Tag Archives: Hack

Anonymous Cyberwar Against Russia : 28 February 2022

Leave a reply

Here are the latest cyberattacks by the hacktivist group, Anonymous, in their cyberwar against Russia!

 

Anonymous Launches Cyberwar Against Russia!

On 22 February 2022, Anonymous lobbed a warning shot at both Russia and China, hacking an official Chinese website and a Russian Modbus device.

After the Russian invasion started on 24 February, Anonymous announced that they would also begin “gearing up for action” :

#Anonymous has always been against war, and against colonialism. We’ve seen how unfettered power decimates the weak, only having its own self interests in mind. We stand with the people, not the governments of the world.
Anonymous condemns the attacks on the Ukrainian people.

There are many #Anonymous accounts gearing up for action against the imperialist state of Russia, and we will be retweeting their endeavors.

The next day, Anonymous announced that they have started attacking the Russian government.

#Anonymous is currently involved in operations against the Russian Federation. Our operations are targeting the Russian government. There is an inevitability that the private sector will most likely be affected too. While this account cannot claim to speak for the whole (con)

Read more : Anonymous fires Warning Shot at China, Russia over Ukraine!

 

Anonymous Cyberwar Successes Against Russia!

Here is the latest list of cyberattacks that Anonymous successfully conducted in their cyberwar against Russian.

25 February 2022

26 February 2022

  • Anonymous took down several Russian government websites, including the Kremlin, State Duma, and Ministry of Defense.
  • Anonymous “retrieved” and leaked 200 GB of emails from Tetraedr – a Belarusian arms manufacturer, including blueprints of the SAMs (Surface-to-Air Missiles) they manufacture.

27 February 2022

  • Anonymous took down the Chechen Republic government website : chechnya.gov.ru
    Note : This came after multiple reports of Chechen soldiers being deployed to Ukraine.
  • Anonymous shut down gas supply provided by Tvingo Telecom in Russia. Tvingo Telecom is owned by Rostelecom, a Russian state owned telecommunications company.

28 February 2022

  • Anonymous took down several official Belarus government websites :
    – Belarus Ministry of Communications and Information : mpt.gov.by
    – Belarus State Authority for Military Industry : vpk.gov.by
    – Belarus Military : mil.by
  • Anonymous took down several more Russian state and state-linked websites :
    – Pension Fund of the Russian Federation : pfr.gov.ru
    – Russian Public Services portal : gosuslugi.ru
    – Kremlin website (again) : Kremlin.ru
    – Russian Federal Customs Service : customs.gov.ru
    – Russian government website : government.ru
    – Moscow city + mayor website : mos.ru
    – Tass news agency website : Tass.ru
  • The hacking group GNG – an Anonymous affiliate – hacked and leaked a Sberbank database
  • Anonymous Network Battalion 65′ (nB65) hacked and released 40,000 files from the Russian Nuclear Safety Institute.

I will keep updating this article, as and when Anonymous announces their successes against Russia.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Cybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Anonymous fires Warning Shot at China, Russia over Ukraine!

Leave a reply

The hacktivist group, Anonymous, just fired a warning shot at both China and Russia over the invasion of Ukraine!

 

Anonymous fires Warning Shot at China, Russia over Ukraine!

The hacktivist group, Anonymous, just hacked a Chinese state website, and a logic controller in Russia, as a warning shot to both countries over the invasion of Ukraine.

On Tuesday, 22 February 2022, Anonymous hacked the Chinese Culture website (www.chineseculture.com.cn), replacing its content with a page showing its logo, and the Guy Fawkes mask.

The hacked Chinese Culture website was taken offline, but you can still see the hacked page through the Wayback Machine.

The hacked page includes the YouTube video – It Might Break Your Pinky Heart – the famous music video by Malaysian singer-songwriter, Namewee, that mocks the Chinese government.

Read more : Anonymous Launches Cyberwar Against Russia!

After a video about an old MIT experimental antiviral approach called DRACO (Double-stranded RNA Activated Caspase Oligomerizer), and a reference to Operation Samatha Smith, the hacked page warned Russia over its invasion of Ukraine, with a warning shot in the form of “a small hack”.

