Saturday, 6 May 2017

Beware! Don't Click that Google Docs Link You Just Received in Your Mail Otherwise Account Will Be Hacked

2 comments
google-docs-oauth-phishing-email
Thanx To THN
Did someone just share a random Google Doc with you?

First of all — Do not click on that Google Doc link you might have just received in your email and delete it immediately — even if it's from someone you know.

 people all around the Internet, especially journalists, are receiving a very convincing OAuth phishing email, which says that the person [sender] "has shared a document on Google Docs with you."
Once you clicked the link, you will be redirected to a page which says, "Google Docs would like to read, send and delete emails, as well access to your contacts,asking your permission to "allow" access.

If you allow the access, the hackers would immediately get permission to manage your Gmail account with access to all your emails and contacts, without requiring your Gmail password.
But How? The "Google Docs" app that requests permissions to access your account is fake and malicious, which is created and controlled by the attacker.

You should know that the real Google Docs invitation links do not require your permission to access your Gmail account.

Anything Linked to Compromised Gmail Accounts is at Risk


Once the app controlled by the attacker receives permissions to manage your email, it automatically sends same Google Docs phishing email to everyone on your contact list on your behalf.

Since your personal and business email accounts are commonly being used as the recovery email for many online accounts, there are possibilities that hackers could potentially get control over those online accounts, including Apple, Facebook, and Twitter.

In short, anything linked to a compromised Gmail account is potentially at risk and even if you enabled two factor authentication, it would not prevent hackers to access your data.

Meanwhile, Google has also started blacklisting malicious apps being used in the active phishing campaign.
"We are investigating a phishing email that appears as Google Docs. We encourage you to not click through & report as phishing within Gmail," Google tweeted.
This Google Docs phishing scheme is spreading incredibly quickly, hitting employees at multiple organizations and media outlets that use Google for email, as well as thousands of individual Gmail users who are reporting the same scam at the same time.

If by anyhow you have clicked on the phishing link and granted permissions, you can remove permissions for the fraudulent "Google Docs" app from your Google account. Here’s how you can remove permissions:

  1. Go to your Gmail accounts permissions settings at https://myaccount.google.com and Sign-in.
  2. Go to Security and Connected Apps.
  3. Search for "Google Docs" from the list of connected apps and Remove it. It's not the real Google Docs.
Stay tuned to our Facebook Page for more updates ! Stay Safe!


Update: Google Docs Phishing Scam Hits Nearly One Million Users

Google said that the last night's Google Docs phishing campaign affected "fewer than 0.1%" of Gmail users, which means nearly one million people were affected by it, handing over their email access to attackers.
Read More

Now Hacking Is Easy / Android Me 200kb Ka Linux ? App Overview "Turmex" Size Only 200kb

5 comments
Hello Guys , Welcome To Hax4Us
Hax4Us 
Dosto Aaj Hum Baat Karenge Ek Esi App Ke Baare Me Jo Aapko Ek Linux Environment Provide Karati Hai Aapke Android Mobile.

Esa Kya Special Hai Isme ?

Yes ,Dosto I know ki Linux ko android me install karne ke liye play store me kayi popular apps hai jese LINUX INSTALLER , DEPLOY etc but Dosto ye apps Linux to install kardeti hai but uske liye minimum 1.5 GB se 2 GB aapko expense karna padta hai and install hone ke baad 4 GB tak space spare leta hai....

But dosto ye app TERMUX only 200kb ki hai and ye koi additional data ni maangti ....

How To Install ?

Dosto Simply ise play store ya niche given link se download kare and meri video deke.

Video Me Kya Hai ?

Dosto Video mene complete overview diya hai , kese install kare and ek hacking tool bhi install kar ke dikhaya hai ....

So Watch And Enjoy Linux In Android Size Only 200kb.


Agar Post Me Video Play Nahi Ho Rhi Hai To Aap Niche Link Pe Click Karke YouTube Par Video Dekh Sakte Hai .

Click Here To Watch Video 

Post Achi Lagi To Comment Jarur Kare .
Read More

Tuesday, 2 May 2017

Hacker leaks Unreleased TV Series Of Netflix Because They Refuse To Pay Ransom

2 comments
orange-is-the-new-black-netflix-season-5
Thnx To THN
After releasing 10 back-to-back episodes of the Season 5 premiere of Netflix's "Orange Is the New Black," a hacking group calling itself The Dark Overlord is threatening to leak a trove of other unreleased TV shows and movies.

The Dark Overlord (TDO) posted links to the first 10 episodes of the upcoming season of "Orange Is the New Black" show to a piracy website after Larson Studios and Netflix failed to fulfill the group's ransom demand.

According to Netflix's website, the season 5 of "Orange Is the New Black" show is scheduled to debut June 9 and supposed to run 13 episodes. But TDO claimed that only the first 10 episodes were available at the time the group gained access to the show.

On Saturday, the group headed on to Twitter and posted links to a Pastebin page, GitHub profile, and the Pirate Bay torrent site sharing Episode 1 of "Orange Is The New Black" season 5 show.

At the time of writing, the Pastebin (web archive) and GitHub links went down, but the Pirate Bay torrent file remained up, and users have downloaded and shared its content.

10 out of 13 "Orange Is The New Black" Season 5 Episodes Leaked Online


Following the release of Episode 1, TDO posted links to Pastebin and a second torrent file, hosted on The Pirate Bay, which includes episodes 2 through 10 of the season 5 of "Orange Is The New Black."

According to the Pastebin post, the group released 10 episodes of the show because Netflix didn't pay a ransom demand.

Here's what the TDO's statement posted on Pastebin (web archive) stated:

"It didn't have to be this way, Netflix. You're going to lose a lot more money in all of this than what our modest offer was. We're quite ashamed to breathe the same air as you. We figured a pragmatic business such as yourselves would see and understand the benefits of cooperating with a reasonable and merciful entity like ourselves. And to the others: there's still time to save yourselves. Our offer(s) are still on the table - for now."
In an interview with the DataBreaches.net, the hacking group revealed it managed to steal "hundreds of GBs [gigabytes] of unreleased and non-public media" from the servers of Larson Studios, an ADR (additional dialogue recorded) studio based in Hollywood in late 2016.

The Dark Overlord Demanded 50 BTC


While the group did not reveal its attack method nor how much ransom it demanded, according to a copy of a contract allegedly signed between TDO and Larson, the hacking group asked for 50 BTC ($70,422) by January 31.

But after the studio stopped responding to the group's email requests in January, TDO turned to Netflix, which also did not pay the ransom either, eventually forcing the group to release the first 10 episodes of season 5 of "Orange Is The New Black" after two months.

Netflix said in a statement that it was "aware of the situation. A production vendor used by several major TV studios had its security compromised, and the appropriate law enforcement authorities are involved."

The Dark Overlord Threatens to Leak More Shows to the Internet


After releasing all the 10 episode of the unreleased show, TDO threatened to leak other unreleased shows and movies from several other studios in its possession.

The Dark Overlord tweeted"Who is next on the list? FOX, IFC, NAT GEO, and ABC. Oh, what fun we're all going to have. We're not playing games anymore."

The hacking group provided a list of unreleased shows and movies (some are released on their scheduled date) it stole from different studios, which includes:

  • A Midsummers Nightmare – TV Movie
  • Bill Nye Saves The World – TV Series
  • Breakthrough – TV Series
  • Brockmire – TV Series
  • Bunkd – TV Series
  • Celebrity Apprentice (The Apprentice) – TV Series
  • Food Fact or Fiction – TV Series
  • Hopefuls – TV Series
  • Hum – Short
  • It's Always Sunny in Philadelphia – TV Series
  • Jason Alexander Project – TV Series
  • Liza Koshy Special – YoutubeRed
  • Lucha Underground – TV Series
  • Lucky Roll – TV Series
  • Making History ) – TV Series
  • Man Seeking Woman – TV Series
  • Max and Shred – TV Series
  • Mega Park – TV Series
  • NCIS Los Angeles – TV Series
  • New Girl – TV Series
  • Orange Is The New Black – TV Series
  • Portlandia – TV Series
  • Steve Harveys Funderdome – TV Series
  • Story of God with Morgan Freeman – TV Series
  • Superhuman – TV Series
  • The Arrangement – TV Series
  • The Catch – TV Series
  • The Middle – TV Series
  • The Stanley Dynamic – TV Series
  • The Thundermans – TV Series
  • Undeniable with Joe Buck – TV Series
  • X Company – TV Series
  • Above Suspicion – Film
  • Handsome – Film
  • Rebel In The Rye – Film
  • Win It All – Film
  • XXX Return of Xander Cage – Film
The Dark Overlord is a known hacking group that was responsible for cyber attacks on Gorilla Glue and Little Red Door, an Indiana Cancer Services agency. The group also put 655,000 healthcare records lifted from 3 separate data breaches up for sale on the dark web.
Read More

(Updated) Now Fool The 000webhost And Make Undetectable Phishing Page Latest Trick By Hax4Us

24 comments
Hax4Us
Warning & DisclaimerMaking a phishing page is not illegal, but using a phishing page is illegal. This tutorial is just to show you, “How to create phishing page?”. If you use this to hack anyone account, then I AM not responsible for it. Do anything on your own risk.
Features:
No suspension ( From free web host )
Undetectable ( Bypassing browser detection )
Responsive ( Mobile version + Desktop version )
Steps to follow:
Signup for Free web host
Download phisher files and modify it
Upload the files to web host 
Register a custom domain and set it up
Set up ssl for domain
Let’s start,
Step 1: Signup for Free web host
For this method we have to sign up for two free hosting sites, www.55freehost.com and www.000webhost.com .
Page index files we will upload in 000webhost and the phishing php code goes in mzzhost.
Fill the form with your email address and give a website name, the name of my website is hax4usdemo.

After clicking sign up verify your email by clicking the link in in your mail inbox.
Now click the button (Manage website“your website name” ).

Now you have a page with your website domain. please not the name.
My domain: hax4usdemo.000webhostapp.com

okay. Now we have to sign up to mzzhost.com .
(Don’t close the 000webhost page tab because we need it later)
Open a new tab and go to this link: http://www.mzzhost.com/signup.php
Fill the form with your email and click register. ( your user name will be your domain)
Check your email spam folder to verify your account. After clicking the verification link a page will open up with your account information.
Note your control panel user name and website Url . the website URL we need later in step 2, so please note it.
My url: http://technotip.mzzhost.com .
Now go to control panel by clicking the link: http://cpanel.mzzhost.com

Type your control panel user name you already got and password you set when sign up, then click Log in button. 
Okay, now we have 2 free hosting account.
Don’t close the both web host control panel tabs because we need it later.. now let’s go to next step.

Read More