Tuesday 14 January 2014

Detroit to host nation’s largest hackathon


Hackers hack during the MHacks Hackathon 2013 in the Big House on September 21, 2013 in Ann Arbor, MI. Image credit: Joseph Xu, Michigan Engineering Communications & MarketingIn an effort to cast the bankrupt city in a new light for the nation's future tech talent, University of Michigan students are holding their record-setting collegiate hackathon in Detroit this weekend.
More than 1,200 students from 70 universities and high schools across the nation are expected to attend the race to make the coolest new device or application in just 36 hours.
MHacks III, hosted by student groups MPowered Entrepreneurship and Michigan Hackers, will be at The Qube in downtown Detroit. It begins at 7 p.m. Friday, Jan. 17 and ends noon Sunday, Jan. 19, followed by an awards ceremony.
The last MHacks, which took place at the Michigan Stadium in September, set a record for the largest such event, with 1,214 students attending. The students believed that moving the event to Detroit would catapult the momentum building in the city's technology sector, said Lucy Zhao, chief development officer at MPowered and a junior studying English and business.
"A lot of people in Detroit and Michigan know about the startup scene in the area, but people across the country don't," Zhao said. "Our goal is to bring talented computer science students to Detroit and expose them to the fact that it's becoming an entrepreneurial hub."
Students will coalesce into teams of up four to create, or "hack," new technological prototypes from scratch. The only rule is they cannot begin hacking until the start of the event. They are allowed to arrive with ideas, though.
Though most of the participants will spend their time developing applications, mentors from sponsors will host tech talks and workshops. For instance, Bloomberg Inc. will host a talk on the importance of open source development and Apple Inc. will be discussing its iOS mobile platform. Some of the talks are designed to help students understand what they can do with the company's platforms.
The student-led team behind the hackathon has already done some hacking of its own. The members created an app for attendees to use during the event. The app will provide a newsfeed of updates from participants, a map of where to find mentors and sponsors and a schedule of events. Attendees can even use it to ask for more pizza and energy drinks to stay focused on their hacking.
Up to $20,000 in cash prizes will be doled out at the end of the hackathon. The first place winner will receive a $5,000 grand prize and other hackers can receive branded awards from sponsors looking for specific computer applications.
"We couldn't have picked a better time to show off the city of Detroit with everyone in town for the (North American International) Auto Show," Zhao said. "The city will be lit up with excitement. We can't wait for it to be here."

U-M researchers estimate best time to launch a cyber attack

Abstract image of 1s and 0s and circuit paths with a hand holding an electronic pen. Image credit: sxc.hu user erkinsahinUniversity of Michigan researchers have developed new ways to analyze Internet security risks by creating a mathematical model that can predict when a cyber attack may be launched.


Robert Axelrod, professor of political science and public policy at U-M's Ford School, and Rumen Iliev, postdoctoral research fellow at the school, created the model to help develop a basis for understanding the strategic implications of cyber technology.
Focusing on the timing of cyber conflict, their model analyzes when an attacker is most motivated to exploit vulnerabilities in a target's computer system for espionage or disruption.
"One of our major contributions is to develop some concepts to deal with this new realm of cyber conflict," Axelrod said. "It took 15 years in the nuclear world for people to understand the implications of nuclear technology. It is our hope that it won't take that long to understand the strategic capabilities of cyber technology."
They developed two concepts. One is stealth, which is the ability of a resource to exploit a vulnerability in a target's computer system to stay undiscovered if it is used. The other is persistence, which is to keep the vulnerability undiscovered if it isn't used.
"A good resource should have both stealth and persistence," Iliev said. "The less persistent a resource is, the sooner (it should be used) lest the vulnerability is fixed before (there's) a chance to exploit it."
They illustrate their model using four case studies, including the Stuxnet attack on Iran's nuclear program and the Iranian cyber attack on the energy firm Saudi Aramco.
"We also hope this will encourage other efforts to study these things in a rigorous way," Axelrod said. "There's a lot of discussion about cyber problems, but it's so new that the language isn't established. People use the word attack to mean anything from stealing a credit card number to sabotage of an industrial system."

Target breach expands: what does this mean?

