TCS website hacked

On Sunday, visitors to Tata Consultancy Services (TCS) website were taken for a hacker’s surprize as the HomePage of the website greeted visitors with a ‘For Sale’ message. It has been reported that the problem was at Domain Registrar as no servers were compromised but it was a case of DNS hijacking.

According to the wikipedia: DNS hijacking or DNS redirection is the practice of redirecting the resolution of Domain name system (DNS) names to IP addresses to rogue DNS servers, particularly for the practice of phishing, or the practice of some ISPs resolving otherwise non-existent domains to the ISPs own servers.

DNS hijacking is a kind of hacking, and is punishable under section 66 (read with section 43) of Information Technology Act, 2008.

Basically, there are two aspects to a hosted website, one is the Domain name and other is the Hosting space. It is necessary for the Domain name name – servers to point to the correct Hosting company servers by providing the required information, which is normally in the form of ns1.servername.com, etc. Such information is secured with a username and password, which is different than the normal Hosting user account information.

In many cases in India, the Domain Owners do not realize that they havn’t been provided with the access to such other Domain Control Panel but only the Hosting Cpanel by the Registrars, which leads to a kind of blackmail by the local Domain service providers in most of the cases, as such companies can later deny the transfer of Domain name to other registrars in the absence of the Secret Key, which is compulsorily required for such transfers (which is available within the Domain Control Panel).

If you have been victim of such blackmail by your Domain name registrar, please contact here for legal help !

For Domain name registration and unlimited website Hosting, please visit www.archersoftech.com

US Cyber Crime News

PLUMAS LAKE MAN SENTENCED TO ONE YEAR AND THREE MONTHS IN PRISON FOR COMPUTER FRAUD – Used the Internet to Steal Micro-Deposits

According to Assistant United States Attorney Matthew D. Segal, a prosecutor in the office’s Computer Hacking and Intellectual Property (CHIP) unit, who prosecuted the case, from November 2007 through May 2008, LARGENT wrote a computer program that allowed him to defraud E-Trade, Charles Schwab & Co., and Google by opening or attempting to open more than 58,000 brokerage accounts. He did this to steal the “micro-deposits.” A financial institution will make a micro-deposit when an account is opened to test the functionality of an account. The amounts deposited in this case ranged from $0.01 to $2.00.

LARGENT used false names, addresses, driver’s license numbers, and social security numbers, including the names of known cartoon and comic book characters to open the accounts. When the deposits occurred, he would transfer the funds into his own bank accounts or onto prepaid debit cards, without the authorization or knowledge of his victims. As a result, LARGENT fraudulently obtained or attempted to obtain tens of thousands of dollars, which he used for personal expenses.

 


 

CBP OFFICER CHARGED WITH UNLAWFUL ACCESS TO GOVERNMENT DATABASES

The three-count information alleges that while employed as a U.S. Customs and Border Protection Officer, Ben-Shabat abused his official access to the Consular Consolidated Database (CCD) and Treasury Enforcement Communications System (TECS) database to obtain personal information
about a person he was suing in small claims court, and used the information to further his personal lawsuit. The information further alleges that Ben-Shabat induced other law enforcement officials, under the guise of official business, to access official records in the Arizona Criminal Justice Information System (ACJIS) database concerning the defendant in his personal lawsuit.

 


 

Computer Hacker Fugitive Extradited for Cybercrimes Relating to VOIP Telephone Services

Pena was indicted on fraud and computer hacking charges for his role in a scheme to defraud Voice Over Internet Protocol (VoIP) telephone service providers. Pena, who purported to be a legitimate wholesaler of these Internet-based phone services, allegedly sold discounted service plans to his unsuspecting customers. The Indictment alleges that Pena was able to offer such low prices because he would secretly hack into the computer networks of unsuspecting VoIP providers, including one Newark-based company, to route his customers’ calls.

Through this scheme, Pena is alleged to have sold more than 10 million minutes of Internet phone service to telecom businesses at deeply discounted rates, causing a loss of more than $1.4 million in less than a year. The victimized Newark-based company, which transmits VoIP services for other telecom businesses, was billed for more than 500,000 unauthorized telephone calls routed through its calling network that were “sold” to the defendant’s unwitting customers at those deeply discounted rates, according to the Indictment.

 


 

Computer Hacking Ring Charged by United States and Egypt in Operation Phish Phry

Operation Phish Phry commenced in 2007 when FBI agents, working with United States financial institutions, took proactive steps to identify and disrupt sophisticated criminal enterprises targeting the financial infrastructure in the United States. Intelligence developed during the initiative prompted the FBI and Egyptian authorities to agree to pursue a joint investigation into multiple subjects based in Egypt after investigators in both countries earlier this year uncovered an international conspiracy allegedly operating an elaborate scheme to steal identities through a method commonly called “phishing.” The group is accused of conspiring to target American-based financial institutions and victimize an unknown number of account holders by fraudulently using their personal
financial information.

According to the indictment that was unsealed this morning, Egyptian-based hackers obtained bank account numbers and related personal identification information from an unknown number of bank customers through phishing—a technique that involves sending e-mail messages that appear to be official correspondence from banks or credit card vendors. In illegal phishing schemes, bank customers are directed to fake websites purporting to be linked to financial institutions, where the customers are asked to enter their account numbers, passwords and other personal identification information. Because the websites appear to be legitimate—complete with bank logos and legal disclaimers—the customers do not realize that the websites do not belong to legitimate financial institutions.

source: www.cyberlaws.us