Sunday, 20 August 2017

Top Five Hacking News ||Exploit Toolkit for $80 Per Day||Hijacked Extensions||Chinese DDoS Platforms||20-08-2017

1.The Latest Exploit Toolkit for $80 Per Day.

For just $80 per day, $500 per week or $1,400 monthly, cybercrime entrepreneurs can subscribe to Disdain. That's the name of a new exploit kit that's appeared on at least one underground Russian cybercrime forum, and which is being advertised by a "threat actor" who uses the handle "Cehceny," according to Israeli cybersecurity firm IntSights Cyber Intelligence. And more inforamtion Ref.

2.WannaCry 'Hero' Pleads Not Guilty, Allowed Back Online.

The British security researcher credited with stopping the WannaCry ransomware outbreak pleaded not guilty Monday to charges that he developed and sold a type of malicious software that steals online banking credentials and more inforattion Ref.

3.The malware can be downloaded accidentally through Google Play apps.

A new type of malware that threatens to send your private pictures, messages and internet browsing history to your friends has been discovered and more inforamtion  Click Here.

4. Hijacked Extensions: 4.7 Million Chrome Users at Risk.

More than 4.7 million users were apparently exposed to potentially malicious ads and credential theft after cybercriminals managed to hijack the developer accounts of several popular Chrome extensions.
and read more.

5.Common Source Code Used by Multiple Chinese DDoS Platforms.

An increase in Chinese websites offering online distributed denial of service (DDoS) capabilities was observed after a localized version of the source code of online booters was put up for sale, Talos reveals and more information Ref.

Wednesday, 19 July 2017

The largest Dark Web marketplaces "AlphaBay Market" is down.

One of the largest Dark Web black markets is down. We have analyzed many times the popular black market where it was possible to buy any kind of illegal goods, including drugs, malicious code and fake documents.

AlphaBay is considered the largest marketplace on the dark web, competing against the likes of Abraxas, Dream, and Hansa. Operators at the marketplace have continued improving the site by adding new features, including Monero.

On the Internet is circulating the news that administrators of the black market have pulled a classic exit scam to steal users’ Bitcoin.

As per confirmation with "securityaffairs" ,Analyzing the total withdrawal it is possible to verify that admins have transferred 1,479.03904709 Bitcoin (roughly $3.8 Million), which led to suspicion from some users that the site’s admins may have pulled an exit scam to steal user funds. Of course, at the time I was writing this is only a hypothesis, The AlphaBay Market already went down in the past, last year the black market was not accessible for about four days. Also, the blockchain transactions of about $3.8 Million are not enough for AlphaBay moderators to go offline.

The AphaBay marketplace made the headlines early last year when unknowns hacked the website and stole over 200,000 private unencrypted messages from several users.

In March 2015, the largest dark web market at the time, ‘Evolution,’ suddenly disappeared overnight in similar circumstances, operators stole millions of dollars worth of Bitcoins from its customers.

Thursday, 13 July 2017

Dell Launched Endpoint Security Technologies

Dell has announced new security technologies that provide threat detection and prevention for traditional endpoints as well as cloud client computing.

Dell Data Protection Endpoint Security Suite Enterprise provides businesses with endpoint security that integrates authentication, encryption and advanced threat protection into one single management plane, according to Hansen.

According to Dell's research, it's been a rough year for companies. A whopping 87 percent of organizations have suffered a security breach of some sort in the past 12 months. More than 75 million records have been pilfered from business networks as a result of an estimated 568 breaches. Seventy percent of security breaches can be traced to human causes.

Recovering from a data breach can also prove very costly. A single lost laptop can end up costing a business $49,000, a figure that includes the cost of dealing with breaches. Just one lost or stolen record can end up costing a business $201, up from $188 in just one year

Three versions of Dell Endpoint Security Suite Enterprise are currently available: one for systems with an Internet connection, one for devices that connect to an on-premises server for updates, and one for systems that are completely isolated.

If you want to more information about "Dell end point security" so visit Dell official website.

Monday, 10 July 2017

Hackers Can Now Decrypt Satellite Phone Calls

A group of security researchers detailed a real-time inversion attack against the GMR-2 stream cipher used in satellite phone communication, claiming it is much more efficient than previously devised attacks.

