Views: 7,833
Last Updated on March 21, 2016
I know I was quite late with the timelines in the last period: I am trying to catch up as quickly as I can, and now it’s time to publish the second Cyber Attacks Timeline of February (first part here ).
So it turned out that not even the Linux Distributions are immune from hackers: Linux Mint , the most popular flavor of the Open Source OS was the most important target of this fortnight: not only the forum has been hacked (and the details of 70,000 users leaked), but also the website was compromised to redirect the users to download a modified ISO with an embedded backdoor.
Another particularly devastating event (which curiously did not find too mach space in the media) hit Media1.com, a dating site, whose 27 million accounts were allegedly stolen and sold.
The Hacktivists were also quite active, especially in Italy where the Anonymous released 120,000 records from a local provider. Moreover this month has seen the comeback of the infamous collective TeaMp0isoN (or at least someone else using that name as at least two members have been possibly arrested ).
Last but not least, a complex long-lasting cyber espionage operation against Japan has been revealed (Operation Dust Storm ), and the US Secretary of Defense has admitted once and for all, that a cyber-offensive is currently ongoing to “interrupt [and] disrupt ISIL’s command and control”.
If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 , 2012 , 2013 , 2014, 2015 and, in a bit, 2016 (regularly updated). You may also want to have a look at the Cyber Attack Statistics that are regularly published, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
Additionally, if you want, you can access the timeline in Google Sheet format:
ID
Date
Author
Target
Description
Attack
Target Class
Attack Class
Country
1
16/02/2016
?
Spotify
Hundreds of Spotify Premium account details are compromised and leaked online by an unknown hacker. A number of separate data dumps containing email addresses, passwords, account types and renewal dates appear online.
Brute Force?
Industry: Music Streaming
CC
RU
2
16/02/2016
?
Kankakee Valley REMC
Kankakee Valley REMC falls victim to a possible breach, due to the access of a storage device on the cooperative’s network from a foreign IP.`
Unknown
Industry: Utility
CC
US
3
16/02/2016
?
4,000 confidential records of police officers, lawyers and judges
About 4,000 confidential records, the purported home addresses of police officers, lawyers, and judges, are published on the website PBSOTalk.com.
Unknown
Law Enforcement
CC
US
4
16/02/2016
Team Fursec
differencegames.com
Team Fursec hack differencegames.com and dump 16,589 usernames and hashed passwords.
Unknown
Online Games
CC
US
5
17/02/2016
Bravewanderer
techfactory.net
Bravewanderer hacks techfactory.net and dumps 15,601 usernames and clear text passwords.
Unknown
Industry: E-Commerce
CC
US
6
17/02/2016
Bravewanderer
bfsihiring.com
Bravewanderer hacks bfsihiring.com and dumps 24,317 usernames and clear text passwords.
Unknown
Industry: Recruiting
CC
IN
7
18/02/2016
Peace
Linux Mint Forum
A hacker called Peace claims to have stolen the entire database of the Linux Mint Forum (70,000 users).
Unknown
Org: Software
CC
N/A
8
19/02/2016
Qadmon (or Kadimon)
Israel’s CCTV Systems
Qadmon (or Kadimon), one of Hezbollah’s hacking units reveals it managed to breach many of Israel’s CCTV systems, having had access to camera feeds from various government buildings.
Targeted Attack
Government
CE
IL
9
19/02/2016
?
Bohemia Interactive
Bohemia Interactive announces a potential security breach of the Mantis Feedback Tracker systems, used to collect feedback and bug reports for the games Arma 3 and DayZ.
Unknown
Industry: Video Games
CC
CZ
10
20/02/2016
Peace
Linux Mint Distribution
Clem Lefebvre, the creator of the Linux Mint Distribution reveals that an intrusion on the distribution’s web site took place, in which hackers made a modified Linux Mint ISO, with a backdoor in it, and managed to hack the website to point to it. THe attackers are also able to breach the forum database.
Malicious PHP Script
Org: Software
CC
N/A
11
22/02/2016
?
York Hospital
York Hospital reports a breach of 1,483 employees’ identifying information.
Unknown
Healthcare
CC
US
12
22/02/2016
Anonymous
Websites of Italian Regions Apulia and Basilicata
In name of #OpGreenRights, the Italian branch of the Anonymous collective takes down the websites on local authorities of Apulia and Basilicata for participating in the Trans Adriatic Pipeline (TAP) project.
DDoS
Government
H
IT
13
22/02/2016
Anonymous
Centre d’Identification des Materiels de la Defense
As a form of protest against French Arms Trade the Anonymous hack into one of the Web portals managed by France’s Ministry of Defense (outils.cimd.interarmees.defense.gouv.fr).
