[Owasp-delhi] [Owasp-Mumbai] Songs.pk can be used to hack Indian Networks!

Bipin Upadhyay muxical.geek at gmail.com
Fri Jan 9 02:00:09 EST 2009


Dinesh,

My usage of "cyber warfare" was intended to be a sarcasm on media. I 
guess I could've been more clear, eh! :)

--Bipin.

dineshbareja at gmail.com wrote:
> folks we are all beating the cyber war drum so can anyone pl give me
> some info about this. I am totally clueless about technology and would
> like to see this too ! Where is the DDoS or Critical Infra attack
> happening. Where are multiple banks being looted.
> I mean in which state or city or village across India ?
>
> Guys if InfoSec professionals start believing that songs.pk has
> started a war we cannot blame the person who said thst Pak is
> currently waging war.
>
> It is common to have Pak comments and crap attempts to compromise
> Indian sites etc so if there is anything happening can someone share
> some authentic info and not just FUD statements.
>
> Take care
> Dinesh
>
> On 1/8/09, Bipin Upadhyay <muxical.geek at gmail.com> wrote:
>   
>> Hello,
>> Akshay Mulkutkar wrote:
>>     
>>> Yes, we do have a lot of instances of Indian site being hacked by
>>> pakistani nationals.
>>> Also, there's a lot of talk about how skilled the chinese hackers are.
>>>
>>> Indians are among the best brains in the industry.
>>> Isn't is time indian black hats launch a full-on aggressive against
>>> the all pakistani establishments?
>>>
>>>       
>> No, it's not! Not to mention that it's childish and stupid.
>> If you understand and appreciate Gandhiji's decision on on the
>> Chauri-Chaura incident the you know what I mean. Violence (and offense
>> in general) don't earn you anything in short term, apart from
>> illusionary dominance. However, they affect both the parties/societies
>> in long run, badly.
>>
>> This analogy, IMHO, is true for cyber warfare too.
>>
>>     
>>> Offence should be coupled with defence.
>>>
>>>       
>> Yes! It has to be. But defense has a different definition altogether.
>>
>> --
>> Regards,
>> Bipin Upadhyay.
>> http://projectbee.org/
>>     
>>> Regards,
>>> Akshay Mulkutkar
>>>
>>> On Wed, Jan 7, 2009 at 6:14 PM, vaibhav aher <vaibhavaher at gmail.com
>>> <mailto:vaibhavaher at gmail.com>> wrote:
>>>
>>>     Hello Nilesh,
>>>     I totally agree with you. There is a cyber war going on ... may be
>>>     most of them here dont go to ungerground.... where you will see
>>>     the actual  scenario.
>>>
>>>     Regards
>>>     Vaibhav Aher
>>>     Security Consultant
>>>
>>>
>>>     On Wed, Jan 7, 2009 at 11:37 AM, <nileshkumar83 at gmail.com
>>>     <mailto:nileshkumar83 at gmail.com>> wrote:
>>>
>>>         Hi Chintan, Yash,
>>>
>>>
>>>              I share my views with Mr. Yogesh Badwe that it's not an
>>>         issue of what the Indian,Pakistani....or African media is
>>>         saying and against whom. The matter is if there is
>>>         smoke...there 'might be' fire somewhere. And if not, we as
>>>         security professionals should remain updated of any fake/true
>>>         news. Any 'hoax bomb call' is also a matter of great concern.
>>>
>>>         This community is for sharing any fake/unfake news and we
>>>         should not simply put is as media overhype. I got the news and
>>>         put here..just simple. At least we can be careful and this
>>>         kind of thing might occur in the current scenario of Indo-Pak,
>>>         at least they can intesify at the time being. This is not out
>>>         of the world thing.
>>>
>>>         Anyways, thanks to all learned people for an enlightening
>>>         discussion.
>>>
>>>
>>>
>>>         On Wed, Jan 7, 2009 at 6:44 AM, chintan dave
>>>         <davechintan at gmail.com <mailto:davechintan at gmail.com>> wrote:
>>>
>>>             Hi,
>>>             @ Nilesh - First of all I would like to thank you to take
>>>             time off your busy schedule to share news with the group.
>>>
>>>             I do not understand what is wrong with us? Why do we just
>>>             keep on criticizing?
>>>
>>>             I think everyone on the group is mature enough to identify
>>>             the so called "Over hyped" news. If you think that the
>>>             news is crap, fine, just ignore, no one needs your
>>>             personal advice on what media should do and what not!
>>>
>>>             I guess we all are here to share facts or may be opinions
>>>             when explicitly solicited by other group members. Its
>>>             always debatable whether what media reported is correct or
>>>             not and the reader is "the" judge.
>>>
>>>             I'd appreciate if we can stop this bullshit of critizing.
>>>             If we can't admire people sharing things, lets not
>>>             discourage them. If its not useful for you, ignore it.
>>>
>>>             On Tue, Jan 6, 2009 at 9:51 PM, Yash Kadakia
>>>             <teccoder at gmail.com <mailto:teccoder at gmail.com>> wrote:
>>>
>>>                 Hi Nilesh,
>>>
>>>
>>>
>>>                 First off, I would not believe anything the Indian (or
>>>                 most International) media have to say about Cyber
>>>                 Security, unless they are quoting a reliable _named_
>>>                 source.
>>>
>>>
>>>
>>>                 Secondly, this is nothing more than the media taking a
>>>                 simple concept such as a *possibly *infected web-site
>>>                 and turning it into a  indo-pak issue.
>>>
>>>
>>>
>>>                 As a fact I can tell you that in this last week, I
>>>                 have run across web-sites from at least 7 different
>>>                 LARGE group of companies that had their web-sites
>>>                 compromised and malicious JavaScript injected into it.
>>>                 The malicious JavaScript was in-turn attempting
>>>                 drive-by-downloads and common IE exploits to
>>>                 compromise users. This definitely doesn't mean that
>>>                 those companies are targeting Indians, Pakistanis or
>>>                 anyone else. It is simply an IT Incident that is most
>>>                 likely not connected to politics in any way.
>>>
>>>
>>>
>>>                 --
>>>
>>>                 Yash Kadakia
>>>
>>>
>>>
>>>                 *From:* owasp-mumbai-bounces at lists.owasp.org
>>>                 <mailto:owasp-mumbai-bounces at lists.owasp.org>
>>>                 [mailto:owasp-mumbai-bounces at lists.owasp.org
>>>                 <mailto:owasp-mumbai-bounces at lists.owasp.org>] *On
>>>                 Behalf Of *nileshkumar83 at gmail.com
>>>                 <mailto:nileshkumar83 at gmail.com>
>>>                 *Sent:* Tuesday, January 06, 2009 11:11 AM
>>>                 *To:* owasp-delhi at lists.owasp.org
>>>                 <mailto:owasp-delhi at lists.owasp.org>;
>>>                 owasp-mumbai at lists.owasp.org
>>>                 <mailto:owasp-mumbai at lists.owasp.org>
>>>                 *Subject:* [Owasp-Mumbai] Songs.pk can be used to hack
>>>                 Indian Networks!
>>>
>>>
>>>
>>>                 Hi All!
>>>
>>>
>>>
>>>                    I just went through an article this morning that
>>>                 the hugely polpular song site among Indians
>>>                 www.songs.pk <http://www.songs.pk/> can be used to
>>>                 make ypur PCs botnets or zombies by the Pakistani
>>>                 hackers. So avoid the site for the time being at least!
>>>
>>>
>>>
>>>                 Just have a look at the article:
>>>
>>>
>>>
>>>
>>> http://www.rediff.com/news/2009/jan/06mumterror-pakistan-india-hackers-internet-cyber-war.htm
>>>
>>>
>>>
>>>                 --
>>>                 Thanks & Regards,
>>>                 Nilesh Kumar,
>>>                 Security Specialist | Governance Risk Compliance
>>>                 www.linkedin.com/in/nileshkumar83
>>>                 <http://www.linkedin.com/in/nileshkumar83>
>>>                 Mobile- +91-9891524880
>>>
>>>
>>>                 _______________________________________________
>>>                 OWASP-Mumbai mailing list
>>>                 OWASP-Mumbai at lists.owasp.org
>>>                 <mailto:OWASP-Mumbai at lists.owasp.org>
>>>                 https://lists.owasp.org/mailman/listinfo/owasp-mumbai
>>>
>>>
>>>
>>>
>>>             --
>>>             Regards,
>>>             Chintan Dave,
>>>             KPMG Singapore
>>>             LinkedIn Profile: http://www.linkedin.com/in/chintandave
>>>             Blog:http://davechintan.blogspot.com
>>>             <http://davechintan.blogspot.com/>
>>>
>>>
>>>
>>>
>>>         --
>>>         Thanks & Regards,
>>>         Nilesh Kumar,
>>>         Security Specialist | Governance Risk Compliance
>>>         www.linkedin.com/in/nileshkumar83
>>>         <http://www.linkedin.com/in/nileshkumar83>
>>>         Mobile- +91-9891524880
>>>
>>>         _______________________________________________
>>>         OWASP-Mumbai mailing list
>>>         OWASP-Mumbai at lists.owasp.org <mailto:OWASP-Mumbai at lists.owasp.org>
>>>         https://lists.owasp.org/mailman/listinfo/owasp-mumbai
>>>
>>>
>>>
>>>
>>>     --
>>>
>>>
>>>
>>>     _______________________________________________
>>>     OWASP-Mumbai mailing list
>>>     OWASP-Mumbai at lists.owasp.org <mailto:OWASP-Mumbai at lists.owasp.org>
>>>     https://lists.owasp.org/mailman/listinfo/owasp-mumbai
>>>
>>>
>>> ------------------------------------------------------------------------
>>>
>>> _______________________________________________
>>> OWASP-Mumbai mailing list
>>> OWASP-Mumbai at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-mumbai
>>>
>>>       
>>     



More information about the Owasp-delhi mailing list