Last Updated on January 23, 2016
This first half of July will be long remembered for the Infosec Professionals: undoubtedly the dramatic Hacking Team leak has characterized this fortnight and has written one of the most controversial pages of the Infosec Annals. Security researchers and activists are still digging into the trove of documents (and 0-days) siphoned from the Italian company, and this story, that is unveiling new details every day, is far from being completed.
This resounding attack has overshadowed any other event throughout this first half of July (with the exception of the final count of the victims of the OPM breach, which has reached a total of 21 million), however the list of the events in this two weeks also includes other remarkable breaches, such as the ones targeting Plex, the Epic Games Forum, Hemmakväll AB, a Swedish video store chain and, last but not least, the Trump Hotel Collection.
Turning the attention to hacktivism, the Anonymous kept on their battle against the Canadian Government over the controversial Anti-Terror C51 bill, whereas their Indian counterpart hacked the Telecom Giant BSNL.
If you also remember the attacks against against Apple, Facebook, Micrsoft and Twitter, occurred two years ago, you won’t be happy to know that the authors are back and got bigger, targeting at least 40 companies in different sectors. They were unmasked by several security vendors in contemporary, and for this reason classified with different names (Butterfly, Morpho, Wild Neutron or Jripbot).
Enjoy the timeline and, as usual, remember to keep the level of attention very high. In the same time if you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014 and now 2015 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
ID Date Author Target Description Attack Target
Country Link 1 01/07/2015 ? The Trump Hotel Collection The Trump Hotel Collection, a string of luxury hotel properties tied to business magnate Donald Trump, appears to be the latest victim of a credit card breach. PoS Malware Industry: Hospitality CC US http://krebsonsecurity.com/2015/07/banks-card-breach-at-trump-hotel-properties/ 2 01/07/2015 ? Vehicle Donation Processing Center Charitable car donors using the Vehicle Donation Processing Center learn their personal information was hacked Unknown Org: Charity CC US http://www.databreaches.net/charitable-car-donors-learn-their-personal-information-was-hacked/ 3 01/07/2015 several major worker's compensation insurers Confidential legal files An investigation reveals that several major worker's compensation insurers, hacked into thousands of confidential legal files to save money on judgments and settlements. Unknown Single Individuals CC US http://www.courthousenews.com/2015/07/01/major-workers-comp-insurers-hacked-legal-files-class-claims.htm 4 02/07/2015 savaka Plex A hacker called savaka hacks the Plex server hosting the forums and the blog. The attacker asks for a ransom of 9.5 BTC to avoid the leak of the data Unknown Industry: Software CC US http://lifehacker.com/plex-hacked-change-your-password-now-1715355825 5 02/07/2015 Monte Melkonian Cyber Army Several Azerbaijani sites Armenian hackers from Monte Melkonian Cyber Army hack into the official website of Azerbaijani customs (and other Azerbaijani sites), stealing highly confidential personal information of 5650 Azerbaijani citizens. Unknown Government CW AZ https://www.hackread.com/armenian-azerbaijani-cyberwar/ 6 02/07/2015 Anonymous Canadian Government Sites In name of #OpBillC51, the Anonymous hacks the Québec Parental Insurance Plan Centre (http://www.rqap.gouv.qc.ca), The Ministry of Labor, Employment and Social Solidarity (http://www.mess.gouv.qc.ca) and The National Review Commission website on employment insurance (http://www.cneae.gouv.qc.ca). Unknown Government H CA https://www.hackread.com/anonymous-breaches-canadian-government-servers/ 7 03/07/2015 AnonOpsIndia Bharat Sanchar Nigam Limited (BSNL) In name of OpIndia, AnonOpsindia, a group affiliated to the Anonymous collective hacks BSNL and claims to have siphoned the entire database, which has sensitive information of over 30 million users. Unknown Industry: Telco H IN http://betanews.com/2015/07/04/bsnl-india-hacked-anonymous/ 8 04/07/2015 ? New Jersey Online Casinos A hacker shuts down four New Jersey Internet gambling sites and threatens more
cyberattacks over unless a ransom in BTC is paid.