Unknown
Government
H
FR
14
22/02/2016
Anonymous
Cincinnati Police Department
Members of Anon Verdict, a sub-division of the Anonymous hacker collective, leak the details for 52 officers and employees of the Cincinnati Police Department. The Police Department questions the validity of the hack.
Unknown
Law Enforcement
H
US
15
24/02/2016
?
Japanese companies in electric utilities, oil and gas, finance, transportation and construction.
Cylance reveals the details of Operation Dust Storm, a multi-year, multi-attack campaign against the Japanese critical infrastructure, carried on by a well-funded threat group, likely associated with a nation/state, targeting Japanese companies in electric utilities, oil and gas, finance, transportation and construction.
Targeted Attack
>1
CE
JP
16
24/02/2016
?
Steven Petrow
Steven Petrow, a USA Today journalist, reveals to have been hacked during a flight.
Account Hijacking
Single Individual
CC
US
17
24/02/2016
TeaMp0isoN AKA @TeaMp0sioN
unwto.org United Nations World Tourism Organization
Members of the TeaMp0isoN hacking crew hack into the United Nations World Tourism Organization and dump 1524 records with forum member usernames, email addresses, and MD5-hashed passwords.
SQLi
Org: United Nations
H
N/A
18
25/02/2016
?
Coast Central Credit Union
The website of Coast Central Credit Union, a financial institution that serves more than 60,000 customers, is hacked, allowing attackers to implant a backdoor.
Backdoor via Joomla plugin vulnerability
Finance
CC
US
19
25/02/2016
?
RubberStamps.net
RubberStamps.net notifies about 7,000 customers that its web site was compromised
Unknown
Industry: Stamps
CC
US
20
25/02/2016
?
incipio.com
Incipio, LLC notifies an unspecified number of customers that malware compromised orders placed online.
Malware
Industry: E-Commerce
CC
US
21
26/02/2016
?
University of California Berkeley
The University of California, Berkeley, admits to have been hit by a second data breach which may have exposed the data of 80,000 people to misuse.
Unknown
Education
CC
US
22
26/02/2016
?
Pickens County School District
The Pickens County School District is flooded by a DDoS attack
DDoS
Education
CC
US
23
26/02/2016
TheFamily
duelyst.com
TheFamily hacks duelyst.com and dumps 13,732 usernames and hashed passwords.
Unknown
Online Games
CC
US
24
27/02/2016
Truthsec
Miami Police Officer
TruthSec, one of the smaller hacking crews that claim to be part of Anonymous, responds to a Miami police officer who doxed an innocent woman, by releasing his private information.
Unknown
Law Enforcement
H
US
25
27/02/2016
China
Norway
General Lt. Morten Haga Lunde, head of the Norwegian Intelligence Service E-tjenesten (Etterretningstjenesten) makes official statements accusing the Chinese government of launching cyber-attacks against his country.
Targeted Attack
Government
CE
NO
26
27/02/2016
LulzSec Italia
primodominio.it
LulzSec Italia hacks primodominio.it and dumps 126,422 usernames and passwords.
Unknown
Industry: Web Hosting
H
IT
27
28/02/2016
?
Snapchat
Snapchat executives reveal in a blog post that the payroll data of some current and former employees was exposed as the result of a scam e-mail (allegedly sent by the company CEO Evan Spiegel) received by a human resources employee.
Account Hijacking
Industry: Software
CC
US
28
28/02/2016
TeaMp0isoN AKA @TeaMp0sioN
mss.twcbc.com Time Warner Cable Business Class Managed Security Solutions portal
Members of the TeaMp0isoN hacking crew hack into the Time Warner Cable (TWC) Business Class website, steal its database and dump online 4,191 records containing IDs, usernames, email addresses, and encrypted passwords.
SQLi
Industry: Telco
CC
US
29
28/02/2016
Cyber Caliphate
Solar UK Ltd
Hackers from Cyber Caliphate supporting the Islamic State group deface Solar UK Ltd. a small solar energy company, in revenge for a drone strike which killed Junaid Hussain.
Defacement
Industry: Solar Panel
H
UK
30
29/02/2016
US Military
ISIL
THe US Secretary of Defense Ash Carter reveals that the US military is currently waging a cyber-offensive to “interrupt [and] disrupt ISIL’s command and control, to cause them to lose confidence in their networks, to overload their network so that they can’t function…”
Unknown
Org: Terrorism
CW
N/A
31
29/02/2016
?
Israeli Banks’ Customers
Kaspersky Lab reveal the details of ATMZombie, a sophisticated trojan targeting Israeli customers, characterized by the ability to exploit a loophole in one of the bank’s online features; and later by physically withdrawing money from the ATM,
Malware
Finance
CC
IL
32
29/02/2016
?
Mate1.com
A hacker on the dark web forum Hell claims to have sold the email addresses and plaintext passwords of over 27 million users of dating site Mate1.com.
SQLi
Dating
CC
CA
Like this: Like Loading...