Cyber Crime in India: October 2011

31 October 2011

CID, West Bengal website hacked by Muslim Liberation Army

Kolkata: The homepage of the official website of the CID, West Bengal was hacked today by a suspected anti-India organisation calling itself the Muslim Liberation Army. "Our first page was found replaced. We have restored our website. Investigation is on," DIG (Operation) CID K Jayaraman said here today.

The original page was, however, restored after several hours, Jayaraman said. An investigation was on to ascertain the real identity of the hacker and how it happened, he said.

Recognising the seriousness of cyber threats, the CID West Bengal had developed a cyber crime unit under its Special Operation Group (SOG).

Solutions : www.xcyss.in

27 October 2011

Operation DarkNet: A Good Start, But There is More to Do

I saw in the news that Anonymous (factions thereof) have decided to go after the pxxdophiles using the hidden wiki and the “DarkNet” for their purulent files. The hack on the Lxlita City site was a success in that they got hold of user names and passwords.

Due to the nature of the site and its being in the hidden wiki (DarkNet) it is tough to know exactly where the systems sit that house/host the content, but, it seems that through certain techniques using TTL, they pretty much have a good idea of where the server may sit in the continental US

Click here to read more .

Solutions : www.xcyss.in

DUQU : The precursor to the next Stuxnet

Duqu is essentially the precursor to a future Stuxnet-like attack. The threat was written by the same authors, or those that have access to the Stuxnet source code, and appears to have been created after the last
Stuxnet file we recovered. Duqu’s purpose is to gather intelligence data and assets from entities such as industrial infrastructure and system manufacturers, amongst others, in order to more easily conduct a future
attack against another third party. The attackers are looking for information such as design documents that could help them mount a future attack on various industries, including industrial control system facilities. Duqu does not contain any code related to industrial control systems and is primarily a remote access Trojan (RAT). The threat does not selfreplicate. Our telemetry shows the threat has been highly targeted toward a limited number of organizations for their specific assets. However, it’s possible that other attacks are being conducted against other organizations in a similar manner with currently undetected variants

.....

Duqu uses HTTP and HTTPS to communicate to a command and control (C&C) server at 206.183.111.97, which is hosted in India. As of October 18th this IP is inactive. To date this is the only C&C IP encountered and is a reliable indicator of Duqu activity on a network. Through the command and control server, the attackers were able to download additional executables, including an infostealer that can perform actions such as enumerating the network, recording keystrokes, and gathering system information. The information is logged to a lightly encrypted and compressed local file, and then must be exfiltrated out. In addition to this infostealer, three more DLLs were pushed out by the C&C on October 18th.

Click here for full report

Solutions : www.xcyss.in

24 October 2011

Email hacking case may land Sanjiv Bhatt in prison again

The respite to suspended IPS officer Sanjiv Bhatt, who was released on bail on Monday after 17 days in prison, may not last long.

The next action against the IPS officer may be taken by the Vastrapur police in connection with an FIR lodged against Bhatt by his once bosom friend, advocate general of Gujarat Tushar Mehta. Mehta has accused Bhatt of hacking his email account, which is a non-bailable offence under Section 66A of the Information Technology Act.

.......

Click here to read more ......

Solutions : www.xcyss.in

Girls beware! Your cell number will be sold out

Girls beware! When you go to recharge your mobile phones, without you being aware, the numbers are being collected and sold to unscrupulous people who will try to exploit you.

Those who are at risk are in their late teens and early twenties. But now the police cyber cell has become aware and investigations are going on.

Recently, the Thiruvananthapuram cyber police arrested Saleesh Kumar, 27, who hails from Pandalam in Pathanamthitta district for making more than 7,000 unsolicited telephone calls and sending 13,000 messages to about 200 women within and outside the state in the last few months.
.....
Click here to read more ......

