Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Anonymous now focuses its attention to India, brings down the S.C. website

Add to     Digg this story Digg this    Get a great Linux dedicated server for less than $4 a day!

Share on Twitter

May 18, 2012

The now famous hacker group Anonymous says it is focusing its attention to India, helping to pull down the web sites of the Supreme Court, the country’s two major political parties and several government sites in retaliation for a court injunction which led to the blocking of several video sharing and bit torrent sites. As always, the group is using DDoS (distributed denial of service) attacks to deliver its message across.

Anonymous first signalled its intent to launch Op-India in a YouTube message posted on May 9, which said the following: "We have come to the conclusion that the Indian government has failed. It is time that we all rise and stand against the corrupt government. The Department of Telecommunications has ordered Internet Service Providers to block file-sharing sites in India. We cannot let this happen."

While some sites, such as those of the two political parties and the Supreme Court, appear to still be up and running again, the Department of Telecoms and the Ministry of IT sites were still down at the time of this article.

Also down for ‘maintenance’ (!) was the site of Copyright Labs, the Chennai-based anti-piracy firm which obtained the original John Doe injunction against sites such as Vimeo, Daily Motion and The Pirate Bay to prevent illegal sharing of the local movie Dammu.

Judging by Anonymous' increasingly exasperated messages from its opindia_revenge account, some India users were worried that the DDoS attack would cause permanent damage to those sites.

One such Tweet read "We are not doing any permanent damage to the websites. We just want file sharing sites to be unblocked."

Despite some observers in the internet community predicting that the hacktivist group was on its knees after high profile arrests of alleged members last year, it has made something of a comeback lately, launching well publicized attacks on the Kremlin, Virgin Media and even the ICO.

In other internet security news

Federal police in Norwegia have arrested and charged two teenagers suspected of taking part in DDoS (distributed denial of service) attacks against the U.K.'s Serious Organized Crime Agency and several other similar targets.

Aged 18 and 19, the unnamed teens are also suspected of attacking the Norwegian financial services group DNB and Germany's Bild newspaper, according to Norwegian police.

"We have arrested the two we think were the most important in these internet attacks, but we still want to talk to more people," Norwegian prosecutor Erik Moestue said.

A spokeswoman for Norway's National Criminal Investigation Service confirmed that two suspects had been arrested, questioned and formally charged over computer and internet hacking offences.

The spokesperson was unable to confirm either the names of the suspects or the websites they had been accused of attacking. Both suspects have been released on bail pending further inquiries.

Additionally, the United Kingdom's Serious Organized Crime Agency was taken offline last week after it was flooded with DDoS traffic by some hacktivists. The police agency said the decision to take the site offline was taken in order to prevent other sites hosted by the same ISP from being affected by the assault.

SOCA characterized the attack as a "nuisance" rather than a security threat. SOCA's website was also hit by a similar denial of service attack last June. A number of UK-based individuals were charged over these assaults but the cases are yet to go to trial.

In other internet security news

HTML5 is good at making nice web pages, replacing Flash and some Java Script, but the internet community is finding out that the technology isn't that really secure after all. To be sure, HTML5 does allow web designers to do things that were previously only possible with Adobe Flash or JavaScript. But the technology, already widely supported by web browsers, creates many opportunities for hackers and attackers that have nothing else to do than to mess around with other people's web properties.

In fact, during a recent presentation at the B-Sides Conference in London this week, Robert McArdle, a senior internet security researcher at Trend Micro, outlined how the revamped markup language could be used to launch browser-based botnets and other attacks.

The new features in HTML5-- from WebSockets to cross-origin requests, could send tremors through the information security community and turn the likes of Internet Explorer, Chrome, Firefox and even Opera into complete cybercrime toolkits.

Many of the attack scenarios involve using JavaScript to create memory-resident "botnets in a browser", McArdle warned, which can send email spam, launch DoS (denial-of-service) attacks or a lot worse. And because an attack is browser-based, anything from a Mac OS X machine to an Android smartphone will be able to run the platform-neutral code, greatly simplifying the development of malware.

And creating multiple botnets by luring users into visiting a malicious web page, as opposed to having them open up a booby-trapped file that exploits a security flaw, offers a number of advantages to hackers.

Malicious web documents held in memory are difficult to detect with traditional file-scanning antivirus packages, which seek out bad content stored on disk. And for its part, JavaScript code is also very easy to obfuscate, so network gateways that look for specific signatures of malware in packet traffic are trivial to bypass.

And then of course, you have HTTP-based attacks that pass easily through most routers and firewalls. Additional threats involve social engineering using HTML5's easily customizable pop-ups that appear outside the browser to fool users into believing the specific wording on an alert box.

And to make matters even worse, more convincing phishing attacks can be created using the technique, McArdle said.

"But make no mistake: the good elements in HTML5 still outweighs the bad," he added. "We haven't seen the bad guys doing anything bad with HTML5, but nonetheless it's good to think ahead and develop defences since attacks will most likely happen one day."

Web developers should make sure that their sites aren't vulnerable to Cross-Origin Resource sharing, cross-domain messaging or local storage attacks, McArdle advises. Utilities such as NoScript can also help users.

More details on HTML5 attack scenarios and possible defences can be found on, a website devoted to better and improved internet security as it relates specifically to HTML5 technology.

In other internet security news

Two suspected Taiwanese drug smugglers have now been accused of an even more ambitious plot, this time to smuggle serious military technology, including no less than a U.S. drone out of the country and into China.

Hui Sheng Shen and Huan Ling Chang, who have both been in custody since February for allegedly smuggling methamphetamine into the U.S., will be formally charged with conspiracy to violate the Arms Export Control Act, according to an AP report.

The two were caught in an undercover FBI sting which captured them on tape claiming that their clients in the Chinese government were keen on acquiring U.S. drones as well as stealth technology, anti-aircraft systems and even an E-2 Hawkeye early warning aircraft.

The two suspects reportedly ignored the undercover Feds’ repeated cautioning that they would not like to profit from any equipment which would harm U.S. interests, with Shen saying, “I think that all items would hurt America.”

"The people we met, they come from Beijing. They work for the Chinese government-- some kind of intelligence company for the government, a bit like the C.I.A I guess," Shen reportedly told the agents. "They are spies."

Shen also boasted that he could use scuba divers to transport parts of the equipment underwater from the Port Newark-Elizabeth Marine Terminal to a ship awaiting offshore-– a similar technique to that which he allegedly used to smuggle drugs.

The two individuals had been under surveillance for a whole year and then were subsequently arrested a couple of months back for a rather less headline-grabbing investigation into counterfeit 'UGG' boots being smuggled into New Jersey.

The news will be of minor embarrassment to the Chinese authorities given that, as usual, there is apparently no concrete proof linking any official involvement in the plot.

But it does come just a few days after a Pentagon report accused the People’s Republic of China of “economic espionage” facilitated by widespread hacking and designed to accelerate the development of its military and space technology.

For its part, China was forced to strongly deny the allegations in the report, which claimed to have identified no less than 26 separate occasions since 2006 on which China tried to get ahold of space launch data and sensitive info on U.S. cruise missiles and other critical military equipment.

In other internet security news

For the second time in less than two months, hundreds of thousands of web sites have been hit again by an unexplained outage at DNS services provider ZoneEdit, with users seeing from five to six full days of downtime on their email messages and their web infrastructure.

While the 603,000 customer domains ZoneEdit looks after were all apparently still resolving during the outage, users were unable to log into their accounts to make updates to their zones since last Friday.

"I have a static IP being changed by my service provider this week," one loyal customer blogged. "With only two days left before the change and potentially 500 to 1000 users being affected, I am left with very tough choices.

"I will give ZoneEdit until tomorrow morning before I find an alternative service or host the DNS myself."

Two days ago, the company's website went offline completely, again without explanation. This morning, however, the site returned and users reported that they could once again log in and use their services.

ZoneEdit, which is owned by the domain name registrar Dotster, has provided updates on Twitter, albeit only once or twice a day and without any insight into what the problem is or how long it will take to resolve.

In its most recent tweet, it states: "We understand the seriousness of this issue and its effect on you. We are truly sorry. We have every person possible working to resolve it, and as fast as possible."

Even with the problem apparently resolved, customers still do not know what happened. Users have also predictably taken to Twitter to vent their frustration-– not only regarding the downtime but also about the lack of communication from the company.

Some have even speculated that the website may have been the victim of an attack or a DoS (denial of service) attack from the outside.

ZoneEdit has been providing low-cost DNS resolution services since 2000. According to HosterStats, 150,000 domain names use its DNS to make their websites and email work.

The company did not respond to a request for comment. It's not the first time ZoneEdit has similar issues. About seven weeks ago, ZoneEdit was hit with a similar DoS attack that crippled its DNS services for a number of hours, and rendered 500 to 600 websites unavailable.

In other internet security news

Internet highjacking and pirating today isn't just a threat to your bank account or personal computer-- it's a serious problem of national security, says Congress, and now it wants to take immediate action while it still can.

To be sure, spies from other countries and organized criminals are already inside of virtually every U.S. company's network, and some firms don't even know about it. The U.S. government's top cybersecurity advisors widely agree that cyber criminals and internet terrorists already have the capability to take down the country's critical financial, energy and communications infrastructure.

Add to     Digg this story Digg this    Get a great Linux dedicated server for less than $4 a day!

Share on Twitter

Source: Anynomous.

Save Internet's URL to the list of your favorite web sites in your Web browser by clicking here.

You can link to the Internet Security web site as much as you like.

Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet    Terms of use    Privacy agreement    Legal disclaimer

Click here to order your new fully dedicated Plesk server with the Linux operating system.

Get your Linux or Windows dedicated server today.

Click here to order your new fully dedicated Plesk server with the Linux operating system.