Last Updated on November 17, 2011

Update 12/01/2011: November Cyber Attacks Timeline (Part II)

This first half of November has been very hard for Steam. The Valve Online Gaming Platform suffered a security breach putting at risk a potential sample of 37 million of users and hence wins the crown for the Major Breach of the First Half of November.

Also a sportswear giant like Adidas fell among the victims of cybercriminals, with a “sophisticated attack” targeting 500,000 users.

This month was also hot for the Cold Finland which has suffered two security breaches involving more than 30,000 users (a third breach also happened on November, the 16th, affecting 16,000 users but of course will be reported in the next report).

Two other CAs (KPN and Digicert Sdn Bhd Malaysia, not to be confused with Digicert US-based CA) were compromised. Also F-secure discovered a sample of malware signed with a valid certificate stolen from a Malasyan company.

On a larger scale, after 2 years of hunt, FBI uncovered a huge Botnet in Estonia, which stole $14 million from 4 million users worldwide, while on the other side of the Globe, Brazilian ISPS were targeted by a massive DNS Poisoning attack.

Not even Facebook was safe this month, whose (too) many users were targeted with a malware posting pornographic images on their wall exploiting an Internet Explorer Vulnerability.

As far as hactivism is concerned, the political events in the real world had a predictable echo in the Cyber space, with an attack to Palestine the day after the nation was admitted as a full member of UNESCO.

As a retaliation, some Israeli Government web sites were targeted with a wave of DDoS attacks by the infamous Anonymous hacking group. In any case the Anonymous were active also in other Cyberwar fronts acting a couple of defacements and DDoS (in one case they targeted the Muslim Brotherhood) and were also the authors to one of the two attacks in Finland (the one towards a right-wind party).

A group of Hackers called TeaMp0isoN claimed to have hacked more than 150 Email Id’s of International Foreign Governments even if this statement is controversial.

What is not controversial is the Cyberwar declared against Mexico which was targeted, in November, by a massive waves of Cyber Attacks.

Besides these noticeable events, the month was characterized by many other minor attacks and dumps among which, particularly noticeable are: the attacks to a couple of banks (DDoS and defacements) and Universities (UCLA and Standford hit by data breaches), and the Fox Business Twitter Account Hacking (Oops they did it again!).

The month ends with the first example of malware targeting ambulance.

Please notice that I decided henceforth not to insert attacks targeting a limited amount of users and most of all, claimed without clear evidence: in this month I discovered a claimed fake attack to Italian Police announced recycling old data.

1. http://www.guardian.co.uk/world/2011/nov/01/palestinians-hit-cyber-attack-unesco
   
2. http://www.cyberwarnews.info/2011/11/02/dump-of-steam-accounts/
   
3. http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the_nitro_attacks.pdf
   
4. http://thehackernews.com/2011/11/fraud-communities-owned-and-exposed-by.html
   
5. http://www.cyberwarnews.info/2011/11/03/opdarknet-official-and-last-release/
   
6. http://www.cyberwarnews.info/2011/11/03/accounts-dumped-from-hiphopinstrumental-net/
   
7. http://www.cyberwarnews.info/2011/11/03/peru-government-websites-defaced-by-challenges-hackers/
   
8. http://nakedsecurity.sophos.com/2011/11/03/another-certificate-authority-issues-dangerous-certficates/
   
9. http://www.cyberwarnews.info/2011/11/04/bayareaconnection-net-defaced/
   
10. http://www.cyberwarnews.info/2011/11/04/yet-another-pointless-account-dump-hundreds-dumped-from-www-jjs2-com/
    
11. http://threatpost.com/en_us/blogs/another-dutch-ca-kpn-stops-issuing-certificates-after-finding-ddos-tool-server-110411
    
12. http://thehackernews.com/2011/11/capitalone-bank-taken-down-by-anonymous.html
    
13. http://www.networkworld.com/news/2011/110411-hacker-selling-access-to-compromised-252771.html?source=nww_rss
    
14. http://www.phiprivacy.net/?p=8227
    
15. http://thehackernews.com/2011/11/anonymous-attack-on-israeli-government.html
    
16. http://www.itworld.com/security/222033/fake-threat-against-facebook-dwarfs-anonymous-real-attacks-israel-finland-portugal
    
