Last Updated on November 17, 2011
Update 12/01/2011: November Cyber Attacks Timeline (Part II)
This first half of November has been very hard for Steam. The Valve Online Gaming Platform suffered a security breach putting at risk a potential sample of 37 million of users and hence wins the crown for the Major Breach of the First Half of November.
Also a sportswear giant like Adidas fell among the victims of cybercriminals, with a “sophisticated attack” targeting 500,000 users.
This month was also hot for the Cold Finland which has suffered two security breaches involving more than 30,000 users (a third breach also happened on November, the 16th, affecting 16,000 users but of course will be reported in the next report).
Two other CAs (KPN and Digicert Sdn Bhd Malaysia, not to be confused with Digicert US-based CA) were compromised. Also F-secure discovered a sample of malware signed with a valid certificate stolen from a Malasyan company.
On a larger scale, after 2 years of hunt, FBI uncovered a huge Botnet in Estonia, which stole $14 million from 4 million users worldwide, while on the other side of the Globe, Brazilian ISPS were targeted by a massive DNS Poisoning attack.
Not even Facebook was safe this month, whose (too) many users were targeted with a malware posting pornographic images on their wall exploiting an Internet Explorer Vulnerability.
As far as hactivism is concerned, the political events in the real world had a predictable echo in the Cyber space, with an attack to Palestine the day after the nation was admitted as a full member of UNESCO.
As a retaliation, some Israeli Government web sites were targeted with a wave of DDoS attacks by the infamous Anonymous hacking group. In any case the Anonymous were active also in other Cyberwar fronts acting a couple of defacements and DDoS (in one case they targeted the Muslim Brotherhood) and were also the authors to one of the two attacks in Finland (the one towards a right-wind party).
A group of Hackers called TeaMp0isoN claimed to have hacked more than 150 Email Id’s of International Foreign Governments even if this statement is controversial.
What is not controversial is the Cyberwar declared against Mexico which was targeted, in November, by a massive waves of Cyber Attacks.
Besides these noticeable events, the month was characterized by many other minor attacks and dumps among which, particularly noticeable are: the attacks to a couple of banks (DDoS and defacements) and Universities (UCLA and Standford hit by data breaches), and the Fox Business Twitter Account Hacking (Oops they did it again!).
The month ends with the first example of malware targeting ambulance.
Please notice that I decided henceforth not to insert attacks targeting a limited amount of users and most of all, claimed without clear evidence: in this month I discovered a claimed fake attack to Italian Police announced recycling old data.
- http://www.guardian.co.uk/world/2011/nov/01/palestinians-hit-cyber-attack-unesco
- http://www.cyberwarnews.info/2011/11/02/dump-of-steam-accounts/
- http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the_nitro_attacks.pdf
- http://thehackernews.com/2011/11/fraud-communities-owned-and-exposed-by.html
- http://www.cyberwarnews.info/2011/11/03/opdarknet-official-and-last-release/
- http://www.cyberwarnews.info/2011/11/03/accounts-dumped-from-hiphopinstrumental-net/
- http://www.cyberwarnews.info/2011/11/03/peru-government-websites-defaced-by-challenges-hackers/
- http://nakedsecurity.sophos.com/2011/11/03/another-certificate-authority-issues-dangerous-certficates/
- http://www.cyberwarnews.info/2011/11/04/bayareaconnection-net-defaced/
- http://www.cyberwarnews.info/2011/11/04/yet-another-pointless-account-dump-hundreds-dumped-from-www-jjs2-com/
- http://threatpost.com/en_us/blogs/another-dutch-ca-kpn-stops-issuing-certificates-after-finding-ddos-tool-server-110411
- http://thehackernews.com/2011/11/capitalone-bank-taken-down-by-anonymous.html
- http://www.networkworld.com/news/2011/110411-hacker-selling-access-to-compromised-252771.html?source=nww_rss
- http://www.phiprivacy.net/?p=8227
- http://thehackernews.com/2011/11/anonymous-attack-on-israeli-government.html
