Wednesday, May 14, 2014

Repeated Hacks, What NeXt


Repeated Hacks, What NeXt


PROLOGUE
Many would have heard of ECHELON, WOODPECKER, etc. global electronic/ electromagnetic/ satcom, etc. surveillance systems. I have been aware courtesy the internet that they DO exist, since long.
I also know of a certain sub-system CALEA, as compulsorily enforced in almost all the US networking / telecom gears and servers. Even that there are similar systems in other countries, as well. I know of the presence since long.

I am also aware that all our internet / mobile phone traffic is logged and recorded by our ISPs' and so by our Govt. All the search engine word parameters, URLs' visited, all the e-mails sent/ received; our mobile conversations/ chats/ SMSs'/ browsing history, etc. IS logged. This is in force in most of the countries since long, and even so in place in India.

I am pretty much aware that many country's ( including my country's ) security apparatus have all the requisite knowledge necessary. Indeed, they can track any internet activity to a computer or even an internet access device. As such to any individual using the system.

I have been pretty much aware that we have solid cyber laws in place. And, as responsible citizen we have to abide by them and at the same time be cautious in our approach in order not to violate any one of them. Basically - stay safe.

And, we have to be always on alert that we are always safe from any potential mischief. We try to ensure this by visiting only genuine and safe web sites. Using our judgement pragmatically. And so, do we NOT primarily keep our anti-virus, etc. protetction mechanisms on our comp. system safe and up-to-date ? And, doing all that is deemed necessary to keep our system 'clean' and running.

Now, note that in India almost all our telecom / networking infrastructure is predominantly sourced from overseas - I would not be surprised in case there is a hidden backdoor for powerful overseas intel. agencies. This possibility MUST NEVER be ruled out. Is NOT to be ruled out.
Anyone can be put under surveillance, whether direct or indirect. Our Govt. must do it in case there is a certain need. But, when a foreign Govt. OR any 'unofficial' designate agents does so on us is NOT really good and desirable. The intention is always a question - could even border on malicious or malafide intent. In cahoots with whom ? - is the moot point. Our Govt. MUST ensure that Indian citizens are shielded from any deceitful 'snooping' etc. thurst on them from any corners of the globe or even within the nations' boundaries.


Our Govt. security apparatus does know very well who and where we are. Our co-ordinates. I would expect that even US intel. NSA does so. When I post on this blog owned by google - so, even Google Inc. has all the privy info. And, I trust Google with that.

At the outset, let me tell this straight, right and clear. Pretty much upfront herewith...

In stating any of the points in a blog and opining in a certain comments section - THERE is NIL malicious or malafide intent on my part. Few questions raised and a certain points conveyed is NOT something that anyone is NOT allowed to convey in a rightful manner. Could be possible that our observations and perceptions are belied by the facts on the ground ? Bare data that support such suppositions. For, non-govt. private citizens are NOT privy to almost majority of the Govt. facts / data. And, that is how it is supposed to be ( my take ).

In case I had anything negative ( even potential intent ) to state anytime - I (w,c)ould have very well found N other ways to do so in a rather pretty much anonymous manner. And, perhaps putting more punch to what I had to state. Wherein, no Govt. or individual (w,c)ould have ever discovered - "who said THAT !". There are other ingenuous ways other than internet that afford more security for the author of any idea. ( For, I understand that internet is mostly controlled by NSA. ) And, perhaps much much larger audience who would rather love such ideas, point of views. And, then the point is very widely conveyed. Here, on this blog site I am not sure who all ever get to read such piece on the blog. Whether anyone ever reads at all. Also, I have no desire of making any money out of this blog. No desire for great many people reading it. The message is perhaps intended for a select few - primarily the incumbent Govt. There is no malacious / malafide intent / intention. Perhaps, this is a feedback system / blog.

If I state something, I see that as Dharma towards my nation and mankind. As such, I do NOT fear anything. If I state something - I state for my nation, for mankind. Am I not allowed to express myself ? What must I do if Big Bro ( or, whoever ) does not really like what I state ? What I state is not malicious in any way but rather aimed at arriving at a more cohesive and peaceful world. Basically, a better future for us all. If our Govt feels that all this is not my domain and how I might be going wrong ( or, did go wrong ) in any manner ( in my nation's interest ) - perhaps they can 'unofficially' let someone known to me and trustworthy contact me and tell me if I have been wrong ( in national interest ). And, I will certainly be open to understand and make amends in case convinced.



