Breaking

Monday, May 21, 2018

Monday, May 21, 2018

How to Install Tor Browser in Kali Linux|| How to visit Deep Web || Deep Web Links 2018

[2018]How to Install Tor Browser in Kali Linux|| How to visit Deep Web || Deep Web Links 2018

-+-+-ASK ANY QUESTION HERE+-+-+-
---https://www.instagram.com/faizann_ali/

Subscribe to my channel
https://www.youtube.com/channel/UCeJUg9w0YYH8tg2nkYfGVbw

DISCLAIMER:THIS VIDEO IS JUST FOR EDUCATIONAL PURPOSE ONLY.CONTENT OF THE VIDEO DOESN'T BELONGS TO ANY ILLEGAL ACTIVITY. THE AIM OF THE VIDEO IS TO EDUCATE PEOPLE ABOUT INTERNET SECURITY.Don't misuse it. STAY LEGAL!!!

AYOOO WHAT UP HACKVINERS FAIZAN BACK HERE WITH A NEW VIDEO IN THIS VIDEO I WILL EDUCATE ON THE TOPIC HOW TO INSTALL TOR BROWSER ON YOUR SYSTEM WHETHER IT IS WINDOWS OF KALI LINUX.

THIS VIDEO WILL ANSWER ALL OF YOUR QUESTIONS !!
1.What is tor browser?
2.How to install tor browser?
3.How to visit dark web or dark net?
4.What is dark net ??
5. Is it legal to Visit dark net?
6.is it safe to visit dark net?

What is Tor Browser?
The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, it prevents the sites you visit from learning your physical location, and it lets you access sites which are blocked.

Tor Browser lets you use Tor on Windows, Mac OS X, or Linux without needing to install any software. It can run off a USB flash drive, comes with a pre-configured web browser to protect your anonymity, and is self-contained (portable).

DOWNLOAD:-https://www.torproject.org/download/download-easy.html.en


Thanks for reading this post.....
make sure you subscribe...

Wednesday, April 25, 2018

Wednesday, April 25, 2018

QRL Jacking Vulnerablity in WHATS APP 2018 [Session Hijacking]







HACK ANY WHATS APP ACCOUNT--FULL TUTORIAL 2018

-+-+-ASK ANY QUESTION HERE+-+-+-

INSTAGRAM---
https://www.instagram.com/faizann_ali/

Subscribe to my channel
https://www.youtube.com/channel/UCeJU...


*****************DISCLAIMER:THIS VIDEO IS JUST FOR EDUCATIONAL PURPOSE ONLY.CONTENT OF THE VIDEO DOESN'T BELONGS TO ANY ILLEGAL ACTIVITY THE MAIN AIM OF THE VIDEO IS TO EDUCATE PEOPLE ABOUT INTERNET SECURITY.****************

AYOOO WHAT UP HACKVINERS FAIZAN BACK HERE WITH A NEW VIDEO IN THIS VIDEO I WILL SHOW YOU QRL-JACKING VLNERABILITY IN WAHATS APP..

IN THIS VIDEO I AM MAKING A PHISHING PAGE THAT HAS QRL-CODE IN BUIT IF THE VICTIM SCANS THE QRL A CODE HIS ACCOUNT WILL BE GET HACKKED ND YOU CAN SEE WHAT HE IS DOOING ON THE HIS/HER WHATS APP ACCOUNT.

THE SCRIPT I AM SHOWING YOU CAN EASILY RE-WRITE THAT SCRIPT AND CAN CHANGE IT TO A GOOD SCRIPT!! (LOL:GOOD SCRIPT)
WATCH FULL VIDEO FOR PRACRICAL

WHAT IS QRL JACKING?? OWASP VULNERABILITY
QRLJacking or Quick Response Code Login Jacking is a simple social engineering attack vector capable of session hijacking affecting all applications that rely on the “Login with QR code” feature as a secure way to login into accounts. In a nutshell, the victim scans the attacker’s QR code which results in session hijacking.

What are the requirements to achieve a successful QRLJacking attack?
The QRLJacking attack consists of two sides:

Server Side: A server side script is needed to serve and shape the final look to the victim.
Client Side: Cloning the QR Code and pushing it to the phishing page.
Our example will be: The WhatsApp Web Application!
Server Setup (Attacker's hosting):
Upload "qrHandler.php" to your server. This php file is used to convert the base64 QR Code string into a valid .JPG file.

Now you have a valid, generated, QR image named "tmp.jpg" residing in the same root folder as your files which will be updated whenever that php file is called, so we can put it anywhere. For example: a fake WhatsApp page, a scam page with an offer related to WhatsApp, etc. Depending on your creativity.

Now update the "phishing.html" file with your prefered phishing page source code.

Exploitation, Client Side Setup (Attacker's browser):
Manually:

Open your Firefox browser.
Write "about:config" in the url area, click the "I'll be careful, I promise" confirmation button.
Search for a preference named "security.csp.enable" and change its value to "false" by double clicking it to allow performing an XHR Request from a different domain (we're not supporting leaving this preference disabled, you may do that while testing, but after that you should set the preference to its original state).
Install the Greasemonkey add-on (
https://addons.mozilla.org/en-US/fire...) and be sure that the module file "WhatsAppQRJackingModule.js" is loaded and already running.
Now we're ready. Browse to our example "
https://web.whatsapp.com" on your side and wait for a WhatsApp session to be loaded. Greasemonkey should now inject our WhatsApp module file to catch.
Send the direct link of the final phishing page to a victim.
Once the QR Code is scanned, the victim's session is yours.

Automatically:

Using QRLJacker - QRLJacking Exploitation Framework

Demo Video:
Attacking WhatsApp Web Application and performing a MITM attack to inject a bogus ad including WhatsApp QR Code. Demo Video

Technical Paper
The technical paper clarifying everything about the QRLJacking attack vector can be found directly via our Wiki.

Vulnerable Web Applications and Services
There are a lot of well-known web applications and services which were vulnerable to this attack until the date we wrote this paper. Here are some examples (that we have reported) including, but not limited to:

Chat Applications:
WhatsApp, WeChat, Line, Weibo, QQ Instant Messaging

Mailing Services:
QQ Mail (Personal and Business Corporate), Yandex Mail

eCommerce:
Alibaba, Aliexpress, Taobao, Tmall, 1688.com, Alimama, Taobao Trips

Online Banking:
AliPay, Yandex Money, TenPay

Passport Services “Critical”:
Yandex Passport (Yandex Mail, Yandex Money, Yandex Maps, Yandex Videos, etc...)

Mobile Management Software:
AirDroid

Other Services:
MyDigiPass, Zapper & Zapper WordPress Login by QR Code plugin, Trustly App, Yelophone, Alibaba Yunos

COMMENT
LIKE
SHARE
AND
SUBSCRIBE

OTHER TAGS:-
qrljacking termux,qrljacking github,whatsapp,whatsapp web,whatsapp sniffer,session hijacking,session hijacking in hindi,whatsapp web qr code

Wednesday, April 18, 2018

Wednesday, April 18, 2018

HOW TO CHANGE MAC ADDRESS OF COMPUTER || TOOLS TO CHANGE MAC ADDRESS !!(...





WORKING-HOW TO CHANGE MAC ADDRESS OF COMPUTER/LAPTOP
AYYO GOOD MORNING HACKVINERS FAIZAN BACK HERE WITH A NEW VIDEO SO IN THIS VIDEO I AM GOING TO TEACH YOU GUYS HOW YOU CAN CHANGE THE MAC ADDRESS OF A COMPUTER OR YOUR LAPTOP.

AND ALSO WHY IT IS NEEDED TO DO SO !!!

-+-+-ASK ANY QUESTION HERE+-+-+-
---
https://www.instagram.com/faizann_ali/

SUBSCRIBE TO MY CHANNEL
https://www.youtube.com/channel/UCeJU...