Solutions : www.xcyss.in

4 cops held for extortion in Ahmedabad

It’s not just fake cops who rob citizens but also real ones who steal from innocent people. In a shocking revelation late on Thursday night, four policemen were arrested for extorting money from a call centre owner in Navrangpura, by posing as cyber experts from the crime branch.

The policemen, posted at Navrangpura police station, allegedly demanded Rs50,000 from the call centre owner who had recently ventured into the business. Police said that the owner, identified as Praful and a resident of Isanpur, had lodged a complaint with the Navrangpura police station earlier this month.
.......

Click here to read more ......

Solutions : www.xcyss.in

Hacking alert: Facebook, Hotmail accounts targeted

Indore: The users of the social networking website, Facebook, and other e-mail service users are being victimised at the hands of the professional hackers in the city. There have been reports of illegal hacking of the user accounts in the past couple of days. The cyber-crime cell has undertaken an investigation upon the complaints of the victims.

One of the victim, Pankaj Vaidya, stated that his Facebook account has been hacked which is being used for chatting by an unknown individual for the last two months now. The textile businessman, Pankaj, stated that his business operations and network links were managed through his Facebook account that has been hacked now. In a similar incident of hacking, Amarkant Soni, resident of Bhopal, found that his account has been hacked as someone was posting lewd comments from his account. The victims have approached the cyber-crime cell to seek legal help in the case.

......

Click here to read more ......

Solutions : www.xcyss.in

DCP summoned over contradictory reports

PUNE: Baffled by the attitude of a police inspector for filing two contradictory reports in a bail matter, additional sessions judge Vinay Joshi has summoned deputy commissioner of police (cyber) Sanjay Shinde on October 19, and has directed Shinde to file a report explaining the alleged goof-up.

Joshi, while hearing the bail pleas of suspects K Nageshwarrao (40) and Mohammad Sultan Patel (47), both from Hyderabad, in a cyber crime case, had come across two reports filed by inspector (computer) Vilas Bhosale on October 13. One report favoured the suspects while another opposed their bail pleas.

..........

Click here to read more ......

Solutions : www.xcyss.in

Now, cyber criminals go undercover with Darknet

PUNE: The so called cyber criminals now have a new weapon to further their malicious activities - the Darknet, even as the government is working on stricter norms to monitor data and communication in the internet, say cyber crime experts.

A darknet is a closed private network of computers used for file sharing. It boasts strong encryptions and thus, cannot be intercepted by an external agency. Experts say these dark networks are increasingly being used by anti-social elements and underground groups across the globe, including Pune, for official communication as well as to sell and buy personal data of users.

........

Click here to read more ......

Solutions : www.xcyss.in

Police arrests man for cyber crime in Nepal

Kathmandu, Oct 21 (PTI) Nepal Police have nabbed a 27 -year-old man from the outskirts of Kathmandu, who allegedly impersonated a girl in a Facebook account, in the first such case registered under the cyber crime act.

Acting on behalf of the girl with surname as Shrestha (first name of the girl has been kept secret), Tapta Kumar Shrestha posted vulgar comments and nude photographs to different men including her friends.

.......

Click here to read more ......

Solutions : www.xcyss.in

Woman CEO maligns female colleague on Net, detained

MUMBAI: Cybercrime is usually perceived as the province of depraved men. But a disturbing trend has come to light of late. Increasingly, women are resorting to online tactics to achieve some nefarious end.

Recently, the woman CEO of a multinational corporation's India operations was detained by the police for cyber-harassment of a co-worker in HR - also a woman.

The CEO, aged 43, posted derogatory remarks about the HR executive, aged 39, on a consumer website to malign her. She described the victim as a sex pest who eyed newly recruited young men and was also "having a good time with a former employee", said an officer with the police's cyber crime investigation cell. The CEO was traced through the IP address from where the posts were made.
.......

Click here to read more ......