The research focused on the GMR-2 algorithm that is commonly used by modern-day satellite phones, including Inmarsat, to encrypt voice calls in an attempt to prevent eavesdropping.

The attack method helped researchers effectively reduce the search space for the 64-bit encryption key, which in turn made it easier to hunt for the decryption key, resulting in the encrypted data to be cracked within a fraction of a second.

The technique contains three phases, namely table generation; dynamic table looks-up, filtration and combination; and verification. The attack can be used to “retrieve the complete 8-byte encryption-key from only 1 frame (15 bytes) of keystream on average.” It also significantly reduces the exhaustive search space, and requires only 6KB of extra storage space.

The security researchers reveal that, in 10,000 experiments, the newly devised technique was able to uniquely determine 97.2% of the encryption-keys by the 15 bytes of keystream. The remaining 2.8% of the keys needed an extra keystream byte to retrieve.

Sunday, 9 July 2017

Facebook and WhatsApp HACK Via Spydealer

Dubbed SpyDealer as like "Marcher" ,The Trojan is capable of gathering the information from user phone(Android) such as phone number , message , contact details and even call history.

Malware researchers at Palo Alto Networks have spotted a new  Android Trojan, dubbed SpyDealer that can exfiltrate data from more than 40 applications, including WeChat, Facebook, WhatsApp, Skype, Line, Viber, QQ, Tango, Telegram, Sina Weibo, Tencent Weibo, Android Native Browser, Firefox Browser, Oupeng Brower, QQ Mail, NetEase Mail, Taobao, and Baidu Net Disk.
"The mobile malware only works Android versions from 2.2 up to 4.4 releases , that are the versions supported by the rooting tool."
Once installed, the malware doesn’t show an application icon, but registers “two broadcast receivers to listen for events related to the device booting up and network connection status.” At the first launch, the malware retrieves configuration information (from a local asset that can be remotely updated) such as the IP address of a remote command and control (C&C) server, the actions it can take on mobile networks, and the actions allowed under a Wi-Fi network.

If you see  Marcher is more power power full  Malware but it is target of the mobile banking APP .
Marcher" is malware targeting the Android platform. It is designed to steal mobile banking app credentials from customers of many different financial company.

Securify researchers explained about the malware: “Marcher is one of the few Android banking Trojans to use the AndroidProcesses library, which enables the application to obtain the name of the Android package that is currently running in the foreground.

Marcher has been around since late 2013, but it initially attempted to trick users into handing over their payment card details using Google Play phishing pages. In March 2014, the malware started targeting banks in Germany and, by the summer of 2016, there had already been more than 60 targeted organizations in the U.S., U.K., Australia, France, Poland, Turkey, Spain and other countries.
The malware has been disguised as various popular apps, including Netflix, WhatsApp and Super Mario Run.

Tuesday, 27 June 2017

Warning : Petya Ransomware Hits Banks, Telecom, Businesses & Power Companies.

NotPetya Ransomware just like WannaCry , Petya is a nasty piece of ransomware and works very differently from any other ransomware malware. Unlike other traditional ransomware, Petya does not encrypt files on a targeted system one by one.

Instead, Petya reboots victims computers and encrypts the hard drive's master file table (MFT) and renders the master boot record (MBR) inoperable, restricting access to the full system by seizing information about file names, sizes, and location on the physical disk.

The attack already hit Ukraine central bank and Russian oil giant Rosneft. Government computers, airports, and large communication companies in Ukraine appear to have been affected as well. US biopharmaceutical giant Merck also confirmed that its network has been compromised as part of the global attack.

"Kaspersky Lab's analysts are investigating the new wave of ransomware attacks targeting organizations across the world. Our preliminary findings suggest that it is not a variant of Petya ransomware as originally reported, but a new ransomware that has not been seen before," the company said in a research note Tuesday afternoon. "That's why we have named it NotPetya."

According to Recorded Future’s Liska, other payloads might also be used in the attack: “There are also reports that the payload includes a variant of Loki Bot in addition to the ransomware. Loki Bot is a banking trojan, it steals usernames and passwords as well as other personal data from the victim machine and sends it to a command and control host.  Which means this attack not only could make the victim's machine inoperable, it could steal valuable information that an attacker can take advantage of during the confusion.’”