*****************DISCLAIMER:THIS VIDEO IS JUST FOR EDUCATIONAL PURPOSE ONLY.CONTENT OF THE VIDEO DOESN'T BELONGS TO ANY ILLEGAL ACTIVITY THE MAIN AIM OF THE VIDEO IS TO EDUCATE PEOPLE ABOUT INTERNET SECURITY.****************

WHAT IS A MAC ADDRESS?
A media access control address (MAC address) of a device is a unique identifier assigned to network interface controllers for communications at the data link layer of a network segment. MAC addresses are used as a network address for most IEEE 802 network technologies, including Ethernet and Wi-Fi.


HOW TO FIND MAC ADDRESS OF COMPUTER?
To locate the Wireless Adapter MAC Address, follow these steps:
1.Press the Windows Start key to open the Start screen.
2.Type cmd and press Enter to launch the command prompt.
3.Type ipconfig /all into the command prompt.
4.Look for the Wireless Adapter MAC address listed as Physical Address.

COMMENT
LIKE
SHARE
AND
SUBSCRIBE
other tags:-
how to change mac address of computer,how to change mac address in laptop,how to find mac address on laptop,change mac address,how to use tmac v6,what is a mac address,how to change my ip address,hackvines,how to,mac address,find mac address,windows 7,sql injection,find mac address using cmd,how to change mac address using cmd,tools to change mac address,best tool to change mac address,laptop mac address,faizan

Tuesday, April 10, 2018

Tuesday, April 10, 2018

MULTIPLE YOUTUBE VEVO ACCOUNT GOT HACKED! (TODAY)

(PROOF)MULTIPLE CELEBRITES YOUTUBE ACCOUNT GOT HACKED-VEVO!! (TODAY) HACKED BY Kuroi'SH -+-+-ASK ANY QUESTION HERE+-+-+- ---https://www.instagram.com/faizann_ali/ hey guys this video is in hurry i didnt edit.. the only thing i want is LIKE SHARE AND SUBSCRIBE.. VEVO, it’s one of the most popular Copyright holders I have seen in recent years. I’m pretty sure the name alone brings back memories to people who watched their Youtube Videos, or the ones hosted on their website. *Breaking News* YouTube's music video for the hit song Despacito, which has had over five billion views, has been hacked. More than a dozen other artists, including Shakira, Selena Gomez, Drake and Taylor Swift are also affected. The original clips had been posted by Vevo. The Despacito video has been removed, but its cover image had shown a group wearing masks and pointing guns. The hackers, calling themselves Prosox and Kuroi'sh, had written "Free Palestine" underneath the videos. Several of the clips remain live at time of writing. Of those, the actual video content itself appears to be unaltered. Many titles have been changed to include the names of the hackers, but only some feature the replaced cover image. Both YouTube and the music video hosting service Vevo have been contacted for comment. A Twitter account that apparently belongs to one of the hackers posted: "It's just for fun, I just use [the] script 'youtube-change-title-video' and I write 'hacked'." We all know that VEVO is the place where most popular music artists release their videos. The company has become prevalent like MTV did before it. However, the joint company founded by Warner Music Group, Sony Music Entertainment, Universal Music Group, Alphabet Inc. and Abu Dhabi Media has suffered a cyber-attack in recent days. The company currently worth $200 Million dollars seems to have missed their cybersecurity lessons. Because they have gotten breached by a hacker group, as mentioned by a VEVO spokesperson to Gizmodo on Friday. “(We) can confirm that VEVO experienced a data breach as a result of a phishing scam via LinkedIn. We have addressed the issue and are investigating the extent of exposure.” The incident happened due to a hacker squad by the name of “OurMine”. This isn’t the first time they do an operation of this caliber, either. COMMENT LIKE SHARE AND SUBSCRIBE

Tuesday, March 13, 2018

Tuesday, March 13, 2018

HOW TO HACK A WEBSITE | SQL injection 2018 (FULL PRACTICAL)





[2018]HOW TO HACK DATABASE OF A WEBSITE | SQL INJECTION 2018 [FULL PRACTICAL]

