Author Archives: bj

नेपालमा अहिलेसम्मकै ठूलो साइबर आतंक : 50+ gov sites on target

आफूलाई paradox साइबर घोस्ट बताउने ह्याकरहरुले नेपालका ५८ वटा सरकारी वेभसाइटमा एकै पटक साइबर हमला गरेको दाबी गरेको हो ।

Ad : Learn Ethical Hacking In Nepali Language (Playlists available) 

यसरी ह्याक भएका वेभसाइटमा रक्षामन्त्रालयदेखि कानुन आयोगसम्मका वेभसाइटहरु रहेका छन् । 


Undetected For Years, Stantinko Malware Infected Half a Million Systems

A massive botnet that remained under the radar for the past five years managed to infect around half a million computers and allows operators to “execute anything on the infected host,” ESET researchers warn.

Dubbed Stantinko, the botnet has powered a massive adware campaign active since 2012, mainly targeting Russia and Ukraine, but remained hidden courtesy of code encryption and the ability to rapidly adapt to avoid detection by anti-malware solutions.

Targeting users looking for pirated software, the actors behind the malware use an app called FileTour as the initial infection vector. The program installs a variety of programs on the victim’s machine, while also launching Stantinko in the background.

The massive botnet is used mainly to install browser extensions that in turn perform ad injections and click fraud, but malicious Windows services are used to execute a broad range of operations: backdoor activities, searches on Google, and brute-force attacks on Joomla and WordPress administrator panels, ESET reveals.

Full Story >

Ships Can Be Hacked By Exploiting VSAT Communication System – x0rz

According to security researcher using the Twitter ID, “x0rz” Shipboard systems are quite vulnerable to hack attacks because of the faulty configuration of specific satellite antenna systems installed on them. While having a conversation with The Next Web, x0rz stated that minor glitches in the configuration could help cyber-criminals in fulfilling their nefarious motives.

The researcher used Shodan search engine to trace the exact location of ships having “Very Small Aperture Terminal satellite communications systems” installed and then used default login information available on the internet for accessing those systems. He claimed that if an attacker gains access to VSAT system, a variety of tasks can be performed.
Src & full news :

Google wants you to stop using its SMS two-factor sign-in

SMS isn’t secure, so Google will start pushing its users across to its prompt-based 2-Step Verification

Starting next week, Google will make a significant step towards moving users off two-step verification sign-in delivered by SMS.

Google has continued to support SMS for two-factor authentication despite the National Institute of Standards and Technology last year deprecating it from its preferred list of out-of-band authentication methods

Src & more; 

Malware researcher helps teen hackers turn skills into careers

Ashkan Hosseini launched his first malware attack when he was 11 years old.

He put malware on a CD-ROM containing family photos and deleted everything off his family members’ computers.

As punishment, Hosseini wasn’t allowed to use a computer for a whole summer. Now, the 23-year-old is an intern for malware researcher Amanda Rousseau, who works for security firm Endgame. She’s been in the cybersecurity industry for almost eight years and investigates malware attack techniques.

Rousseau gets messages from young people who were once in Hosseini’s position: Smart kids manipulating code to do serious damage.

They ask her for advice — through direct messages on Twitter via @malwareunicorn and other chat platforms — about how to create malware and hack accounts or computers.

She tells them the same thing every time: “Don’t.”

“I can teach you how to reverse [engineer], but I am not going to teach you how to hack,” she said. “Not because I can’t, but [because] morally, I won’t.”

The concept of reverse engineering is to take apart the code and composition of something, like malware, to figure out it works.