Target announced that the breach that was originally thought to affect 40 million shoppers who had used credit and debit cards in their stores between the end of November and December 15, is now much larger than it initially appeared. The company is now indicating that additional data on 70 million more shoppers was exposed. Currently it is not clear if this is in addition to, or overlapping the original 40 million records, but several news sources are saying the breach could affect as many as 110 million shoppers. What is worrying about this latest revelation, in addition to the sheer numbers, is that exposed data is now thought to include more than just card data, so email, address, and phone numbers could be exposed.
The initial announcement by Target indicated that only credit and debit card information was stolen, and after forensic examination began, explanation of the stolen data was soon amended to included encrypted PINs for debit cards. This greatly increased the risk of fraudulent use of those cards, for customers who had shopped at Target during the time-period of the breach. Now, as it is becoming clear that the thieves are actively trying to decrypt the PINs the risk for those debit card users continues to grow.
This latest revelation hints at a much bigger problem, as the new information gathered is not just data that is typically used in the processing of credit or debit card transactions, and it is not entirely clear where the thieves got this information. It seems likely that it was more than just credit and debit card users that were affected, though it is not clear which other Target shoppers make up the remaining records. It could be that shoppers who paid cash but provided additional information comprise some of that difference.

1. Check your account for suspicious activity

If you used your credit or debit card at Target between the end of November and December 15, 2013 it is still important that you regularly check your statements for fraudulent transactions. Criminals are likely to hang on to data and use it after attention has died off, so this is something you should continue to do for the foreseeable future.

2. Ask for a replacement debit/credit card

If you would rather not take the time to continually monitor your card, you may wish to ask for a replacement card instead. Remember, if you have any auto-pay accounts that reference this account number, you will need to update that information when the replacement card is activated. The Federal Trade Commission offers a lot of advice on dealing with lost or stolen cards.

3. Change your debit PIN

If the card that was used was a debit card, you should change your PIN. Criminals are actively working to crack the encryption used to protect this information, and many people use weak PINs that are easy to guess. You might want to listen to what my colleague Aryeh Goretsky has to say about choosing a good PIN: Listen to podcast now.

4. Check your credit report

It is now clear that the thieves have enough information on some Target customers to carry out identity theft. That makes it even more important to regularly monitor your credit report so that you can spot and then report any fraudulent account activity, like new accounts in your name that you did not authorize. Target has provided detailed contact information for the three credit-reporting agencies, and provided a year of free credit reporting for those that have been affected. You may also want to look into setting up a fraud alert or a credit freeze if you want additional protection against fraudsters trying to get credit in your name. Be aware that these steps will also mean you have to go through additional verification if you wish get credit, for the duration of the alert or freeze.

5. Change your Target.com password

There is no indication yet that Target.com was compromised, but the forensic investigation on this incident is not yet complete. As a precaution, it is a good idea to make sure your password is strong, and that you change it regularly.

Bonus tip 1: Beware of scams

Criminals now have access to more information about Target customers, and are now more likely to use this to send scams or phishing emails. Be sure not to click on links in emails purporting to come from businesses using this angle, especially if they appear suspicious in any way. Instead, you should type the expected URLs into your browser directly to contact companies.

Bonus tip 2: Tax Identity Theft Awareness Week

The FTC site is a great source of fresh and useful information for preventing and correcting damage from identity theft, including a particularly nasty version of this crime: tax identity theft. Next week (January 13-17), they are having a number of informational events both online and in locations around the US. This would be an especially good time to educate yourself on how to protect yourself from harm from this breach.

