Date Author Target Description Attack Target

Category Attack

Category

Aug 1 ?

A severe DDoS attack lasting since more than one week brings down Demonoid, one of the most famous BitTorrent trackers. The attack started on July the 27

th, and apparently

it is still in place.1

DDoS Torrent Tracker Cyber Crime

Aug 1

The first Australian Website hacked for this month by #DoktorBass for #OpAustralia. The target is gclounge.com.au, a dating site, and the records leaked are approximately 500.

2

SQLi Dating Cyber Crime

Aug 1

In name of #OpGreenRights, the Anonymous dump some portion of a database which belongs to Siemens. Apparently the dump does not contain sensitive information.

3

SQLi Industry:

Technology Cyber Crime

Aug 1

A hacker called JM511 hacks UAM (uam.mx), Universidad Autónoma Metropolitana and dumps 213 email addresses with 18 names, user names and passwords.

4

SQLi Education Cyber Crime

Aug 2

A newly formed hacker collective called L0lz Security (L0lzSec) claims to have gained access to the databases of Pearl.fr, a French e-commerce website that sells a wide variety of products. The hackers have allegedly obtained 729,000 accounts, along with over 1 million bank transaction details.

5

SQLi E-Commerce Cyber Crime

Aug 2 ?

A computer security breach at the Environmental Protection Agency exposes the Social Security numbers and banking information of nearly 8,000 people, most of them current employees, the EPA confirmed.

6

Unknown Government Cyber Crime

Aug 2

Another Australian based website breached with 900 accounts leaked. The website belongs to the Australian Fishing trade association (afta.net.au).

7

SQLi Organization:

Trade Hacktivism

Aug 2 Rogue MLB

Employee

The Facebook pages of San Francisco Giants, Chicago Cubs, New York Yankees, Washington Nationals, San Diego Padres, Miami Marlins, Atlanta Braves, Los Angeles Angels of Anaheim, and Chicago White Sox are taken over by an unknown hacker, posting fake news.

8

Account Hijacking

Sport Cyber Crime

Aug 3

Thomson Reuters confirms the Reuters News blogging platform was hacked and that a false interview with a Syrian rebel leader was posted. The Reuters blogging website has been taken down to fix the problem.

Although no hacker

collective has taken credit for the breach, the main suspect in this case is the Syrian Electronic Army.

9

Wordpress Vulnerability

News Hacktivism

Aug 3

Phobia And

Mat Honan’s entire digital life is destroyed in the space of one hour by two hackers (Phobia and Clan VV3). First his Google account is taken over, then deleted. Next his Twitter account is compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, his AppleID account is broken into, and hackers used it to remotely erase all of the data on his iPhone, iPad, and MacBook.

10

Social Engineering

News Cyber Crime

Aug 4

After the Reuters blogging platform, the ReutersTech Twitter account is hacked on Sunday. The two events appear to be related; in both cases, fake news was posted in relation to the currently ongoing Syrian Civil War. The ReutersTech account was hijacked and renamed to ReutersME (ME stands for Middle East).

11

Account Hijacking

News Hacktivism

Aug 4

Gizmodo's Twitter account is hacked through former employee Mat Honan’s Twitter account, which has been hacked first.

12

Social Engineering

News Cyber Crime

Aug 4

JM511 hacks nnottscamra.co.uk, (the website dedicated to the campaign for Real Ale) and dumps 135 records containing usernames. Email addresses and phone numbers.

13

SQLi Organization:

Other Cyber Crime

Aug 6

In name of Operation India, the personal website of Kapil Sibal (kapilsibalmp.com), India’s Minister of Human Resource Development and Minister of Communications and Information Technology, is breached by Anonymous, who publish a number of screenshots on the social media website Facebook to demonstrate that they gained access to the site’s backend.

14

Unknown Organization:

Political Hacktivism

Aug 6 ?

PBBans, the community of server admins dedicated to fight cheaters is the target of a massive distributed denial-of-service.

