1-15 July 2015 Cyber Attacks Timeline

This first half of July will be long remembered for the Infosec Professionals: undoubtedly the dramatic Hacking Team leak has characterized this fortnight and has written one of the most controversial pages of the Infosec Annals.  Security researchers and activists are still digging into the trove of documents (and 0-days) siphoned from the Italian company, and this story, that is unveiling new details every day, is far from being completed.

This resounding attack has overshadowed any other event throughout this first half of July (with the exception of the final count of the victims of the OPM breach, which has reached a total of 21 million), however the list of the events in this two weeks also includes other remarkable breaches, such as the ones targeting Plex, the Epic Games Forum, Hemmakväll AB, a Swedish video store chain and, last but not least, the Trump Hotel Collection.

Turning the attention to hacktivism, the Anonymous kept on their battle against the Canadian Government over the controversial Anti-Terror C51 bill, whereas their Indian counterpart hacked the Telecom Giant BSNL.

If you also remember the attacks against against Apple, Facebook, Micrsoft and Twitter, occurred two years ago, you won’t be happy to know that the authors are back and got bigger, targeting at least 40 companies in different sectors. They were unmasked by several security vendors in contemporary, and for this reason classified with different names (Butterfly, Morpho, Wild Neutron or Jripbot).

Enjoy the timeline and, as usual, remember to keep the level of attention very high. In the same time if you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014 and now 2015 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