However sadly because Putin has burned the bridge and reneged the Minsk deal by prematurely recognising separatist territories as independent, instead of waiting until the conclusion of UN interim administration period and if they vote overwhelmingly for independence per that plan, Anonymous decides to make good some of its threats by conducting a small hack on a Modbus device which we intend as a warning shot.

The above Modbus device isn”t located in countries friendly to the US and Taiwan, nor in neutral countries that want nothing with these. Instead, it is in places like China or somewhere like it.

You can make stupid threats like a spoiled child, but remember that Anonymous never have restrictions that says that only homo sapiens can be part of it.

Sony learnt the hard way in 2011 that a part of Anonymous can finish what a totally different part had started!

The Modbus device was later confirmed to be a Schneider Electric Modicon M251 logic controller located in Russia.

 

Anonymous Will Formally Attack Russia Over Ukraine Invasion!

According to Taiwan News, which reached out to Anonymous, their representative said that they were previously “playing nice and not give them an excuse to start a war“, but now that missiles had been fired on Ukraine, “we are taking off the gloves altogether.

That representative also said, “Anonymous will formally attack Russian websites or devices later” in retaliation for Russia’s invasion of Ukraine.

The Anonymous threat on the Chinese Culture website ended with its signature quote in English, Russian and Chinese :

We are Anonymous
We are legion
We do not forgive
We do not forget
Expect us!
Мы анонимы
Мы легион
Мы не прощаем
мы не забываем
Ждите нас!
我们是匿名者
我们是军团
我们不原谅
我们不会忘记
期待我们

Anonymous did not explicitly say why they are targeting China over Russia’s invasion of Ukraine, but it seems obvious that they believe that China is partly responsible for Russia’s military action.

Perhaps they felt that indirect support by the Chinese, as well as their propaganda effort, gave Russia some leeway and economic support in attacking Ukraine.

Read more : Chinese Media Accidentally Leaks Ukraine Censorship Order!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Cybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

MySJ Trace : Should You Enable Or Disable?

Leave a reply

Should you enable the new MySJ Trace feature in MySejahtera, or should you disable it?

Let’s take a look at people’s deepest fears about MySJ Trace, and find out what the facts really are!

 

MySJ Trace : Should You Enable Or Disable?

MySejahtera just introduced a new MySJ Trace feature, which uses Bluetooth technology to track your close contacts.

The proximity data it collects allows Malaysia Ministry of Health (KKM) to accurately determine if you are a close contact of a COVID-19 positive person.

KKM has been strongly urging people to turn it on, but many people are offering conflicting advice on whether to enable or disable it.

Let’s take at what people are saying, and find out what the facts really are!

 

Should You Enable MySJ Trace?

There are several good reasons to enable MySJ in MySejahtera :

  1. MySJ Trace allows for more accurate contact tracing. If you test positive for COVID-19, the data it collects lets KKM accurately identify your close contacts, and inform them.
  2. MySJ Trace automatically tracks your close contacts. All you have to do is turn it on, and forget about it.
  3. MySJ Trace removes the need to manually check out from locations, which was tedious and easy to forget.
  4. Those who use MySJ Trace will avoid being wrongly identified as casual or close contacts, due to the inaccuracy of using check-in and check-out times.

MySJ Trace gets more accurate and more useful, when more people use it. So KKM is strongly encouraging everyone to use it.

Plus, when enough people start using it, we will all enjoy an additional benefit :

  1. When enough people use MySJ Trace, we will no longer need to check-in at every location!

Read more : What You Need To Know About The New MySJ Trace Feature!
Read more : MySJ Trace : Answers To Your Frequently Asked Questions!

 

Should You Disable MySJ Trace?

Let’s take a look at some of the reasons why people are disabling MySJ Trace, and see what the facts really are!

Claim #1 : Government Uses MySJ Trace To Track Our Movements
Verdict : False

People are falsely claiming that the Malaysian government will use MySJ Trace to track our movements.

The truth is MySJ Trace does not record or collect geolocation data, so it cannot possibly track your movements.

MySJ Trace also does not transmit data, unless we consent. In fact, we are only asked to transmit MySJ Trace data if we test positive for COVID-19.

Claim #2 : MySJ Trace Not Useful Because No One Is Using It
Verdict : False

Some people are discouraging people from using MySJ Trace because “not many people are using it yet“.