-+-+-ASK ANY QUESTION HERE+-+-+-
---
https://www.instagram.com/faizann_ali/


*****************DISCLAIMER:THIS VIDEO IS JUST FOR EDUAATIONAL PURPOSE ONLY.CONTENT OF THE VIDEO DOESN'T BELONGS TO ANY ETHICAL ACTIVITY THE MAIN AIM OF THE VIDEO IS TO EDUCATE PEOPLE ABOUT INTERNET SECURITY.****************

AYOOO WHAT UP HACKVINERS FAIZAN BACK HERE WITH A NEW VIDEO IN THIS VIDEO I AM GOING TO TEACH YOU GUYS HOW TO HACK DATABASE OF WEBSITE USING SQL INJECTION 2018 [FULL PRACTICAL]

What is SQL Injection?
SQL Injection is a web based attack used by hackers to steal sensitive information from organizations through web applications. It is one of the most common application layer attacks used today. This attack takes advantage of improper coding of web applications, which allows hackers to exploit the vulnerability by injecting SQL commands into the prior web application.

The underlying fact that allows for SQL Injection is that the fields available for user input in the web application allow SQL statements to pass through and interact with or query the database directly.

For example, let us consider a web application that implements a form-based login mechanism to store the user credentials and performs a simple SQL query to validate each login attempt.

Here is a typical example:

select * from users where username='admin' and password='admin123′;

If the attacker knows the username of the application administrator is admin, he can login as admin without supplying any password.

admin'–

The query in the back-end looks like:

Select * from users where username='admin'–' and password='xxx';

Note the comment sequence (–) causes the followed query to be ignored, so query executed is equivalent to:

Select * from users where username='admin';

So password check is bypassed.

WATCH FULL VIDEO FOR PRACRICAL

COMMENT
LIKE
SHARE
AND
SUBSCRIBE



Saturday, March 10, 2018

Saturday, March 10, 2018

[NEW]WHAT IS GOOGLE DORKS || FULL PRACTICAL || SQL's DORKS (HOW TO USE I...





[2018]WHAT IS GOOGLE DORKS || FULL PRACTICAL || SQL's DORKS 🖥💉💉(HOW TO USE IT) HACKING

-+-+-ASK ANY QUESTION HERE+-+-+-
LINK:-
https://www.instagram.com/faizann_ali/

============================================

==============SUBSCRIBE NOW================
LINK:-
https://www.youtube.com/HACKVINES
============================================


*/*/DISCLAIMER:THIS VIDEO IS JUST FOR EDUCATIONAL PURPOSE ONLY.CONTENT OF THE VIDEO DOESN'T BELONGS TO ANY ETHICAL ACTIVITY THE MAIN AIM OF THE VIDEO IS TO EDUCATE PEOPLE ABOUT INTERNET SECURITY.*/*/

=============================================

AYOOO WHAT UP HACKVINERS FAIZAN BACK HERE WITH A NEW VIDEO IN THIS VIDEO I AM GOING TO TEACH YOU GUYS WHAT IS GOOGLE DORKS || FULL PRACTICAL || SQL's DORKS (HOW TO USE IT)

AT FIRST I TAUGHT YOU ABOUT WHAT IS GOOGLE DETAILS THEN I GAVE YOU FULL PRACTICAL ON HOW TO USE IT.

A Google dork query, sometimes just referred to as a dork, is a search string that uses advanced search operators to find information that is not readily available on a website.

Google dorking, also known as Google hacking, can return information that is difficult to locate through simple search queries. That description includes information that is not intended for public viewing but that has not been adequately protected.

As a passive attack method, Google dorking can return usernames and passwords, email lists, sensitive documents, personally identifiable financial information (PIFI) and website vulnerabilities. That information can be used for any number of illegal activities, including cyberterrorism, industrial espionage, identity theft and cyberstalking.