15

DDoS Online Services Cyber Crime

Aug 6

Anonymous hacks the Indiana Lake City Police Association (lakecountysheriff.com) and dumps 152 records with Emails and Street Addresses.

16

SQLi Law

Enforcement Hacktivism

Aug 7

The online activist group “Anonymous” shuts down three government websites in retaliation for last week’s government shutdown of the popular Ukrainian torrent tracker Demonoid where users share pirated videos. List of targets include:

17

Ukrainian Anti-Piracy Association (apo.kiev.ua);

Ukrainian Agency for Copyright and Related Rights (uacrr.kiev.ua);

The National Television and Radio Broadcasting Council of Ukraine (nrada.gov.ua)

DDoS Organization:

Copyright Hacktivism

DDoS Organization:

Copyright Hacktivism

DDoS News Hacktivism

Aug 7

WikiLeaks is under a sustained large scale DDoS attacks since August 3. The attack is claimed by a group called @AntiLeaks.

18

DDoS Organization:

Activism Hacktivism

Aug 7 AYYILDIZIIM-Gen~Reis

Haines City's government website (ci.haines-city.fl.us) is hacked and taken down. A group calling itself AYYILDIZIIM-Gen~Reis claims the credit for the hacking that redirected visitors to its website, which a Turkish gaming site.

19

Unknown Government Cyber Crime

Aug 8 ?

On the wake of the attack against Wikileaks, also cabledrum.net, the search engine for cablegate files is the target of a sustained DDoS attack.

20

DDoS Organization:

Activism Hacktivism

Aug 8

@_ignit3 from

Another attack in the name of #OpAustralia. In this round the target is the Australian Institute of Business Brokers website (aibb.org.au), that is hacked and has a leak of data posted online. The leak contains usernames and encrypted passwords of over 250 people from the websites database.

21 In any case AIBB denies the claim.

22

SQLi Organization:

Industry Hacktivism

Aug 8 Remember

Emad

An Arab hacking group called "Remember Emad" claims to have taken control of an Israeli server belonging to WebGate, an Israeli ISP. The group published lists of passwords for Facebook pages, credit card numbers and email addresses belonging to Israelis.

23

Unknown ISP Cyber

Warfare

Aug 8

Operation Australia continues, and as part of the operation hackers take down with a DDoS attack two important high profile sites:

24

Department Of Defense Intelligence and Security: (dsd.gov.au);

Australian Security Intelligence Organisation (asio.gov.au).

DDoS Law

Enforcement Hacktivism

DDoS Law

Enforcement Hacktivism

Aug 9 ?

Researchers from Kaspersky Lab release the details on Gauss, a dangerous banking malware which is believed to be state-sponsored, and has been deployed in August- September 2011. It is derived from the Stuxnet Platform and is capable of stealing sensitive information from infected Windows computers. List of targets include: Lebanon, Israel, Palestinian Authority, etc.

25

APT Finance Cyber

Espionage

Aug 9 ?

Blizzard Entertainment, the maker of both World of Warcraft and the Diablo series of games, says that its internal security network had been breached. The target is Battle.net, the company's proprietary online gaming service for connecting players in its games. The company said that email addresses and other information for all Battle.net players outside China were taken, along with scrambled passwords. While Blizzard said it would be very challenging for the hackers to actually access any accounts or obtain financial information, the company still recommended that its members change their passwords just to be safe.

26

Millions of users could potentially be affected

? Online Gaming Cyber Crime

Aug 9 ?

Two Nepalese government websites, the National Information Technology Center (NITC) and the Office of the Prime Minister and Council Minister (nitc.gov.np and opmcm.gov.np respectively), have been compromised and injected with malicious code. The aim of this injection is to install, through successfully exploiting a Java weakness, a backdoor that is also dubbed "Zegost" on the systems of visitors to these websites.

27

RAT Government Cyber

Espionage

Aug 9

OpDemonoid continues. The list of the targets increases and involves:

28

The Ukrainian Ministry of Defense (mil.gov.ua);

The Vinnitsa region (dai.vn.ua);

The Cabinet of Ministers;

The Foreign Intelligence Service of Ukraine (fisu.gov.ua),

The Svalyava district (svalyava-vlada.gov.ua).

DDoS Military Hacktivism

DDoS Government Hacktivism

DDoS Government Hacktivism

DDoS Government Hacktivism

DDoS Government Hacktivism

Aug 9 ?

Another example of hackers targeting road signs: Hackers reprogrammed a computerized road sign in Utah and made it flash a homophobic phrase: “GOD HATES GAYS.”

29

Unknown Industry:

Transportation Cyber Crime

Aug 12 Hitcher

The hacker known as Hitcher hacks the HP Training Center (hptrainingcenter.com) and defaces it in name of OpFreePalestine.

30

Defacement Industry:

Technology Hacktivism

Aug 13 ?

Another torrent site, scanbits.org, has fallen victim to hackers who have obtained access to its database and grabbed a copy of it totaling over 300mb. Along with the dump 9000+ user accounts are dumped with full account information, emails, encrypted passwords and more.

31

SQLi Torrent Tracker Cyber Crime

Aug 13 V0dka

The National Council of Investigation and Security (nciss.org) is hacked by v0dka, who defaces the website and dumps 253 email accounts with their full names.

32

SQLi Law

Enforcement Cyber Crime

Aug 14

Anonymous Hackers team up with a collective known as The Elite Society and a hacker called @DramaSett3r and breach several government websites in Uganda. Targets include:

The Prime Minister Website (opm.go.ug);

Uganda law society (uls.or.ug);

Ugandan National TV (nTV.co.ug)

The country’s Justice Law and Order Society (jlos.go.ug)

The sites are defaced in support of Ugandan Lesbian, Gay, Bisexual, Transgender and Intersex (LGBTI) rights.

33

Defacement Government Hacktivism

Defacement Organization:

Law Hacktivism

Defacement Government Hacktivism

Defacement Government Hacktivism

Aug 14 ? The popular Russian BitTorrent website RUTracker.org is breached and defaced by an unknown group of hackers.

34

Unknown Torrent Tracker Cyber Crime

Aug 14 ? Major

International Airport

Trusteer announces to have discovered a sophisticated Man in the Browser (MitB) enterprise attack targeting VPN users at a major international airport hub. Using the Citadel Trojan, criminals target employees to steal their credentials for accessing internal airport applications.

35

MitB Industry:

Transportation Cyber Crime

Aug 15 ?

AT&T is the victim of a distributed denial-of-service attack aimed at its DNS (Domain Name System) infrastructure and capable to disrupt data traffic for some of the company's customers.

36

DDoS TELCO Cyber Crime

Aug 15 ?

For the second time in two weeks, the blogging platform of the Reuters News website is hacked and a false posting saying Saudi Arabia's Foreign Minister Prince Saud al-Faisal had died is illegally posted on a Reuters journalist's blog.

37

Unknown News Cyber Crime

Aug 15 ?

The Saudi Oil Company Saudi Aramco is the victim of a sophisticated Cyber Attack. The company declares that “production has not been affected” and even if the virus affected some computers, it did not penetrate key components of the network, even if the impacts seem different.

38 Few hours later, more detail appear about

Shamoon, what appears to be the latest huge-scale cyber attack in Middle East.