Btw, at the outset, let this be pretty much understood by ALL that - whatever chances / hopes I had of gaining ( potentially, future ) on my professional front, IS, I believe pretty much lost. ( I am slowly becoming aware of that. But then, I am sure I will reclaim what is due me. ) Had been aware, after the first post around mid March on MH370. ( Perhaps I hit some wrong nerves. Or, was it otherwise ? ) Perhaps, I should not have put that post forth - it harmed me and continues to do so ( thinking aloud ). Well NO... it's actually good I did that ( my observation / perception - towards a better world ). What's there in some theorising based on what info. is available right on the internet ?



This post must not be misconstrued as an explanation. Rather, it is more of statement of a certain facts. And, trust me, in case I were not pre-occupied with my own set of affairs - I would have hardly cared to write this post. Wasting my precious time and energies on it. Rather, I potentially would have responded to the "encountered hostilities" in a rather different manner altogether.

"encountered hostilities"... goes below...







STORY SO FAR


What I have to state, begins around the middle of March, 2014.



I had aired a thought on the missing MH370 around the middle of March, 2014. Perhaps few of the first ones to put forth a theory indicating very high-tech cyber-hijacking as a potential explanation for this. The same I had put forth on this same blog site. ( Later removed by me - when I sensed that this post has unleashed mischief on me. )



Now, if I or someone else gets this idea then what's so great about it. Even any of you would have thought the same thing. Just need to search online for either "Hugo Teso" OR his "PlaneSploit", etc. Now, note that the following URLs state the same thing -



http://www.inquisitr.com/1173907/flight-mh370-hijacked-by-cell-phone-cyber-jack-theory-raised-by-terror-expert/



http://www.dailymail.co.uk/news/article-2582015/Is-missing-Malaysian-plane-world-s-CYBER-HIJACK.html





What I could have avoided mentioning in the post was Boeing and Rolls-Royce real-time data. I plain and simple - questioned it. Based on some palpable media silence on their part.

I now understand that perhaps a set of people did not appreciate what I stated as a plausible theory.


When I did state it, I did not give it much thought that this opining might go on to invite so much problems for me. Problems - How ? Let me explain, how -



Well, I DID sense something amiss with my comp. system right from 17th or 18th of March. And then -

1) The licensed anti-virus which would update almost few times every day failed to update for almost 4 to 5 days - between 19th to 23rd, March. Even, a manual try for update would return "Anti-virus Definition is up-to-date" message.



2) The internet access device's LED as also the device behaved erratically, ( never ever seen previously )

Recently, did some searching and came up with the following. For your reference -



http://www.computerworld.com/s/article/9247424/Users_face_serious_threat_as_hackers_take_aim_at_routers_embedded_devices?taxonomyId=246



http://www.pcworld.com/article/2095860/cybercriminals-compromise-home-routers-to-attack-online-banking-users.html





3) My licensed anti-virus program finds files to be quarantined. And, uploaded for further analysis. Each day, for three straight days, in a row. These files are found on my most preferred browser "Mozilla Firefox". Well, I NEVER did find any quarantines in the last so many years.




Way later, it came up in internet news that many security holes are found in Mozilla Firefox !!
Have I inferred that someone DID wilfully hacked into my comp. system. For airing a post on the missing flight ? Yes, I did so.



Then... with a sense of heightened threat perception relating to the missing MH370 when there was media report of a false flag attack directed against India. I thought more of it. Meanwhile, I curiously had an early morning dream on MH370 on the 24th. At the same time, since the past week, I had been sensing 'issues' with my comp. system that I attributed to my post that had to do with plausible cyber-jacking of a certain flight. I never had such issues in the past. And, I was getting more fed up each passing day.



Net result was... I poured some of the thoughts on the 25th of March on a ceratin ( my favorite) blog. It was mostly reactive. Perhaps, more of a kneejerk. It had a different dimension, altogether.



Now, NOTE what I have to state below...

Meanwhile I had discontinued using the Mozilla Firefox Browser. Then, I started using the Internet Explorer ( IE ) browser ( till that time Mozilla Firefox was patched ).


And see what ? Within a few days - I hear that major security flaws are found on the IE browser as well. This was heartbleed flaw. Also, some pretty serious SSL type flaw was discovered.



Later, I had strong suspicion that my system could also be potentially compromised. Based on -

A) One fine day, I notice that the data transmission upload / download is as follows ( when there was nothing to be uploaded as such ) -

Downloaded Data size : 2X MB ( X => data quantum )

Uploaded DATA SIZE : X MB ( approx., say )



B) I see the anti-virus ( AV ) program used by me downloading something like - 15 to 20 MB of data for virus definition updates. ( Never did so in the past. Rarely would do so. Where the data downloaded is at best a few MBs' only. ) This type of data update has become pretty much rampant with this AV program, every few days. Has happened almost a dozen or so times. NO matter even if I uninstall the AV program and then re-install and fully update the system/ AV. After re-installation of the Operating System.

Recently, the same anti-virus program downloads nearly 33/34 MB of data as vir def updations.



C) I downloaded a pretty good security scanner on my comp. And, pretty soon, the very next day it is gone !! Before it is used. As, if it never was there. Deleted from folder.

Such happenings have become rampant now. Making me be MOSTLY offline. Requiring my comp. system to be fixed, formatted, re-imaged, etc. almost MORE THAN 7-10 TIMES since the 20th of March till date. As a precautionary measure.



D) For two/ three days in a row there were NIL anti virus definition updates.



E) Another day - malware is detected by the anti virus on the system.



F) As I write this, I would not be surprised if the world's IT security experts may find an OLD Google Chrome hack ( in the open since 1st April 2007 - date stamp of the folder seen on my system ) . That's what I discovered on my system one day - once I started using the Google's Chrome browser.

Then I had to get my system 'fixed', yet again as a precautionary measure.



As a precautionary measure, I have had to get my system fixed nearly 7-10 times in the recent weeks. This has caused me much head-ache. I am prone to get livid. Say something that I would rather not. So, anyone who's trying to play foul with my system for whatever reasons please refrain from doing so. I believe that people ( in case more than one ) involved could be non-state actors. Designated and deputed by whom ? No idea. But, who stops me from making a wild guess.

Does anyone want me to again state something ( wilfully, this time ) that I might never be wanting to state. Based on my observation & perception of things. Why must I do so, when I never had any intention of stating so in the past ? Even so in the future.

____________________________________________________________________________



Now, I DO mind someone ( non-Govt designated actor ) snooping on my system, by hacking into it ( my guess ).



Playing up and probably trying to use my system / e-mail id etc. for some potential mischief directed against me. This remains a pretty strong suspicion. Perhaps trying a frame up. Even using my hacked resources ( comp. system, e-mail id, etc. ) for some cyber crime. This is but a pretty strong suspicion on my part.


Anyone indulging in this kind of activity is NOT good. Please refrain from troubling any further. Get OFF MY BACK. Else, chances are... I am likely to misinterpret who might be doing all this. And, in all likelihood go on to air some thoughts I do not want to be doing.


PLEASE !! SPARE MY PEACE.



And, till the time I discover who is involved. There are chances - I might be misdirecting my energies in the wrong direction. I have no intention of getting into it. Yet, I am on the verge.



Also to note - I do not have any affilition to any political parties in India. Only towards perceived leadership to lead the nation towards a better tomorrow. Were Shri Pranab Mukherjee our PM, I would have NOT have been critical of the UPA regime. I saw in him true potential to lead us in the past 5 years. The country missed him as the rightful PM.



My allegiance is only to my country. No man, no party. They come much much later.
And, of course I believe in - Vasudhaiva Kutumbakam .


PEACE !!

____________________________________________________________________________


EPILOGUE



Not sure... where this is potentially heading to.




REQUEST -
Can any IT Security expert among readers be gracious enough to pass me info. as to  how best to stay safe and anonymous online ? I would be highly thankful !


THANKS !!


JAI HIND !!


_________________________________________________________________________________



ADDENDA - Posted -> 25/05/2014 ( Problem Logged few days back )


The following SQL Query has been frequently observed by me
since the past some weeks.
After, I visit a web site or blog site. I discover the following
SQL query ( seems like a remotely executed one rather than a
resident execution. I could be wrong here. ). Maybe I am being too suspicious here.


Most of the times, the SQL query is similar, though may not be exact.

SQL query built: SELECT TOP 4 "Microsoft.IE.TargetUrl",
"System.ItemPathDisplay", "Microsoft.IE.Title",
"Microsoft.IE.SelectionCount" FROM SystemIndex..SCOPE()  WHERE
SCOPE='iehistory://{S-1-5-21-57634567-684592779-734683687-1002}/'  AND

((NOT CONTAINS("System.ItemType",'"Folder"') AND NOT CONTAINS
("System.ItemType",'"Directory"'))) AND (((CONTAINS
("Microsoft.IE.TargetUrlHostName", '"aj*"',1033) RANK BY COERCION

(Absolute, 250)) ) OR ((CONTAINS("Microsoft.IE.Title", '"aj*"',1033)
RANK BY COERCION(Absolute, 150)) ) OR ((CONTAINS

("Microsoft.IE.TargetUrlPath", '"aj*"',1033) RANK BY COERCION(Absolute,
100)) )) ORDER BY "Microsoft.IE.SelectionCount" DESC ,

"Microsoft.IE.VisitCount" DESC , "System.Search.Rank" DESC

NO idea what this SQL Query is supposed to derive from the cookie, etc. that is fetched from the browser's cache ?
ALSO, what DATA it is trying to gather from the system or the system index ?
( I have no time to investigate this. )
BUT, further, I have noticed that at around the time of the same SQL fetch, the following application was running in the background for some while -


- SearchProtocolHost.exe


At one instance noted nearly 4 instances of the same application running momentarily. Till few seconds later, only one was running. Then, this also vanished.
Now, what this is supposed to Search, any well versed IT professional in that domain, can make out. I have not much idea.


I view this with utmost suspicion for the following reason -
Especially, owing to some network intrusion experienced on my internet access device subsequently.This can be initiated from remote end ( anywhere from earth, I guess ).
This basically brought down my internet access for 40-45 odd minutes.The comm. link stayed down, as if the ISP server was down. I would not like to believe so. This rarely happens.
NOT sure what transpires here. But, I smell something here.
______________________________________________________________

But, because of the recurrent problems I am faced with on my comp. system since some time. I am looking at alternate media news source, in the recent few days.
I rarely visit or read articles on www.voiceofrussia.com as I am most certainly Western-oriented.

But, here I chanced on the following URLs recently -

http://voiceofrussia.com/news/2013_08_13/Russian-pleads-not-guilty-in-biggest-US-hacking-case-8494/

http://voiceofrussia.com/2014_03_04/UK-resident-faces-prison-term-on-US-government-computers-hacking-charge-0855/

NOTE -
THIS NEWS ITEM IS JUST FOR THOSE NOVICE PEOPLE USING INTERNET ACCESS GRANTED THEM AT NOMINAL COST. WITHOUT THEIR REALISING WHAT MAY BE THE PRICE TO BE PAID IN CASE THEY DO NOT KEEP THEIR SYSTEM 'NICE & CLEAN'.

( THOUGH THESE ACCUSED PEOPLE COULD BE GENUINELY HACKERS. COULD BE OTHER WISE, AS WELL. IN CASE THESE SAME PEOPLE ARE PUPORTEDLY "SET UP"/ FRAMED . BY WHOM - NO IDEA ! )



AND, WEB USERS MUST VISIT WEB SITES USING UTTER JUDICIOUSNESS. LEST THEY INFECT THEIR SYSTEM WITH SOME MALWARE, CONTROLLED BY SOME MALICIOUS PERSON(S) / GROUP / ORGANISATION / AGENCIES / NATIONS SOMEWHERE ON THE WORLD MAP.
AND, THEY LAND IN SOME UNWANTED TROUBLE.
HOPE THIS HELPS.


___________________________________________________________________


THANKS !!


No comments:

Post a Comment