Switching to MySJ Trace immediately helps you by removing the need to check-out of locations. Isn’t that useful?

For healthcare professionals who need to quickly and accurately trace close contacts of infected individuals, MySJ Trace works better when more people use it, but that doesn’t mean it’s completely useless when few people use it.

Claim #3 : Old Check-In, Check-Out System Is More Accurate
Verdict : False

Some people claim that the old method of checking in and out of locations is more accurate than MySJ Trace.

That may be true in the early days, when very few people are using it, but that is no longe true once many of your close contacts are using it.

MySJ Trace not only automatically determines who comes into close contact with you, it also logs how long they are in close contact, and their proximity (distance) to you.

The manual check-in and check-out system is unable to determine time of contact, and distance of contact; and can easily lead to false positives – people wrongly identified as casual or close contacts.

Claim #4 : MySJ Trace Uses A Lot Of Battery Life
Verdict : False

This is a real concern for many people as MySJ Trace requires Bluetooth to be turned on all the time. However, it uses Bluetooth Low Energy technology, which uses very little power.

I had earlier tested MySJ Trace on an old Samsung Galaxy S10 smartphone, and did not notice any noticeable drain on its battery life.

For people who have strong concerns over this aspect, it is possible to temporarily turn off MySJ Trace while you are at home, and only turn it on when you go out.

Claim #5 : Bluetooth Increases Risk Of Hacking
Verdict : Misleading

It is possible for criminals to hack your smartphone using Bluetooth, and it is good cybersecurity practice to turn off wireless connections that you are not using.

However, it is far more difficult to hack you through your Bluetooth connection, than your Wi-Fi connection.

After all, Bluetooth only has a range of 10 metres! The hacker will have to remain in close proximity to hack you.

Claim #6 : Hackers Can Grab Our Personal Information
Verdict : False

Some people are claiming that hackers can hack into MySJ Trace and use it to trawl for personal information of people nearby.

That’s nonsense, because MySJ Trace will only record the following information :

  • Unique User ID (UUID) that is created by the MySejahtera app.
  • Operating system version (Android or iOS)
  • Time of contact
  • Received Signal Strength Indicator (RSSI)

There is no personal information that would be useful to hackers, even if they grab these information.

The UUID, for example, is useless as an identification number without access to the KKM database of MySejahtera users and their personal information.

Claim #7 : MySJ Trace Continuously Uses Internet Data
Verdict : False

Some people are falsely claiming that MySJ Trace continuously uses Internet data, which is extremely limited for some users.

That’s not true. MySJ Trace does not require Internet connectivity, except :

  • when you first download and install MySejahtera,
  • whenever you update MySejahtera
  • when you consent to upload your MySJ Trace data to KKM

Since those are all optional, you can do it when you have access to a Wi-Fi network. You can use MySJ Trace without mobile Internet.

I hope that clarifies the reasons why you should enable or disable MySJ Trace. If you have any other questions, please feel free to ask us.

Meanwhile, I hope you can share this article with your family and friends, and encourage them to turn on MySJ Trace.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Mobile | SoftwareTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Was Facebook Taken Down By 13 Year-Old Chinese Hacker?

Leave a reply

Was Facebook taken down by a 13 year-old Chinese hacker?

Take a look at the viral claim, and find out what the FACTS really are!

 

Claim : Facebook Was Taken Down By 13 Year-Old Chinese Hacker!

On 4 October 2021, Facebook and ALL of its messaging and social media platforms went down for about six hours, including Messenger, WhatsApp and Instagram!

Several websites, as well as people on Twitter and Facebook started claiming that Facebook was taken down by a 13 year-old Chinese hacker called Sun Jisu / Sun Ji Su / Sun Jiso / Sun Ji Soo.

There are quite a number of these claims, so just SKIP to the next section for the facts!

International media claimed that “China” was behind the suspension of social media services in the world.

According to Reuters, a Chinese hacker named “Sun Jisu” is responsible for stopping the services of “Facebook”, “WhatsApp” and Instagram, and added that the Chinese hackers are only 13 years old.

The Chinese hacker “Sun Ji Su” has topped the famous search engines and Twitter platforms during the past minutes, after disabling WhatsApp, Instagram and Facebook today 2021 in all countries of the world, amid questions among activists about the details of this information.