Solutions : www.xcyss.in

4 Nigerians held in Mumbai for online fraud

The Cyber Crime police arrested four Nigerians in Mumbai who were involved in duping people from the state in the name of lottery prize money. Police also recovered mobile phones, Internet data cards and 60 SIM cards from them.
......

on March 17, the complainant K Lakshmi Narayana, a resident of Dachepalli in Guntur lodged a complaint with the Cyber Crime police stating he had received an email from stating his email ID had won the prize amount of $1 million dollars and their diplomat is coming to India to handover the prize money cheque. The mail also asked to send information regarding his address, phone number, PAN etc., which the complainant sent to them. In the pretext of several charges like customs charges, RBI clearance charges, currency conversion charges, anti-terror charges, Lakshmi Narayana paid an amount of around `8.8 lakh in various bank accounts as stated by the fraudsters.
....

Click here to read more ......

Solutions : www.xcyss.in

21 October 2011

"Beware! Hackers are on prowl, protect yourself"

Punjab Newsline Network

Thursday, 20 October 2011

AMRITSAR: The hackers are on the prowl and are looking at each and every opportunity to strike at your computers through internet facilities to steal data by cyber criminals. This was stated by experts from Department of Information Technology, Government of India, who were addressing a seminar on `Information Security Awareness’ at local picturesque Khalsa College here today.

Click here to read more ......

Solutions : www.xcyss.in

12 October 2011

cOcOn 2011 begins

KOCHI: An international information security and hacking conference cOcOn 2011, began at IMA House here on Friday. The conference is aimed at providing a platform to discuss, showcase, educate, understand and spread awareness on the latest trends in information, cyber and hi-tech crimes.

Sessions on various segments of information security and cyber crime security like penetration testing, Wi-Fi Malware, mobile security, cyber warfare and cyber terrorism,� will be held at the two-day conference.
.....

Click here to read more ......

Solutions : www.xcyss.in

Online fake visa racket busted, couple arrested

Mohali: Punjab state cyber crime cell has busted an Amritsar-based online racket making fake visas. A couple has been arrested in this regard.

Police presented the couple, Suhdev Singh and Gurmeet Kaur, before a court in Mohali today afternoon. The couple has been remanded to police custody by the court. Police have also recovered computers and fake visas from them.

.........

Click here to read more ......

Solutions : www.xcyss.in

Hacker of Pakistan Supreme Court website tracked

ISLAMABAD, Oct 11: The Federal Investigation Agency (FIA)`s cyber crime wing has tracked the hacker of Supreme Court website.
The hacker, `Zombie KSA`, defaced the website of the apex court on September 27 and left derogatory remarks against the judiciary in general and the chief justice of Pakistan in particular, demanding an immediate ban on pornographic sites in the country. “This was the second hacking of the website and it was a huge concern for us,” a senior official of the FIA told Dawn on condition of anonymity.
It may be recalled that the Supreme Court`s website was also hacked by two boys in September 2010, who were granted bail by the court on April 11 as they were less than 18 years of age.
.........

Click here to read more ......

Solutions : www.xcyss.in

Cyber crime: Criminal case lodged against two in Ghaziabad

Police have registered a criminal case here against two persons for fraudulently collecting rupees three crore by creating a fake survey website.
......
The duo had announced that a registered member shall be granted Rs 1,000 in commission for adding a new member to the website.

Click here to read more ......

Solutions : www.xcyss.in

City police to monitor activities of cyber cafes

KOCHI: Two months after the city police began steps to monitor the activities of cyber cafes in Kochi, more measures are on the cards.
......

Recently the Ministry of Communication and Information Technology, Government of India, had published some guidelines regarding the use of internet cafes. The guidelines were issued as part of the IT Act, after an increase in the number of cyber crime cases, including terror-related.

“We have been taking strict measures in this regard. The functioning of cafes is being monitored by the cyber cell and the Crime Detachment DySP, who is the nodal officer for monitoring cafes. If a cyber crime is committed at a cafe, the cafe owner will also have to share the responsibility. We have asked the cafe owners to ensure that the activities of users are monitored. A meeting was held two months ago in which over 250 cafe owners attended,” said City Police Deputy Commissioner T Gopalakrishna Pillai.

....

t was the Kochi police which investigated the case related to an e-mail sent by a youngster threatening the Prime Minister.

Also, there were some cyber cases related to morphing of pictures of women and posting them on social networking sites.� Last year the Kochi police, with the help of some cyber security organisations, had organised a cyber security meet in the city.

Click here to read more ......

Solutions : www.xcyss.in

05 October 2011

Stealing our Future - Global Cybercrime

Each week, the number of cyber-attacks on businesses and government grows exponentially. This is no longer a matter of individuals or groups seeking status in their hacker communities to gain notoriety. Organised and sophisticated gangs of criminals have brought in the brightest minds to wage war on business and government - their targets are financial institutions, corporations and state organisations. They are stealing money, but far more important are also appropriating ideas, blueprints, plans and strategies (IP) – essentially, the future of business and nations.

Click here to read more ......

Solutions : www.xcyss.in

Massive DDoS attacks a growing threat to VoIP services

05 October, 2011 02:29

ORLANDO, Fla. -- When the massive distributed denial-of-service (DDoS) attack in March brought down the voice-over-IP (VoIP) call processing supplied by TelePacific Communications to thousands of its customers, it marked a turning point for the local-exchange services provider in its thinking about security.

The massive DDoS attack came blasting in from the Internet in the form of a flood of invalid VoIP registration requests. The attack resulted in widespread service disruptions for a number of days in late March and cost the company hundreds of thousands of dollars in customer credits. After the attack was over, the facilities-based services provider, based in California and Nevada, took steps to boost security measures to seek to prevent any similar occurrence again, said Don Poe, vice president of network engineering at TelePacific Communications, which provides the VoIP "Smart Voice" service to thousands of customers.

Click here to read more ......

Solutions : www.xcyss.in

Massive DDoS attacks a growing threat to VoIP services

05 October, 2011 02:29

...... Solutions : www.xcyss.in

03 October 2011

Hackers disguise malware as emailed docs from smart printers

By John Leyden

Hackers have developed a new ruse designed to trick recipients into opening malicious email messages that come loaded with malware.
The trick involves sending emails that pose as scanned documents from office printers or scanners, forwarded by a work colleague. The unlikely source of attack is liable to fool many users, net security firm Symantec warns.

"The idea of an office printer sending malware is perhaps an unlikely one, as printers and scanners were not actually used in these attacks, but perhaps this sense of security is all that is required for such a socially engineered attack to succeed in the future," said Paul Wood, Senior Intelligence Analyst, Symantec.cloud (formerly MessageLabs).

.....

Click here to read more ....

Solutions : www.xcyss.in

How to protect yourself against fraud

Khyati Dharamsi, TNN | Oct 3, 2011, 06.13AM IST

Credit card fraud and identity theft are rising at a rapid pace. Here's how you can protect yourself against them
....

10 Steps that can protect you from loss

Register for transaction alerts via SMS and e-mail .
If you change your mobile number, update it with the bank.
Reduce the limit on your credit card if you use it sparingly.
Use virtual cards for e-shopping . Make use of the virtual keyboard wherever possible.
Instead of going to the bank's Website using links in e-mails , type the Web address directly.
Memorise the 3-digit CVV number at the back of the card and scratch it out.
Do not leave unwanted photocopies of essential documents at the photocopier.
If you lose your phone, deactivate all banking services linked to that number.
Place your Internet router away from doors and windows and switch it off when not in use.

Click here to read more ......

Solutions : www.xcyss.in

Uidai Gets First Data Misuse Complaint

PTI | Oct 3, 2011, 03.56AM IST

NEW DELHI: The Unique Identification Authority of India (UIDAI) is looking into a complaint of misuse of personal data while issuing 'Aadhaar' numbers to individuals, its first case of breach of privacy.

......

Click here to read more ......