Sunday, 25 June 2017

Microsoft Said that: Windows 10 has disabled third-party Anti-Virus

Windows 10 does disable some third-party security software, Microsoft’s application compatibility teams found that roughly 95 per cent of Windows 10 PCs had an antivirus application installed that was already compatible with Windows 10 Creators Update,” said Rob Lefferts, director of security in the Windows and Devices group

But what about the 5 percent that weren’t compatible in Microsoft’s eyes? Lefferts says:"For the small number of applications that still needed updating, we built a feature just for AV apps that would prompt the customer to install a new version of their AV app right after the update completed. To do this, we first temporarily disabled some parts of the AV software when the update began. We did this work in partnership with the AV partner to specify which versions of their software are compatible and where to direct customers after updating".

Kaspersky is worried that Microsoft is trying the same trick, but – based on Lefferts' post – Redmond is ready to fight such claims "it has designed its own security software to only kick in when "an AV subscription expires, and the AV application decides to stop providing protection to the customer."

Thursday, 22 June 2017

OpenVPN Patches Remotely Exploitable Vulnerabilities

OpenVPN this week patched several vulnerabilities impacting various branches, including flaws that could be exploited remotely.

Four of the bugs were found by researcher Guido Vranken through fuzzing, after recent audits found a single severe bug in OpenVPN. While analyzing OpenVPN 2.4.2, the researcher found and reported four security issues that were addressed in the OpenVPN 2.4.3 and OpenVPN 2.3.17 releases this more

Wednesday, 21 June 2017

Mostly Smartphone Apps share Your Data With Third-Party Services

Most of Smartphone app share your personal data with third-party comapnies like google Analytics, the facebook graph API or etc  , this is data privacy issue.

When people install a new  Android or iOS app, it asks the user's permission before accessing personal information. afthar that these app are collect the information from your phone as like contact number,message and etc.

and it can share your data with anyone the app's developer wants to -- letting third-party companies track where you are, how fast you are moving and what you are doing.
To get a picture of what data are being collected and transmitted from people's smartphones, the researchers from IMDEA Networks Institute in Spain developed a free Android app of their own, called the Lumen Privacy Monitor.

Because Lumen is about transparency, a phone user can see the information installed apps collect in real time and with whom they share these data.
"We try to show the details of apps' hidden behaviour in an easy-to-understand way. It's about research, too, so we ask users if they'll allow us to collect some data about what Lumen observes their apps are doing - but that doesn't include any personal or privacy-sensitive data," the researchers said in a statement released by the institute.

"We discovered 598 internet sites likely to be tracking users for advertising purposes, including social media services like Facebook, large internet companies like Google and Yahoo, and online marketing companies under the umbrella of internet service providers like Verizon Wireless," the study said.

Mobile App Protection

Your mobile applications can present material organizational risk, including intellectual property theft, operational disruption, software piracy, and data loss. Below are some examples.

1.Mobile apps may be modified with malware and placed on the public app marketplace.
2.Mobile apps proprietary business logic can be inspected and/or copied.
3.Mobile apps security and license checks may be circumvented.
4.Debugging mobile apps may allow access to sensitive data such as personally identifiable or regulated information.
5.Reverse engineering mobile apps can readily expose potential vulnerabilities and unlock otherwise secure access to high-value services.

Tuesday, 20 June 2017

Securityweek:Cisco Releases Open Source Malware Signature Generator

Cisco’s Talos intelligence and research group announced on Monday the availability of a new open source framework designed for automatically generating antivirus signatures from malware.
read more

Monday, 19 June 2017

Advertising Program:Facebook chases TV’s US$70b stash with its own video series

Facbook will statrt TV advertising market in its sights,the creation of video series that will begin to appear on the world’s largest social network later this year.

Facebook is closing deals for its first batch of shows, including two that the Hollywood Reporter unveiled earlier this week — reality competition series Last State Standing and a second season of comedy Loosely Exactly Nicole, which first appeared on MTV. The shows will be available via a new video tab on Facebook that hasn’t been released.

Facebook isn’t trying to compete with the highest end of that market — paid services Netflix, HBO and Showtime. It has its sights set on cable networks and advertising-supported online services with young viewers.
“Funding video is a way for Facebook to figure out its greater advertising program,” said Matthew Segal, chief executive officer of ATTN, a digital media company that publishes video to Facebook. “It’s clear they want to be a bigger player in the space; they want to eclipse TV.”