DDoS Industry: Gambling CC US http://abcnews.go.com/US/wireStory/hacker-attacks-gambling-websites-demands-bitcoin-ransom-32279133 9 05/07/2015 Phineas Fisher Hacking Team SrL Hacking Team, the Italian company behind the infamous surveillance software is hacked. The attacker, allegedly the same author behind the attack to Gamma International (another surveillance software) dumps approximately 400Gb of data. Unknown Industry: Software H IT http://www.csoonline.com/article/2943968/data-breach/hacking-team-hacked-attackers-claim-400gb-in-dumped-data.html 10 05/07/2015 Hufflepuff Primedice
Primedice, an online gaming/gambling site loses $1 million in bitcoin to an attacker who exploited its random number generation (RNG) system. Random Number Generator Vulnerability Online Gambling CC US https://www.hackread.com/gambling-site-hacked-bitcoin-stolen/ 11 06/07/2015 ? https://housing.com The realty portal housing.com is defaced, a week after his CEO is hacked. Defacement Online Services CC IN http://www.kashmirtimes.com/newsdet.aspx?q=42783 12 07/07/2015 ? Edinburgh CIty Council More than 13,000 email addresses have been stolen from Edinburgh city council's database following a "malicious cyber attack". Unknown Government CC UK http://www.bbc.co.uk/news/uk-scotland-edinburgh-east-fife-33425853 13 07/07/2015 DangerPro Pizza Hut Israel
A group of Bangladeshi hackers going with the handle of DangerPro defaces the contact us page of the official website of Pizza Hut Israel (contact.pizzahut.co.il). Defacement Industry: Restaurant H IL https://www.hackread.com/pizza-hut-israel-website-hacked/ 14 07/07/2015 Rubber AKA smitt3nz http://iChatLatino.com
Rubber AKA smitt3nz hacks three dating sites and dumps a total of nearly 100,000 plaintext users and passwords. SQLi Dating CC >1 http://siph0n.in/exploits.php?id=3901 15 07/07/2015 PH1K3 and z0x Hemmakväll AB
A couple of hackers dubbed PH1K3 and z0x hack Hemmakvälls.se (a Swedish video store chain) and dump the details of approximately 47,000 users. Unknown Industry: Retail CC SE http://www.dn.se/ekonomi/hemmakvall-hackat-50000-kunders-uppgifter-pa-vift/ 16 08/07/2015 Butterfly, Morpho, Wild Neutron, Jripbot >1 Several security companies report that the attackers that targeted Apple, Facebook, Microsoft, and Twitter two years ago in a series of high-profile hacks are back and got bigger. Targets include at least 40 companies in different sectors. The group is known as Butterfly, Morpho, Wild Neutron or Jripbot. >1 >1 CC >1 http://www.zdnet.com/article/the-group-that-attacked-apple-twitter-and-facebook-is-still-going/ 17 08/07/2015 ? Evans Hotels California-based Evans Hotels announces that malware was installed on computers at the front desks of its properties that could have compromised payment card data. PoS Malware Industry: Hospitality CC US http://www.scmagazine.com/evans-hotels-announces-payment-card-incident-involving-malware/article/425744/ 18 08/07/2015 The Cyber Army of the Khilafah Syrian Observatory for Human Rights
Purported supporters of the hardline Islamic State group deface the website of the Syrian Observatory for Human Rights. Defacement Org: Human Rights H SY http://news.yahoo.com/islamic-state-supporters-hack-website-syria-rights-watchdog-144857500.html 19 08/07/2015 Cyber Islamic State State Ministry for Euro-Atlantic Integration of Georgia
