Iranian Gov hackers infecting al Qaeda members

Iran Gov. Taking down al Qaeda sites.

By Gerald: Internet Anthropologist Think Tank

Oct 13, 08

Iranian Gov hackers have been infecting al Qaeda members.

Ok we cannot prove the Iranian Goverment connection, But we have strong Paradigm Intel that gets as close as one can without a smoking gun.

We have depoyed BSU's on them, and will have more info.

The Iranians started their program on 7.31 08.

With the Fdos-doraah.dr Trojan.

And in June were probing Terrorist PC's with the Midgare.gra. Trojan.

The methods and techniques deployed are not unique but very well done.

And as al Fajar Media Center has no idea how it was done we are not going to give them any help.

al Fajar Media Center is alleged to have a Hacking Brigade, but are ineffective, and no match for the Iranians, we expect to see more attacks and wipe outs of al Qaeda web sites.

Iran is still angry at Bin Ladens son escaping Iran to Paki.
And this may be pay back for al Qaeda operating inside Iran.

1,000 sites down, and still counting.

Gerald
Internet Anthropologist

Tactical Internet Systems analyst

Update:

Saudi-owned Al-Arabiya television seems to have been the target in a Shiite riposte for damage recently inflicted by Sunni hackers on hundreds of sites connected to the Iranian government and Iraq's most senior Shiite cleric. Attacks and counter-attacks of this sort are not a surprise anymore, but they remain a disappointment. Just as then-new mediums like radio and satellite television prompted "wars" in which supporters of one movement or another sought - by means both fair and foul - to counter the arguments and limit the influence of their rivals, so does the Internet now constitute a new venue for "ideological" battles that fly in the face of what the open interchange of ideas is supposed to be all about.

SOURCE:.

.

Pissed off wrong guys.

Sun, Sep 7th, 2008 6:16 pm BdST
Dhaka, Sept 7 (bdnews24.com)—Rapid Action Battalion have arrested four people, including the RAB website hacker Shahee Mirza.

Saboteurs hacked into the RAB website (www.rab.gov.bd) Friday night.

RAB media cell director Abul Kalam Azad told bdnews24.com that they picked up four persons from a Mirpur residence Saturday night. The arrestees claimed they were students of a private institution.

Shahee, 'leader' of the arrested youths, confessed to their hacking other sites belonging to different organisations.

Abul Kalam Azad said RAB would hold a press briefing at its headquarters later in the day.

As people entered the website of the elite security force Friday night, they found the words 'Hacked by Shahee_Mirza' posted there.

The hacker alleged that the government had not taken sufficient steps for the development of IT in the country, though it had passed laws to prevent cyber crimes.

Hacker Shahee claimed in the message he left on the site: "You don't know what cyber security is and you don't know how to protect yourselves either."

"Hackers are no criminals, but they happen to be at least ten times better than your (RAB) experts. You guys can't even perceive how meritorious we are," the young hacker said.

SOURCE:

Guess he's eating his words now. crunch crunch
Careful who you piss off. They were arrested in less than 24 hrs.

G

Related articles by Zemanta

• Guessing at compromised host numbers

Sex, vampires, hacking, hacker on hacker violence

Vampires, Chinese hackers, Treachery and Smoking Hacker Babe…Let’s face it, this post has it all!

Published by Heike at 11:32 am

New Chinese hacker program making the rounds called Chinese Vampire v2.2.1 (starving anti-virus) billed as a trojan downloader tool, ARP attack, QQ tail…etc. The screenshot below shows the downloader interface:

From what I have read about the tool, it is very effective. So effective in fact, that another Chinese hacker calling himself Sadness, from the Black Wolf hacker group, stole it. Yes, he did. Look at the trackback URLs associated with this screenshot compared to the one above (circled in red). Notice that our thief has changed it to the Black Wolf website instead of the www.( NOT FROM ME, G) address.

The true author of Vampire v2.2.1 runs the website pictured below and calls himself SKSgod…sigh. He was really unhappy with the theft of his property and posted a pretty nasty response to Sadness. Yeah, hacker on hacker violence doesn’t concern me in the least.

