Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Hacker Interview – Jonturk 75 – JRB

Today I have the pleasure to interview Jonturk 75 one of the hackers that hit high profile targets, including the notorious hacker group OurMine. Jonturk 75 and the hacker group he takes part in have recently made the headlines news with a series of attacks against high profile targets. Following CNN and Reuters hacks they’ve recently defaced […]

Trigona ransomware

Today I have the pleasure to interview Jonturk 75 one of the hackers that hit high profile targets, including the notorious hacker group OurMine.

Jonturk 75 and the hacker group he takes part in have recently made the headlines news with a series of attacks against high profile targets. Following CNN and Reuters hacks they’ve recently defaced the website of the popular hacker group OurMine.
India cyber espionage
How did you start your hacking operations?
I’ve started almost 10 years ago. We now act as a group called JRB and have been working together for a long time now.
What is the main motivation behind your attacks?
Our group is composed of 3 people and none of us has a daytime job in IT. These attacks and hacking targets is a way to escape our daily routine. We can say hacking is our hobby.
How do you choose your targets?
We don’t have a set selection procedure for targets. CNN, Reuters and OurMine have been chosen as a way to entertain ourselves. We usually select targets we find interesting such as hosting companies, popular brands and artists.
Do you only perform defacement attacks? or do you also exfiltrate data?
We are specialised in defacement attacks however we do exfiltrate data we think might be useful or be interested at a later time.
How do you approach your targets?
We are very detailed oriented and try to conduct a detailed analysis of the target. We gather information on the website, server and even the hosting providing company. The information gathering phase can take hours and even days.
What are your preferred attack tools? What are the tools you think hackers should have in their arsenal?
We try to limit the use of automated tools as much as we can. Due to their versatility and ease of use, we would say NMAP, BurpSuite, Hydra Metasploit, and SQLMap.
What was your most challenging target?
We enjoy more difficult targets. In one of the targets, we’ve collected the user credentials for the hosting provider of the target, however, changing the DNS records required us to fake a signed and stamped fax application. After deeper analysis, we’ve discovered a vulnerability in the Network Information Center (NIC) of the country which has allowed to gain control of many websites belonging to that country extension.
How do you see large scale attacks such as Wannacry?
Wannacry has had huge financial and technical impact. If we put aside this negative impact we can say that it has contributed in a positive way on the perception and importance given to information security both at the country and corporate levels.

 

Alper Basaran on PLC-based wormWritten by:  Alper Başaran

About the Author: Alper Başaran is a Hacker and Penetration Tester – Buccaneer of the Interwebs, he owns the Turkish blog alperbasaran.com.

Alper Basaran provides business process focused and goal oriented penetration testing services to his customers. Based in Turkey he has expanded his operations to the Middle East.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs –  Hacker, Jonturk 75)

[adrotate banner=”13″]