A search parameter is a limitation applied to a search. Here are a few examples of advanced search parameters:

site: returns files located on a particular website or domain.
filetype: followed (without a space) by a file extension returns files of the specified type, such as DOC, PDF, XLS and INI. Multiple file types can be searched for simultaneously by separating extensions with “|”.
inurl: followed by a particular string returns results with that sequence of characters in the URL.
intext: followed by the searcher’s chosen word or phrase returns files with the string anywhere in the text.
Multiple parameters can be used, for example, to search for files of a certain type on a certain website or domain. The Public Intelligence website provides this example:

“sensitive but unclassified” filetype:pdf site:publicintelligence.net

Those search parameters return PDF documents on that website’s servers with the string “sensitive but unclassified” anywhere in the document text.

SOME OF THE DORKS:-
intitle:" " // target title
inurl:" " //target url
intext:" " // target description
allintext:"Copyright © Litchi"
site:"hackvines.in" //target all website pages or countries extension
"filetype" hacking.pdf //target the filetypes


**sql dork
inurl:".php?id="
inurl:".php?id=" add to cart (got sql error)
buy.php?category=
article.php?id=
gallery.php?id=
page.php?id=


IF YOU GUYS LIEK THIS VIDEO MAKE SURE YOU HIT THE SUBSCRIBE BUTTON AND LIKE THIS VIDEO.

*******************SUBSCRIBE
************************COMMENT
******************************SHARE
************************************LIKE

OTHER TAGS:-
what is google dorks,google dorks practical,google dorks in hindi,google dorks 2018,what is sql dorks,sql dorks 2018,sql dorks practical,sql dorks in hindi,how to use google dorks for sql injection,how to use google dorks,google hacking database,hacking with browsers,hackvines,hacking with google,how to use google dorking,hacking for beginners,search engine hacking,best search engine hacking,Information,security

Wednesday, February 14, 2018

Wednesday, February 14, 2018

[NEW] HOW TO MAKE PRIVATE UNKNOWN CALLS TO OTHERS USING THIS APP







[NEW] HOW TO MAKE PRIVATE UNKNOWN NUMBER CALL USING THIS APP

THIS VIDEO IS FOR EDUCATIONAL PURPOSES ONLY..THIS DOES'NT VOILATE ANY COPYRIGHTS ANY KIND OF ILLEGAL ACTIVITIES.

INSTAGRAM:-@
https://www.instagram.com/faizann_ali/

AYYOOO WHAT UP HACKVINERS FAIZAN BACK HERE WITH A NEW VIDEO IN THIS VIDEO I CAME UP WITH THIS VIDEO I FOUND THIS INTRESTING LIKE CALLING PEOPLE WITH FAKE OR UNKNOWN NUMBER.
THIS IS INSANE !! SERIOUSLY

ACTUALLY I MADE THE VIDEO AGAIN JUST BECZ MY PREVIOUS VIDEO WAS DELETED SO I MADE A NEW ONE YOU WILL FIND DIFF. IN THE TIMES AND THE BALANCE TOO.
AND AFTER 3 MINS THERE IS NOT PROPER VIDEO SOUNDS..
SO PLEASEE IGNORE THAT THING FOCUS ON THE VIDEO AND THE THING I WANT TO TEACH YOU GUYS.

BE THE STRONGEST FAMILY GUYS....KEEP SHARING THINGS WITH ME.

[नया] निजी एन्कोडिंग का इस्तेमाल करके इस एपीपी का उपयोग कैसे करें

यह वीडियो केवल शैक्षणिक प्रयोजनों के लिए है ... ऐसा कोई भी व्यक्ति अनैतिक गतिविधियों के किसी भी प्रकार की कॉपीराइट नहीं है।

अइयूको क्या हैक्वियर फ़ाइज़ेन ने इस वीडियो में एक नए वीडियो के साथ यहां इस वीडियो के साथ मैं आया था, इस तरह मैं नकली या अज्ञात नंबर वाले लोगों को कॉल करने की इजाजत देता हूं।
यह पागल है !! गंभीरता से
 
वास्तव में मैंने वीडियो बना लिया, फिर से मेरे पिछले वीडियो को हटा दिया गया था, इसलिए मैंने एक नया बना दिया है, आप डिफफ़ेस को ढूंढेंगे। समय और संतुलन बहुत में
और 3 मिनट के बाद उचित वीडियो ध्वनि नहीं है ..
तो कृपया ध्यान दें कि वीडियो पर ध्यान केंद्रित करना और उस विषय को मैं आपको गावसों को पढ़ाना चाहता हूं।

सबसे मजबूत परिवार के दोस्तों बनो .... मेरे साथ चीजों को साझा करना।

Tuesday, February 06, 2018

Tuesday, February 06, 2018

How To Hack Android Phone 100% Real And Working !! (2018)*Updated* | Dro...







Hack Vines
#how_to_hack_android_phone_100%_real_ and_working_2017

*********link is in the last of description.*****

So guys welcome back to my channel
#hackvines.The time has come for the real hack hack i have just crossed 4000 subscribers so i am posting this value able video which will help you guys to hack any android phones.Before moving on further i want to tell you guys i am using my friend id maneer alam to log in to some website i had no time left it was do or die situation for me :P (video daali nhi na kaafi tym se isliye do or die sitution thi).
without wasting time come to the video discription.. in this video i am actually creating an fake app using droidjack and then upload it to sever host and copied the link and send to the victim (in this video victim is me )..so futher on when the user aka victim install the app in his/her android phone at that time he is hacked... WTF..yes its true now your are in the phone.dNow you have full access over victim device.You grab messages, call log, pin point location, listen real time calls, access data from file manager and much more.. now do whatever you want to do but before that subscribe my channel for new hacking vines...Stay tune hack viners...


Subscribe for more....SB free hai .....
__________________________________

FEATURES :-
+ Inbuilt APK Tool
- Bind your server APK with any other Game or App.
- Encrypt APK using AES/DES/TDES/Blowfish algorithms

+ File Voyager
- Explore files
- Download file/folder
- Delete files

+ SMS Trekker
- Delete SMS
- Read conversations
- Write SMS
- Send SMS

+ Call Manager
- Read call logs
- Delete call logs
- Make calls
- Record call conversation*

+ Remote Eyes
- Take picture from front/back camera
- Record video from front/back camera

+ Remote Ears
- Listen to mic lively
- Record mic
________________________________
APK's used:-
1.droidjack link-
http://www85.zippyshare.com/v/e8SEXsU...
Password is-rekings.com
*Plsase download java to make it run properly.

_____________________________________________

You can find me-:
Facebook-hackvines
Instagram-faizan.hackvines

Watch my other videos

Please give comments and HIT LIKE.....

TAGs:_
#How_To_Hack_Messages_Of_Anyone
How To Read Anyone's Messages
#How_To_Trace_Location
How To Trace GPS Real Time Location
android (operating system), android, cell, samsung, phone, mobile phone (video game platform), nokia, hack, kali linux, iphone, smartphone, mobile, candy crush, life hack, tips, make, stand, lamp, stylus, do it again (composition), smartphone (video game platform), mobile phone, angry birds (video game), video game (industry), telephone (invention), hacker (character power), game, app, cell phone, phones, touch, software (industry), guide, howto, to, hack android, android (software), android hack, gnu/linux (operating system), how
hacking, droidjack v4.0 cracked, jackktutorials, creativity, design, editing, tinkering, video, programming, cracking, technology, computer, droidjack v4.0 crack, droidjack v3.3 crack, gmod, droidjack v3.3 cracked, trackview, spy, androrat, hacker (character power), phone, hacks, software (industry), keylogger, hack, hiroshima, android, droidjack, اختراق الاندرويد, شرح برنامج اختراق الاندرويدmobile spy, phone spy, android spy, viber spy, whatsapp spy, how to hack android phones from pc,how to use droidjack,hack android phone remotely,hack android phone camera,how to hack android phone free,How To Hack Any Android Phone,how to hack android phones remotely,hack android phone with computer,hack android phone,hack android phone using android,how to hack android phones,working,android phone simply hack,hack android phone using wifi,in hindi,usa,dubai,easy,trusted,how to hack android phones in hindi
PLEASE SHARE THIS VIEDO.


piratenbucht.eu thepiratebay proxy piratebaai.click thepiratebay proxy piratbaypirate.link indiaproxy.in

Sunday, January 28, 2018

Sunday, January 28, 2018

Attackers behind Cloudflare_solutions Keylogger are back, 2000 WordPress sites already infected

More than 2,000 sites running the WordPress CMS have been infected with a malicious script that can deliver both a keylogger and the in-browser cryptocurrency miner CoinHive.

This new hacking campaign was spotted by experts from the security firm Sucuri, the experts believe the attackers are the same that launched a campaign that infected 5,500 WordPress sites in December.

In both campaigns, the threat actors used a keylogger dubbed cloudflare[.]solutions, but be careful, there is no link to security firm Cloudflare.



After the discovery in December of campaign, the cloudflare[.]solutions domain was taken down, but this new discovery confirms that threat actors are still active and are using a new set of recently registers domains to host the malicious scripts that are injected into WordPress sites.

By querying the search engine PublicWWW,  researchers discovered that the number of infected sites includes 129 from the domain cdns[.]ws and 103 websites for cdjs[.]online.

“A few days after our keylogger post was released on Dec 8th, 2017, the Cloudflare[.]solutions domain was taken down. This was not the end of the malware campaign, however; attackers immediately registered a number of new domains including cdjs[.]online on Dec 8th, cdns[.]ws on Dec 9th, and msdns[.]online on Dec 16th.” reads the analysis published by Sucuri.

“PublicWWW has already identified relatively few infected sites: 129 websites for cdns[.]ws and 103 websites for cdjs[.]online, but it’s likely that the majority of the websites have not been indexed yet. Since mid-December, msdns[.]online has infected over a thousand websites, though the majority are reinfections from sites that have already been compromised.”

Most of the infected domains are tied to msdns[.]online, with over a thousand reported infections. In many cases, threat actors re-infected WordPress sites compromised in the previous campaign.

WordPress sites hacking

The attackers target outdated and poorly configured WordPress sites, they inject the cdjs[.]online script either a WordPress database (wp_posts table) or into the theme’s functions.php file.

The Keylogger script is able to capture data entered on every website form, including the admin login form, information is sent back to the attackers via the WebSocket protocol.

Just like previous versions of the campaign leveraging a Fake GoogleAnalytics Script, researchers identified a fake googleanalytics.js that loads an obfuscated script used to load the malicious scripts “startGoogleAnalytics” from the attackers’ domains.

Experts discovered many similarities also in the cryptominer component of this campaign.

“We’ve identified that the library jquery-3.2.1.min.js is similar to the encrypted CoinHive cryptomining library from the previous version, loaded from hxxp:// 3117488091/lib/jquery-3.2.1.min.js?v=3.2.11 (or hxxp://185 .209 .23 .219/lib/jquery-3.2.1.min.js?v=3.2.11, a more familiar representation of the IP address). This is not surprising since cdjs[.]online also exists on the server 185 .209 .23 .219.” continues the analysis.

“It’s interesting to note that this script extends the CoinHive library and adds an alternative configuration using the 185 .209 .23 .219 server (and now specifically cdjs[.]online) for LIB_URL and WEBSOCKET_SHARDS.”

According to Sucuri experts, the threat actors behind this hacking campaign are active at least since April 2017. Sucuri has tracked at least other three different malicious scripts hosted on the same cloudflare.solutions domain across the months.

The first attack leveraging on these scripts was observed in April when hackers used a malicious JavaScript file to embed banner ads on hacked sites.

In November, experts from Sucuri reported the same attackers were loading malicious scripts disguised as fake jQuery and Google Analytics JavaScript files that were actually a copy of the Coinhive in-browser cryptocurrency miner. By November 22, the experts observed 1,833 sites compromised by the attackers.

Experts noticed that this campaign is still not massive as the one spotted in December, anyway it could not be underestimated.

