Salacious, Messy Anonymous Hacking


It has become the old story now; cybercriminals steal users’ information, and customers or members are notified by hosting or social media websites. The customer’s situation is a complete mess; they shared the details with complete trust, and how such big websites get compromised. Wasn’t their security enough to stop hackers? The situation becomes salacious when they know that the hacker’s group is anonymous.

The companies claim the complete security of their user’s data and promise that they won’t be sharing or selling with 3-party companies without the user’s consent. But what if hackers breach the data? Why don’t companies take security as the topmost priority to stop such breaches? After the data gets compromised, news often comes out from such companies that the cyber security team has taken remedial action and then starts assuring customers with high priority security and privacy. The worst is when companies don’t know about such leaks for even months.

The mysterious online hacker community Anonymous always remains in news headlines. In February, a Twitter account with 7.9 million followers named “Anonymous” declared a “cyberwar” against Russia and its president, Vladimir Putin. The group claimed responsibility for cyberattacks that disabled websites and leaked Russian government agencies, state-run news outlets, and corporations’ data.

The Anonymous hacktivists employ coordinated cyberattacks against various world governments, corporations, or other groups, often in the name of social or political causes. On March 6, 2022, Anonymous claims to have hacked into the Russian streaming services Wink and Ivi (like Netflix) and live TV channels Russia 24, Channel One, and Moscow 24 to broadcast war footage from Ukraine. But that doesn’t make them heroes. Let’s have a look at their past deeds.

On November 17, 2021, Godaddy, an Internet domain and web hosting company based in New York, revealed a hack on September 6, 2021, which exposed its 1.2 million customers’ emails and numbers, putting them at risk of phishing attacks. An attacker sends a fraudulent message designed to trick the victim into giving them sensitive information. The company filed an incident report with the Securities and Exchange Commission (SEC) stating that it had identified ‘suspicious activity in its Managed WordPress hosting environment by an unauthorized third party. They immediately began an investigation with the help of an IT forensics firm and contacted law enforcement. SSH File Transfer Protocol, a network protocol that provides file access, transfer, and management over a data stream, and database usernames and passwords got exposed for active customers. The company immediately blocked the unauthorized third party and reset both passwords.

The company spokesperson said: ‘We, GoDaddy leadership and employees, take our responsibility to protect our customers’ data very seriously and never want to let them down. We will learn from this incident and are already taking steps to strengthen our provisioning system with additional layers of protection.’

Why are hackers so high? Can they impact thousands of websites and bring down businesses? Even with so many protections, firewalls, anti-malware, anti-viruses, and best security, how the hosting accounts get compromised still is beyond one’s thinking.

It’s not only Godaddy; almost every big company is the target of hackers. Amazon’s Twitch, a video streaming service, suffered a data leak after an anonymous hacker posted a computer file containing a vast amount of data for the public to access. Users Called ‘Disgusting Toxic Cesspool’ in a post on 4chan by a hacker. CNBC reported that the data leak included details on payments to content creators and an unreleased product from Amazon Game Studios.

Most companies use two-factor authentication (2FA), but not all their customers or members use the same. The companies always recommend changing passwords periodically. It’s time for users to know the difference between public and private information, ‘what to be shared and what not to be.’ Undoubtedly, the threats of cybercriminals will remain in the future also, but it’s the company’s and user alertness that can minimize hacking possibilities.

Importance of Website Security


Security researchers claim that hackers and cybercriminals attack big web hosting companies and domain registrars. There is an increase in backdoor payload attacks against the big hosting providers. Wordfence, a popular security service, analyzes that the WordPress hosting providers and resellers gets the most affected.

The hackers exploit the vulnerabilities, gain access to configuration wp-config.php, and modify parameters to have complete control. They get a template that refers users to pharmaceutical sector spam links and injects malicious pages into search engines results. The spam templates intend to incite victims to purchase fake products, exposing money and payment details to the threat actors. The hackers with complete control alter or modify website content like links, titles, menus, or images; thus, the site appears compromised instead of the original one.

Cybercriminals steal data, passwords, and users’ personal information. The hosting customers prioritize protection and want absolute and higher standards of security measures for their websites, emails, and other resources they host on servers. Thus, the website’s reputation is maintained. The user experiences get impacted, leading to a negative experience and losing trust with website downtime or affected vulnerabilities. The website security threat leads to potential financial losses; thus, hosting consumers want to strengthen digital presence security and take a longer-term view on protecting the investment.

Over 90% of GoDaddy APAC customers participating in its 2021 Global Website Security Survey consider cyber security important for small businesses. Nearly 80% of respondents agreed that small businesses are at risk of cyberattacks. At the same time, half said they had already experienced a security breach, and a third described themselves as unsure of how to deal with a cyberattack.

The hosting providers always advise their customers to keep everything updated and upgraded. Wordfence strongly recommends that users scan the wp-config.php file immediately to detect potential backdoor injections.

Last year in November 2021, up to 1.2 million users of Godaddy’s WordPress websites got affected by an unauthorized attack. GoDaddy In. empowers millions of entrepreneurs worldwide looking to expand their online presence. The hosting provider offers tools for domains, website creation, e-commerce, content creation, and online security capabilities like Firewall and malware protections, site cleanups, and secure backups to help safeguard your customers’ and business information.

Groklaw Shuts Down In Face of NSA


http://www.ananova.com/groklaw-shuts-down-in-face-of-nsa/

Technology legal news site, Groklaw, has officially closed its doors today. The site has shut down due to email security issues. This is the third website to go offline because of government surveillance within the United States. The closings began with Lavabit, followed by Silent Circle, and now Groklaw.

groklaw logo

SEA Hacks US Media Sites Via Third-Party Service


SEA Hacks US Media Sites Via Third-Party Service

Are you a regular reader of the Washington Post? Then you may have noticed things didn’t look quite right earlier in the week. Hackers were able to breach the dedicated hosting sites for The Washington Post, CNN, and Time by breaching the site for third-party service relied on by all three sites, Outbrain.

syrian electronic army logo

Hackers Sending Illegal Images to Harmless Sites


Hackers Sending Illegal Images to Harmless Sites.

ITsecurity
Filters or not, hackers will find a way. Nothing demonstrates that better than a recent story out of the UK, on the heels of the mandatory ISP filters for pornography their government is talking about imposing.

Do Your Terms of Use Hold Up In Court?


Do Your Terms of Use Hold Up In Court?

Terms of Use are something that every website must have. Even if you’re just running a cheap hosting company, chances are that you have a ‘Terms of Use’ blurb on your page. What you might not realize is that many sites boast Terms of Use jargon that is completely illegal.

internet law