The Cyber Islamic State hackers deface the official website of “The State Ministry for Euro-Atlantic Integration of Georgia” (eu-nato.gov.ge). Defacement Government H GE https://www.hackread.com/isis-hackers-euro-atlantic-integration-nato-site/ 20 08/07/2015 ? Evans Hotels Evans Hotels, which owns and operates the Bahia Resort, Catamaran Resort and The Lodge at Torrey Pines announces that a security breach led to unauthorized charges on guests’ payments cards. PoS Malware Industry: Hospitality CC US http://fox5sandiego.com/2015/07/08/security-breach-at-local-hotels-led-to-unauthorized-charges-on-guests-cards/ 21 09/07/2015 ? German Missiles German-owned Patriot missiles stationed in Turkey are briefly taken over by hackers. Unknown Military CC DE http://www.thelocal.de/20150707/german-missiles-taken-over-by-hackers 22 09/07/2015 Cyber Islamic State Argonne National Laboratory
The Cyber Islamic State hackers deface a subdomain of Illinois-based Argonne National Laboratory owned and funded by the U.S. Department of Energy Office of Science. Defacement Government H US https://www.hackread.com/pro-isis-hackers-us-dept-of-energy/ 23 09/07/2015 ? Service Systems Associates Service Systems Associates, a company that serves gift shops and eateries at zoos and cultural centers across the United States, acknowledges a breach of its credit and debit card processing systems. PoS Malware Industry: Retail CC US http://krebsonsecurity.com/2015/07/credit-card-breach-at-a-zoo-near-you/ 24 09/07/2015 ? Charlotte Mckinney Unknown hackers hack the Charlotte Mckinney Instagram account and use it to post nude photos of the model. Account Hijacking Single Individual CC US http://www.techworm.net/2015/07/top-model-charlotte-mckinney-hacked-nude-photos-leaked-on-instagram-and-imgur.html 25 10/07/2015 ? Telegram (Messaging Platform) Popular messaging platform Telegram is hit with a 200Gbps distributed denial of service (DDoS) attack. Users in Asia, Australia, and Oceania are prevented from using the service. DDoS Organization: Software CC DE http://www.theregister.co.uk/2015/07/14/telegram_ddos/ 26 10/07/2015 Lizard Squad Daybreak Game Company LLC Daybreak Game Company is hit with a DDoS after its CEO threatens convicted Lizard Squad hacker Julius Kivimaki DDoS Industry: Video Games CC US http://www.forbes.com/sites/erikkain/2015/07/10/daybreak-games-hit-by-lizard-squad-after-ceo-threatens-hacker-surprising-absolutely-nobody/?ss=Security 27 10/07/2015 ? Walmart Canada (via PNI Digital Media) Walmart Canada investigates a potential breach of customer credit card data after one of its websites operated by a third party (www.walmartcanadaphotocentre.ca) was compromised. 60,000 customers could be affected. Unknown Industry: Retail CC CA http://www.theglobeandmail.com/report-on-business/walmart-looks-into-possible-credit-card-data-breach/article25422632/ 28 10/07/2015 AlfabetoVirtual http://comptroller.nyc.gov/ A Pro-Palestinian hacker going with the handle of AlfabetoVirtual defaces the official website of New York City’s Comptroller Mr. Scott M. Stringer (http://comptroller.nyc.gov). Defacement Government H US https://www.hackread.com/palestinian-hacker-new-york-comptroller-office/ 29 11/07/2015 Lov3rDns http://my.barackobama.com A Yemeni hacker going with the handle of “Lov3rDns” defaces the official social network domain of U.S president Barack Obama, used during his election campaign (my.barackobama.com). Defacement Org: Politics H US https://www.hackread.com/obama-election-social-network-hacked-yemen-hacker/ 30 11/07/2015 Teap0t http://gooffcampus.com A hacker dubbed Teap0t hacks ateworld.com and dumps 8,623 usernames and clear text passwords. SQLi Online Services CC US http://pastebin.com/1xLCahZH 31 12/07/2015 Unknown Syrian Hackers Israel Computer hackers likely working for the Syrian regime and Hezbollah have managed to penetrate the computers of Israeli and American activists working with the Syrian opposition, exposing sensitive contacts between the sides. Targeted Attack Government CE IL http://www.timesofisrael.com/computer-hack-reveals-identity-of-syrians-in-contact-with-israel/ 32 12/07/2015 Anonymous Vancouver Island Unknown hackers affiliated with the collective