

CapoO_TunisiAnoO hacker from "Falagua Team" is well respect for his amazing work and reputation for being the only hacker that attacks only Israeli websites in his support for Palestine continues his attacks. This hacker has hacked and defaced over 135+ Israeli websites in protest against the Zionist state of Israel’s treatment of the Palestinians and Syria peoples. CapoO_TunisiAnoO hack about 7k Israeli sites is his hacking carer and remain at top in hacking against Israeli. At press time, all of them still weren't restored.

Deface Page Say's:

"> Oop's anti_juif and Terrorism in all World

This Syria [Today]..

Where Are They Dlaim To Defend Humman Rights ?

Where Are They Fighting Terrorism ? .

CapoO_TunisiAnoO // falagua team"

Hacked Site List:

http://dntv.co.il/
http://lev-israel.com/index.htm
http://etude.co.il/index.htm
http://petroll.co.il/index.htm
http://g-2.co.il/index.htm
http://wac.co.il/index.htm
http://anise.co.il/index.htm
http://art24.co.il/index.htm
http://d-n.co.il/index.htm
http://microtest.co.il/index.htm
http://shony.co.il/index.htm
http://kwc.co.il/index.htm
http://itas.co.il/index.htm
http://medmore.co.il/index.htm
http://martal.co.il/index.htm
http://blanco.co.il/index.htm
http://ezragates.co.il/index.htm
http://openspace1.co.il/index.htm
http://print-e.co.il/index.htm
http://brandnet.co.il/index.htm
http://shaked.co.il/index.htm
http://cafgimel.co.il/index.htm
http://glazer-wood.co.il/index.htm
http://safsufa.co.il/index.htm
http://ula-gula.co.il/index.htm
http://safsufa.com/index.htm
http://artishuk.co.il/index.htm
http://liran2000.co.il/index.htm
http://coolpool.co.il/index.htm
http://imagecom.biz/index.htm
http://shony.co.il/index.htm
http://ceramicdepot.co.il/index.htm
http://angelomio.co.il/index.htm
http://couscousmaison.com/index.htm
http://alumoran.com/index.htm
http://imperialhotel.co.il/index.htm
http://samra-group.co.il/index.htm
http://all-up.co.il/index.htm
http://shanelgreen.com/index.htm
http://dolevltd.co.il/index.htm
http://motors-transformers.co.il/index.htm
http://tevazikim.co.il/index.htm
http://2828.co.il/index.htm
http://chandelier.co.il/index.htm
http://shr-group.com/index.htm
http://stoneageminerals.com/index.htm
http://chandelier-jewelry.com/index.htm
http://matash.com/index.htm
http://matash.co.il/index.htm
http://nyga.co.il/index.htm
http://shaulsasson.co.il/index.htm
http://gutmark.com/index.htm
http://www.imagecom.biz/index.htm
http://gk-law.co.il/index.htm
http://skl.co.il/index.htm
http://www.eitanprint.co.il/index.htm
http://smoker.co.il/index.htm
http://kerenmedical.com/index.htm
http://dsltrade.com/index.htm
http://azuri.co.il/index.htm
http://yoga-zchok.co.il/index.htm
http://ramigan.co.il/index.htm
http://d3d.co.il/index.htm
http://eitanprint.co.il/index.htm
http://harash-outlet.co.il/index.htm
http://giltours.co.il/index.htm
http://tamlil2100.co.il/index.htm
http://davik.co.il/index.htm
http:/g-2.co.il/index.htm
http://egoz-insu.co.il/index.htm
http://harel-k.co.il/index.htm
http://c-m.co.il/index.htm
http://d3d.co.il/index.htm
http://q-d.co.il/index.htm
http://matash.com/index.htm
http://stk.co.il/index.htm
http://shl.co.il/index.htm
http://www.scab.co.il/index.htm
http://yoga-zchok.co.il/index.htm
http://imos3d.co.il/index.htm
http://mamon.org.il/index.htm
http://yeminsaad.org/index.htm
http://graphpen.com/index.htm
http://stoneage.co.il/index.htm
http://weber.co.il/index.html
http://rde.co.il/index.htm
http://barbour.co.il/index.htm
http://bbq.co.il/index.htm
http://ida.org.il/index.htm
http://s-l.co.il/index.htm
http://sa-sa.co.il/index.htm
http://medilife.co.il/index.htm
http://www.imagecom.co.il/index.htm
http://angelomio.co.il/index.htm
http://bazbag.com/index.htm
http://bedektools.co.il/index.htm
http://belshop.co.il/index.htm
http://bezalel-office.co.il/index.htm
http://bonijer.co.il/index.htm
http://c-yam.co.il/index.htm
http://coffee-market.co.il/index.htm
http://cohen-sons.co.il/index.htm
http://dr-pola.com/index.htm
http://dorot.net/index.htm
http://el-ram.info/index.htm
http://funkydj.co.il/index.htm
http://feffer.co.il/index.htm
http://geron-center.co.il/
http://hapoel-holon.co.il/default.htm
http://golfgaash.co.il/index.htm
http://isradance.net/index.htm
http://kikarhacity.co.il/index.htm
http://kerenel.co.il/index.htm
http://mamtakim-ades.co.il/index.htm
http://ayelet-sport.org.il/index.htm
http://avidanwinery.com/index.htm
http://batim-betmuna.co.il/index.htm
http://lesicopp.com/default.htm
http://metzia.co.il/index.htm
http://lesico.co.il/index.htm
http://aclavtul.co.il/index.htm
http://ctr-pharma-ltd.com/index.htm
http://privatedeal.co.il/index.htm
http://avgad.co.il/index.htm
http://orel-wood.co.il/index.htm
http://nth-sense.com/index.htm
http://rat.co.il/index.htm
http://rei-ceramica.co.il/index.htm
http://school-market.co.il/index.htm
http://scdent.co.il/index.htm
http://shiran-hpl.co.il/index.htm
http://shipuzim.co/index.htm
http://schwarcztools.com/index.htm
http://tal-sport.co.il/default.htm
http://התאחדות-אילת.co.il/index.htm