Now the truly exciting part of this post, there is also a female hacker involved in the marketing of this fine product named Jiajia (佳佳). Hmmm, you say…that name sounds familiar? Well it should! It is the same name as one of the members of the Six Golden Flowers.

Jiajia of the Six Golden Flowers

Is the same Jiajia? I don’t think it is but not sure. On her blog, this Jiajia claims that due to the controversy over the stolen program, there are only two legitimate sites to download Vampire v2.2.1. One is her site and the other at SKSgod’s. Yes, there was a picture associated with Jiajia’s website:

Now this girl certainly doesn’t look like Jiajia number one and she appears to be a bit younger. Also, the characters next to the picture said “Sleepless Night.” Hell, this could be the picture off an album cover (and yes I did try to see if I could find a record called Sleepless Night) for all I know. She may just be the Brittany Spears of China. Thought I would include it anyway…sue me.

SOURCE:

XXXXXXXXXXXXXXXXXXXXX

OUR BARB SAYS IT CAN BE DANGEROUS TO EVEN VISIT THESE HACKER PAGES,

ESPECIALLY IF THEY ARE FEUDING.

Photos here: http://www.thedarkvisitor.com/2008/06/vampires-chinese-hackers-treachery-and-smoking-hacker-babelets-face-it-this-post-has-it-all/#comments

G 09.30.09

Related articles

• Brain: is a hacked system hackable [via Zemanta]
• Hackers create their own social network [via Zemanta]
• Networking with hackers [via Zemanta]
• The Best of 2600 - A Hacker Odyssey [via Zemanta]

We told you so.

Malware Attack Exploiting Flash Zero Day Vulnerability

It's been a while since we've last witnessed malware attacks using zero day vulnerabilities, and the latest one exploiting a zero day in Adobe's flash player is definitely worth assessing. The current malware attack has been traced back to Chinese blackhats, who are using a zero day to infect users with password stealers, moreover, one of the domains serving the Adobe zero day has been sharing the same IP with four of the malware domains in the recent waves of massive SQL injection attacks, indicating this incident and the previous ones are connected. According to Symantec :

SOURCE: much more

xxxxxxxxxxxxxxxxxxxxxxxxxxxx

HAUTE SECURE

Your program is the only program protecting us from SLQ INJECTION.
Which is a much more serious threat than currently suspected.

SLQ gives hackers access to your PC on infected "trusted" sites, trusted sites have lowered security levels.

This is a new NEW VECTOR EXPLOIT.
coming from a trusted site, " it " can walk thru all current security programs and Vista isn't even a constraint, nor are MACs. Coming from a trusted site there are many vectors to infect your PC/MAC.

Paradigm Intel indicates we are in the middle of a massive invisible infection, motive unknown.

We told you so. #1, #2

Gerald
Internet Anthropologist, ad Magnum

UPDATE:
New sql injection site with fastflux hosting

This may be more serious than even we thought.
G

.

Related articles

• Confusion mounts over which Flash versions are under attack [via Zemanta]
• Symantec now says current Flash Player safe from attack [via Zemanta]
• Security experts speculate on mailicious Air code [via Zemanta]
• Potential Flash Player issue [via Zemanta]
• Department of Homeland Security website hacked! [via Zemanta]
• Exploited bug doesn't exist in latest version of Flash [via Zemanta]

cyb3rt Burned.

http://mypetjawa.mu.nu/archives/192029.php

Anti-Fitna Website wS Hacked by ISLAMIC Cyberterrorists!

Why?

The site appears to simply aggregate articles about Geert Wilders and Fitna. Most of those articles are filled with statements about how hateful the movie and/or Geert Wilders is.

The cyber terrorist is cyb3rt

He is using a Secure Elite proxy in Chicago, Illinois, United States

The IP is in Chicago.


His REAL IP is (212.76.64.4:34216)

Location: Riyadh, Ar Riyad, Saudi Arabia
Language: PC: ar-jo (Arabic/Jordan), ar;q=0.8 (Arabic), en-us;q=0.5 (English/United States), en;q=0.3 (English)
Moz/5.0 (Win; U; Windows NT 5.1; ar; rv:1.8.0.12) Gecko/20070508 Firefox/1.5.0.12

Image from Wikipedia

Great work Company "C".