Anonymous release a string of emails that appear to show a conservation officer defending his decision to refuse to kill two black bear cubs on Vancouver Island. Unknown Government H CA http://www.cbc.ca/news/canada/british-columbia/anonymous-hackers-release-emails-ordering-bear-cubs-be-killed-1.3147003 33 12/07/2015 cybervor aka @cyberv0r Miami University cybervor aka @cyberv0r claims to have hacked the Miami University and dumps >200 usernames and hashed passwords. SQLi Education CC US http://pastebin.com/90TaSi2W 34 12/07/2015 ? Antrix Corporation Indian space agency ISRO’s commercial arm Antrix’s website is defaced. Suspects are directed to Chinese hackers. Defacement Industry: Aerospace H IN http://timesofindia.indiatimes.com/india/Website-of-Isros-commercial-arm-Antrix-hacked/articleshow/48041483.cms 35 12/07/2015 Anonymous WXXR 97.3 An Indiana radio station, WXXR 97.3, is apparently hacked, broadcasting a message from the Anonymous collective. Unknown Broadcast H US http://wivb.com/2015/07/13/indiana-radio-station-hacked-by-anonymous/ 36 13/07/2015 ? http://CareerBuilder.com Proofpoint threat researchers detect a clever email-based attack that combines phishing and social engineering techniques in order to trick users into opening a malicious document. In this attack, the actor browses open positions listed on CareerBuilder.com Targeted Attack >1 CC >1 https://www.proofpoint.com/threat-insight/post/Foot-in-the-Door 37 13/07/2015 ? Chris Foome Team Sky are consulting their lawyers following what they believe to be the potential hacking of Chris Froome's training data files in order to suggest he may be using performance enhancing drugs during Tour De France. Unknown Single Individual CC UK http://www.telegraph.co.uk/sport/othersports/cycling/tour-de-france/11737387/Tour-de-France-2015-Chris-Froomes-ride-for-glory-under-threat-in-data-spying-storm.html 38 13/07/2015 AnonGhost Malaysian Police Facebook and Twitter Pages The AnonGhost collective takes over the Facebook and Twitter Accounts of the Malaysian Police and floods the feed with pro-ISIS messages. Account Hijacking Law Enforcement H MY https://www.hackread.com/isis-hackers-malaysia-police-facebook-twitter-hack/ 39 13/07/2015 austinsimon864 http://cloudminr.io Cloud mininig service cloudminr.io is hacked. The attacker offers to sell the entire database (about 80,000 users) for 1 BTC (approx. 276 USD) Unknown Bitcoin Mining CC NO https://www.cryptocoinsnews.com/cloudminr-io-hacked-user-database-put-up-for-sale/ 40 13/07/2015 Teap0t http://ateworld.com A hacker dubbed Teap0t hacks ateworld.com and dumps 8,623 usernames and clear text passwords. SQLi News CC US http://pastebin.com/3er0NJWH 41 13/07/2015 ? Envato Envato, the network of marketplaces is under a two week lasting DDoS attack. DDoS Industry: Internet CC AU http://inside.envato.com/denial-of-service-attacks-on-envato/ 42 13/07/2015 ? Voat Voat, the news aggregator, is taken down by a DDoS attack. DDoS Social Network CC CH http://www.techworm.net/2015/07/ddos-attack-knocks-reddits-alternative-voat-offline.html 43 13/07/2015 ? Insurance Services Office New Jersey-based Insurance Services Office (ISO) notifies an undisclosed number of consumers of an unauthorized access to the database. Unknown Industry: Health Insurance CC US http://www.databreaches.net/insurance-services-office-database-breached-insurance-data-accessed/ 44 14/07/2015 ? https://forum.epicgames.com Epic, the well known developer of videogames, notifies the users of its forum (forum.epicgames.com) of an authorized access to their personal data (username, password, email and date of birth) Unknown Industry: Video Games CC US http://www.hotforsecurity.com/blog/epic-games-forum-hacked-change-your-online-passwords-an-beware-of-phishing-12283.html