Major cyber attacks ‘can be predicted’ using computer model, researchers claim

Major international cyber attacks follow a pattern – and attacks such as Stuxnet, which targeted Iran’s nuclear plant can be predicted by a mathematical model, University of Michigan researchers have claimed.
The model could help understand the strategy and timing of international cyber attacks, and predict the “next move” in conflicts, according to Robert Axelrod, professor of political science at the University. Axelrod hopes the research may “mitigate” the harm of such attacks.
Axelrod likens the current state of cyber attacks to the early nuclear era – and hopes the model may help states understand the strategic implications of such technology, and help draw the line between cybercrime and cyber attacks.
“One of our major contributions is to develop some concepts to deal with this new realm of cyber conflict,” Axelrod said. “It took 15 years in the nuclear world for people to understand the implications of nuclear technology. It is our hope that it won’t take that long to understand the strategic capabilities of cyber technology.”
“We also hope this will encourage other efforts to study these things in a rigorous way,” Axelrod said. “There’s a lot of discussion about cyber problems, but it’s so new that the language isn’t established. People use the word attack to mean anything from stealing a credit card number to sabotage of an industrial system.”
The timing can be ‘predicted’ by analyzing the stealth of a resource – ie the ability to infiltrate and remain undiscovered – and persistence, the ability of a vulnerability to remain undiscovered. Combining these two gives a model which can predict the timing of attacks, the researchers claim, in a paper published in the academic journal PNAS.
Speaking to Ars Technica, Allan Woodward, a cybersecurity expert at the University of Surrey said that the model fit existing attacks ‘perfectly’.
Ars Technica said that the case studies showed how and when cyberweapons would be used, and Woodward said the timings fit both the Stuxnet attack – which ‘lay dormant’ for 17 months – and Iran’s response, “Iran may have responded to this attack by targeting the workstations of Aramco, an oil company in Saudi Arabia that supplied oil to the US. Although the US called this the “most destructive cyber-assault the private sector has seen to date,” it achieved little. However, for Iran, the result mattered less than the speed of the response. In a high stakes case, the model predicts immediate use of a cyber-weapon, which is what happened in this case, too.”
The tool could offer a greater understanding of what “cyber espionage” is – and how states use it. The researchers used four case studies, including the Stuxnet attack on Iran’s nuclear program and the Iranian cyber attack on the energy firm Saudi Aramco.
“A good resource should have both stealth and persistence,” Axelrod said. “The less persistent a resource is, the sooner (it should be used) lest the vulnerability is fixed before (there’s) a chance to exploit it.”

Malware in Target’s registers harvested millions of card details for weeks, chain admits

Malicious software was installed in tills in Target stores across the U.S. and went undetected for weeks, the chain has admitted, harvesting information from the magnetic stripes on customer cards during transactions.
The infiltration went undetected from late November until 15 December, according to The Register’s report.
In an interview with CNBC, Chief Executive Gregg Steihafel said that the investigation was still “ongoing” and defended the four-day wait between the chain’s discovery of the attack, and its announcement to consumers.
“There was malware installed on our point-of-sale registers,” he said, “That much we have established. This investigation is ongoing, and it is going to take some time before we understand the extent of what has happened.”

“Sunday December 15 was really day one,” Steihafel told CNBC. “That was the day we confirmed we had an issue and so our number one priority was … making our environment safe and secure. By six o’clock at night, our environment was safe and secure. We eliminated the malware in the access point, we were very confident that coming into Monday guests could come to Target and shop with confidence and no risk,” he said.
“Day two was really about initiating the investigation work and the forensic work … that has been ongoing. Day three was about preparation. We wanted to make sure our stores and our call centers could be as prepared as possible, and day four was about notification.”
While Target launched a PR campaign to win back the trust of shoppers, including the revelation that malicious software was likely involved in the theft of data on up to 110 million cards, there were fresh developments from the leading retail trade association, the National Retail Federation (NRF). As reported by Reuters, the organization called for stronger security for cards. Reuters is also reporting that three more retailers are affected by similar breaches, but did not name names.
Target was not the only retailer to suffer such attacks during the holiday season – upscale luxury-goods store Neiman Marcus admitted that customer cards had data stolen during the same period, as reported by We Live Security here.
Three other retailers were also targeted during the same period, but have yet to make statements, according to CNET. Sources told Reuters that the same techniques were used to attack three “well-known” retailers, who suffered smaller breaches.

Attention Shoppers! Top tips for defending your accounts against card fraud

Have you used a credit or debit card in a store in the last three months? If you’re like me, you have, possibly numerous times. If so, you should check all of your credit and debit card accounts today to make sure there have been no fraudulent charges.
Why? Because we are now hearing that Target is not the only retail chain to become a victim of cyber criminals stealing credit/debit card data and other personal info besides. Several more retailers are likely to be named in the near future.
So, as the Big Retail Rip-off continues to unfold, and we learn that the address information for some shoppers has also been stolen, we are beefing up our top tips on how to defend your accounts and your identity. Please share these with friends and family. (If you are wondering how this data was stolen, including the role of POS malware, check the notes at the end of the article.)

Check your account for suspicious activity

If you used your credit or debit card at any retailer in November and December of last year you need to check your accounts right away.check your statements for fraudulent transactions. Criminals are likely to hang on to data and use it after attention has died off, so this is something you should continue to do for the foreseeable future.

Ask for a replacement debit/credit card

If you would rather not take the time to continually monitor your card, you may wish to ask for a replacement card instead. Remember, if you have any auto-pay accounts that reference this account number, you will need to update that information when the replacement card is activated. The Federal Trade Commission offers a lot of advice on dealing with lost or stolen cards.