Facebook’s interest in funding video tantalises Hollywood, where producers drool at the thought of another deep-pocketed patron alongside fellow tech giants Inc, Apple Inc and Alphabet Inc. Other new players, like Verizon Communications Inc, have had a harder time, often committing less money to less ambitious shows.

With two billion people checking their news feed every month, Facebook reaches more people than any TV network. “Not only do nearly 100 per cent of people under 35 have an account, but they are spending over 1,000 minutes a month on Facebook,” said ATTN’s Segal.

Facebook is also developing a second tab that will be devoted to the more high-end programming, the people said. Facebook prefers not to put details of the video product in writing and will only discuss it by phone, according to people who have dealt with the company. Facebook has also rankled some potential partners by insisting on selling advertising itself and inserting ads into the middle of live broadcasts, the people said.

Facebook has a small staff handling original programming, not enough to manage a robust operation. Facebook would rather share money from advertising sales than pay for content in the long term.
“The sustainable model is some sort of revenue sharing,” Fidji Simo, Facebook’s head of video product, said in an interview. “The goal is really to get a lot of different partners to come to Facebook share their content and find success. It’s very hard to find that over the long-term by funding.”

Sunday, 18 June 2017

Canada: Hackers Targeted Country's 2015 Election, May Try Again in 2019

Canada’s electronic agency says hackers tried to influence the 2015 election that brought Justin Trudeau to power and may try again in 2019.

In a report, the Communications Security Establishment (CSE) said hacktivists and cybercriminals had leaked sensitive government documents, and attempted to smear candidates and spread disinformation and propaganda ahead of the 2015 vote. read more

Wednesday, 14 June 2017

FBI Warns of North Korea's 'Hidden Cobra' Attacks

The Hidden Cobra group(North Korean government hackers) has been busy targeting victims for the last eight years. they are use Malicious tool as like DDos botent , keyloggers, RATs(remote access tool) and wiper malware.
The group tends to target old runing machine  and unsupported versions of microshoft windows. It has also exploited Adobe Flash Player vulnerabilities and Microsoft Silverlight to get a toehold in environments. Organizations are advised to update to the newest version and patch level; if Flash and Silverlight are no longer needed, then push them to the curb and get those apps is off the of systems.

The FBI investigate and found , the 663 IP addresses listed in the IOC are being used by Hidden Cobra for network exploitation. DHS and FBI want network administrators to add those source and destination IPs to their watchlists to determine if there has been malicious activity within their organizations. The alert also includes YARA rules and network signatures created through a “comprehensive vetting process.”

                                                         Read full news article


Thursday, 25 May 2017

Android warning: Newly-discovered Android exploit" Cloak & Dagger" that can show users a fake screen

The discovery was made by researchers at Georgia Institute of Technology (Georgia Tech), who has tested the vulnerability in closed environments.

How to Avoid that Attack 
The exploit depends primarily on Android’s SYSTEM_ALERT_WINDOW (“draw on top”) and BIND_ACCESSIBILITY_SERVICE (“a11y”) to draw interactive elements over real apps.

The first permission, known as "draw on top," is a legitimate overlay feature that allows apps to overlap on a device's screen and top of other apps(Settings>Apps>”Gear symbol”>Special access>Draw over other apps)

1.  New attack found to start with Android users downloading infected apps
2.Hackers overlay screen with false information to gather data without being seen
3.They are able to do this by combining permissions for two certain features 
4.Features involved are very useful in mapping, chat or password manager apps

The two features involved are very useful in mapping, chat or password manager apps, so preventing their misuse will require users to trade convenience for security. 
The attack, dubbed 'Cloak and Dagger', enables cyberthieves to control handsets by overlaying the interface with false information to hide malicious activities being performed underneath


Wednesday, 17 May 2017

North Korea Possibly Behind Ransomware Attacks|| WannaCry

Considered the world’s biggest ransomware attack to date, WannaCry went on rampage over the weekend, hitting targets in 150 countries and infecting over 230,000 computers at its peak. The spread slowed down on Monday, but not before new malware variations emerged.
The ransomware’s weak point was a hardcoded domain used for sandbox evasion, which also served as a kill-switch: once the domain was registered, the malware no longer infected new machines.