39

Shamoon Malware

Industry: Oil Cyber

Espionage

1 http://torrentfreak.com/demonoid-to-suffer-prolonged-downtime-after-ddos-attack-120727/ 2 http://datalossdb.org/incidents/7202-506-email-addresses-and-passwords-dumped-on-the-internet 3 http://ozdc.net/archives.php?aid=2870 4 http://datalossdb.org/incidents/7182-213-email-addresses-with-18-names-user-names-and-passwords-dumped-on-the-internet 5 http://news.softpedia.com/news/Pearl-fr-Hacked-by-L0lzSec-700-000-Accounts-Possibly-Compromised-284722.shtml 6 http://www.bizjournals.com/washington/news/2012/08/02/epa-security-breach-exposes-personal.html 7 http://www.cyberwarnews.info/2012/08/02/australian-fishing-trade-association-afta-hacked-900-accounts-leaked-by-doktorbass/ 8 http://deadspin.com/5931360/new-york-yankees-facebook-page-announces-derek-jeter-to-miss-rest-of-season-due-to-sex-change 9 http://www.theatlanticwire.com/technology/2012/08/reuters-blogs-hacked-fake-story-about-syrian-rebels/55394/# 10 www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/ 11 http://news.cnet.com/8301-1023_3-57486971-93/reuters-twitter-account-hijacked-fake-tweets-sent/ 12 http://www.zdnet.com/gizmodos-twitter-account-hacked-7000002130/ 13 http://ozdc.net/archives.php?aid=2869 14 http://news.softpedia.com/news/Site-of-India-s-Minister-of-Communications-and-IT-Hacked-by-Anonymous-285097.shtml 15 http://news.softpedia.com/news/PBBans-Relocates-Servers-After-Being-Hit-by-DDOS-Attack-285353.shtml 16 http://ozdc.net/archives.php?aid=2872 17 http://www.kyivpost.com/content/ukraine/anonymous-attacks-ukrainian-government-websites-and-threatens-with-further-action-311234.html 18 http://news.softpedia.com/news/WikiLeaks-Taken-Down-by-DDOS-Attack-AntiLeaks-Takes-Credit-285771.shtml 19 http://www.newschief.com/article/20120807/NEWS/208075028/-1/opinion?Title=Website-hacked-staff-working-to-get-it-back-up&tc=ar 20 https://twitter.com/Cabledrummer/status/233030298240155649 21 http://www.cyberwarnews.info/2012/08/08/australian-institute-of-business-brokers-hacked-for-opaustralia/ 22 http://www.computerworld.com.au/article/433131/australian_institute_business_brokers_denies_anonymous_password_breach/ 23 http://www.israelhayom.com/site/newsletter_article.php?id=5349 24 http://www.cyberwarnews.info/2012/08/08/dsd-asio-websites-attacked-by-anonymous-for-opaustralia/ 25 http://www.securelist.com/en/blog/208193767/Gauss_Nation_state_cyber_surveillance_meets_banking_Trojan 26 http://news.yahoo.com/blogs/technology-blog/blizzard-battle-net-gets-hacked-says-members-change-220027322.html 27 http://community.websense.com/blogs/securitylabs/archive/2012/08/08/nepalese-government-websites-compromised-to-serve-zegost-backdoor.aspx 28 http://news.softpedia.com/news/OpDemonoid-Ukrainian-Ministry-of-Defense-Site-Taken-Down-by-Anonymous-285933.shtml 29 http://rt.com/usa/news/utah-road-hackers-sign-389/ 30 http://news.softpedia.com/news/HP-Training-Center-Defaced-by-Hitcher-in-Protest-Against-Israel-286278.shtmlx 31 http://www.cyberwarnews.info/2012/08/13/torrent-site-scanbits-org-hacked-9000-accounts-leaked/ 32 http://cylaw.info/?p=1087 33 http://www.cyberwarnews.info/2012/08/15/uganda-government-under-attack-by-anonymous-for-anti-lgbt/ 34 http://news.softpedia.com/news/RUTracker-Hacked-Displays-Domain-Seized-by-ICE-Message-286486.shtml 35 http://www.trusteer.com/blog/citadel-trojan-targets-airport-employees-with-vpn-attack

36 http://www.pcworld.com/businesscenter/article/260940/atandt_hit_by_ddos_attack_suffers_dns_outage.html 37 http://www.reuters.com/article/2012/08/15/net-us-hacking-reuters-saudi-idUSBRE87E0HU20120815 38 http://hackmageddon.com/2012/08/16/another-massive-cyber-attack-in-middle-east/ 39 http://hackmageddon.com/2012/08/17/heres-shamoon/