IDDateAuthorTargetDescriptionAttackTarget
Class
Attack
Class
CountryLink
101/07/2015?The Trump Hotel CollectionThe Trump Hotel Collection, a string of luxury hotel properties tied to business magnate Donald Trump, appears to be the latest victim of a credit card breach.PoS MalwareIndustry: HospitalityCCUShttp://krebsonsecurity.com/2015/07/banks-card-breach-at-trump-hotel-properties/
201/07/2015?Vehicle Donation Processing CenterCharitable car donors using the Vehicle Donation Processing Center learn their personal information was hackedUnknownOrg: CharityCCUShttp://www.databreaches.net/charitable-car-donors-learn-their-personal-information-was-hacked/
301/07/2015several major worker's compensation insurersConfidential legal filesAn investigation reveals that several major worker's compensation insurers, hacked into thousands of confidential legal files to save money on judgments and settlements.UnknownSingle IndividualsCCUShttp://www.courthousenews.com/2015/07/01/major-workers-comp-insurers-hacked-legal-files-class-claims.htm
402/07/2015savakaPlexA hacker called savaka hacks the Plex server hosting the forums and the blog. The attacker asks for a ransom of 9.5 BTC to avoid the leak of the dataUnknownIndustry: SoftwareCC
UShttp://lifehacker.com/plex-hacked-change-your-password-now-1715355825
502/07/2015Monte Melkonian Cyber ArmySeveral Azerbaijani sitesArmenian hackers from Monte Melkonian Cyber Army hack into the official website of Azerbaijani customs (and other Azerbaijani sites), stealing highly confidential personal information of 5650 Azerbaijani citizens.UnknownGovernmentCWAZhttps://www.hackread.com/armenian-azerbaijani-cyberwar/
602/07/2015Anonymous
Canadian Government Sites
In name of #OpBillC51, the Anonymous hacks the Québec Parental Insurance Plan Centre (http://www.rqap.gouv.qc.ca), The Ministry of Labor, Employment and Social Solidarity (http://www.mess.gouv.qc.ca) and The National Review Commission website on employment insurance (http://www.cneae.gouv.qc.ca).UnknownGovernmentH
CAhttps://www.hackread.com/anonymous-breaches-canadian-government-servers/
703/07/2015AnonOpsIndiaBharat Sanchar Nigam Limited (BSNL)In name of OpIndia, AnonOpsindia, a group affiliated to the Anonymous collective hacks BSNL and claims to have siphoned the entire database, which has sensitive information of over 30 million users.UnknownIndustry: TelcoH
INhttp://betanews.com/2015/07/04/bsnl-india-hacked-anonymous/
804/07/2015?New Jersey Online CasinosA hacker shuts down four New Jersey Internet gambling sites and threatens more
cyberattacks over unless a ransom in BTC is paid.
DDoSIndustry: GamblingCCUShttp://abcnews.go.com/US/wireStory/hacker-attacks-gambling-websites-demands-bitcoin-ransom-32279133
905/07/2015Phineas FisherHacking Team SrLHacking Team, the Italian company behind the infamous surveillance software is hacked. The attacker, allegedly the same author behind the attack to Gamma International (another surveillance software) dumps approximately 400Gb of data.UnknownIndustry: SoftwareH
IThttp://www.csoonline.com/article/2943968/data-breach/hacking-team-hacked-attackers-claim-400gb-in-dumped-data.html
1005/07/2015HufflepuffPrimedice
https://primedice.com
Primedice, an online gaming/gambling site loses $1 million in bitcoin to an attacker who exploited its random number generation (RNG) system.Random Number Generator VulnerabilityOnline GamblingCCUShttps://www.hackread.com/gambling-site-hacked-bitcoin-stolen/
1106/07/2015?https://housing.comThe realty portal housing.com is defaced, a week after his CEO is hacked.DefacementOnline Services
CCINhttp://www.kashmirtimes.com/newsdet.aspx?q=42783
1207/07/2015?Edinburgh CIty Council
More than 13,000 email addresses have been stolen from Edinburgh city council's database following a "malicious cyber attack".UnknownGovernmentCCUKhttp://www.bbc.co.uk/news/uk-scotland-edinburgh-east-fife-33425853
1307/07/2015DangerProPizza Hut Israel
(http://contact.pizzahut.co.il)
A group of Bangladeshi hackers going with the handle of DangerPro defaces the contact us page of the official website of Pizza Hut Israel (contact.pizzahut.co.il).DefacementIndustry: Restaurant
H
ILhttps://www.hackread.com/pizza-hut-israel-website-hacked/
1407/07/2015Rubber AKA smitt3nzhttp://iChatLatino.com
http://iChatAsia.com
http://iChatUSA.com
Rubber AKA smitt3nz hacks three dating sites and dumps a total of nearly 100,000 plaintext users and passwords.SQLiDatingCC>1http://siph0n.in/exploits.php?id=3901
1507/07/2015PH1K3 and z0xHemmakväll AB
http://www.hemmakvall.se
A couple of hackers dubbed PH1K3 and z0x hack Hemmakvälls.se (a Swedish video store chain) and dump the details of approximately 47,000 users.UnknownIndustry: Retail