"An earlier WannaCry ransomware sample shows code similarities with malware used by a North Korea-linked hacking group responsible for multiple financial and destructive attacks, security researchers say."

Symantec, on the other hand, was also able to pinpoint exactly the Lazarus tools the older WannaCry samples share similarities with. “This SSL implementation uses a specific sequence of 75 ciphers which to date have only been seen across Lazarus tools (including Contopee and Brambul) and WannaCry variants,” the company said.

Last year, Symantec linked the Banswift Trojan that was used in the Bangladesh attack to manipulate SWIFT transactions with early variants of Contopee, which was already known to be used by attackers associated with Lazarus. In their report on Op Blockbuster, BAE Systems also suggested the Bangladesh heist and the 2014 Sony attack were linked.

“Symantec identified the presence of tools exclusively used by Lazarus on machines also infected with earlier versions of WannaCry. These earlier variants of WannaCry did not have the ability to spread via SMB. The Lazarus tools could potentially have been used as method of propagating WannaCry, but this is unconfirmed,” the security firm continues.

Tuesday, 16 May 2017

How to secure personal PC or Laptop

Problem:Virus, Trojan, Worm                                            
Solution :Use Antivirus (McAFee , Norton , etc)

Problem :Malwares (spyware+ adwares)                            
Solution: Use Anti malware's:                                                                              
1.MalwareBytes' Anti-Malware
4.Secunia psi

Problem :Remote Hacking                                                
Solution:Use Zone alarm firewall

Problem :Date & Information thief                                    
Solution :Use best crypt software (jetico)

Problem :Email Hacking          
Solution: Use own System and use password manger.

Problem :Password Hacking                                              
Solution: Use password manger and use virtual keyboard

Problem :Untrusted file                                                    
Solution:  First scan online

Problem :Sniffing                                                                
Solution:Use anti-arp software for arp and dns spoofing.

Friday, 28 April 2017

What is Email Bombing and send anyone

Email bombing is a trick to send unlimited email/mint to victim so that the email account will be locked or creased due to usage of full space , that's why user is unable to read the emails.
And email bombing is the done by PHP script.

Follow below link and send to mail victim

Disclaimer: Hackerinfoindia is publishing this list just for educational purposes and awareness about cyber security. We don’t promote malicious and unethical practices.

Tuesday, 25 April 2017

How to send Email Spoofing mail ||Email Spoofing+ SMS Spoofing

Multiple time we have seen people send email to prime minster or VIP person are caught due to IP spoofing before email spoofing.

What is Email Spoofing?

Email Spoofing is the hacking trick that can send email to anyone showing any email address, such as I want to send email from to my friend  using this method.
If victim open the email then it shows the mail come from

How to send Email Spoofing mail

Click Here and send  Email anyone .

Disclaimer: Hackerinfoindia is publishing this list just for educational purposes and awareness about cyber security.We don’t promote malicious and unethical practices.

Sunday, 23 April 2017

Watch Cyber attack in Real-time Worldwide

If you are interesting to watch who is initiating cyber-attack whom globally live. Thousands of website and organization server gets hacked every day due to vulnerable files, plugins, misconfiguration on the servers.
 Protocols worked
·         Telnet
·         Netis
·         RFB (Remote framebuffer)
·         Microsoft-DS
·         HTTP
·         MS WBT
·         SIP
·         SSH
·         XSAN File system

Locations Worked
·         Global (default)
·         South East Asia
·         West Asia
·         Latin America
·         Europe
·         US & China

Top five Cyber-Attack Maps
 1.Norse Watch Live

 2. Fire Eye Watch Live

3.Check Point Watch Live

4.Kaspersky Map Watch Live

5.Digital attack map Watch Live

if you like this post please like & share with your friends... 
& Don't Forget To..

Saturday, 22 April 2017

You know URL Hijacking

What is URL Hijacking
Typosquatting, also called URL hijacking, a sting site, or a fake URL and which is
 Hijacking occurs when another advertiser creates an ad that looks like it's your ad. It happens within paid search ads, contextual ads, and in display network image ads. Paid Search Hijacking. When URL Hijacking occurs in paid search, the hijacker will use your URL as the display URL in its ad.

Type of Typosquatting

1. A form of cybersquatting

2. Capitalizes on misspelling

Some Example of URL Hijacking 

1.Make money from your mistek
-There was lot of advertising  on the net.