Change your debit PIN

If the card that was used was a debit card, you should change your PIN. Criminals are actively working to crack the encryption used to protect this information, and many people use weak PINs that are easy to guess. You might want to listen to what my colleague Aryeh Goretsky has to say about choosing a good PIN: Listen to PIN podcast now.

Check your credit report

It is now clear that the thieves have enough information on some shoppers to carry out identity theft, which can be much worse than dealing with fraudulent charges on a card. You should regularly monitor your credit report so that you can spot and then report any fraudulent account activity, like new accounts in your name that you did not authorize. Target has provided detailed contact information for the three credit-reporting agencies, and provided a year of free credit reporting for those that have been affected. You may also want to look into setting up a fraud alert or a credit freeze if you want additional protection against fraudsters trying to get credit in your name. Be aware that these steps will also mean you have to go through additional verification if you wish get credit, for the duration of the alert or freeze.

Change your online shopping passwords

There is no indication yet that online stores were impacted by this latest round of cyber crimes, but the forensic investigation of these incidents is not complete. As a precaution, it is a good idea to change your passwords, making sure they are hard-to-guess and unique to each account.
For more on the Target breach there are two short podcasts you might want to hear. Click these links to listen to the MP3 audio: Security Actions to Take Now and Target Breach Explored.

Beware of scams

Criminals may now have access to more information about customers than just card data. So they are now more likely to use this data to send scam or phishing emails. Be sure not to click on links in emails purporting to come from businesses using this angle, especially if they appear suspicious in any way. Instead, you should type the expected URLs into your browser directly to contact companies.

Tax Identity Theft Awareness Week

The data you need to steal to create fake credit and debit cards does not include Social Security or Tax ID numbers. But if those numbers are stolen, they can be used for tax identity theft, which is a huge problem in America right now. How big of a problem? The FTC has declared this week Tax Identity Theft Awareness Week and has put out a lot of information about preventing and correcting damage from this crime. Check out the informational events both online and in locations around the US.

How did encrypted card data get nicked?

We don’t know yet how the Target and Neiman Marcus breaches were committed, but a lot of people are asking, quite reasonably, how thieves could get at card data that is supposed to be encrypted. There are several possible answers, one of which is that the encryption may not have been implemented correctly. Another is that the data is not encrypted throughout the transaction process. It is temporarily decrypted in random access memory (RAM) by point-of-sale (POS) machines so that it can be read and processed. Thieves may have stolen the data from RAM, using a technique called RAM scraping, which has already been used in some malware.
The basic technique was demonstrated years ago by Mark Goudie, managing principal of Verizon Business Investigative Response. Concerns have been raised about RAM scraping in POS devices for several years. Malware using RAM scraping was the subject of a recent CERT advisory.

Microsoft fixes Windows XP flaws as support cut-off draws near

Microsoft will end support for XP on 8 April 2014
Microsoft has released fixes for an "important" vulnerability in its Windows XP operating system, just days after announcing it would pull support for its Security Essentials anti-malware tool from the platform.
The fix was released as a part of Microsoft's monthly Patch Tuesday update cycle. The Windows XP fix also relates to the company's Windows Server 2003. Microsoft's security blogger Dustin Childs confirmed the vulnerability has been targeted by a "limited" number of attacks.
"We have only seen this issue used in conjunction with a PDF exploit in targeted attacks and not on its own. This only impacts customers using Windows XP or Server 2003 as more recent Windows versions are not affected," said the security alert.
The cut-off date for Security Essentials support comes just before Microsoft fully ceases support for the decade-old Windows version. The end of support would mean XP users would no longer receive security updates for newly discovered threats. Research from NetMarketShare in December revealed that a third of Windows users are still running XP, despite the looming danger.
Microsoft also released fixes for "important" holes in its Office and Dynamics AX services. The vulnerabilities generally left Windows users open to privilege escalation attacks, though the Microsoft Dynamics AX flaw was listed as leaving Microsoft customers vulnerable to distributed denial of service (DDoS) attacks.
F-Secure security analyst Sean Sullivan told V3 none of the fixes are too serious, but predicted that a more robust Patch Tuesday will follow in the near future. "[This release] doesn't look like the kind of stuff that System Admins will need to stress too much over," he said.
"Next month could be busy, as April approaches. The limited number of patches this month could be a consequence of Christmas and the New Year holidays falling mid-week."
Persuading businesses to install new security patches as soon as they are able to has been an ongoing goal of the UK government and its Cyber Security Strategy. The Home Office listed installing new patches as a key way businesses can protect themselves from hackers in its newly launched Cyber Streetwise campaign.