Amanda Rousseau Amanda Rousseau, a malware researcher at security firm Endgame, helps teen hackers use their skills to build careers.

src & full news : 

माननीय गृह मन्त्री शर्माबाट इन्टरनेट बिनाको इमेल प्रविधिको उद्घाटन

काठमाडौं, १ साउन
प्रहरी प्रधान कार्यालयमा आइतबार आयोजित एक समारोहबीच ५९ औं प्रहरी संचार दिवस सम्पन्न भएको छ । सो अवसरमा प्रमुख अतिथि माननीय गृहमन्त्री जनार्दन शर्माले इन्टरनेट बिनाको इमेल प्रविधि (H.F. Radio Data) को समेत उद्घाटन गर्नुभयो ।
रेडियो प्रविधि र कम्प्युटर प्रविधीको कुराकानी नै H.F. Radio Data प्रविधि हो । यो Military Standard को प्रविधिलाई Software Defined प्रविधि पनि भनिन्छ, जसबाट ईन्टरनेट बिना नै इमेल पठाउन सकिन्छ । यो प्रविधिलाई Internet Server सँग जडान गरिने हो भने Internet Browse गर्न सकिन्छ । त्यसै गरी Email Server मा जडान गरिने हो भने व्यक्तिगत Email Address मा पनि यो प्रविधिबाट ईमेल पठाउन सकिन्छ । यो प्रविधिको प्रयोगले जहाँ ईन्टरनेट सुबिधा छैन त्यँहाबाट इमेल र फोटो पठाउन सकिन्छ र यो सूचना चुहावट नहुने सुरक्षित प्रविधि समेत भएकाले यो प्रविधि प्रहरीमा उपयोगी हुने देखिन्छ ।

Full news & src : Nepal police FB official page

20106294_1611693142237411_422274705040899934_n img and news src :

Nepal’s hacked by PakMonster


Found this in there facebook post.

Nepalian Domain Registrar Pwn3d
Hacked by Pak Monster
Team:; Pak Cyber Thunders


The hacked website acts as an official registration site for .np ccTLD domains in Nepal. Mercantile has been providing free of cost booking, renewal, DNS pointing, DNS transfer etc. for .np domains through this website.

Learn Ethical Hacking in Nepali Language here :  Student Video Tutorial in Youtube

CEH Study Guide For Students – Part 1 : Why CEH & HOW ?

What is going to be covered in this guide ?

– CEH Study Guide, Tips and Techniques will be covered.

– Along with guide, I’ll set practice questions also.
– Sometimes, in some article you will get videos demo too.
– Lab portion will also be covered in future parts.
– Fun Learning 🙂 

This guide by : Bijay Acharya (CEHv9. EC Council)
Follow me in twitter : @acharya_bijay
Subscribe my youtube channel : studentvideotutorial

In my channel, you will find Digital Forensics Tutorial, Cyber Security Tutorials, also more others.


HOW TO BECOME CEH ?  Full Article here  

All parts here 

“Robin Hood” Ransomware ! Really for Charities ? Or It’s a Trap Technique ? 

This is a novelty in the cyber criminal underground, crooks behind the new born CyptMix ransomware promise to donate the fee to charity. 

Advertise : learn ethical hacking in nepali language, also computer repairing videos, photoshop tutorials…all in nepali language. Available in my youtube channel here ;

No doubts, a very creative idea to extort money to the victims enticing them to pay for a good cause and telling them to think to have the opportunity to help the children.

Of course, the criminals don’t provide further details on the way they intend to donate the earnings.

“Your money will be spent for the children charity. So that is mean that You will get a participation in this process too. Many children will receive presents and medical help! And We trust that you are kind and honest person! Thank You very much! We wish You all the best! Your name will be in the main donors list and will stay in the charity history!” reads the ransom note sent to victims of the CyptMix ransomware shared by the experts at Heimdal Security who spotted the new threat.

Src & full article :

[In Nepali] Computer Repair Training PT.2 – Acer Laptop No Display [RAM FIXED], Baba computer pokhara

[In Nepali] Computer Repair Training PT.2 – Acer Laptop No Display [RAM FIXED], Baba computer pokhara

Need Support ? Call 9846618997 (Baba Computers Pokhara)

Computer Repair Training pokhara, laptop repairing training pokhara, chiplevel training pokhara, baba computers pokhara, computer hardware and basic training pokhara, laptop repair in pokhara, computer repair in pokhara

%d bloggers like this: