Thursday, 25 May 2017

Android warning: Newly-discovered Android exploit" Cloak & Dagger" that can show users a fake screen

The discovery was made by researchers at Georgia Institute of Technology (Georgia Tech), who has tested the vulnerability in closed environments.

How to Avoid that Attack 
The exploit depends primarily on Android’s SYSTEM_ALERT_WINDOW (“draw on top”) and BIND_ACCESSIBILITY_SERVICE (“a11y”) to draw interactive elements over real apps.

The first permission, known as "draw on top," is a legitimate overlay feature that allows apps to overlap on a device's screen and top of other apps(Settings>Apps>”Gear symbol”>Special access>Draw over other apps)

1.  New attack found to start with Android users downloading infected apps
2.Hackers overlay screen with false information to gather data without being seen
3.They are able to do this by combining permissions for two certain features 
4.Features involved are very useful in mapping, chat or password manager apps

The two features involved are very useful in mapping, chat or password manager apps, so preventing their misuse will require users to trade convenience for security. 
The attack, dubbed 'Cloak and Dagger', enables cyberthieves to control handsets by overlaying the interface with false information to hide malicious activities being performed underneath


Wednesday, 17 May 2017

North Korea Possibly Behind Ransomware Attacks|| WannaCry

Considered the world’s biggest ransomware attack to date, WannaCry went on rampage over the weekend, hitting targets in 150 countries and infecting over 230,000 computers at its peak. The spread slowed down on Monday, but not before new malware variations emerged.
The ransomware’s weak point was a hardcoded domain used for sandbox evasion, which also served as a kill-switch: once the domain was registered, the malware no longer infected new machines.

"An earlier WannaCry ransomware sample shows code similarities with malware used by a North Korea-linked hacking group responsible for multiple financial and destructive attacks, security researchers say."

Symantec, on the other hand, was also able to pinpoint exactly the Lazarus tools the older WannaCry samples share similarities with. “This SSL implementation uses a specific sequence of 75 ciphers which to date have only been seen across Lazarus tools (including Contopee and Brambul) and WannaCry variants,” the company said.

Last year, Symantec linked the Banswift Trojan that was used in the Bangladesh attack to manipulate SWIFT transactions with early variants of Contopee, which was already known to be used by attackers associated with Lazarus. In their report on Op Blockbuster, BAE Systems also suggested the Bangladesh heist and the 2014 Sony attack were linked.

“Symantec identified the presence of tools exclusively used by Lazarus on machines also infected with earlier versions of WannaCry. These earlier variants of WannaCry did not have the ability to spread via SMB. The Lazarus tools could potentially have been used as method of propagating WannaCry, but this is unconfirmed,” the security firm continues.

Tuesday, 16 May 2017

How to secure personal PC or Laptop

Problem:Virus, Trojan, Worm                                            
Solution :Use Antivirus (McAFee , Norton , etc)

Problem :Malwares (spyware+ adwares)                            
Solution: Use Anti malware's:                                                                              
1.MalwareBytes' Anti-Malware
4.Secunia psi

Problem :Remote Hacking                                                
Solution:Use Zone alarm firewall

Problem :Date & Information thief                                    
Solution :Use best crypt software (jetico)

Problem :Email Hacking          
Solution: Use own System and use password manger.

Problem :Password Hacking                                              
Solution: Use password manger and use virtual keyboard

Problem :Untrusted file                                                    
Solution:  First scan online

Problem :Sniffing                                                                
Solution:Use anti-arp software for arp and dns spoofing.

Friday, 28 April 2017

What is Email Bombing and send anyone

Email bombing is a trick to send unlimited email/mint to victim so that the email account will be locked or creased due to usage of full space , that's why user is unable to read the emails.
And email bombing is the done by PHP script.

Follow below link and send to mail victim

Disclaimer: Hackerinfoindia is publishing this list just for educational purposes and awareness about cyber security. We don’t promote malicious and unethical practices.

Tuesday, 25 April 2017

How to send Email Spoofing mail ||Email Spoofing+ SMS Spoofing

Multiple time we have seen people send email to prime minster or VIP person are caught due to IP spoofing before email spoofing.

What is Email Spoofing?

Email Spoofing is the hacking trick that can send email to anyone showing any email address, such as I want to send email from to my friend  using this method.
If victim open the email then it shows the mail come from

How to send Email Spoofing mail

Click Here and send  Email anyone .

Disclaimer: Hackerinfoindia is publishing this list just for educational purposes and awareness about cyber security.We don’t promote malicious and unethical practices.

Sunday, 23 April 2017

Watch Cyber attack in Real-time Worldwide

If you are interesting to watch who is initiating cyber-attack whom globally live. Thousands of website and organization server gets hacked every day due to vulnerable files, plugins, misconfiguration on the servers.
 Protocols worked
·         Telnet
·         Netis
·         RFB (Remote framebuffer)
·         Microsoft-DS
·         HTTP
·         MS WBT
·         SIP
·         SSH
·         XSAN File system

Locations Worked
·         Global (default)
·         South East Asia
·         West Asia
·         Latin America
·         Europe
·         US & China

Top five Cyber-Attack Maps
 1.Norse Watch Live

 2. Fire Eye Watch Live

3.Check Point Watch Live

4.Kaspersky Map Watch Live

5.Digital attack map Watch Live

if you like this post please like & share with your friends... 
& Don't Forget To..

Saturday, 22 April 2017

You know URL Hijacking

What is URL Hijacking
Typosquatting, also called URL hijacking, a sting site, or a fake URL and which is
 Hijacking occurs when another advertiser creates an ad that looks like it's your ad. It happens within paid search ads, contextual ads, and in display network image ads. Paid Search Hijacking. When URL Hijacking occurs in paid search, the hijacker will use your URL as the display URL in its ad.

Type of Typosquatting

1. A form of cybersquatting

2. Capitalizes on misspelling

Some Example of URL Hijacking 

1.Make money from your mistek
-There was lot of advertising  on the net.

2.Sell the badly spelled domain to the actual owner
-sell a mistek

3.Phishing the site
-look like the real site , please login.

4.Typosquading /brandjacking
-Take advantage of poor spelling.

5.outright misspelling Vs

A typing error

If you like this post please like & share with your friends... 
& Don't Forget To..