I am with holding his name, which has been given to the FEDS.

Gerald

.more:
al-ansar.virtue.nu
An email jihad site HERE : a support site for the old Www.al-jinan.org, which we took down, and burned their head hacker. May be behind some of the latest DOS attacks.



.
UPDATE:
We have no interest in the other team members unless they too
do something stupid.
z3r0.2.z3r0
The_Fox_HaCkErS
And the others on his PC, Casus - SeaNPauL - Cobra - Eno7 - PowerFull - m3rhametsiz - SinAriTx - Dengesiz-Tr© - 0xyGen - Cod3 Z3r0 - Blueent - KaRaSeyTaN - Swan - The [B]l4ck[B]on3r - PowerDream - ColdTurk -
FaTaLTerrOr - saudia_hacker - Oaddah - nEt^DeViL [ S4ud1-C0d3r ] - Dєvil Hackєг - d3vil-x - PHP Emper0r - Lordvb - xzemor - CLass!c - MujaHeeD - al3frite - By_Ogmass- MacHaCk-Nator


Gerald
Barb

.

New Islamic hacker forum

# Forums Alhecr
#

* قسم طلبات البرامج المشفرة تشفير خاص ونسخ خاصة Section applications programmes encrypted encryption special versions special
* مــــنــــتـــدى اخــــتــــراق الايــــمـــيـــل Forum penetrate email
*
o قـسـم خــــاص لأســئــلـــة الأعــضـــاء واسـتـفـسـاراـتـهـم حـــول الاخـــتـــراق A special section of questions and requests for information about members penetration
* مــــنــــتــــدى اخــــتـــراق الاجـــهـــزة Forum penetrating devices
*
o قـسـم خــــاص لأســئــلـــة الأعــضـــاء واسـتـفـسـاراـتـهـم حـــول الاخـــتـــراق A special section of questions and requests for information about members penetration
o الـبـرامـج الـــمــشـــفــرة والــحـــصـــريــة Encrypted programmes and exclusive
* مــــنـــتــــدى اخـــتـــراق الــمـــواقع والـــمــنـــتـــديـــات Forum penetrate sites and forums
*
o قـسـم خــــاص لأســئــلـــة الأعــضـــاء واسـتـفـسـاراـتـهـم حـــول الاخـــتـــراق A special section of questions and requests for information about members penetration
o ::Local Root Exploit :: :: Local Root Exploit::
* قــســـم أخـــتــــراق شــبــكـــات الــويــرلــــس & LAN Section penetrate networks Aloyrls & LAN
* مــنـــتــدى انـــــجــــازات الـــهـــكر Forum achievements Alhecr
*
o قسم أدوات و اندكسات الاختراق Tools section and penetration Andquisat
o مكتبة الثغرات Library gaps
* مـــنــــتـــــدى اخـــــتــــراق الـــــجــــوال Forum mobile penetration
* مـــنـــتـــدى اخــــتــــراق الـــمحـــادثـــة Forum penetrate conversation
* منتدى تعليم الهكر Education Forum Alhecr
* قسم الدورات الاحترافية Section professional courses
* قسم تعليم الاختراق بالفيديو Education Section breakthrough video
* قسم E-book Section E-book
*
o قسم الطلبات Section applications
* مـــنــــتـــــدى الـــــفـــايــــروســــات Forum VIRUSES
* منتدى قسم طلبات برامج الهكر Forum Section applications programs Alhecr
* مـــنــتدى الــبرامـــج الـــكامـــلة والــــنادرة بالــلغـــة الانــجلــيزية Full Forum programmes and rare in English
* منتدى فك تشفير md5 ......... Forum decode md5 ......... وتشفيره The harmful

New Hacker Trainer

36 downloads, trainees?

Hacker Trainers name "Kasper"

We are in pursuit,

Gerald
We tried to report additional Intel to the CIA and their FORM still isn't working.
We TYPED IN TEXT AND COPIED URLS , all was rejected.