Mirrors:
http://www.zone-h.com/archive/notifier=CapoO_TunisiAnoO

Google.com.om(Oman) & Google.co.ba(Bosnia) Hacked by SQL_Master & Z0mbi3_Ma, Morocco Hackers

Google.com.om, Google.co.ba, nic.mr, Intel, orange and many local domains of Oman hacked and defaced by SQL_Master & Z0mbi3_Ma, Morocco Hackers. This time 2 counties Google Bosnia and Google Oman hacked. Technically Registrar server is hacked using SQL Injection and hackers change DNS information about sites. There is not any specific reason mention about this hack on deface page but this rise many questions for security experts that how much these hacker are getting powerful.

Deface page Say's:

" Hacked !

0h0h0h!! U get F***ED BY!

Z0mbi3_Ma And SQL_Master

For more : Z0mbi3_Ma@hotmail.com

./Morocco"

Hacked Sites List:

intel.co.om
orange.com.om
google.com.om
www.google.co.ba
femen.org
www.nic.mr
www.unicef.or.th/sahel/
2vodafone.com.fj
dell.com.fj

Mirrors:
http://www.zone-h.com/archive/published=0/notifier=SQL_Master

DNS spoofing Attack Detail's:

DNS spoofing (or DNS cache poisoning) is a computer hacking attack, whereby data is introduced into a Domain Name System (DNS) name server's cache database, causing the name server to return an incorrect IP address, diverting traffic to another computer (often the attacker's).
Every country have registrar server which return the IP of local huge sites like google, msn etc. If registrar sever is compromised then we can redirect all those domains to specific ip which make it believe that sites are hacked. Basically sites are functioning properly, only there ip is hacked to hacked ip.

Google.co.mw, MSN, Yahoo, fanta Kenya Hacked by TiGER-M@TE, Bangladeshi Hacker

Google.co.mw, MSN, Yahoo, fanta, hp, dell and many local domains of Kenya hacked and defaced by TiGER-M@TE, Bangladeshi Hacker. TiGER-M@TE is considers as one of most dangerous blackhat of world. There is not any specific reason mention about this hack on deface page but this rise many questions for security experts that how much these hacker are getting powerful.

Deface page say's:

"HackeD

By 

TiGER-M@TE

#Bangladeshi HackeR

Greetz : kinG oF coNTroL ; Barbaros-DZ ; F0RTYS3V3N ; aBu.HaliL501 ; W7sH.SyRiA ; h311 c0d3 ; m1l05 ; j0 ; l0calh0st ; Ne0-h4ck3r ;

# TiGER-M@TE

# localhost_80@programmer.net

© UNDERGROUND HACKERS 2007 - 2013

#EOF"

Hacked Sites List:

www.microsoft.co.ke
www.msn.co.ke
www.youtube.co.ke
www.bing.co.ke
www.skype.co.ke
www.hp.co.ke
www.westernunion.co.ke
www.dell.co.ke
www.google.co.ke

Mirrors:
http://www.zone-h.org/archive/notifier=tiger-m@te

DNS spoofing Attack Detail's:

DNS spoofing (or DNS cache poisoning) is a computer hacking attack, whereby data is introduced into a Domain Name System (DNS) name server's cache database, causing the name server to return an incorrect IP address, diverting traffic to another computer (often the attacker's).
Every country have registrar server which return the IP of local huge sites like google, msn etc. If registrar sever is compromised then we can redirect all those domains to specific ip which make it believe that sites are hacked. Basically sites are functioning properly, only there ip is hacked to hacked ip.

New Skype malware spreading at 2,000 clicks per hour makes money by using victims machines.

New Skype Malware spreading at 2,000 clicks per hour makes money by using victims machines.

A new piece of malware propagating across Skype has been discovered that tries to convince the recipient to click on a link. What makes this particular threat different is that it drops a Bitcoin miner application to make the malware author money.

Security Lab Kaspersky discovered the threat, which it names Trojan.Win32.Jorik.IRCbot.xkt, on Thursday night. At the time, most of the potential victims were from Italy, Russia, Poland, Costa Rica, Spain, Germany, and Ukraine, with the average clicking rate hitting 2,000 clicks per hour.

The initial trojan is downloaded from a server located in India, and many anti-malware programs as measured by VirusTotal don’t detect it. Once the machine is infected, the trojan drops multiple other pieces of malware, using Hotfile to grab the bits and also connecting to a server located in Germany for further instructions. Its quit cleverly coded but there is one really huge bug in code that it slow down computer by using whole CUP.

To avoid this threat and others like it, don’t click on random links you receive on Skype. You’ll be doing yourself a favor, helping stop the spread of malware, and ensuring criminals get a smaller pay day.

Reference : Link

Kali Linux Released by BackTrack Team With 300+ Hacking Tools

Seven years of developing BackTrack Linux has taught us a significant amount about what we, and the security community, think a penetration testing distribution should look like. We’ve taken all of this knowledge and experience and implemented it in our “next generation” penetration testing distribution.

After a year of silent development, we are incredibly proud to announce the release and public availability of “Kali Linux“, the most advanced, robust, and stable penetration testing distribution to date.

Kali is a more mature, secure, and enterprise-ready version of BackTrack Linux. Trying to list all the new features and possibilities that are now available in Kali would be an impossible task on this single page. We therefore invite you to visit our new Kali Linux Website and Kali Linux Documentation site to experience the goodness of Kali for yourself.

We are extremely excited about the future of the distribution and we can’t wait to see what the BackTrack community will do with Kali. Sign up in the new Kali Forums and join us in IRC in #kali-linux on irc.freenode.net and help us usher in this new era.

Demo: http://vimeo.com/57742213

Download Link: http://www.kali.org/downloads/

Follow @TheHackersMedia

Pakistani Student Rewarded by $500 USD for detecting HTML Injection Vulnerability in Facebook

Haider Mehmood Qureshi, an independent security researcher from Islamabad has been rewarded with $500 for detecting HTML Injection Vulnerability in Facebook. 

According to Haider, Facebook was vulnerable in HTML code, their are some serious Remote HTML injection. Remote User was able to add any brand Name and Radio buttons, hence allowing Remote HTML injection. It was as simple as it sounds. The issue can also cause adding junk/spam entries into the database.

Bug details:

Vulnerability title: HTML Injection

Vendor homepage: http://m.facebook.com

Remote/Local: Remote

Tested on: Windows 7 64 bit Firefox browser (but should have worked on other OS and browsers (not sure about IE))

Vulnerability Submitted on: 12/1/2013

Vulnerability Status: FIXED

Vulnerable Parameter: https://m.facebook.com/survey.php?incorrect_brand&params=

Detail: Facebook mobile provides a survey to evaluate the mobile user experience as they surf Facebook mobile site. Here is the survey https://m.facebook.com/survey.php . While entering the mobile phone brands , it provides a list of brands in case you didn't type the correct brand.

The list that was provided contained their HTML code inside the parameter https://m.facebook.com/survey.php?incorrect_brand&params=[HTML code of Brands and Radio Buttons]

Remote User was able to add any brand Name and Radio buttons, hence allowing Remote HTML injection. It was as simple as it sounds. The issue can also cause adding junk/spam entries into the database.

Haider Mehmood Qureshi, BS Computer Sciences Student from Comsats Intitute of information technology Islamabad. Started learning pentesting/hacking in 2009. Initially was into defacing, later realized to make Pentesting/security auditing as my career. His Friends motivated him to go for bug bounties. 

Contact: haidermehmoodqureshi@yahoo.com

Follow @TheHackersMedia