The Chinese hacker who disrupted Facebook, WhatsApp and Instagram around the world. The 13-year-old boy, Sun Jisu, who hacked the three sites and also caused Facebook employees to be prevented from entering the headquarters of the global institution after disabling the electronic portals and caused an economic loss estimated at billions dollars around the world.

Reuters: A 13-year-old Chinese hacker named Sun Jiso has stopped Facebook, WhatsApp and Instagram services.
The value of Facebook shares has dropped significantly due to the disruption of the global network of Instagram and WhatsApp.

#NewYorkTimes: The Facebook company refused the cyber attacks on behalf of a 13, Chinese hacker. It is not clear what the problem is with Facebook, Whatsapp, and Instagram. The Facebook company claims that we repair them soon.

Show more
Show less

 

Truth : Facebook Was Not Taken Down By 13 Year-Old Chinese Hacker!

The story of a 13 year-old Chinese hacker taking down Facebook is just fake news created by fake news / clickbait websites to go viral and get money through ads.

Here are the reasons why…

Fact #1 : International Media Did Not Blame China

On one blamed China for the bizarre 6-hour downtime of Facebook, WhatsApp, Instagram and Messenger.

The international media referred to cybersecurity specialists who pointed at DNS failure as the most likely cause, not a state actor like China.

Clickbait / fake news websites intentionally added that false claim to “trigger” Chinese netizens and Sinophiles to share their fake news.

Read more : US Refused WHO Investigation Of Fort Detrick For COVID-19?

Fact #2 : Reuters  + NYT Did Not Report On Any Chinese Hacker

Reuters did not report that a 13 year-old Chinese hacker called Sun Jisu was responsible for the bringing down Facebook, WhatsApp, Instagram and Messenger.

Neither did the New York Times write about a 13 year old hacker attacking Facebook.

These are complete lies that are easily verified with a quick check on the Reuters and New York Times websites.

Fact #3 : 13 Year-Old Sun Jisu / Sun Jiso Does Not Exist

There is no 13 year-old Chinese hacker called Sun Jisu / Sun Ji Su / Sun Ji So / Sun Ji Soo. He does NOT exist.

In addition, that is a Korean name, not Chinese – a mistake that a non-Asian person would make.

Fact #4 : That Was An Old Picture Of Wang Zhengyang

The fake news websites used a picture of Chinese hacking prodigy, Wang Zhengyang, speaking at the 2014 Chinese Internet Security Conference.

Wang Zhengyang was 13 year-old at that time, and would be 20 years old this year – 2021. Here are two more pictures of him speaking at that event.

Wang Zhengyang at 2014 Chinese Internet Security Conference

Fact #5 : Facebook Services Were Brought Down By Configuration Changes

Facebook services were not brought down by a hacker, but configuration changes their own engineering team initiated internally.

Facebook’s Vice-President of Infrastructure, Santosh Janardhan, confirmed that “configuration changes” on their “backbone routers” caused the 6-hour long failure.

Our engineering teams have learned that configuration changes on the backbone routers that coordinate network traffic between our data centers caused issues that interrupted this communication. This disruption to network traffic had a cascading effect on the way our data centers communicate, bringing our services to a halt.

Read more : Why Facebook, Messenger, WhatsApp, Instagram Went Down!

Fact #6 : Access Problems Were Caused By Same Servers

Facebook run their internal systems through the same servers, so they became inaccessible when those servers were taken offline.

This included security systems that controlled the fob door locks, with a New York Times reporter tweeting that Facebook staff were unable to gain access to an unspecified office using their keycards.

However, many Facebook staff are working from home due to COVID-19 precautions, so this was only a big problem for engineers trying to gain access to the Facebook data centre in Santa Clara, California.

At no time was this security issue caused by a hacker. It was due to the same servers that went offline.

Read more : Why Facebook, Messenger, WhatsApp, Instagram Went Down!

Now that you know the truth, please SHARE this fact check with your family and friends!

Also, please STOP SHARING fake stories created by fake news / clickbait websites!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | Business | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Did 13 Yr Sun Jisu Hack Facebook, WhatsApp, Instagram?