- http://www.itworld.com/security/222033/fake-threat-against-facebook-dwarfs-anonymous-real-attacks-israel-finland-portugal
- http://pplware.sapo.pt/informacao/site-freeport-pt-foi-atacado-entre-outros/
- http://www.databreaches.net/?p=21359
- http://www.itworld.com/security/222033/fake-threat-against-facebook-dwarfs-anonymous-real-attacks-israel-finland-portugal
- http://www.yomiuri.co.jp/dy/national/T111105002386.htm
- http://www.cyberwarnews.info/2011/11/08/massive-amount-of-accounts-dumped-from-adidas-com/
- http://www.theregister.co.uk/2011/11/07/adidas_hack_attack/
- http://www.cyberwarnews.info/2011/11/08/massive-amount-of-accounts-dumped-from-adidas-com/
- http://thehackernews.com/2011/11/international-foreign-government-e.html
- http://www.theregister.co.uk/2011/11/09/teamp0ison_publishes_stupid_password_list/
- http://news.softpedia.com/news/16-000-Finns-Affected-by-Data-Breach-232851.shtml
- http://nakedsecurity.sophos.com/2011/11/08/anonymous-attacks-el-salvadoran-sites/
- http://www.smh.com.au/business/privacy-of-millions-at-mercy-of-a-usb-device-20111107-1n3wm.html
- http://thehackernews.com/2011/11/ump-french-political-party-got-hacked.html
- http://www.cyberwarnews.info/2011/11/08/premierleaguepool-co-uk-accounts-dumped-by-sen/
- http://www.cyberwarnews.info/2011/11/08/60k-accounts-dumped-from-ohmedia-by-teamswastika/
- http://www.cyberwarnews.info/2011/11/08/dump-of-accounts-from-beachvolley-se/
- http://www.cyberwarnews.info/2011/11/08/khadraglass-com-hacked-and-accounts-dumped-by-inj3ct0r/
- http://www.cyberwarnews.info/2011/11/09/scamming-email-account-dumpers-are-surfacing-50k-french-accounts-dumped/
- http://thehackernews.com/2011/11/possible-credit-card-theft-in-steam.html
- http://www.fbi.gov/news/stories/2011/november/malware_110911/malware_110911
- http://www.theregister.co.uk/2011/11/10/it_manager_charges/
- http://thehackernews.com/2011/11/bangladesh-supreme-court-website-hacked.html
- https://twitter.com/#!/igetroot/status/134865652543520768
- http://thehackernews.com/2011/11/operation-brotherhood-shutdown-by.html
- http://nakedsecurity.sophos.com/2011/11/14/ambulance-service-disrupted-by-computer-virus-infection/
- http://www.cyberwarnews.info/2011/11/12/ucla-department-of-psychology-hacked-by-inj3ct0r/
- http://www.ehackingnews.com/2011/11/social-network-site-findfriendzcom.html
- http://www.cyberwarnews.info/2011/11/13/dump-of-information-by-inj3ct0r/
- http://www.f-secure.com/weblog/archives/00002269.html
- http://www.cyberwarnews.info/2011/11/14/dump-of-accounts-from-congress-of-sonora/
- http://www.cyberwarnews.info/2011/11/14/2-more-government-dumps-by-metalsoft-team/
- http://www.cyberwarnews.info/2011/11/14/another-big-dump-of-accounts-from-sec404-mexican-hackers/
- http://www.cyberwarnews.info/2011/11/14/another-mexican-government-congress-hacked-canaldelcongreso-gob-mx/
- http://www.cyberwarnews.info/2011/11/14/dump-of-data-from-another-mexican-congress-sinaloa-state-congress/
- http://www.cyberwarnews.info/2011/11/14/ministry-of-economy-mexico-hacked-by-sec404/
- http://www.cyberwarnews.info/2011/11/14/unit-of-transparency-and-access-to-public-information-website-hacked/
- http://www.cyberwarnews.info/2011/11/14/national-commission-of-physical-culture-and-sport-hacked-and-accounts-leaked/
- http://nakedsecurity.sophos.com/2011/11/14/hacked-sky-news-twitter-account-james-murdoch-arrested/
- http://news.softpedia.com/news/Anonymous-Attacks-Anonymous-For-Being-Trolls-234949.shtml
- http://nakedsecurity.sophos.com/2011/11/16/facebook-explains-pornographic-shock-spam-hints-at-browser-vulnerability/
Pingback: December 2011 Cyber Attacks Timeline (Part I) « Il Blog di Paolo Passeri
Pingback: November 2011 Cyber Attacks Timeline (Part II) « Il Blog di Paolo Passeri
Pingback: Is your identity, your data safe on line, this report will not help you feel more comfortable « World Disaster Report
You are right, I have just modified the text and posted an update!
Just to clarify, the Digicert referenced in the article is Digicert Sdn Bhd (Malaysia), which has no affiliation with the root CA DigiCert, Inc. (US-based, nearly 50,000 customers worldwide). Looks like you got that on the graphic, just wanted to clarify for the text.