2.Sell the badly spelled domain to the actual owner
-sell a mistek

3.Phishing the site
-look like the real site , please login.

4.Typosquading /brandjacking
-Take advantage of poor spelling.

5.outright misspelling Vs

A typing error

If you like this post please like & share with your friends... 
& Don't Forget To..

Tuesday, 18 April 2017

How to hack Wifi and facebook Account through Wifiphisher ||100% Working

Disclaimer: Hackerinfoindia is publishing this list just for educational purposes and awareness about cyber security  . We don’t promote malicious and unethical practices.

What you Need and Installation :-

·      Laptop with onboard or additional Wifi-Adapter
·      2x Wifi-Adapters (recommended)

First, open your Terminal and type git clone”
and open the Wifiphisher directory with “cd wifiphisher
just type that command “sudo python install”
now you should be able to open Wifiphisher by just typing “wifiphisher” in the Terminal


In case some people face, Matplotlib might be missing like you can see in the picture below

to solve the problem just type in Terminal “sudo apt-get install matplotlib”
and you should be ready to go.

1.  Now you open Wifiphisher by typing “wifiphisher” in the Terminal and you will be able to see the following window.
Then you see multiple wifi-devices, and choose which wifi- device you want to attack.
Then we have four phishing options that we can use

If you want to drop a payload on your targets device make sure to use option 3. This option falsifies a browser update and serves your target with a Payload instead.
  If you want to Phish the Wifi-Password options 1 & 2 are great especially option 2 supports mobile devices which are great in case your target uses a mobile phone to reconnect to the Internet.
If you want to phish Facebook LogIn information option 4 is the one to go with. It has a great template that looks almost tempting to use.
Now that you chose your option just wait until your target reconnects to the Fake-Wifi-Spot created by you. Since you sent him deAuth-Packages he has to reconnect in order to be able to use the Internet.
The moment your Target connects his information will be displayed to you.
Once the Target types in his Information those will be displayed to you in RED.

If you like this post please like & share with your friends... 
& Don't Forget To..

Sunday, 16 April 2017

Download free Best Password Cracking Tools for Windows, Linux, OS X

Disclaimer: Hackerinfoindia is publishing this list just for educational purposes and awareness about cyber security  . We don’t promote malicious and unethical practices.

1.John the Ripper

Johan the Ripper is most popular password cracking tool, this is free password cracking tool and Its ability to autodetect password hashtypes, makes it a preferred choice of ethical hackers to ensure security. A pro version of this tool is also available

Supported platforms:Linux, Windows, DOS, and OS X .

Download link:Click Here

2. L0phtCrack :-its window password cracking tool, its is used for hybrid, brute force, and rainbow tables attack .

Supported Platforms: L0phtCrack is available for Windows

Download linkClick Here

3. DaveGrohl

DaveGrohl is an open source password cracking tool that’s preferred by the Apple security experts.

Supported Platforms: DaveGrohl is available for OS X

Download link: Click Here


This free tool is created to support the protocols that are rarely supported by other popular password cracking tools.
its is also called brute forcing tool and also popular for pen testing scene.Crowbar supports VNC key authentication, OpenVPN, SSP private key authentication, and Remote Desktop.

Supported Platforms: Crowbar is available for Windows, Linux, OS X

Download link:Click Here

5.THC Hydra

This free-to-use tool helps the pentesters and security researchers to know how easy it would be to gain remote access to a system.

Supported Platforms: THC Hydra is available for Windows, Linux, Solaris, FreeBSD, OS X

Download link:Click Here

If you like this post please like & share with your friends... 
& Don't Forget To..

Thursday, 13 April 2017

How to find person through his email-add or mobile number?

If person has website or listed his account in any public website, then you can find information about use of search engine. But in most cases, person use fake email-address for communication.
If mobile number or email add is not fake then you search easily in social website, what’s about his occupation, relationship, address and education.

Try to email search with Facebook. Facebook is largest social website nowadays, if person register his account on that email, then you can search his profile by email-address in Facebook. Put his email-address in Facebook search-box.

Finally, if nothing works, you should try a people search service like and –both services let you perform reverse email lookups but Spoke has a more comprehensive database than Pipl.

If you like this post please like & share with your friends... 
& Don't Forget To..