Leave a reply

Did the 13 year-old Chinese hacker, Sun Jisu, hack Facebook, WhatsApp and Instagram, causing them to fail for more than 6 hours?

Take a look at the new viral claim, and find out what the FACTS really are!

 

Claim : 13 Year-Old Sun Jisu Hacked Facebook, WhatsApp, Instagram!

On 4 October 2021, Facebook and ALL of its messaging and social media platforms went down for about six hours, including Messenger, WhatsApp and Instagram!

Some websites and people on Twitter and Facebook started claiming that the failure was due to a 13 year-old Chinese hacker called Sun Jisu / Sun Ji Su / Sun Jiso / Sun Ji Soo.

There are quite a number of these claims, so just SKIP to the next section for the facts!

International media claimed that “China” was behind the suspension of social media services in the world.

According to Reuters, a Chinese hacker named “Sun Jisu” is responsible for stopping the services of “Facebook”, “WhatsApp” and Instagram, and added that the Chinese hackers are only 13 years old.

The Chinese hacker “Sun Ji Su” has topped the famous search engines and Twitter platforms during the past minutes, after disabling WhatsApp, Instagram and Facebook today 2021 in all countries of the world, amid questions among activists about the details of this information.

The Chinese hacker who disrupted Facebook, WhatsApp and Instagram around the world. The 13-year-old boy, Sun Jisu, who hacked the three sites and also caused Facebook employees to be prevented from entering the headquarters of the global institution after disabling the electronic portals and caused an economic loss estimated at billions dollars around the world.

Reuters: A 13-year-old Chinese hacker named Sun Jiso has stopped Facebook, WhatsApp and Instagram services.
The value of Facebook shares has dropped significantly due to the disruption of the global network of Instagram and WhatsApp.

#NewYorkTimes: The Facebook company refused the cyber attacks on behalf of a 13, Chinese hacker. It is not clear what the problem is with Facebook, Whatsapp, and Instagram. The Facebook company claims that we repair them soon.

Show more
Show less

 

Truth : Sun Jisu Doesn’t Exist, Did Not Hack Facebook, WhatsApp, Instagram!

The truth is – this is just fake news created by fake news / clickbait websites to go viral and get money through ads.

Here are the reasons why…

Fact #1 : International Media Did Not Blame China

No mainstream media blamed China for the bizarre 6-hour downtime of Facebook, WhatsApp, Instagram and Messenger.

Practically all of them referred to cybersecurity specialists who pointed at DNS failure as the most likely cause, not a state actor like China.

Clickbait / fake news websites intentionally added that false claim to “trigger” Chinese netizens and Sinophiles to share their fake news.

Read more : US Refused WHO Investigation Of Fort Detrick For COVID-19?

Fact #2 : Reuters  + NYT Did Not Report On Any Chinese Hacker

Reuters did not report that a 13 year-old Chinese hacker called Sun Jisu was responsible for the bringing down Facebook, WhatsApp, Instagram and Messenger.

Neither did the New York Times write about a 13 year old hacker attacking Facebook.

These are complete lies that are easily verified with a quick check on the Reuters and New York Times websites.

Fact #3 : 13 Year-Old Sun Jisu / Sun Ji Soo Does Not Exist

There is no 13 year-old Chinese hacker called Sun Jisu / Sun Ji Su / Sun Ji So / Sun Ji Soo. He does NOT exist.

In addition, Sun Jisu / Sun Ji Soo is a Korean name, not Chinese. This is a mistake that a non-Asian person would make.

Fact #4 : That Was An Old Picture Of Wang Zhengyang

The fake news websites used a picture of Chinese hacking prodigy, Wang Zhengyang, speaking at the 2014 Chinese Internet Security Conference.

Wang Zhengyang was 13 year-old at that time, and would be 20 years old this year – 2021. Here are two more pictures of him speaking at that event.

Wang Zhengyang at 2014 Chinese Internet Security Conference

Fact #5 : Facebook Services Were Brought Down By Configuration Changes

Facebook services were not brought down by a hacker, but configuration changes their own engineering team initiated internally.

Facebook’s Vice-President of Infrastructure, Santosh Janardhan, confirmed that “configuration changes” on their “backbone routers” caused the 6-hour long failure.