NOTE THE MESSAGE FIELD WAS DELETED EVEN THE FORM SAYS IT WON'T BE DELETED...( IN red ABOVE )


.

Chinese military boosts hacking

Chinese military boosts hacking

By Bill Gertz
November 2, 2007

HONOLULU — Senior military commanders at the U.S. Pacific Command here said China's recent test of an anti-satellite weapon and increased computer-hacking activities prompted increased defenses for U.S. forces in the region and in space.

"U.S. space capabilities are an asymmetric advantage that we have to maintain," said Air Force Lt. Gen. Daniel Leaf, deputy commander of the U.S. Pacific Command.

"There has been significant discussion and activity to assess the impact of [the anti-satellite test] and other [Chinese] space developments, and how to protect our extraordinarily important space capability," he said in an interview at the command's headquarters at Camp H.M. Smith.

Pentagon officials have said Chinese military hackers in recent months carried out computer-based attacks on Pentagon and U.S. military and civilian government computer networks, as well as on foreign government networks.

Without naming China, Gen. Leaf said the problem of computer attacks is growing.

"We're very concerned about that — for the information that may be contained on [the networks] or for the activities we conduct that are command and control and situational awareness related."

Details of recent computer attacks, including those on Pacific Command networks, are classified, Gen. Leaf said. But the issue was raised in meetings with Chinese military officials.

"We expect actions that are consistent with the professed desire for a peaceful, responsible rise of China as a more significant player on the Pacific and world stage," he said.

SOURCE:

To be fair China is the one under the heaviest attack.

Gerald

.

Newbie Alert

By Tamlin Magee: Wednesday, 17 October 2007, 10:17 AM

SISOFTWARE, producer of benchmarking and diagnostics program Sandra for Windows, has had its website hacked by someone calling himself Security^Ghost.

The page, here, has been hacked to feature a small gif of the mask from corny teen slasher flick Scream and is full of vaguely cryptic, poorly written text - including a tag that says "Islamic Warrior" at the top.

Two reasons are listed for the hack, which we can only interpret as a poorly conceived attempt at humour. "Security^Ghost" asks, "?? R U Saying Why I Hacking Your Site??" and replies himself with "1. Because I love U So Much : D" and "2. Just Fun : )" before saying "now u will tell police, please speed i am scared :( ".

And

"Greetz" are also offered out at the bottom of the hacked site, a hallmark of spoddy hackers with too much time on their hands. Cool hacker guys such as " Weebi," "Sho0tr," "Mr.Max" and "Syntax_err" are all namedropped.

Translation

" A word to the server owner, Peace be upon u and the mercy of god and his prayers -islamic greeting-

Look brother, you are wondering why i hacked your server, maybe for one of these reasons:

1. your server is hosting sites containing sexual content.

2. your server is hosting a shii-website (shiia and sunaa are the branches of islam)

3. your server is hosting a political site that violates the rights of any country.

3. or your server is hosting a site that deviates the Quran, or even makes the slightest mistake about islam.

iam ready to fully destroy your server

check if your server doesn't have any of the above sites, then i'm wrong and i'm ready to offer you full protection for the server for free."

from his accent, the hacker appears to be from the gulf countries.

anyway, that's a good way to get free protection. :)

posted by : M.A., 17 October 2007

Some of the feel of the 'old' Electronic Jihad Group: al-jinan.org

Following up.

G,

Hacker Attacks On U.S. Utilities Up 90%

Hacker Attacks On Some U.S. Utilities Up 90%

A security company is reporting that the attack tactics include the Gozi, Prg, Storm, and BBB/IRS Trojans.

By Sharon Gaudin
InformationWeek
October 5, 2007 06:29 PM

The number of hacker attacks on some U.S. utility companies is up 90% in the last nine months, according to a security company.

SecureWorks, a managed security services company that serves 100 American utilities, reported Friday that it has tracked a 90% increase in the number of hackers trying to attack its utility clients this year. Between January and April, SecureWorks blocked an average of 49 attackers per utility client per day. However, between May and September, the company's researchers saw an average of 93 hackers attempt attacks on each of its utility clients every day.

