Hacker

Kiwicon Michele Orru has released an automated phishing toolkit to help penetration testers better exploit businesses.

The well-known FortConsult hacker, better known as Antisnatchor (@antisnatchor), dropped the phishing kit at the Kiwicon hacking event in Wellington New Zealand last week, offering hackers tips to more successfully target businesses through the world's most popular attack vector.

Dubbed "PhishLulz", the Ruby-based toolkit builds on Orru's expertise in phishing. It spawns new Amazon EC2 cloud instances for each phishing campaign and combines a GUI from the PhishingFrenzy kit with the popular BeEF browser client-side attack framework for which he is a core developer.

It also sports a self-signed certificate authority, additional new phishing templates for various scenarios a hacker may encounter, and will in the future be even more powerful with automatic domain registration, for now limited to registrar NameCheap.

All told hackers using the toolkit will be able to send more convincing and much faster phishing emails from seemingly legitimate domains, be alerted immediately when login credentials are received, and send exploits and gain user target configuration information such as operating system and browser versions along with other running software via BeEF.

It also includes MailBoxBug which handles the fistful of popped email accounts that Orru says typically flows in at a rate of one a minute. It works on Office365 accounts with more support to follow.

Phishing emails developed with PhishLulz are designed to trick discerning targets. An impressive 40 percent of staff at an unnamed Australian Government agency opened Orru's phishing emails and sent him corporate VPN credentials during a previous security test engagement.

Michele Orru. Image: Darren Pauli / The Register.

Michele Orru. Image: Darren Pauli / The Register.

It took only two days for the hacker to gain domain administrator credentials after employees at the agency handed over VPN logins via Orru's phishing campaign.

"I was in Poland, and they were in Australia, so I had to send the emails at the right time," Orru told the hacking conference.

"With five minutes to run the PhishLulz VM, five minutes to start modify the template and upload the certificates you need, you're ready to go."

Orru says PhishLulz will help hackers get past the first time-sensitive hurdle of obtaining and utilising stolen credentials, saying that attackers will have perhaps an hour to exploit the dozen or so logins they receive before it is revoked by administrators.

You need to automate as much as possible and speed is key once you have access to credentials

He offered further pointers; the best times to send phishing emails are in the morning or just after lunch when staffer's wits are less sharp. Few staff can identify dots from dashes in URLs, nor do they pick .co vs .com.

Most phishing emails need to be highly customised to work, Orru says, unless the target is "dumb".

Orru, an open source advocate, invited interested hackers to contribute to the project. ®

Sponsored: Customer Identity and Access Management


The Register - Security

TalkTalk has unveiled a healthy jump in post-tax profits on the same day a 17-year-old boy pleaded guilty to hacking the British telco.

This morning the teenager, who because of his age cannot be named, pleaded guilty at Norwich Youth Court to seven charges under the Computer Misuse Act.

He will be sentenced on 13 December, according to Sky News.

The youth was arrested in November last year by detectives from the Metropolitan Police's Cyber Crime Unit, who obtained a search warrant for his Norwich home.

Meanwhile, TalkTalk boasted that its profits jumped by £22m in the first half of this financial year, up from £11m in the six months ending September 2015 to £33m in the same period this year.

The jump in profits came in spite of the telco shedding 30,000 fixed-line broadband customers between the first half of fiscal year 2016 and H1 FY2017 as it enjoyed a net rise of 94,000 mobile subscribers, giving it a combined total of 4.76 million customers. Perhaps TalkTalk's cheesy telly ads showing a Gogglebox-style family streaming videos on their tablets are working after all.

Chief exec Dido Harding gave London business freesheet City AM a hair-shirt interview this morning, boasting of how the company has improved since the teenage hacker and his alleged accomplices walked off with the personal details and banking information of up to four million customers.

"We also learnt that if you're open and honest with your customers everything works out alright," she said. "They think, in adversity, we tried our damnedest to look after them."

TalkTalk’s revenues dipped by 1.1 per cent to £902m for the half-year, which the firm said was "as expected". It has previously admitted that the major October hack cost it 95,000 customers and around £45m in extra security and service restoration costs. ®

Sponsored: The state of mobile security maturity


The Register - Security

A computer hacker who helped the Islamic State group by providing stolen personal data on more than 1,000 US government and military workers was sentenced Friday to 20 years in prison.

Ardit Ferizi, a 20-year-old citizen of Kosovo known by his hacking moniker "Th3Dir3ctorY," was sentenced in a US federal court in Virginia, the Justice Department said.

"This case represents the first time we have seen the very real and dangerous national security cyber threat that results from the combination of terrorism and hacking," said John Carlin, assistant attorney general for national security.

"This was a wake-up call not only to those of us in law enforcement, but also to those in private industry," his statement read.

