Taliban splinter cell training army of Sasquatch

News reports are flooding in regarding a rogue Taliban splinter cell who is training an army of Sasquatch. this has created a backlash of angry mothers using social media tools like Twitter and Google+.

Most comments are angry over the fact that most Sasquatch are babies. while they are 12 feet tall, they only have the equivalent mindset of a 10 year old Canadian child, and are mostly just playful rather than vicious and dangerous. this raises the question if action should be taken from the United Nations to shut down the terror cell located in the arctic.

Rumors have been spreading around the Internet, speculating that the Russians originally funded the project to use the Sasquatch for peace time war operations against counties that oppose their goals for global domination. we are unable to confirm if these rumors are true.

Reporters have been dispatched to Nordland and Northwest Territories, in hopes some one might get to the bottom of this breaking story.

We will keep you updated as this story continues to unfold.

Read More

True story about the CubeCart Hack

For those of you following the CubeCart Hack that has left roughly 64,000 ecommerce businesses open to full database leaks, including personal details like credit card data.

It was not my intention to publish intimate the details of this case to the world as the truth will very likely create ripples through the shopping cart vendor CubeCart. We have made multiple requests to contact us regarding this issue, all of which had been received, but not replied to.

Rather than allow a company lie to their customers about the privacy of their data, we feel that the truth is the number one priority for any business dealing in sotware that holds consumer data.

The founder of CubeCart made a public statment on their company forums

"Just after Christmas, a script kiddie hacker managed to get a malicious file on our server from a security hole in our bug tracker. They then attempted to blackmail us in the usual low life way these people do. However we refused and quickly patched all the servers software and tightened our server security settings locking them out by closing any back door access they created. We were not aware of any breech of data until now and it appears that they have data up to the first few days of January 2012.

The hacker was furious that we didn't pay them and it looks like he/she managed to steal some data from the license system database from our company server and has irresponsibly posted this information online. To add insult to injury they are twisting the facts in an attempt to scare our customers and impact our business.

Please note that;
- the hacker stole data from OUR database. They have no means or method to access any part of your stores data at all.
- most importantly we do NOT store any credit card data on our servers.
- all software license keys remain in the hands of their original owners. No 3rd party is able to unlock or reset them so they have no control or power over your storewhatsoever.
- 64,000 shopping carts are NOT vulnerable. The article title is incredibly misleading and there is no reason to be alarmed as they do not have access to your stores database.
- our server is continually scanned by McAfee Secure for vulnerabilities and we do our very best to keep all software secure and up-to-date... however keeping a server totally bullet proof is never 100% possible and from time to time companies including high profile household names such as Sony have suffered similar exploits.

The only thing we can do is to sincerely apologise and continue and to review our security policies."

They claim that they were originally hacked Christmas of 2011, and blackmailed by the hacker, but failed to warn their customers of their data being compromised. They also claim the data we have obtained was dated 2012, which would make this the 2nd hack, one that they were not aware of.

They make mention of the hacker irresponsibly posted the information online, this is in reference to a now removed link to our website. a false accusation that we are the hacker only proving they are even more clueless about what really has happed than we thought.

They claim that the hacker stole data from only the cubecart company database, we have reason to suggest otherwise. but we will get to that later in this article.

They claim that they do not store credit card data on their servers,

no? then what is this?

"they have no control or power over your storewhatsoever." "64,000 shopping carts are NOT vulnerable"

False. Anonymous Hackers have a new ZeroDay attack they can use against CubeCart to gain full Database Access using what is called SQLi, They can even use google to locate roughly 64,000 websites running your software that the vulnribility currently works on and has been verified by highly skilled security professionals.

We find your remarks to be slanderous, and a down right lie to your customers. if you contacted us rather than avoiding the issue, you would have learned this information before your customers did.

How did we learn of this massive security breech of a leading ecommerce software solution?

We have previously investigated the hacker that tried to blackmail your company, and we have information on who he is, and even his IP address right now, but i guess you're not interested in that. right?

This was submitted to us by the hacker that molested your database.

One thing we know for sure, is he does not stop at one database, and he is all about automation. this means he most likely already has all 64,000 databases sitting on his servers while he buys bulk cheetos off ebay.

Also I love how you try and place blame on McAfee, You are the effing software developer, it was your code that got 64,000 of your customers owned. don't try to spread the blame. because all blame is on you.

Next time, just email us, and we won't have to bash you in a public forum like you did to us.

There is a ton of data to add to this, documented proof, names, hackers involved, groups, etc, but I think we have invested enough time and energy into a worthless cause of defending ourselves against a company that lies to their customers.

Cheers.

Read More

Anonymous Hackers turn Remote Viewers into Weapons

Anonymous Hackers are having a difficult time working alone after the recent FBI raid that left core members behind bars. most are confused as to what direction they should go, who they should attack, and who will teach them the skills to gain access to systems with secure passwords.

After many ideas were passed around, a hacker that assisted wikileaks who goes by the name as b1gmonieZ came up with a unique solution to the problem. he suggested that they utilize social networking sites like twitter to seek out remote viewers.

Most people may not be aware what a remote viewer is, and those who have heard about this supernatural ability only turn their noses up at it. regardless if you believe in remote viewing, it is apparent that the United States Government takes it seriously.

In 1979 the Army's Intelligence and Security Command was ordered to develop a program utilizing remote viewers and in 1995 the CIA took over the project. There have been several operations that have been funded recently, including Schnabel in 1997, Smith in 2005, and in 2001 Atwater.

We have to wonder what the capabilities of Anonymous Hackers could be if they have the ability to use psychic powers to see into secret databases at top secret government facilities and National Security contractors.

The most troubling thought in a Hacker actually seeing what you see, not even super secure picture password solutions provided by Tricerion are safe from a Remote Viewer.

(yes this conversation really took place) where? anonops IRC

Read More

Anonymous Hackers Discuss total Satellite Takeover

Anonymous Hackers discussed what to do with information obtained from NASA computer systems after they were able to gain access to sensitive information. the hackers now have the ability to access communication systems that control most satellite systems for broadcast media, weather, and military equipment.

Some ideas were shuffled around as to crash them all into the lower earth atmosphere and let them burn up, other ideas were to ram them into each other to create a spectacle that the world will be able to gaze up at the sky and see explosions above their heads.

Regardless of the method of destruction, the idea is all the same. show the world that Anonymous hackers have the ability to shutdown the entire world in a matter of minutes, and even launch satellite based nuclear missiles at government targets world wide.

Anonymous could succeed at such a bold attack against the Corporate world if protocols are not put into action to destroy every byte of information related to their movement, and everyone involved should be silenced to prevent the spread of the radical ideology anonymous stands for.

Who's to say they will stop at the satellites, what if they decide to fire the International Space station's engines and force it plummeting into the earth.

If the rich people around the world are unable to watch their Big Brother, Marry some rich guy, and shows making money off humiliation of would-be American Idols, maybe they would be more likely to get in the streets and protest the end to government.

This trend of Anonymous members integrating themselves into Occupy Wall street/your town movements is a dangerous move that could lead millions of Americans to be misdirected into violence creating riots and burning commercial property to the ground. this has already been experienced in California with a serious of fires. death by fire is the way they envision the end of modern society.

There have been rumors that the Hackers behind the NASA security breach were also behind the giant fireball seen over the UK. they may be using the documents to destroy satellites used by major corporations and Governments.

On the other hand, I guess we all have the right to talk about and discuss what you want to. it just makes it difficult to know who is really going to do something, and who is just BSing.

Read More

Operation Sticky Fingers takes down Anonymous Wannabe Hackers

How did we catch us some dirty would be hackers?

To catch a would be Anonymous Hacker is not very difficult. first you need an idea on what you are targeting. lets take the #interpol attack for example. we first setup a virtual linux server on the cloud that would be ready for the job of being a trap.  we went to work throwing together a very simple html page, with a php script that records the ip to file. nothing more, nothing less.

On our #stickyfingers operation we used the following script. we are firm beleivers that your source code should only include the task it is doing on the page it is doing it on. you're far less likely to create vulnerabilities that can open your server up to a number of problems.

Enjoy the code, hope you get a good laugh how simple it is. for the data it produced.

<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="content-type">
<title>Support Anonymous</title>
</head>
<body>
<script src="//connect.facebook.net/en_US/all.js#xfbml=1"
id="facebook-jssdk"></script>
<div style="text-align: center;"><big><big><span
style="font-weight: bold;">Anonymous needs your help!</span><br
style="font-weight: bold;">
<span style="font-weight: bold;">Keep clicking the button below<br>Each time sends 1000 proxies.<br>
<?php

$logfile= '/var/www/html/thepot.html';
$IP = $_SERVER['REMOTE_ADDR'];
$logdetails=  date("F j, Y, g:i a O T") . ': ' .
'<a href=http://www.geobytes.com/IpLocator.htm?GetLocation&ipaddress='.$_SERVER['REMOTE_ADDR'].'>'
.$_SERVER['REMOTE_ADDR'].'</a>';
$fp = fopen($logfile, "a"); 
fwrite($fp, $logdetails);
fwrite($fp, "<br>");
fclose($fp); 

echo("Send some packets to our target!"); 

?>
</span></big></big><br>
<br>
<big><big><big><big><span style="font-weight: bold;">TARGET<br>
</span></big></big></big></big><cite><big><big><big><big><span
style="font-weight: bold;">www.</span><b style="font-weight: bold;">interpol</b><span
style="font-weight: bold;">.int</span></big></big></big></big><br>
<br>
<button style="color: rgb(233, 121, 17);" onfocus="f01" value="ftarget"
name="CLICK TO FIRE!" type="button">CLICK TO FIRE!</button>
<br>
<br>
<span style="color: rgb(228, 55, 9);">using this website will <span
style="font-weight: bold;">not</span> identify your IP to the target</span><br>
<br><div class="fb-like" data-href="http://yourhostname" data-send="true" data-width="450" data-show-faces="true"></div>
</cite></div>
<script>(function(d, s, id) {
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) return;
js = d.createElement(s); js.id = id;
js.src = "//connect.facebook.net/en_US/all.js#xfbml=1";
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));</script>

To break it down for you, the only important part of this code is the following part.

<?php

$logfile= '/var/www/html/thepot.html';
$IP = $_SERVER['REMOTE_ADDR'];
$logdetails=  date("F j, Y, g:i a O T") . ': ' .
'<a href=http://www.geobytes.com/IpLocator.htm?GetLocation&ipaddress='.$_SERVER['REMOTE_ADDR'].'>'
.$_SERVER['REMOTE_ADDR'].'</a>';
$fp = fopen($logfile, "a"); 
fwrite($fp, $logdetails);
fwrite($fp, "<br>");
fclose($fp); 

echo("Send some packets to our target!"); 

?>

Now all you have to do is create a file called thepot.html (or another name) and make it writable. 777.

Now just keep an eye on thepot file, and maybe even run the Linux command tail -f thepot.html to keep a scrolling eye on what's going on.

That's all there was to it. and it generated the huge list of ip's of Twitter users who are involved with Anonymous Hacking and DDOSing. 

trap IP log can be found here

Read More