Wednesday, 23 September 2015

Vulnerability: The Secrets Behind iCloud Hacking (VIDEO)

By: Travis Doering
'Our group focuses exclusively on targeting and exploiting Apple's iCloud' RipSec Admin

HD copy available at:

Alongside this year’s release of OS 10.11, iOS 9, the iPhone 6S and the iPhone 6S Plus. Apple has updated its terms and conditions once again, but this change could come as a surprise to some users. The iCloud storage service will now be automatically enabled on any iOS device running iOS 9 or later if the user signs in using their Apple ID. Which might be convenient and free, for the basic subscription plan. But what is the true cost of uploading all of your personal data online?

In March last year our team at Hacker Film began production on a feature length documentary titled “Vulnerability”. We were originally working with a Canadian broadcaster, whose executives wanted to remove a segment about exploiting Apple’s iCloud service. This was because of the fact that Apple is a large advertiser, and additionally a distributor of digital content. We have taken the rejected footage and created this documentary short titled “The Secrets Behind iCloud Hacking”. We hope you enjoy.

Wednesday, 29 July 2015

Antivirus Maker Bitdefender Hacked, Customer Data Being Sold In Shady Black Market Deals

By: Travis Doering & Dan McPeake
'Im sniffing one of their major servers stealing logins' Hacker DedoxRansome

Recreation footage shows Bitdefender’s user data being posted online. 

Bitdefender, the critical darling in internet security, appears to have been hacked and is now embroiled in a dangerous extortion plot that’s putting its over 400 million customers at risk.

Friday July 24th 2015: A Hacker going by the handle DetoxRansome (DR) first attempted to blackmail the company via Twitter, writing “I want 15,000 us dollars or I leak your customer base”. This message was then followed by a tweet containing login credentials for two Bit Defender staff members’ accounts and another one belonging to a customer.

A twitter message shows DetoxRansome's blackmail attempt.

Saturday July 25th 2015: DetoxRansome made his second attempt to monetize Bitdefender’s freshly stolen data, as well as the exploit with which he procured it. DR posted a listing on a pastee page detailing the private sale of what he later described in an email as “access to all usernames and passwords persistently to their (Bitdefender) flagship products”. He posted a sample of some of what he had stolen which contained the plain text username and matching passwords for over 250 active Bitdefender accounts. Travis Doering and Bitdefender were able to confirm many of them as active accounts. In the body of the pastee post DR also listed the following message “This is a sample I have more, email for details of the hole (EMAIL REDACTED)” Those words then launched an online bidding war for the stolen credentials and details of the exploit used by DR.

A screenshot provided by our source show's DetoxRansome's  price negotiations.

Tuesday July 28th 2015: As he describes in the emails provided by our source, DR began exploiting the usernames and passwords to breach many of Bit Defenders clients. “this has the potential of being huge as I’m able to sniff all customer usernames and passes gov mil pharm etc this is big as i was able to hack by using this” DetoxRansome writes. In his attempt to impress the potential buyer, DR also sent screenshots of him accessing the enterprise security solutions page of many companies. DR claimed that “I can login to there full enterprise security solutions i have their logins to their shit not just customers“.

A screenshot sent by DetoxRansome shows he has acesss to BitDefenders' enterprise security solutions for POS Works.

A screenshot sent by DetoxRansome shows he has acesss to BitDefenders' enterprise security solutions for another Bitdefender client.

Reached by Travis Doering late Monday evening, Bitdefenders Marius Buterchi confirmed the
hacking of accounts, and said the company was “Aware of the issue and have reset the passwords for the customers who’s credentials have been made public.” He added “They are actively investigating how these passwords were made public.”

Recreation footage shows Bitdefender’s user data being sniffed.

When asked how DetoxRansome was able to procure the usernames and passwords, he responded that “I’m sniffing one of their major servers stealing logins”

While DetoxRansome’s claim of having access to their network could not be confirmed, if it is indeed the case, then Bit Defenders current remedy to reset the passwords and credentials in the wild, will have little to no effect as long as DetoxRansome is able to maintain his presence inside Bitdefender’s network.

While changing your Bitdefender password may or may not have any effect at this point depending on whether DetoxRansome's claims are true. We do recommend that if you are in the habit of sharing the same password across multiple sites. You change the credentials on any other accounts that may share the same password as your Bitdefender login.

(other writers please reference our article if you write an article based off of it)


Bitdefender is an award-winning anti-virus and internet software security company for MAC, PC and mobile devices.

Sniffing short for packet sniffing allows individuals to capture data as it is transmitted over a network.

Pastee is a web application which allows its users to upload snippets of text, usually samples of source code.

Exploit is a piece of software, a chunk of data, or a sequence of commands that takes advantage of a bug or vulnerability in order to cause unintended or unanticipated behavior in computer hardware or software, in many cases this behavior can be used for malicious purposes. is a point of sale, designed to reduce paperwork, track inventory and market to a business customers through one easy-to-use process.