Overbearing security demands risk public sector BYOD use, warns council CIO

The debate over BYOD security rumbles on
The IT chief of the London borough of Camden has warned the public sector that overbearing security regulations will negatively impact IT innovation, particularly bring-your-own-device (BYOD) policies.
John Jackson, CIO of Camden Council, told a room of public sector IT professionals that the government's latest Public Services Network (PSN) regulation would merely cause users to "revolt" and start handling data even more insecurely by using free tools instead of private cloud solutions provided by their employer.
"One of the things that bothers me is that while we have to get security right, we have to think about that in a collaborative way," Jackson said.
Camden Council has been operating its own BYOD policy for three years, using private cloud systems to keep data secure on multiple devices, which Jackson believes has transformed the way the council works, as well as saving significant amounts of public money.
"Whatever we want to do in the world around security, the idea that the technical bureaucrats can actually control what are revolutionary tendencies within our workforce is going to be very difficult."
He said the government's PSN strategy – which heavily regulates how data can be shared across cloud services – brought forward a new risk of the public sector falling behind the rest of the world.
"The world outside is moving faster than we are moving in technology in government: when there's a mismatch between outside and the inside, you have a problem," he said.
While Jackson says he recognises the importance of security policies with BYOD practices, tightening up control on the devices themselves does not solve the root of most high-profile data breaches: user error.
"The biggest problem in my experience in security isn't the technology, it's people doing stupid things," he explained. "There's a real debate as to how far we push accountability because the more we do the technical side and lock it all down, the more we potentially blur the boundary of who's accountable. There's a big thing in security about accountability because no matter what we want to do the more [the user will] try and subvert us."
"Love it or hate it, BYOD is here to stay," he concluded.

Icefog hackers hit ‘large US oil company' with evolved Java attack

Security padlock image
Kaspersky Labs has uncovered a new Java-focused variant of the notorious Icefog malware targeting several high-profile companies and government agencies, including "a very large American independent oil and gas corporation".
Kaspersky Lab experts Costin Raiu, VitalyK and Igor Soumenkov reported uncovering the new variant while monitoring previously shut down Icefog command and control (C&C) servers in a blog post.
"In September 2013, we published our extensive analysis of Icefog, an APT campaign that focused on the supply chain – targeting government institutions, military contractors, maritime and shipbuilding groups," read the post.
"Since the publication of our report, the Icefog attackers went completely dark, shutting down all known C&C servers. Nevertheless, we continued to monitor the operation by sinkholing domains and analysing victim connections. During this monitoring, we observed an interesting type of connection, which seemed to indicate a Java version of Icefog."
The researchers confirmed that the malware has the same espionage focus as the original Icefog campaign and once in a victim's system installs malware designed to let it communicate with Icefog C&C servers.
"The module writes a registry value to ensure it is automatically started by Windows. It is worth noting that the module does not copy itself to that location," read the post.
"Next, it enters a loop where it keeps calling its main C&C function, with a delay of 1,000 milliseconds. The main loop contacts [a] well-known Icefog C&C server and interacts with it."
The Kaspersky experts confirmed that evidence suggests a number of major US corporations involved in critical infrastructure may have fallen victim to the new Javafog variant during the sinkhole operation.
"By correlating registration information for the different domains used by the malware samples, we were able to identify 72 different C&C servers, of which we managed to sinkhole 27," read the post.
"During the sinkholing operation, we observed eight IPs for three unique victims of Javafog, all of them in the United States. Based on the IP address, one of the victims was identified as a very large American independent oil and gas corporation, with operations in many other countries."
The Kaspersky researchers said the Javafog malware is far harder to track than the original IceFog attacks.
"The truth is that even at the time of writing, detection for Javafog is extremely poor (three out of 47 on VirusTotal). Java malware is not as popular as Windows Preinstallation Environment (PE) malware, and can be harder to spot," read the post.
Attacks targeting businesses involved in critical infrastructure have been a growing problem facing governments. Security experts have predicted that the threat facing critical infrastructure will grow in 2014.
The warnings were given credence at the end of 2013 when reports broke that the Israeli and Saudi Arabian governments are working to create a new, even more destructive variant of the notorious Stuxnet malware.

Metasploit exploited 90% of SCADA systems

Researchers have discovered flaws in the SCADA computer systems which control major infrastructure, including energy, oil and gas and transportation.
Information security firm Positive Technologies discovered vulnerabilities in the way that Siemens’ WinCC software encrypts and stores passwords in its Project database. Hackers could exploit the flaws to gain access to Programmable Logic Controllers - the systems responsible for controlling machinery and other processes.
Researchers also found a vulnerability in another system, DAQConnect, allowing hackers running a demonstration kiosk to access other SCADA installations, but were simply told to “not do” the attacks by the software’s manufacturer.
Supervisory control and data acquisition (SCADA) systems monitor and control physical industrial processes and are used widely in industry.
The researchers estimate that 90 per cent of the systems they tested can be hacked with Metasploit, a penetration testing software package which simulates attacks on computers and networks. They also discovered 60,000 industrial control system devices at risk of attack; many of them were home systems.
The company reported the vulnerabilities to manufacturers and computer emergency response teams.
Daniel Tarasov, executive vice president at Positive Technologies, said that if hackers were to attack utility companies’ SCADA systems, then water and electricity supplies could easily be switched off.
Mr Tarasov said: “If this happens in IT systems, the worst that can happen is your system stops working, but when you’re talking about power plants, then your power stops working.
“Anything that’s connected to critical infrastructure is very serious, basically the consequence can be from really small to really huge and catastrophic.
“The main problem is that this world of ICS and SCADA systems was historically offline, so if you put the system in place, you could control your train and it was not in any way connected to your office network or corporate network or the internet, but now the situation is changing. Most of the equipment is now connected to your corporate network, which in turn is connected to the outside world.”
The Telegraph has contacted Siemens for comment.
In June 2010, a computer worm caused damage at Iran’s Natanz nuclear plant by tampering with SCADA control systems.
Stuxnet allows hackers to secretly take control of industrial equipment and is designed to ‘pass over’ personal computer systems.
Internet security organisation Norton said: “It is the first computer virus to be able to wreak havoc in the physical world. It is sophisticated, well-funded, and there are not many groups that could pull this kind of threat off. It is also the first cyberattack we’ve seen specifically targeting industrial control systems.”

#Opisrael Birthday 7 April 2014: Initiates continues attacks record of 1 year

The hackers that were responsible for #opUSA, #opPetrol and #opISRAEL in 2013 have announced the birthday of #opIsrael that will be celebrated by the AnonGhost hackers on the 7th of April’14. Operation Israel has had multiple attacks that resulted in the breach of over 100 000 websites.

#opisrael 7 april

In #OpIsrael, the group claimed to have hacked over 100,000 websites, 40,000 Facebook accounts and 5,000 Twitter accounts, causing losses of billions of dollars.

#opisrael reloaded

In #opisrael reloaded the AnonGhost hackers breached a total of 2307 reported websites. #OpIsrael-Reloaded was launched on 7-June-2013, till now there are many websites have been hacked & defaced and as we explained in our last post that how this war is “Hackers vs. Hackers”because Israeli Hackers launched #OpIslam and in result of this Islamic Hackers (Anonghost) launched #OpIsrael-Reloaded.
#opisrael reborn targeted a list of 221 websites; again this operation was supported by Islamic hackers. In #optroll israel AnonGhost had hacked and defaced 65 Israeli websites under the banner of the ongoing operation.
http://www.youtube.com/watch?feature=player_embedded&v=XvdSBX3xBHghttp://www.youtube.com/watch?feature=player_embedded&v=XvdSBX3xBHg


Hack​ers

Mauritania Attacker - Virusa Worm - Deto Beiber - Dr.SaM!M_008 - M3GAFAB - Extazy007 - PhObia_PhOneyz - Mr Domoz - Tak Dikenal - AnonxoxTN - Raka 3r00t - PirateX - Bl4ck Jorozz - Younes Lmaghribi - Indonesian r00t - BlackBase Hacker - CoderSec - h4shcr4ck - Mrlele - Donnazmi - TheGame Attacker - SaccaFrazi - Egy Eagle - Mr.Ajword - HusseiN98D - Pr3d4T0r - THE GREATEST - HoLaKo - Man Rezpector - BiosTeRminat0r - Spec Tre - Hani Xavi - Don Maverick - RevCrew - Psyco Hacker - Black Cracker - rummykhan - VINUX - ARAFET - TITO_SFAXSIANO - SQUICK HACKER - Root Max and probably a lot more that are not listed.