“While these new attacks do not yet appear to be as massive as the original cloudflare[.]solutions campaign, the reinfection rate shows that there are still many sites that have failed to properly protect themselves after the original infection,” concluded Sucuri.




piratenbucht.eu thepiratebay proxy piratebaai.click thepiratebay proxy piratbaypirate.link indiaproxy.in
Sunday, January 28, 2018

Hurry up, update your Lenovo Fingerprint Manager Pro if you use Windows 7, 8 and 8.1

The PC vendor Lenovo has fixed a hardcoded password vulnerability, tracked as (CVE-2017-3762), affecting a dozen Lenovo laptop models that run versions of Microsoft Windows 7, 8 and the 8.1 operating system.
Lenovo laptops running Windows 10 are not impacted by the vulnerability because that OS version natively supports fingerprint reader technology.
The list of impacted family models includes ThinkPad, ThinkCentre, and ThinkStation laptops.
“A vulnerability has been identified in Lenovo Fingerprint Manager Pro. Sensitive data stored by Lenovo Fingerprint Manager Pro, including users’ Windows logon credentials and fingerprint data, is encrypted using a weak algorithm, contains a hard-coded password, and is accessible to all users with local non-administrative access to the system it is installed in.” states the security advisory published by Lenovo.

The Lenovo Fingerprint Manager Pro is a utility that allows users to log into their laptop and configured websites by using the fingerprint.
The flaw resides in the Lenovo Fingerprint Manager Pro that encrypts sensitive data such as fingerprint data and login credentials using a weak algorithm.
Customers urge to update Fingerprint Manager Pro to version 8.01.87 or later.
The complete list of laptops that need to update their Lenovo Fingerprint Manager Pro version is:
  • ThinkPad L560
  • ThinkPad P40 Yoga, P50s
  • ThinkPad T440, T440p, T440s, T450, T450s, T460, T540p, T550, T560
  • ThinkPad W540, W541, W550s
  • ThinkPad X1 Carbon (Type 20A7, 20A8), X1 Carbon (Type 20BS, 20BT)
  • ThinkPad X240, X240s, X250, X260
  • ThinkPad Yoga 14 (20FY), Yoga 460
  • ThinkCentre M73, M73z, M78, M79, M83, M93, M93p, M93z
  • ThinkStation E32, P300, P500, P700, P900
The flaw was disclosed by Lenovo this week, the company credited Jackson Thuraisamy, a senior security consultant with Security Compass, for the discovery.

piratenbucht.eu thepiratebay proxy piratebaai.click thepiratebay proxy piratbaypirate.link indiaproxy.in
Sunday, January 28, 2018

Cryptocurrencies Black Friday – Japan-based digital exchange Coincheck hacked

It is a black Friday for cryptocurrencies, the news of the hack of the Japan-based digital exchange Coincheck had a significant impact on their value.
Coincheck was founded in 2012, it is one of the most important cryptocurrency exchange in Asia.
The Coincheck suspended the operations of deposits and withdrawals for all the virtual currencies except bitcoin, the exchange announced it was investigating an “unauthorised access” to the exchange.
According to the company, the hackers stole worth half a billion US dollars of NEM, the 10th biggest cryptocurrency by market capitalization.
The news of the incident has a significant impact on the NEM value that dropped more than 16 percent in 24 hours.
“At 3 am (1800 GMT) today, 523 million NEMs were sent from the NEM address of Coincheck. It’s worth 58 billion yen based on the calculation at the rate when detected,” said Coincheck COO Yusuke Otsuka.
“We’re still examining how many of our customers are affected,”

NEM Charts – CoinMarketCap.com
The experts at the exchange are investigating the security breach to find out whether it was from Japan or another country.
Coincheck discovered the incident at 11.25 am and notified the suspension of trading for all cryptocurrencies apart from bitcoin via Twitter.
In February 2014, Mt. Gox suspended trading and filed for bankruptcy protection from creditors.

At the time, the company was handling over 70% of all bitcoin transactions worldwide, it announced that approximately 850,000 bitcoins ($450 million at the time) belonging to customers and the company were stolen.

piratenbucht.eu thepiratebay proxy piratebaai.click thepiratebay proxy piratbaypirate.link indiaproxy.in