Our engineering teams have learned that configuration changes on the backbone routers that coordinate network traffic between our data centers caused issues that interrupted this communication. This disruption to network traffic had a cascading effect on the way our data centers communicate, bringing our services to a halt.

He also asserted that it was a faulty configuration change, and no user data was compromised.

Our services are now back online and we’re actively working to fully return them to regular operations. We want to make clear at this time we believe the root cause of this outage was a faulty configuration change. We also have no evidence that user data was compromised as a result of this downtime.

Read more : Why Facebook, Messenger, WhatsApp, Instagram Went Down!

Fact #6 : Access Problems Were Caused By Same Servers

Facebook run their internal systems through the same servers, so they became inaccessible when those servers were taken offline.

This included security systems that controlled the fob door locks, with a New York Times reporter tweeting that Facebook staff were unable to gain access to an unspecified office using their keycards.

However, many Facebook staff are working from home due to COVID-19 precautions, so this was only a big problem for engineers trying to gain access to the Facebook data centre in Santa Clara, California.

At no time was this security issue caused by a hacker. It was due to the same servers that went offline.

Read more : Why Facebook, Messenger, WhatsApp, Instagram Went Down!

Now that you know the truth, please SHARE this fact check with your family and friends!

Also, please STOP SHARING fake stories created by fake news / clickbait websites!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | Software | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

CD PROJEKT RED Hack : Source Codes + Docs Stolen!

Leave a reply

CD PROJEKT RED just had their source codes and internal documents stolen in a MAJOR HACK, and they may all end up being leaked!

 

CD PROJEKT RED Hack : Source Codes Stolen, Servers Encrypted!

On 9 February 2021, CD PROJEKT RED announced that their data – including source codes and internal documents – were stolen in a hack, and could possibly be leaked.

Their servers were also encrypted in a secondary ransomware attack by the same hackers, but they had backups of the encrypted data.

CD PROJEKT RED publicly ruled out negotiating with the hackers, or giving in to their demands.

This would likely mean that their source codes and internal documents will eventually be released publicly by the hackers.

The only silver lining – CD PROJEKT RED noted that they do not have any evidence that the personal data of their employees were accessed or stolen.

 

CD PROJEKT RED Hack : The Hackers’ Threats

According to the ransom note left on their servers, the hackers stole :

  • FULL source codes for Cyberpunk 2077, Witcher 3, GWENT and the unreleased version of Witcher 3.
  • ALL of their internal documents on accounting, administration, legal, HR, investor relations and more

They also encrypted all of their CD PROJEKT RED’s servers, but acknowledged that they would most likely recover the data from their backups.

The hackers are giving the CD PROJEKT RED team 48 hours to contact them to negotiate.

If there is no agreement, they threaten to sell or leak the source codes, and release their internal documents to the media.

They claim that the internal documents will make CD PROJEKT RED look bad, causing their stock prices to fall and their investors will lose trust in them.

 

CD PROJEKT RED : Official Statement On Hack

This is the official statement by CD PROJEKT RED on the hack :

Yesterday we discovered that we have become a victim of a targeted cyber attack, due to which some of our internal systems have been compromised.

An unidentified actor gained unauthorized access to our internal network, collected certain data belonging to CD PROJEKT capital group, and left a ransom note the content of which we release to the public. Although some devices in our network have been encrypted, our backups remain intact. We have already secured our IT infrastructure and begun restoring the data.

We will not give in to the demands nor negotiate with the factor, being aware that this may eventually lead to the release of the compromised data. We are taking necessary steps to mitigate the consequences of such a release, in particular by approaching any parties that may be affected due to the breach.

We are still investigating the incident, however at this t time we can confirm that – to the best of our knowledge – the compromised systems did not contain any personal data of our players or users of our services.

We have already approached the relevant authorities, including law enforcement and the President of the Personal Data Protection Office, as well as IT forensic specialists, and we will closely cooperate with them in order to fully investigate the incident.

 

Recommended Reading

Go Back To > Cybersecurity | Games | SoftwareHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Ministry of Education Website Uses Plain Text CAPTCHA!

Leave a reply

It is unbelievable, but the Malaysia Ministry of Education’s website uses plain text CAPTCHA that can be copied and pasted!

Take a look at this incredulous security lapse, and find out why it could put your data at risk!

 

Ministry of Education Website Uses Plain Text CAPTCHA!

The recent threat by Anonymous Malaysia to attack government websites over their lack of security appears to be well-justified.

Qusyaire Ezwan spotted an incredulous security lapse in the official Malaysia Ministry of Education website – plain text CAPTCHA!

On top of that, the code can actually be copied and pasted!

 

Ministry of Education Plain Text CAPTCHA : A Serious Cybersecurity Risk!

The CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) test is something most of us are familiar with.

It is a test that helps to identify real humans, and weed out bots, before they are allowed to access a service. This prevents bot fraud and hacking attempts.

In the Ministry of Education website, the plain text CAPTCHA was used to “secure” the retrieval of forgotten passwords for their Student Management Module.

A real CAPTCHA uses distorted images to prevent a bot from “reading” the numbers or letters, thereby ensuring that only a real human being would be able to key in the correct code.

As this screenshot shows, the CAPTCHA used in the Ministry of Education website just uses random sequences of letters and numbers in PLAIN TEXT!

This means a bot can easily copy and paste the plain text code, and bypass the CAPTCHA test.

Frankly, this doesn’t even qualify as a CAPTCHA test, because it cannot differentiate between humans and bots.

Now, the password is still sent to the registered email accounts, not to the hackers or bots. So your data is not in immediate danger.

However, this is still a SERIOUS cybersecurity risk, because a hacker can pair this design flaw with compromised email accounts.

It would allow their bots to easily and quickly make password retrieval requests for compromised email accounts, and then retrieve your Ministry of Education password.

Having access to the Student Management Module would give hackers access to a ton of information on children and their parents :

  • child : name, date of birth, telephone number, home address
  • school : location, class name, teacher’s name,
  • parent : name, occupation, workplace address, contact number, declared salary

On top of that, many people reuse their passwords, so hackers will use the password retrieved from the Ministry of Education website on other websites and online services you may use.

If you use the same password for your banking account, for example, that would expose your banking account to the hacker.

That is why CAPTCHA is important. It doesn’t prevent hacking attempts, but it greatly slows it down by blocking bots from making mass requests.

The use of plain text CAPTCHA in an official government website is a fiasco. A basic cybersecurity checklist would have prevented software vendors from using plain text CAPTCHA in government websites.

The Malaysian government needs to take the security of official websites seriously. This is a disgrace.

 

Recommended Reading

Go Back To > Cybersecurity | SoftwareHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

How Hackers Attack Healthcare During COVID-19 Pandemic!

Leave a reply

Even during the COVID-19 pandemic, hackers have been attacking the healthcare system already buckling under pressure.

Take a look at the first part of a newly-released documentary on how hackers are attacking the healthcare system, and what it means for us and the world!

 

How Hackers Attack Healthcare During COVID-19 Pandemic!

Cybercriminals and state-sponsored hackers do not care that almost a million people have died from COVID-19. In fact, they see the pandemic as an opportunity.

Over the last few months, the creators of this documentary spoke to hospitals, law enforcement agencies, health organisations and research centres across the world, to understand how they are coping with increased cyberattacks and malware.

This particular feature was directed by Didi Mae Hand, and produced by Max Peltz.

 

Hackers Increased Attacks On Healthcare During COVID-19 Pandemic

The documentary reveals a shocking surge in cyberattacks on healthcare systems during the COVID-19 pandemic. The World Health Organisation (WHO), for example, reported a 5X increase in cyberattacks on its systems since March 2020.

State-sponsored hackers are mainly looking for biodata, including research on COVID-19 vaccines. Meanwhile, cybercriminals are capitalising on the fact that hospitals may be more willing than usual to pay a ransom.

For example, the Brno University Hospital, which was responsible for running a big share of COVID-19 testing in the Czech Republic, was held to ransom and forced to shut down its IT network at a critical time.

Fortunately, the surge in cyberattacks was met with an incredible response by the cybersecurity community. Some 3000 cybersecurity volunteers created the CV19 group to provide hospitals and healthcare institutions with free support to protect their systems.

 

Recommended Reading

Go Back To > Cybersecurity | Business | Home

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


AMD GPU Source Code Hack : What’s Going On?

Leave a reply

In case you missed it, AMD suffered a massive cybersecurity breach, losing the source codes to their Navi 10, Navi 21 and Arden GPUs in a hack!

Here is a summary of how the hack went down, and what this could mean for AMD and their partners…

 

AMD GPU Source Code Hack : A Quick Summary

A hacker managed to get her hands on AMD source codes for current and future graphics products, and has apparently tried to blackmail AMD.

After that failed, she leaked some of the source codes on Github, and threatened to release everything if she does not find a buyer.

The hacker recently leaked some of the source codes on Github, which was quickly removed after AMD issued a DMCA notice.

She has treated to release all of the stolen source codes, if she does not find a buyer for them,.

 

AMD GPU Source Code Hack : The Timeline

November 2019

A hacker called Palesa hacked into an unprotected computer / server, where she found and downloaded AMD source codes, which were determined to be for :

  • the current Navi 10 GPU (based on RDNA)
  • the upcoming Navi 21 GPU (based on RDNA 2), as well as
  • the Arden SoC for the Microsoft Xbox Series X console.

The source code was unexpectedly achieved from an unprotected computer / server through some exploits.

I later found out about the files inside it. They weren’t even protected properly or even encrypted with anything which is just sad.

Palesa told TorrentFreak that she valued the source codes at $100 million, but did not reveal how she came to that mind-blowing valuation.

Credit : WCCFTech

December 2019

Palesa contacted AMD, allegedly to blackmail them into paying for the return of the source codes.

Mid-March 2020

Rumours started circulating that a hacker obtained the source codes for Navi 10, Navi 21 and Arden.

24 March 2020

AMD discovered that some of the source codes were uploaded to the new xxXsoullessXxx repository on Github, as the project called AMD-navi-GPU-HARDWARE-SOURCE.

They issued a DCMA notice, notifying Github that, “This repository contains intellectual property owned by and stolen from AMD.” and that “The original IP is held privately and was stolen from AMD.

Github took down that repository, as well as four other repositories that AMD later identified as forks :

25 March 2020

When contacted by TorrentFreak, Palesa said that she will leak all of the stolen source codes if she does not get a buyer for them :

If I get no buyer I will just leak everything.

AMD issued this statement on the theft of their graphics IP :

At AMD, data security and the protection of our intellectual property are a priority. In December 2019, we were contacted by someone who claimed to have test files related to a subset of our current and future graphics products, some of which were recently posted online, but have since been taken down.

While we are aware the perpetrator has additional files that have not been made public, we believe the stolen graphics IP is not core to the competitiveness or security of our graphics products. We are not aware of the perpetrator possessing any other AMD IP.

We are working closely with law enforcement officials and other experts as a part of an ongoing criminal investigation.

 

AMD GPU Source Code Hack : What Was Leaked So Far?

According to WCCFTech who spoke to people who have vast experience with Verilog, and viewed those source codes, this was what was leaked so far :

  • Partial Verilog files that are typically used in the construction of processors.
  • The Verilog files in question represent a single and isolated function(s) on the GPU – NOT the whole/actual GPU blueprint.
  • Based on the leaker’s screenshots, the files not yet leaked are more of the same and also nowhere close to being a complete “source code”.
  • These Verilog files are built on a proprietary schematic that is only compatible with AMD’s internal design language (in other words, these are going to be close to useless to a third party).

 

AMD GPU Source Code Hack : The Implications

From what those experts told WCCFTech, the leaked source codes :

  • cannot be used to design or reverse engineer any of the three GPUs.
  • cannot be used to easily determine product specifications
  • cannot be used to bypass security features on AMD GPUs, although they may reveal vulnerabilities that can be exploited
  • does not contain any “crown jewel” IP

That said, their opinions are based on what was leaked so far. It is possible that Palesa may have at lot more that she has not revealed.

But considering the fact that she took the step of leaking some source code, they are likely not useful or important enough to be worth the trouble, especially now that a criminal investigation is underway.

What this leak has likely achieved is put a target on Palesa’s back, cause some embarrassment to AMD, and force them to relook at their cybersecurity measures and protocols.

 

Recommended Reading

Go Back To > Cybersecurity | Computer | Software | Home

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!