Malaysian police arrested Ferizi in September 2015 on behalf of a provisional US arrest warrant. The suspect was extradited to the United States for prosecution.

The so-called "terrorist hacker" pleaded guilty in June in US court for his role in the IS group's targeting of US government personnel for attacks.

He admitted he had given hacked data to an IS member who posted a 30-page document on Twitter -- a virtual hit list containing names, email addresses, email passwords, locations and phone numbers for about 1,300 US military and other government personnel.

The Twitter message containing the document read: “NEW: U.S. Military AND Government HACKED by the Islamic State Hacking Division!”

"We are in your emails and computer systems, watching and recording your every move, we have your names and addresses, we are in your emails and social media accounts," the document said in part, according to the Justice Department.

"We are extracting confidential data and passing on your personal information to the soldiers of the (caliphate), who soon with the permission of Allah will strike at your necks in your own lands!"

Related: 'IS Hacker' Accused of Stealing US Data Arrested in Malaysia

Related: ISIS Cyber Ops: Empty Threat or Reality?

view counter

© AFP 2016

Tags:


SecurityWeek RSS Feed

Hacker Public Radio ~ The Technology Community Podcast Network

Your ideas, projects, opinions - podcasted.

New episodes Monday through Friday.


  • Home »
  • Get Shows
  • Give Shows
  • Contribute
  • About
  • Search
  • Upload

How I record decent audio in my creeper van.

<< First, < Previous, Next >, Latest >>

Hosted by Alpha32 on 2016-09-23 and released under a CC-BY-SA license.
Listen in ogg, spx, or mp3 format. | Comments (0)

Part of the series: Podcasting HowTo

This series is designed to help the new host begin podcasting and to give the experienced host some tips and tricks.
The series is open to all.

I use a Plantronics USB headset, my Chromebook, Linux, and Audacity to record on the go.

Listen Now

Duration: 00:02:24

  • ogg: http://hackerpublicradio.org/eps/hpr2125.ogg
  • spx: http://hackerpublicradio.org/eps/hpr2125.spx
  • mp3: http://hackerpublicradio.org/eps/hpr2125.mp3

<< First, < Previous, Next >, Latest >>


Subscribe to the comments

RSS

feed.

Leave Comment

Powered by Comment Script

Ancestry

  • Radio Freek America
  • BinRev Radio
  • Infonomicon
  • Talk With a Techie

Social

  • Maillist
  • #oggcastplanet
  • Twitter.com
  • Google+
  • Facebook
  • Linked-In
  • iTunes
  • Google Play

Affiliates

  • Hack Radio Live
  • Binary Revolution
  • Hackermedia
  • Infonomicon
  • Packetsniffers

Commons

  • archive.org
  • cchits.net
  • FreeMusi.cc
  • freesound.org
  • librivox.org
  • openclipart.org
  • openfontlibrary.org
  • openrouteservice.org/
  • pixabay.com/

Patrons

  • AnHonestHost.com
  • Archive.org


Information Security Podcasts

Hacker Public Radio ~ The Technology Community Podcast Network

Your ideas, projects, opinions - podcasted.

New episodes Monday through Friday.


  • Home »
  • Get Shows
  • Give Shows
  • Contribute
  • About
  • Search
  • Upload

Matt King discussing the availability of an open source multimedia focused website.

<< First, < Previous, Next >, Latest >>

Hosted by mattkingusa on 2016-08-17 and released under a CC-BY-SA license.
Listen in ogg, spx, or mp3 format. | Comments (0)

Project available https://sourceforge.net/p/minimal-music-site

A very small responsive website for uploading content. Originally designed primarily for musicians needing an easy interface to share content. Upload files in the admin pages. Automatically saves files in directories and lists content on main pages by date. I'm sure there are many improvements that could be made.

Listen Now

Duration: 00:12:48

  • ogg: http://hackerpublicradio.org/eps/hpr2098.ogg
  • spx: http://hackerpublicradio.org/eps/hpr2098.spx
  • mp3: http://hackerpublicradio.org/eps/hpr2098.mp3

<< First, < Previous, Next >, Latest >>,


Subscribe to the comments

RSS

feed.

Leave Comment

Powered by Comment Script

Ancestry

  • Radio Freek America
  • BinRev Radio
  • Infonomicon
  • Talk With a Techie

Social

  • Maillist
  • #oggcastplanet
  • Google+
  • Facebook
  • Linked-In
  • iTunes
  • Google Play

Affiliates

  • Hack Radio Live
  • Binary Revolution
  • Hackermedia
  • Infonomicon
  • Packetsniffers

Commons

  • archive.org
  • cchits.net
  • FreeMusi.cc
  • freesound.org
  • librivox.org
  • openclipart.org
  • openfontlibrary.org
  • openrouteservice.org/
  • pixabay.com/

Patrons

  • AnHonestHost.com
  • Archive.org


Information Security Podcasts