CCSEhttp://www.dn.se/ekonomi/hemmakvall-hackat-50000-kunders-uppgifter-pa-vift/
1608/07/2015Butterfly, Morpho, Wild Neutron, Jripbot>1Several security companies report that the attackers that targeted Apple, Facebook, Microsoft, and Twitter two years ago in a series of high-profile hacks are back and got bigger. Targets include at least 40 companies in different sectors. The group is known as Butterfly, Morpho, Wild Neutron or Jripbot.>1>1CC>1http://www.zdnet.com/article/the-group-that-attacked-apple-twitter-and-facebook-is-still-going/
1708/07/2015?Evans Hotels
California-based Evans Hotels announces that malware was installed on computers at the front desks of its properties that could have compromised payment card data.PoS MalwareIndustry: HospitalityCCUShttp://www.scmagazine.com/evans-hotels-announces-payment-card-incident-involving-malware/article/425744/
1808/07/2015The Cyber Army of the KhilafahSyrian Observatory for Human Rights
http://www.syriahr.com
Purported supporters of the hardline Islamic State group deface the website of the Syrian Observatory for Human Rights.DefacementOrg: Human Rights
H
SYhttp://news.yahoo.com/islamic-state-supporters-hack-website-syria-rights-watchdog-144857500.html
1908/07/2015Cyber Islamic StateState Ministry for Euro-Atlantic Integration of Georgia
http://eu-nato.gov.ge/
The Cyber Islamic State hackers deface the official website of “The State Ministry for Euro-Atlantic Integration of Georgia” (eu-nato.gov.ge).DefacementGovernmentH
GEhttps://www.hackread.com/isis-hackers-euro-atlantic-integration-nato-site/
2008/07/2015?Evans Hotels
Evans Hotels, which owns and operates the Bahia Resort, Catamaran Resort and The Lodge at Torrey Pines announces that a security breach led to unauthorized charges on guests’ payments cards.PoS MalwareIndustry: HospitalityCCUShttp://fox5sandiego.com/2015/07/08/security-breach-at-local-hotels-led-to-unauthorized-charges-on-guests-cards/
2109/07/2015?German MissilesGerman-owned Patriot missiles stationed in Turkey are briefly taken over by hackers.UnknownMilitaryCCDEhttp://www.thelocal.de/20150707/german-missiles-taken-over-by-hackers
2209/07/2015Cyber Islamic StateArgonne National Laboratory
http://www.lcrc.anl.gov
The Cyber Islamic State hackers deface a subdomain of Illinois-based Argonne National Laboratory owned and funded by the U.S. Department of Energy Office of Science.DefacementGovernmentH
UShttps://www.hackread.com/pro-isis-hackers-us-dept-of-energy/
2309/07/2015?Service Systems AssociatesService Systems Associates, a company that serves gift shops and eateries at zoos and cultural centers across the United States, acknowledges a breach of its credit and debit card processing systems.PoS MalwareIndustry: Retail
CCUShttp://krebsonsecurity.com/2015/07/credit-card-breach-at-a-zoo-near-you/
2409/07/2015?Charlotte MckinneyUnknown hackers hack the Charlotte Mckinney Instagram account and use it to post nude photos of the model.Account HijackingSingle IndividualCCUShttp://www.techworm.net/2015/07/top-model-charlotte-mckinney-hacked-nude-photos-leaked-on-instagram-and-imgur.html
2510/07/2015?Telegram (Messaging Platform)
Popular messaging platform Telegram is hit with a 200Gbps distributed denial of service (DDoS) attack. Users in Asia, Australia, and Oceania are prevented from using the service.DDoSOrganization: Software
CCDEhttp://www.theregister.co.uk/2015/07/14/telegram_ddos/
2610/07/2015Lizard Squad
Daybreak Game Company LLCDaybreak Game Company is hit with a DDoS after its CEO threatens convicted Lizard Squad hacker Julius KivimakiDDoSIndustry: Video GamesCCUShttp://www.forbes.com/sites/erikkain/2015/07/10/daybreak-games-hit-by-lizard-squad-after-ceo-threatens-hacker-surprising-absolutely-nobody/?ss=Security
2710/07/2015?Walmart Canada (via PNI Digital Media)Walmart Canada investigates a potential breach of customer credit card data after one of its websites operated by a third party (www.walmartcanadaphotocentre.ca) was compromised. 60,000 customers could be affected.UnknownIndustry: Retail
CCCAhttp://www.theglobeandmail.com/report-on-business/walmart-looks-into-possible-credit-card-data-breach/article25422632/
2810/07/2015AlfabetoVirtualhttp://comptroller.nyc.gov/A Pro-Palestinian hacker going with the handle of AlfabetoVirtual defaces the official website of New York City’s Comptroller Mr. Scott M. Stringer (http://comptroller.nyc.gov).DefacementGovernmentH
UShttps://www.hackread.com/palestinian-hacker-new-york-comptroller-office/