"In 2007, we blocked significantly more browser attacks for our clients than we did the year prior, as many of the top Trojans are using Web sites and e-mail links as infection vectors," said Wayne Haber, director of development at SecureWorks, in a written statement. "Some of the most prominent malware using these tactics include the Gozi, Prg, Storm, and BBB/IRS Trojans.

Researchers at SecureWorks noted that these attacks can put individual users at risk. Computer users can be victimized by browser attacks if they visit Web sites, which are surreptitiously hosting malware. If the utilities end up hosting malware, the companies' users could become victims themselves.

Haber pointed out that the utilities, like any other company, can fend off these attacks by creating strong Internet usage policies for employees so they aren't duped by social engineering tricks or phishing schemes, putting themselves and their network at risk. He also reminds IT managers to make sure their systems are up-to-date with software patches.

In a recent interview with InformationWeek convicted hacker Robert Moore said 70% of all the companies he scanned were insecure, and 45% to 50% of VoIP providers were insecure. The biggest cause of that insecurity? Default passwords that had never been changed.

Moore recently began serving a two-year sentence for breaking into 15 telecommunications companies and hundreds of businesses worldwide as part of a scheme to steal voice over IP services and sell them through a separate company.

Internet Anthropologist CEO: Target of hackers

It seems some hackers are LOOKING to hack some of our web pages.
Bad Idea, we WILL have you arrested, we even know who you are.

Your IP is 81.158.192.23X, it will take us 60 sec. to put back the original Page.

Location
Continent : Europe
Country : United Kingdom (Facts)
State/Region : Lambeth
City : London
Lat/Long : 51.5, -0.1167 (Map)

And we have bots tracking you.

ISLAMOFASCIST YOU ARE KNOWN.

Any attempt to hack us will result in a self defense reaction putting your PC at risk. I will walk through your Vista like air.

YOUR ONLY WARNING.

Everything absolutly EVERYTHING is backed up 3X on different secure servers.

Police and Intel inquries welcome.

Sample of attacks on my pc

Gerald
Internet Anthropologist

Friends/links to Islamic hacker dos attack

Top 10 sites that link to the Islamic hackers site, DOS attacks.

Google Groups Rank: 3 groups.google.com:80/group/soc.culture.british - Site Info

برامج نت Rank: 346 www.bramjnet.com:80/vb3/showthread.php?t=100055 - Site Info

El Mundo Rank: 268 www.elmundo.es:80/navegante/2006/11/24/tecnologia/... - Site Info

Palestinianforum.net:80/forum/showthread.php?t=8447... Rank: 62,939232110 www.palestinianforum.net:80/forum/showthread.php?t... - Site Info

عمر خالد Rank: 1,053 forum.amrkhaled.net:80/showthread.php?t=56968 - Site Info

Majdah.com:80/vb/showthread.php?p=299703 Rank: 7492,759362921 www.majdah.com:80/vb/showthread.php?p=299703 - Site Info

Musahim.biz:80/showthread.php?t=231646 Rank: 1757637,16529 www.musahim.biz:80/showthread.php?t=231646 - Site Info

Chatk.net:80/forum/--t1273.html Rank: 9,8979157 www.chatk.net:80/forum/--t1273.html - Site Info

Aktualne.cz Rank: 24972 aktualne.centrum.cz:80/zahranici/blizky-vychod/cla... - Site Info

3asfh.net:80/vb/showthread.php?t=46390 Rank: 8,34218484407 www.3asfh.net:80/vb/showthread.php?t=46390 - Site Info

data about Hackers surfers

---

Al-jinan.org users come from these countries:
Egypt 23.5%
Saudi Arabia 17.6%
Palestinian Territory 11.8%
Algeria 8.8%
Kuwait 5.9%
United Arab Emirates 5.9%
Morocco 5.9%
Israel 2.9%
Ukraine 2.9%
Oman 2.9%
Qatar 2.9%
Syrian Arab Republic 2.9%
Turkey 2.9%
Venezuela 2.9%

Gerald