Sabtu, 11 Agustus 2012

Security Brief: OpDemonoid and OpAustralia


In the past week (between August 6 and August 12) we had a lot of interesting events, but two of them stand out the most: Operation Demonoid and Operation Australia.

OpDemonoid started after the world learned that Ukrainian authorities raided the datacenter that housed the torrent tracker’s servers. Many believed that it had been a gift made by Ukraine to the United States, rumor which triggered the activist (hacktivist) nature of many.

Anonymous released a statement and begun the attacks. The targets of the operation are the Foreign Intelligence Service of Ukraine (fisu.gov.ua), Svalyava district (svalyava-vlada.gov.ua), the Ukrainian Anti-Piracy Association (APO), the Agency for Copyright and Related Rights (UACRR), and the National Television and Radio Broadcasting Council of Ukraine (NRADA).

Ukraine’s president (president.gov.ua), Ukrainian Ministry of Defense (mil.gov.ua), the Cabinet of Ministers, PiratePay.ru, and Dutch anti-piracy outfit BREIN are also targets of OpDemonoid. Many of them have been temporarily taken down with distributed denial-of-service (DDOS) attacks and some of them have even been defaced.

The other major campaign, OpAustralia, was initiated when hackers attacked Australian ISP AAPT was breached. Soon after, Anonymous issued a statement and things picked up.

The Australian Security Intelligence Organization (AISO) and the Defence Signals Directorate were attacked, their sites being taken down for short periods of time.

Things have been quiet in the Anonymous Australia camp after news broke out that the Attorney General sent the bill to a parliamentary committee to be analyzed.

However, the Australian Federal Police is warning hacktivists that they could be sentenced to as many as ten years in prison if they continue to attack government websites.

In related news, WikiLeaks has been once again taken down by a massive (DDOS) attack. A group known as AntiLeaks has taken credit for the attack.

Blizzard also admitted that its Battle.net platform was breached. They claim that no financial details have been obtained by the hackers, but the information that got leaked is enough for someone to cause some damage.

Another noteworthy story is the one about the fake tweet regarding the death of Syria’s president. Italian journalist Tommaso De Benedetti demonstrated once again that the media’s need for speed makes social media the most unverifiable source in the world.

This time, however, there weren’t only stories on the matter. The oil market was also impacted by the false tweets.

Some interesting pieces of malware have also made headlines in the past week. First, Kaspersky researchers uncovered a version of ZeuS-in-the-mobile (ZitMo) that targets BlackBerry devices.

Then, Rapid 7 researchers released their own analysis of the controversial FinFisher lawful surveillance tool. They found that the government monitoring tool has servers in ten different countries.

The Dorifel malware also caused some waves, especially in the Netherlands where it had infected over 3,000 computers. The Trojan, according to Kaspersky, targets the financial details of its victims.

Finally, we learned of Gauss, a state sponsored banking Trojan that’s connected to Flame, Stuxnet and Duqu.

Via: Security Brief: OpDemonoid and OpAustralia

Tidak ada komentar:

Posting Komentar