2911/07/2015Lov3rDnshttp://my.barackobama.comA Yemeni hacker going with the handle of “Lov3rDns” defaces the official social network domain of U.S president Barack Obama, used during his election campaign (my.barackobama.com).DefacementOrg: Politics
H
UShttps://www.hackread.com/obama-election-social-network-hacked-yemen-hacker/
3011/07/2015Teap0thttp://gooffcampus.comA hacker dubbed Teap0t hacks ateworld.com and dumps 8,623 usernames and clear text passwords.SQLiOnline Services
CCUShttp://pastebin.com/1xLCahZH
3112/07/2015Unknown Syrian Hackers
IsraelComputer hackers likely working for the Syrian regime and Hezbollah have managed to penetrate the computers of Israeli and American activists working with the Syrian opposition, exposing sensitive contacts between the sides.Targeted AttackGovernmentCEILhttp://www.timesofisrael.com/computer-hack-reveals-identity-of-syrians-in-contact-with-israel/
3212/07/2015Anonymous
Vancouver IslandUnknown hackers affiliated with the collective Anonymous release a string of emails that appear to show a conservation officer defending his decision to refuse to kill two black bear cubs on Vancouver Island.UnknownGovernmentH
CAhttp://www.cbc.ca/news/canada/british-columbia/anonymous-hackers-release-emails-ordering-bear-cubs-be-killed-1.3147003
3312/07/2015cybervor aka @cyberv0rMiami Universitycybervor aka @cyberv0r claims to have hacked the Miami University and dumps >200 usernames and hashed passwords.SQLiEducationCCUShttp://pastebin.com/90TaSi2W
3412/07/2015?Antrix CorporationIndian space agency ISRO’s commercial arm Antrix’s website is defaced. Suspects are directed to Chinese hackers.DefacementIndustry: AerospaceH
INhttp://timesofindia.indiatimes.com/india/Website-of-Isros-commercial-arm-Antrix-hacked/articleshow/48041483.cms
3512/07/2015Anonymous
WXXR 97.3An Indiana radio station, WXXR 97.3, is apparently hacked, broadcasting a message from the Anonymous collective.UnknownBroadcast
H
UShttp://wivb.com/2015/07/13/indiana-radio-station-hacked-by-anonymous/
3613/07/2015?http://CareerBuilder.comProofpoint threat researchers detect a clever email-based attack that combines phishing and social engineering techniques in order to trick users into opening a malicious document. In this attack, the actor browses open positions listed on CareerBuilder.comTargeted Attack>1CC>1https://www.proofpoint.com/threat-insight/post/Foot-in-the-Door
3713/07/2015?Chris FoomeTeam Sky are consulting their lawyers following what they believe to be the potential hacking of Chris Froome's training data files in order to suggest he may be using performance enhancing drugs during Tour De France.UnknownSingle IndividualCCUKhttp://www.telegraph.co.uk/sport/othersports/cycling/tour-de-france/11737387/Tour-de-France-2015-Chris-Froomes-ride-for-glory-under-threat-in-data-spying-storm.html
3813/07/2015AnonGhostMalaysian Police Facebook and Twitter PagesThe AnonGhost collective takes over the Facebook and Twitter Accounts of the Malaysian Police and floods the feed with pro-ISIS messages.Account HijackingLaw EnforcementH
MYhttps://www.hackread.com/isis-hackers-malaysia-police-facebook-twitter-hack/
3913/07/2015austinsimon864http://cloudminr.ioCloud mininig service cloudminr.io is hacked. The attacker offers to sell the entire database (about 80,000 users) for 1 BTC (approx. 276 USD)Unknown
Bitcoin MiningCCNOhttps://www.cryptocoinsnews.com/cloudminr-io-hacked-user-database-put-up-for-sale/
4013/07/2015Teap0thttp://ateworld.comA hacker dubbed Teap0t hacks ateworld.com and dumps 8,623 usernames and clear text passwords.SQLiNewsCCUShttp://pastebin.com/3er0NJWH
4113/07/2015?Envato
Envato, the network of marketplaces is under a two week lasting DDoS attack.DDoSIndustry: InternetCCAUhttp://inside.envato.com/denial-of-service-attacks-on-envato/
4213/07/2015?VoatVoat, the news aggregator, is taken down by a DDoS attack.DDoSSocial Network
CCCH
http://www.techworm.net/2015/07/ddos-attack-knocks-reddits-alternative-voat-offline.html
4313/07/2015?Insurance Services OfficeNew Jersey-based Insurance Services Office (ISO) notifies an undisclosed number of consumers of an unauthorized access to the database.UnknownIndustry: Health InsuranceCCUShttp://www.databreaches.net/insurance-services-office-database-breached-insurance-data-accessed/
4414/07/2015?https://forum.epicgames.comEpic, the well known developer of videogames, notifies the users of its forum (forum.epicgames.com) of an authorized access to their personal data (username, password, email and date of birth)Unknown
Industry: Video GamesCCUS
http://www.hotforsecurity.com/blog/epic-games-forum-hacked-change-your-online-passwords-an-beware-of-phishing-12283.html

 

2 thoughts on “1-15 July 2015 Cyber Attacks Timeline

Leave a Reply

%d bloggers like this: