D0UBL3 HACK3R

The Anonymous Hackers collective claimed that they take down 12 child pornography websites. They found that illegal contents are being hosted in Free hosting site by google Search.
Criminals use the free hosting service such as 50megs.com for hosting their illegal contents. So far , 12 CP sites has been discovered by Hackers.

According to the Pastebin post, The sites have random nams like 'asyesahjsa' so that the site would be hard for authorities and general users to find. Also the sites looked like a normal innocent blogs, which is an obvious attempt at hiding their illegality.

All of the sites found to have a login/signup page, which means that they most likely had backend forums which would've obviously been used for trading CP.

"Our attack was planned and executed swiftly as to take down the sites as quick
as possible, and it was succesful, all sites are now #TangoDown permanently
and their IP's have been sent to law enforcement." The Hackers said.

"And so, we are now going to commence operation free host. Free hosting websites are clearly being utilized by pedophiles to host CP and forums for trading CP.  ANY site devoted to CP and pedophiles will be #TangoDown permanently, and any free hosting service refusing to remove CP/pedo sites from their servers, will be punished."

The hacker group known as LulzSecperu , have breached server belong to one of the biggest Peru Domains provider , www.punto.pe and released compromised database online.

It seems like they have extracted the data in a .sql file. They have uploaded that file in anonfiles.com. The size of the dump is approximately 75MB.

The dump contains sensitive information including customer code, user id, password, organization name, email address and other details.

After analyzing the dump, we have found that there is two password fields in the database. One stores the password in SHA-1 format , the second one stores the same password in plain text(What?!).

The users has strong password by using combination of Special characters, numbers, Case difference but the site fails to apply the proper security.

Still, i'm wondering why they've stored the password in plain text while they saving the password in SHA-1. Did they failed to realize the proper security ?

"Among the users are domain accounts of all banks of Peru and computer security companies as well as universities recognized instuons government and national security system." The hackers said.(translated).

The hackers claimed that they have no malicious purposes, only prove that the security of Peru is void and should be corrected.
At the time of writing, The site displays "Maintenance Page. Please click here to redirect to the home page". We are not sure that the message is being displayed because of intrusion.

Earlier Today, we reported that the HSBC online banking site disrupted by Denial-of-service attack. Initially, we believe that the cyber attack launched by Izz ad-Din al-Qassam Cyber Fighters.

But, The Anonymous affiliated hacker collective #FawkesSecurity have claimed responsibility for the cyber attack .

"As some of you may be aware HSBC bank suffered several DDoS attacks on the named sites in the past hours us.hsbc.com hsbc.co.uk hsbc.com hsbc.ca they were all brought down by #FawkesSecurity." Hackers said in the pastebin post.
"Before any claim fags attempt to take ownership of this attack, the proof is all in our Twitter account, Targets, time and date :) @FawkesSecurity"

While the HSBC statement claims that no customer data has been affected, the Fawkessecurity tweets that "This isn't entirely correct. We also managed to log 20,000 debit card details."