Solutions : www.xcyss.in

Waging Cyber War on Bureacracy

By Tai AdelajaRussia Profile10/03/2011

Russia’s long-awaited electronic government kicked off on Saturday, amid muted concerns that a weekday deployment could expose the networked system to floods of requests or trigger a database shutdown. Billed as a new anti-corruption frontline against Russia's unwieldy bureaucracy, the new system will also help Russia’s 65 million Internet users to enjoy basic public services without so much as leaving their comfort zones.

"Starting October 1, all federal government agencies will adopt a new work procedure: an electronic inter-agency cooperation in the provision of public services,” said Deputy Prime Minister Vyacheslav Volodin, who declared the system open for use on Friday. The electronic government portals will henceforth provide a single, convenient place to take care of all the steps of a complex administrative process involving multiple government offices, and will spare Russians the humiliating experience of running from office to office, Volodin said. A new law, also effective October 1, will prohibit federal officials from asking citizens to provide any kind of information that is already in the databases of other federal agencies, he said. “The introduction of the system will deal a severe blow to corruption and bureaucracy,” Volodin, who oversees the project, said.

.......
Click here to read more ....

Solutions : www.xcyss.in

NTRO’s ethical hackers to conquer China

MONDAY, 03 OCTOBER 2011 01:01

RAKESH K SINGH | NEW DELHI

The National Technical Research Organisation (NTRO), premier technical intelligence agency, has hired a team of ethical hackers to counter the ever-increasing threat of Red Army — a state-funded group of Chinese hackers — to sensitive Government websites, critical infrastructure and secure the space-based assets from cyber attacks.
....
At least two hackers engaged for the purpose are undergoing tutorials on the Chinese language. The agency has also appointed a Chinese language tutor to help the hackers learn Mandarin, the language of the Chinese so that national critical infrastructure is protected from the offensive operations of the Red Army.
.....
The Red Army or the Red Team is estimated to have on board 10,000 hackers and poses threat to the entire world, a realization resulting in strengthening of the cyber warfare capabilities by countries like the US and India. The Red Army has a diversified hacking agenda including tracking of the Dalai Lama, Tibet, Taiwan, India and other neighbouring countries. This besides, the services of the independent hackers are utilized for theft of data on a case to case basis.
.....

Click here to read more ......

Solutions : www.xcyss.in

US to address India's requests for information in cyber cases

PTI | Oct 2, 2011, 07.20PM IST

NEW DELHI: The US has said that it would take up the issue of pending requests for information from India regarding cyber cases with various departments in its country.

According to minutes of a meeting on US-India dialogue here on cyber security prepared recently, the Indian delegation was led by deputy National security advisor Vijay Latha Reddy. It comprised officials from ministries of external affairs and home, besides those from Intelligence Bureau and the CBI. The US delegation was headed by Howard Schmidt, cyber security coordinator at the White House.

During the meeting, the CBI representative highlighted the difficulties in getting information about the pending cases and said that several queries had been made but information was not provided even for emergency disclosures, the minutes said.

........

Click here to read more ......

Solutions : www.xcyss.in

01 October 2011

Corporate Training 1-5

1	Cloud Security	24 Hrs	4	XCSSP	CIOs, CISOs, Legal Team, Information Security professionals.
2	Advanced Hacking	56 Hrs	4	XCCH	Risk Analysts, Ethical hackers, Penetration Testers, CISOs,Infosecprofessionals
3	Penetration Testing Tools & Techniques	24 Hrs	4	XPTE	Risk Analysts, Ethical hackers, Penetration Testers, CISOs,Infosecprofessionals
4	Incident Handling	24 Hrs	4	XIR	System Administrators, IT teams, Legal teams, CIOs, CISOs, InfoSec professionals
5	Electronic Evidence First Handler	24 Hrs	4	XEEFR	System Administrators, IT teams, Legal teams, CIOs, CISOs, InfoSec professionals

Solutions : www.xcyss.in