Email Scam Targets Github Developers with Dimnie Trojan

Thanx To THN

Open source developers who use the popular code-sharing site GitHub were put on alert after the discovery of a phishing email campaign that attempts to infect their computers with an advanced malware trojan.

Dubbed Dimnie, the reconnaissance and espionage trojan has the ability to harvest credentials, download sensitive files, take screenshots, log keystrokes on 32-bit and 64-bit architectures, download additional malware on infected systems, and self-destruct when ordered to.

The malware has largely flown under the radar for the past three years – Thanks to its stealthy command and control methods.
The threat was discovered in the mid of January this year when it was targeting multiple owners of Github repositories via phishing emails, but cyber-security firm Palo Alto, who reported the campaign on Tuesday, says the attacks started a few weeks before.

Here's How the Attack Works:

The attack starts by spamming the email inboxes of active GitHub users with booby-trapped job offers. The messages used in this campaign attempt to trick the victims into running an attached malicious .doc file.

The doc file contains embedded macro code, which if allowed, executes a PowerShell command to download and install the Dimnie trojan – malware that can be controlled remotely, enabling attackers to hijack infected PCs and install additional malware.

Dimnie is not new; it first appeared in early 2014, but the use of stealthy command and control (C&C) methods in the new version of the Dimnie malware helped the threat remain unnoticed until this year.

Dimnie's Stealthy Features let it went Undetected for 3 Years

This new iteration has the ability to hide its malicious traffic under fake domains and DNS requests. To camouflage its connection, Dimnie uses HTTP Proxy requests that appear to be sent to Google-owned domains, but it's actually talking to an address controlled by the attackers, which has nothing to do with Google.
For more stealthiness, the malware encrypts all of its modules during transit, and once they are received and decrypted on the targeted computer, they are never written to or executed on its hard drive.

Instead, Dimnie injects them directly into the memory of core Windows processes, which then execute in the OS memory itself, without leaving its traces on the user's disks. This lets Dimnie operators inject their malicious module into the process of any legit application.
Since the malware hides its communications behind regular traffic and executes in the OS memory, Palo researchers unable to speculate the attackers behind the latest phishing email campaign or their exact motivations to target open-source developers.

However, gaining access to computers belonging to owners of private GitHub repositories gives attackers a way to access the source code of the application they manage for their organizations, which let the attackers gain access to the internal networks of various organizations.

Read More

2k17 List Of Some Deep Web Links And How To Access Safely On Android

Hello Guys , Welcome Back To My Site

Hax4Us

So Today I Will Give Deepweb Sites Links (Only For Education And Research)

SEARCH ENGINES – DEEP WEB LINKS

http://kbhpodhnfxl3clb4.onion/ – Tor search engine

http://torlinkbgs6aabns.onion/ – Deep web links directory

http://xmh57jrzrnw6insl.onion/ – TORCH another search engine

http://ndj6p3asftxboa7j.onion/ – .onion search

FINANCIAL SERVICES – DEEP WEB LINKS

http://nzfbqcuyutvg6hd3.onion/ – Hacked PayPal accounts

http://ow24et3tetp6tvmk.onion/ – Anonymous BitCoin wallet
http://lmyv5msldzlcp224.onion/counterfeits/ – EURO & USD Counterfeits

http://easycoinsayj7p5l.onion/ – BitCoin Wallet

COMMERCIAL – DEEP WEB LINKS

http://mobil7rab6nuf7vx.onion/ – Unlocked Smartphones

http://2ogmrlfzdthnwkez.onion/ – Hire a Hacker

http://abbujjh5vqtq77wg.onion/ – Passports and ID Cards for Bitcoins

http://fakeidscpc4zz6c4.onion/ – Fake documents

HOSTING RELATED – DEEP WEB LINKS

http://torwebpa6vb7icfm.onion/ – Hosting Company

http://hosting6iar5zo7c.onion/ – Web Hosting

Account Password recovery

http://torvps7kzis5ujfz.onion/ – VPSSHell

FORUMS – DEEP WEB LINKS

http://zqktlwi4fecvo6ri.onion/wiki/Torbook – Facebook for deep web

http://vm3rhgs2uhwas5rt.onion/forum/index.php – Tor Forum

Guys You Can Find More Links From Internet.. Here I Posted Some Usable Links Only ..

How To Access Deep Web Links Click Here To Watch Practical Video

Disclaimer :- I Am Not Responsible For Any Illegal activity Done By You And This List Of Links Is Only For Education.

Read More

If You Are A Iphone User And Using iCloud So Beware - Must Read (Hax4Us)

Hax4Us HackNeWs

If you use iCloud to sync your Apple devices, your private data may be at risk of getting exposed or deleted by April 7th.

It has been found that a mischievous group of hackers claiming to have access to over 300 million iCloud accounts is threatening Apple to remotely wipe data from those millions of Apple devices unless Apple pays it $75,000 in crypto-currency or $100,000 worth of iTunes gift cards.

The hacking group, who identified themselves as 'Turkish Crime Family,' has demanded a ransom to be paid in Bitcoin or Ethereum, another popular crypto-currency.

The screenshots of email exchange indicate that when Apple security team asked for a sample list of hacked account to verify the claims, the group only provided a YouTube video demonstrating access to one of the allegedly hacked accounts and remotely wiping all content from the device.

Thanx To THN

However, the story seems inconsistent, as on its Twitter account, the group claims to have access to 200 million iCloud accounts, while in one of the emails, it says to access 300 million Apple email accounts and in another, the number gets almost double to 559 million.

At this time, it is very difficult for even Apple to verify the claims. However, the company has warned the group saying that it does not reward cyber criminals for breaking the law and asking them to remove the video as it was "seeking unwanted attention."

The hacking group has given Apple a deadline until April 7 to pay up the ransom. Unless its demands are met, the group are going to start remotely wiping victim's Apple devices and reset iCloud accounts.

How to Protect Your iCloud Account From Hackers

Whether the claims and threat are real or not, but if hackers gain access to your iCloud account, they could easily download all your photos and other private data.

In order to keep your iCloud account safe from hackers, Apple users are advised to change their iCloud passwords immediately and enable two-step authentication to add an extra layer of security to your account.

Read More

(Hindi-English) SMishing - Brother Of Phishing / A Harmful Attack Must Read (Hax4Us)

Hello Guys Welcome Back To My Site

Today We Will Talk About A Word "SMishing" ...

What Is SMishing ?

Short for SMS Phishing, smishing is a variant of phishing email scams that instead utilizes Short Message Service (SMS) systems to send bogus text messages. Also written as SMiShing, SMS phishing made recent headlines when a vulnerability in the iPhone's SMS text messaging system was discovered that made smishing on the mobile device possible.

Smishing scams frequently seek to direct the text message recipient to visit a website or call a phone number, at which point the person being scammed is enticed to provide sensitive information such as credit card details or passwords. Smishing websites are also known to attempt to infect the person's computer with malware.

SMishing Kya Hai ?

SMishing Word Dekhne Me to bahut hi complex word lagta hai but yakin maaniye iska meaning utna hi easy hai..

Ye word phishing se hi nikla hai. SMishing ka matlab hota hai text message ka use karke phishing karna..

Means Apne mobile ya system Se kisi or ke phone ya uske no. pe ek fake text message send karna jispe Kuch attractive likha ho and ek hyperlink attach ho (vo link kisi bhi malware ka ho skta hai ya kisi trojan ka bhi ho sakta hai and ye bhi possible hai ki USS link pe click karte hi ek file download ho jaye Jo ek automated script ho Jo download hote hi run ho jaye). 

To Indirectly Ye Ek Scam Hi hai.

Agar Aapne Abhi Subscribe Nahi Kara Hai To Jarur Kar le Taki Jab Bhi Me Koi New Topic Upload Kari To Vo Aapke Inbox Me Personally Send Ho Jaye.

Dosto SMishing Ka Meaning Ab Aapko Pata Chal Chuka Hai And Agar Ab Bhi Aapko Koi Doubt Hai To Aap Comment Me Puch Sakte Hai..

Read More