17. http://pplware.sapo.pt/informacao/site-freeport-pt-foi-atacado-entre-outros/
    
18. http://www.databreaches.net/?p=21359
    
19. http://www.itworld.com/security/222033/fake-threat-against-facebook-dwarfs-anonymous-real-attacks-israel-finland-portugal
    
20. http://www.yomiuri.co.jp/dy/national/T111105002386.htm
    
21. http://www.cyberwarnews.info/2011/11/08/massive-amount-of-accounts-dumped-from-adidas-com/
    
22. http://www.theregister.co.uk/2011/11/07/adidas_hack_attack/
    
23. http://www.cyberwarnews.info/2011/11/08/massive-amount-of-accounts-dumped-from-adidas-com/
    
24. http://thehackernews.com/2011/11/international-foreign-government-e.html
    
25. http://www.theregister.co.uk/2011/11/09/teamp0ison_publishes_stupid_password_list/
    
26. http://news.softpedia.com/news/16-000-Finns-Affected-by-Data-Breach-232851.shtml
    
27. http://nakedsecurity.sophos.com/2011/11/08/anonymous-attacks-el-salvadoran-sites/
    
28. http://www.smh.com.au/business/privacy-of-millions-at-mercy-of-a-usb-device-20111107-1n3wm.html
    
29. http://thehackernews.com/2011/11/ump-french-political-party-got-hacked.html
    
30. http://www.cyberwarnews.info/2011/11/08/premierleaguepool-co-uk-accounts-dumped-by-sen/
    
31. http://www.cyberwarnews.info/2011/11/08/60k-accounts-dumped-from-ohmedia-by-teamswastika/
    
32. http://www.cyberwarnews.info/2011/11/08/dump-of-accounts-from-beachvolley-se/
    
33. http://www.cyberwarnews.info/2011/11/08/khadraglass-com-hacked-and-accounts-dumped-by-inj3ct0r/
34. http://www.cyberwarnews.info/2011/11/09/scamming-email-account-dumpers-are-surfacing-50k-french-accounts-dumped/
    
35. http://thehackernews.com/2011/11/possible-credit-card-theft-in-steam.html
    
36. http://www.fbi.gov/news/stories/2011/november/malware_110911/malware_110911
    
37. http://www.theregister.co.uk/2011/11/10/it_manager_charges/
    
38. http://thehackernews.com/2011/11/bangladesh-supreme-court-website-hacked.html
    
39. https://twitter.com/#!/igetroot/status/134865652543520768
    
40. http://thehackernews.com/2011/11/operation-brotherhood-shutdown-by.html
    
41. http://nakedsecurity.sophos.com/2011/11/14/ambulance-service-disrupted-by-computer-virus-infection/
    
42. http://www.cyberwarnews.info/2011/11/12/ucla-department-of-psychology-hacked-by-inj3ct0r/
    
43. http://www.ehackingnews.com/2011/11/social-network-site-findfriendzcom.html
    
44. http://www.cyberwarnews.info/2011/11/13/dump-of-information-by-inj3ct0r/
    
45. http://www.f-secure.com/weblog/archives/00002269.html
    
46. http://www.cyberwarnews.info/2011/11/14/dump-of-accounts-from-congress-of-sonora/
    
47. http://www.cyberwarnews.info/2011/11/14/2-more-government-dumps-by-metalsoft-team/
    
48. http://www.cyberwarnews.info/2011/11/14/another-big-dump-of-accounts-from-sec404-mexican-hackers/
    
49. http://www.cyberwarnews.info/2011/11/14/another-mexican-government-congress-hacked-canaldelcongreso-gob-mx/
    
50. http://www.cyberwarnews.info/2011/11/14/dump-of-data-from-another-mexican-congress-sinaloa-state-congress/
    
51. http://www.cyberwarnews.info/2011/11/14/ministry-of-economy-mexico-hacked-by-sec404/
    
52. http://www.cyberwarnews.info/2011/11/14/unit-of-transparency-and-access-to-public-information-website-hacked/
    
53. http://www.cyberwarnews.info/2011/11/14/national-commission-of-physical-culture-and-sport-hacked-and-accounts-leaked/
    
54. http://nakedsecurity.sophos.com/2011/11/14/hacked-sky-news-twitter-account-james-murdoch-arrested/
    
55. http://news.softpedia.com/news/Anonymous-Attacks-Anonymous-For-Being-Trolls-234949.shtml
    
56. http://nakedsecurity.sophos.com/2011/11/16/facebook-explains-pornographic-shock-spam-hints-at-browser-vulnerability/