Archive for July, 2011


The hacker community is in mass hysteria and confusion today, and it’s spiraling out of control, blaming Google’s aggressive deactivation of Google+ accounts.  Over the past several days, Google has begun disabling Google profiles/accounts of people who didn’t use their real name in their profile.  As accounts are disabled, people are losing their entire Google history along with their Google accounts.

 

Imagine getting a note from someone you’ve never met before, from a real name you’ve never seen before, claiming to be your long-time hacker buddy.  As you can imagine, the hacker community primarily deals in pseudonums, or “hacker handles” so getting notes and requests from real names …that’s confusing!

 

It makes sense, as Google tries to crack down on the extraneous spammy accounts that don’t have human beings behind them, that real names are required, but it’s wreaking havoc.  For example, many of the people I know, I know only by a handle …if they were to pass me on the street or send me a message from an account with their real name – I would have no idea.

Savant_Quote_on_G+.jpg

 

As you can see – the community is up in arms.  WIll this be a self-imposed momentum-stopping hit by Google?  Only time will tell … in the mean time, I need to go figure out who all these people are, and start learning real names……

 

Source Link

Advertisements
Foreign powers could try to infiltrate hacktivist networks in order to manipulate their actions, according to a security expert who advises governments and businesses on internet issues. Likening the emergence of the hacktivist movement to the arrival of militant groups such as the Red Brigade during the 1970s, government advisor and chair of the International E-crime Congress, Simon Moores, said that hacker groups could eventually be swayed by outside influences. “If you have a LulzSec or an Anonymous that is perhaps being manipulated by a foreign actor, it takes us back to the days of the Stasi and the KGB, which were manipulating [anti-nulear campaign group] CND quite easily from Moscow,” he said.”

The LulzSec hacking group has claimed responsibility for recent attacks on Sony and Nintendo. however, before they attacked these high-profile technology companies, LulzSec went after a less obvious target: PBS’ NewsHour website.

The most visible part of their hack was the posting of a false story about rapper Tupac. The fabricated story stated that the iconic hip-hop artist, who was gunned down in 1996, is actually still alive and living in New Zealand.

In addition to posting the false story about Tupac on the PBS NewsWire’s website, LulzSec also defaced a second page and released of a small set of PBS related names and passwords. these hackers used unsophisticated tools to hack a poorly protected content management system (CMS) to do their work. The defaced pages also included immature mocking of a very sophisticated “Anonymous” hacker group.

Common reasons people hack include: greed, social activism and social acceptance. at first, LulzSec might seem like an exception to these typical hacking motives. it doesn’t seem to be that LulzSec is obtaining money from the stolen data, they haven’t presented a social agenda and their actions certainly are not deemed acceptable by general society. however, the idea of “social acceptance” doesn’t have to include all of society. it has been said that LulzSec is only hacking for the infamy and entertainment of it all.

What was the specific reason for LulzSec gave for hacking PBS? they said it was because they didn’t like a televised story about WikiLeaks hacker/activist Bradley Manning that aired on PBS. As a result, one might suspect that the motivation behind LulzSec’s attacks was to gain social acceptance among other hackers, maybe even creditability in the hacking community.

These attacks might have been entertaining for LulzSec, but they have caused a headache for PBS, Sony and Nintendo. we can, however, learn something from these attacks. they provide a warning for website owners: even though your benevolent website might not have monetary value, it still stands the chance of becoming a target. Amateur hackers are always seeking out new targets to help them gain their 15 minutes of fame, and PBS is testament to this.

As this hacking group, who take their name from the world “Lulz” – a slang term used online to refer to laughter, continues to gain notoriety for their rash of web attacks, the world waits to see who will get the last laugh.

 

Source Link

This is part one of a week-long series on the ecosystem of cybercrime.

NEW YORK (CNNMoney)LulzSec took down the CIA’s website in mid-June in an effort to prove to the world that the hacker group should be taken seriously.

But in the truly grand ecosystem of cybercriminals, LulzSec, Anonymous, AntiSec and other so-called “hacktivist” organizations are much more of a nuisance than a serious threat. They’re fringe groups that are by far the least worrisome of all cyber attackers.

“This isn’t juicy stuff that they’re getting from their attacks,” said Eric Fiterman, founder of Rogue Networks, a security startup backed by Northrop Grumman (NOC, Fortune 500). “They themselves don’t know the full cybercrime ecosystem, and they tend to over-inflate their position in the hierarchy.”

The global cybercrime universe is terrifying: Cybercrooks often work in organized crime syndicates like the Mafia. Some defraud banks, and many others are government agents that spy on foreign entities and corporations. They threaten our financial systems, our economy, and our national security.

Comparatively, hacktivists groups are the equivalent of graffiti artists, prank callers, hazers and bullies. Like pranksters, they tend to be young, poorly funded and immature. They seek to embarrass companies, individuals, and government agencies in order to make a statement.

They’re also extremely disorganized — the name “Anonymous” is much more of a brand than an actual organization. Solo hacktivists and independent, small groups often band together under its banner. One of the loudest of those groups became LulzSec.

That’s not to say Anonymous and its offshoots should be ignored. Its ranks include many skilled hackers who have been able to steal information from the Senate and Arizona state police websites, as well as data from major corporations like Sony (SNE), Bank of America (BAC, Fortune 500) and Nintendo. They’ve also successfully blocked access to the websites of Visa (V, Fortune 500), MasterCard (MA, Fortune 500), the CIA — and, most recently, several News Corp. (NWS) newspaper websites.

LulzSec and Anonymous often gain entry through the same methods that the real bad guys use. Typically, they use so-called “SQL injections,” an attack method that has been around for more than a decade. Those attacks exploit vulnerabilities like coding errors in websites’ internal databases in order to uncover information.

The key difference between hacktivists and more serious criminals lies in their motivation. Anonymous isn’t interested in stealing for profit data like credit cards, payroll information or information critical to national security. Instead, they hack to gain attention for themselves and their causes.

What it actually takes to prevent a hack attack

Hacktivists go in, get out, and post whatever they were able to find quickly. They don’t take the months or years it would take to really do significant damage.

Typically, hacktivists have gone after lists of usernames and e-mails associated with a particular site, but in some cases they’ve been able to access — and make public — embarrassing internal corporate e-mails.

If they can’t quickly hack a site, they have also been known to launch “denial of service” (DOS) attacks that overload a website’s server. That kind of attack isn’t technically a hack, since it never compromises a site — DOS attacks just prevent people from accessing the targeted website.

Hacktivists can be obnoxious. But dangerous?

Face to face with LulzSec

Right before Karim Hijazi was contacted by LulzSec in late May, he knew something was coming.

Hijazi runs a company called Unveillance, which monitors and attempts to commandeer botnets — large groups of infected computers that cybercriminals use to perform malicious acts, ranging from sending spam to launching DOS attacks to disguising their location and identity.

On May 25, Unveillance’s servers started to get hit with an unusually high level of activity from offenders attempting to break in. Hijazi took extra precautions to ramp up security and keep the attackers out. It worked, and he thought he was secure.

But what Hijazi didn’t realize was that LulzSec was playing with loaded dice. From an attack LulzSec had previously launched against the website of Infragard Atlanta, a cybersecurity alliance Hijazi participates in, the hacking group was able to get Hijazi’s personal e-mail address and the password to that account.

Unable to break into Unveillance’s systems, LulzSec contacted Hijazi in an e-mail and put his password in the subject line. Hijazi said the group demanded money or access to a botnet, which it planned to use for future attacks.

Hijazi didn’t comply. Soon after, LulzSec posted his work and personal e-mails online for all to see. They further embarrassed Hijazi by claiming that he had paid them to attack his competitors.

In the end, Hijazi’s reputation was damaged, but LulzSec didn’t get their hands on a botnet.

Muckraking and smear campaigns have so far been hacktivists’ most successful method of attack.

For instance, LulzSec — then operating under the Anonymous banner — couldn’t penetrate the systems of security contracting firm HBGary Federal. But it was able to crack open corporate e-mails and found some pretty salacious stuff, including plans to help the U.S. Chamber of Commerce, an industry trade group, undermine its political opponents through a sabotage campaign. That led to the resignation of HBGary Federal’s CEO, Aaron Barr.

HBGary CEO Greg Hoglund acknowledged that hacktivists can indeed cause damage, but his view is that their capabilities are still very limited compared to their much more sophisticated cybercrime peers.

“What happened at HBGary pales in comparison to what happened to Sony,” Hoglund said. “I was quite embarrassed that my e-mail was put online, but that was really the extent of it.”

The attention hacktivists get is often far out of proportion to the the scale of their exploits.

“When the CIA’s site went down, it was just a public facing site with no significant information,” Hijazi said. “A denial of service attack is not a big deal. But to most people, hearing that the CIA went down sounds scary.”

And that’s exactly what LulzSec wanted. They love the attention. In fact, the CIA DOS attack was done because a Twitter follower accused them of taking on targets of little consequence. So they aimed for a high-profile victim — with a low-tech attack. Even LulzSec acknowledged the trick’s ease, tweeting, “People are saying our CIA attack was the biggest yet, but it was really a very simple packet flood.”

If there’s anything positive to come from all the attention they’ve been getting, it’s that hacktivists have rattled the apple cart enough to shine a light on the global cybersecurity problem.

“The great irony of all of this is that LulzSec has had a positive effect on security,” said Deepak Taneja, chief technology officer of Aveksa, a security software company. “They’re nothing, they’re pranksters. But all the press that they’re getting has helped security permeate the C-suite level at companies. Now, they’re waking up to the risk management they really need to defend against the more serious threats.”

But hacktivists are just the very tip of the iceberg. The most serious threats are powerful, dangerous, and loaded with cash — and they’re operating in the shadows.

 

Source Link

Hacker group Anonymous and offshoot Lulzsec have started releasing secret information they claim to have stolen from servers of the CNAIPIC Italian cyber crime unit about the protection of critical national infrastructure.

A tweet by AnyonymousIRC pointed to reports of the attack: ” #AntiSec strikes at Italy Government. Silent no more,” the tweet concluded.

Links to previews of what the hacker claims to be 8GB of files have been published on file-sharing website Pastebin.

“This is a pre-release of a series we are going to make to reveal the biggest in history of European LE cyber operation evidence exploitation and abuse. Thing’s gonna get published and twittered all over anonymous and lulzsec community,” the posting said, written in its own hackers’ vernacular.

The theft of data from CNAIPIC is part of the groups’ AntiSec campaign apparently aimed at what members consider to be corrupt organisations, and is believed to be in retaliation for the arrest of Anonymous members in Italy.

“This corrupted organisation gathered all the evidence from the seized property of suspected computer professional entertainers and utilised it over many years to conduct illegal operations with foreign intelligence agencies and oligarchy to facilitate their lust for power and money, they never used obtained evidence to really support ongoing investigations,” the posting said.

The hackers claim the stolen documents include information from the Egyptian Ministry of Transport and Communication, Australian Ministry of Defence, US Departments of Agriculture and Justice, and the Nepalese Ministry of Foreign Affairs.

Earlier this month, Anonymous hacked and defaced Turkish government websites in protest against internet filtering rules to be introduced in Turkey in August and claimed to have accessed NATO servers as part of the AntiSec campaign.

 

Source Link

In an exclusive conversation, a member of the group explains why Rupert Murdoch brought him out of retirement

 

You probably wouldn’t expect that you could unceremoniously waltz into an Internet chat room and engage some of the most controversial and successful hackers in the world — from the groups Anonymous and LulzSec — in one-on-one conversation. But that’s exactly what I did on Wednesday.

The members of these groups take great pains to protect their identities, lest they find the long arm of the law knocking down their doors. That’s what happens when you become, like Anonymous, an established presence in the world of cyber-chicanery, responsible for hacking attacks against some of the world’s biggest companies. LulzSec — a new group that emerged with great force this spring, taking on Sony, Nintendo, even the U.S. Senate — is similarly locked-down. Still, in an official Anonymous chat room, I gabbed with one of LulzSec’s founders and leaders.

Some background: This week, LulzSec emerged from early retirement to lay siege to the embattled News Corp. empire. On Monday, the group hacked into the website of the British tabloid the Sun, and posted a story that falsely claimed that Rupert Murdoch had passed away. Later, one of LulzSec’s leaders, a hacker by the name of Sabu, announced he was sitting on top of a cache of confidential News Corp. emails, and said that he would release them shortly.

What grabbed my attention, in particular, was the name Sabu. The hacker was first ID’ed as a member of LulzSec last month, when private chat logs were leaked to the press. But I remembered reading the name even earlier, when Gawker released another set of chat logs back in March. The transcripts showed Sabu directing the activities of a particular arm of Anonymous responsible for several high-profile hacks — including one of cyber-security firm HB Gary that revealed the company’s attempts to discredit Salon’s Glenn Greenwald.

I was curious to learn more about Sabu, so I started digging around. And, like other reporters before me, I headed to a group of chat rooms, both run and frequented by Anonymous, called “#AnonOps.” The network is composed of a number of separate chats, many of them concerned with Anonymous’s various, concurrent operations. (One room — dedicated to the widely reported “Operation Anti-Security” — was like a social libertarian’s fever dream, filled with disparate, but overlapping and oftentimes heated, conversations about taxes, bank reform, U.S. military actions, etc.) Other rooms were meant for new members, for tutorials, for specific languages and nationalities. The chat room I entered was helpfully titled “#reporter.”

Once inside, I explained that I was hoping to snag a conversation with Sabu. I was informed, however, that this might prove difficult. A chatter named “lolatu” told me that this particular day was “Claim To Be Sabu Day.” Apparently, in a “Spartacus”-esque display of camaraderie, Anonymous members were claiming to be Sabu, so as to throw off the scent of enforcement officers hoping to track the hacker down. (Lolatu also helpfully informed me that “Spartacus” was a movie.)

While I never did get that interview with Sabu, I was able to speak on two separate occasions with Topiary, another founder of LulzSec, and the group’s de facto press officer.

[Note: My actual handles during these conversations were “mib_e6ubr4” and “mrpants,” which were randomly generated by the chat client. For the sake of clarity, I’ve subbed those names out, and identify myself as “Salon” in the (lightly edited) transcripts.]

 

Salon: Hi there. Sorry to intrude. I’m a reporter for Salon.com. Was wondering if you had a second to talk?
Topiary: Okay – just so you know, I’ve had no less than 12 publications (some very big three letter ones) contacting me today about News International emails
Topiary: but I don’t know anything about them
Topiary: I know all about the Sun hacking, and the fake story (I wrote it) but nothing about the emails I’m afraid
Salon: I was actually wondering if you were at liberty to discuss LulzSec’s reemergence from early retirement?
Salon: Like, what was the impetus?
Topiary: ah okay,
Topiary: The main motivation behind our return to the proxseas was the wrinkly-faced walnut Rupert Murdoch. We decided to rock up a storm from afar in conjunction with the media surrounding him, hoping to increase his frown more.
Topiary: LulzSec is not back, persay, but all of us are still here and we’re watching — if there’s a special event, we may take action for high-quality entertainment purposes.

This is the LulzSec mode: Highfalutin, comically rude, littered with maritime allusions (LulzSec’s fictional vehicle of choice is called “The Lulz Boat”) and peppered with portmanteaus (“proxseas” = “proxy” + “seas”).

 

Salon: The other thing I was wondering:
Salon: Why was [the News Corp hack] a LulzSec operation rather than an AnonOps?
Topiary: The Lulz Boat decided to engage in hostile fire against News International — AnonOps/LulzSec are united for AntiSec (something we, LulzSec, started) but we’re not overlapping on any other LulzSec-only operations.
Salon: So did you leave Anonymous when LulzSec was conceived?
Topiary: Anonymous is an idea and a consciousness. It’s not a group or a company, so you can’t really leave it.
Salon: I know both you and Sabu, and maybe others at LS, were involved in high-profile stuff for Anon in the past, e.g. HB Gary; was it that nucleus (i.e., the crew singled out in the Gawker chat leaks from March) that became LulzSec?
Topiary: Giving away a fact like that might harm operational security, but I confirm that some of them are in LulzSec — LulzSec has 6 core members, myself and Sabu included.

Shortly after, Topiary told me that he had to leave. But Wednesday evening, I was able to grab him for another round of questions. This time I was curious about Topiary himself:

 

Salon: Hey Topiary. This is Peter from Salon again. I’d just ask for a few minutes, to ask about you, personally (that is, your motivations, hopes, fears, etc.; not your identity — unless, you know, you’d like to tell me that too.)
Topiary: Howdy, what would you like to know?
Salon: With all the crackdowns recently, are you concerned you might get pinched by the cops?
Topiary: The short answer to that is no, the long answer is that I’ve received so many threats of being caught over the past 8 months (almost every day) that it doesn’t affect me at all.
Topiary: Just disgruntled haters.
Salon: Were you ever scared, towards the beginning, of being arrested for your involvement in the ops you’ve helped with?
Topiary: There was a brief window where I was paranoid or that it irked me — now I just laugh wholeheartedly.
Salon: Was there anything in particular that galvanized you to get involved in the first place?
Topiary: I got involved with AnonOps in November when I learned of the defense of The Pirate Bay — I like TPB, they’re good guys, so I joined in to assist in operations against copyright websites, and stayed ever since.

(The Pirate Bay is a website that, in part, aides in the download of pirated multimedia content. It’s “one of the world’s largest facilitators of illegal downloading,” according to the Los Angeles Times.)

 

Salon: how’s it feel to be lavished with so much media attention, all of a sudden?
Topiary: It’s been building up over 8 months, and it’s kind of annoying now. I don’t like major media outlets contacting me daily trying to get some scoopage.
Topiary: So I respond to the smaller, more respectable outlets for exclusives, thus pissing off the big players.
Salon: does this conversation qualify as an annoyance, or tolerable?
Topiary: Tolerable 😀

 

 

Source Link

The Sun, NATO and others go down under low orbit ion cannon fire

HACKTIVIST GROUPS Anonymous and Lulzsec have been busy lately, hacking Rupert Murdoch’s tabloid rag The Sun, along with the NATO military alliance.

The hackers are sitting on an allegedly massive payload of internal emails from The Sun and some potentially devastating documents from NATO that could cause immense security risks in Europe. The question is, will they release these, and what more have the hackers in store for us?

The Sun, The Moon and The Stars
As the phone hacking scandal relating to the News of the World and other News Corporation titles rages on, Lulzsec decided to give them a little taste of their own medicine by hacking The Sun’s web site late on Monday.

At first the web site redirected to a fake news story claiming that Murdoch had died, but when that was taken down Lulzsec redirected readers of The Sun to its Twitter feed. Eventually the web site was taken offline, but it is now back to normal. This hack was apparently planned for as long as two weeks.

However, Lulzsec did a lot more than just get ‘news’ readers to check out its tweets. It also put up phone numbers of News Corporation workers and promised that more would follow.

That more was hinted at by Anonymous, which revealed that it had gained access to emails from The Sun and News of the World. One member of the group, who goes by the handle Sabu, tweeted, “Sun/News of the world OWNED. We’re sitting on their emails. Press release tomorrow.” He said there was as much as 4GB of emails to expose.

At the last minute, however, Anonymous decided not to publish the emails, claiming “it may compromise the court case.”

There appears to be some disagreement amongst certain members of Anonymous over this decision. A UK branch tweeted, “The court case was comprimised when NotW started paying the Met. It’s down to us to exact justice, not the corrupt police.”

It’s not clear if the publication of such emails would in any way endanger the possibility of convictions over the hacking incidents, but it seems that Anonymous isn’t willing to risk it.

We’re not entirely sure why Anonymous decided to wait until the last minute to pull the plug on its plans, however. Surely it would have considered the possibility of the publication compromising the police investigation before hyping up the release.

This anticlimax leads us to question if Anonymous really had the emails in the first place, or if it does but never intended to publish them from the beginning. With the inquiry into hacking that has gone on this week, with the Murdochs and Rebekah Brooks having been questioned in the House of Commons, Anonymous might have been playing scare tactics in order to get them and others to come clean about their alleged involvement.

This is not necessarily the end, however. After people expressed disappointment that the emails would not be published, Lulzsec tweeted, “We’re currently working with certain media outlets who have been granted exclusive access to some of the News of the World emails we have.”

The INQUIRER has asked for access to these emails.

Next Up, Mars: NATO
After the decision not to publish The Sun emails, Anonymous needed to provide something else to satisfy people. It did so in the form of restricted documents from the military alliance NATO.

It released two documents highlighting spending on security projects. While this looks bad for NATO, which should really have better web site security, the details aren’t particularly interesting or incriminating.

Anonymous claims it has 1GB of documents from NATO, “most of which we cannot publish as it would be irresponsible.” It said this data was accessed via “simple [SQL] injection”.

In a further taunt to NATO, the group tweeted, “Hi NATO. Yes we haz more of your delicious data. You wonder where from? No hints, your turn. You call it war; we laugh at your battleships.”

According to the Oman Daily Observer, NATO headquarters was coincidentally closed for a Belgian national holiday on the day Anonymous released some of its payload. Anonymous claims it was not aware of this at the time.

NATO has yet to verify that these documents are genuine, but from our inspection of them they appear to be the real deal.

“NATO security experts are investigating these claims,” said an anonymous spokesperson for NATO. “We strongly condemn any leak of classified documents, which can potentially endanger the security of NATO allies, armed forces and citizens.”

Anonymous responded by saying, “Guess what we did NOT leak?” This hints that the other documents it has at its disposal could create security risks for NATO if they were to get into the wrong hands.

Aiming For The Other Planets: Going Forward
While we await the possibility of seeing some of the News Corporation emails, or perhaps more documents from NATO, Anonymous and Lulzsec are setting their sights on other targets.

A UK branch of Anonymous that has tweeted about Operation Britain took down the web site davidcameron.com. They said they would keep attacking the web site “till he starts telling the truth.” However, it turned out that this was not his official web site, but rather one that slates him and other politicians, so they ceased their attack. It’s not yet clear if the hackers will go after official government web sites now.

A Colombian branch hacked the Facebook pages of Colombian president Juan Manuel Santos and former Colombian president Alvaro Uribe, asking citizens of the country not to celebrate, but to “demand your rights and liberties” instead.

Anonymous is also working on its own social network Anonplus after it was kicked off Google+ for breaking its terms and conditions. In an ironic twist, Sophos Security reports that Anonplus was hacked by Turkish hackers who don’t approve of what Anonymous is doing, telling it to “go to your doghouse”.

In response to the arrests by the FBI of over a dozen people suspected of involvement with Anonymous, the hacking groups said that they are here to stay and will fight against corruption and conspiracy.

A video was also released by Anonymous explaining some of its motivations. It said it was working towards “positive change”. It highlighted that Anonymous has no leaders, dose not centralise its operations and has “no targets, only outcomes”.

On Twitter the group said, “We’re not your enemy but your citizens! The sooner you give up, the less casualties we will have. Also: We didn’t start the fire.”

Another video makes use of the famous and powerful Charlie Chaplin speech from The Great Dictator, which Anonymous claims sums up its message.

Where it goes from here is anyone’s guess, but what is certain is that for the immediate future we can expect to see Anonymous hit the headlines with more hacks of the rich and powerful.

A 16-year-old British hacker fingered by law enforcement sources as a “significant figure in the investigation” of the notorious hacker group LulzSec and its parent group Anonymous was released on bail on Wednesday, FoxNews.com has learned.

A U.S. law enforcement official told FoxNews.com that the teenage suspected hacker, known online as Tflow, was “a significant player” in the international hacking network alleged to have carried out coordinated attacks on websites belonging to the CIA, Visa, Mastercard, Sony, Fox.com and others.

“In respect to his capability and alleged membership in this group that can cripple online entities, and the alleged act he accused of committing — carrying out coordinated DDoS attacks — yes, he’s a significant subject of the investigation,” the official said.

“He was significant enough to be arrested in an international, coordinated, law-enforcement takedown.”

FoxNews.com exclusively broke the news Tuesday that the 16-year-old suspected hacker goes by the online user name Tflow. In online posts and tweets Tflow is labeled one of the masterminds and founders of LulzSec.

“Not sure who IS LulzSec really… tflow/Sabu/myself/kayla started,” one member of the group apparently wrote.

Officers from the Metropolitan Police’s E-Crime Unit in London arrested the youth in South London Tuesday afternoon, part of an international sting. As FoxNews.com first reported exclusively, sixteen suspected members of Anonymous were arrested across the United States, as well as five people elsewhere in the world — largely stemming from an alleged cyberattack on the website PayPal over its action against controversial group WikiLeaks.

A spokesman for the Metropolitan Police told FoxNews.com that the boy was due back in court sometime in August, after spending between 12 and 24 hours in custody on suspicion of breaching the Computer Misuse Act.

The name of the 16-year-old youth was not released.
Source Link

Recent cyber attacks have made the hacktivist and trolling entities Anonymous and LulzSec look chaotic, vindictive and more than anything, shrouded in mystery. A deluge of press attention in recent months has told us a bit about the folks involved, but now the Anons, as they call themselves, are being given a platform to write up their personal stories and explain in their own words why they’ve joined this new modern-day insurgency, risking arrest for the sake of bringing down a website or two.

A co-founder of LulzSec known online as Topiary last week set up an account on Pastebin, the online text application beloved by hackers and LulzSec itself, to publish essays and stories from various supporters of Anonymous. The goal of Voice, he says in the introductory document, is to “capture the motivation behind the recent movement.”

“Anonymous has been moving exceptionally fast with the birth of AntiSec, so we’re trying to capture the personal moments in between the chaos while spreading our creativity through images, text, and videos,” he added separately.

So far the main submissions seem to be text only, but he hopes to get videos, music and imagery too. It’s similar to the stuff users of 4chan (an image board that preceded Anonymous) upload and share everyday to reinforce their belonging in an Internet subculture while poking fun at the rest of the world.

There have been eight submissions so far to Voice, from people claiming to be former American soldiers, activists and college students. Just don’t expect clear-cut descriptions of what they do for a living or, (Heaven forbid) where they live. Instead these are philosophical, often passionate eulogies to a movement that apparently wants to be everything at once, as one called EFG explains:

In the past two years I’ve lived in London, Paris, New York, San Diego, Vancouver, Berlin, Dublin, New Dehli, Phoenix, and a place known only as “Bumfuck Idaho.” I go to college, but not really. I’ve been an underaged n00b, and a 38 year old naysayer. I’ve gone from wealth and success to hunger and homelessness, I’ve been a hacker, and a programmer, and a newfag begging for a LOIC hive. I am a Socialist. And an Anarchist. And a Communist. And a Democrat. And a Libertarian. I am the all singing all dancing crap of the world. In short, I do not exist.

Another named ti pointed out that while everyone came from different backgrounds, they were united by a desire to fight something.

I go to college. I have goals. I have fears. I have problems like anyone else. The funny part? In Anonymous, none of this matters… Anonymous is made of people who see something wrong with the world around them, who have different backgrounds, different ideals, and different cultures. I can’t stress enough the amazing diversity in the people I’ve met. But being Anonymous means none of this matters anymore: you join for the cause, much like I, or anyone else, did. We all have our reasons to fight.

An activist called choobear sees Anonymous as a new form of protest:

For years I have been an activist. I’ve been to many marches. I have stood for the environment, protested against government policies, yelled at the top of my lungs about war, marched in support of gay and lesbian marriage, made pro-choice signs, gone to planning meetings…you get the point. This is an old model of activism. It is still a very valid form of activism and it can get things done, but there is a new wave of activism. It’s called Anonymous.

While another called Tylasaur says Anonymous has changed the very definition of “hacker.”

What do you think of when you hear hacker? I used to think of computers, smarts and patience. Now I think freedom, liberty and lulz… Anonymous has personally changed me for the better. I more easily understand how the media’s food chain works. Big shot white-hats rule the world with not a bit of courage.

It’s a mixed bag of rhetoric, but the statements all seem to point towards the insurrectionary nature of those who take part in Anonymous, and that it is becoming more of a process than any kind of real group.

 

Source Link

Not everyone in the hacker community smiles upon the shenanigans of LulzSec, the hacker group du-jour of the moment. seriously, just check out Google News. right now, LulzSec is a mainstay, and while this publication is adding to it, we concentrate on the web. LulzSec has gained crossover appeal, with stories of their exploits going mainstream.

Did they get to big for their britches, or did they step on the feet of some “true” hackers, opening the doors for retaliatory strikes from groups who fight the same way? well, something happened, and as a result, there’s a LulzSec backlash brewing and it’s not just courtesy of the group’s victims. The person and/or group that apparently got rankled by LulzSec belongs to TeaMp0isoN (Team Poison) hacker team. it seems, among other things, that members of TeaMp0isoN didn’t like being associated with LulzSec and began hacking them in return.

Hackers hacking hackers. although the story gets a little bit more complicated than that, the previous exercise in alliteration sums up things quite effectively. as for the “why” LulzSec is being targeted, well, that’s where the complication comes in.

Based on my limited exposure to various hacker groups around, from what I can tell, TeaMp0isoN is one of the more respected groups, one that doesn’t necessarily like being associated with LulzSec, for a number of reasons. Chief, however, is the fact that LulzSec’s activity aren’t looked upon as true hacker exploits. The targets themselves weren’t the problem. The automated methods used to gain control of the targets on the other hand, were. this was made apparent when — and this is where the details get fuzzy — a suspected LulzSec member was hacked by a TeaMp0isoN member, which was discovered by th3j35t3r, another hacktivist who is at odds with LulzSec.

While the LulzSec member hack has been denied, in combatant fashion, no less, there’s a screenshot of the defacing (click for larger image):

Here’s the transcript, courtesy of I Found The Internet. [sics] remain intact:no matter how many bots you gather, no matter how much people you lie to, no matter how much pre-made tools you use, you will _NEVER_ represent the real hacking scene, we warned you, we told you we do not make empty threats, we gave u 48hrs to secure your ircs yet u failed to do so, instead u posted hashes from public forums and then claimed you doxed us and laughed at the fact that i was 17years old. stop telling yourself that u are hackers, putting a ip into a irc is NOT hacking nor is using pre-made tools and scripts to grab databases… you do not represent the anti-sec movement, u are not allowed to greet underground groups like zf0, ab, h0n0, el8 like your member “AnonSabu” was doing, you will never be apart of the underground scene, if anyone thinks you are underground and can actually hack they have no idea about what happens in the underground scene. oh and TeaMp0isoN Issue 2 is coming out VERY soon exposing lulzsec members (pictures, addresses, passwords, ips, phone numbers etc). . . . not so anonymous anymore are you? lets hope that you can swim because the lulzboat just got titanic’d…

The taunting message was found at the site of Dutch developer Sven Slootweg, who, as indicated, denied his site got hacked in a defiant manner:Notice to press: this website was compromised through exploiting a plugin in an outdated WordPress setup, uploading a shell, and replacing the index page. I am not a member of Lulzsec (a statement I have made several times before in various places), noone “hacked the server” (this has been verified by the hosting company, as this website is on shared hosting) and this was definitely not an “elite hack”. I am not available for further comments to press.

It should be noted, in order to get to Slootweg’s site — awesome name, by the way — a index_defaced.html file appears first, so I’m not sure how valid his denial is.

Now for the why. Why is TeaMp0isoN going after LulzSec? is LulzSec getting publicity other, more deserving hacker groups should get, or is this something a little more personal? According to a link on th3j35t3r’s Twitter, which goes to a blog called “LulzSec Exposed,” some of LulzSec inner circle may have courted this fight themselves. The following screenshot has more details:

Apparently, some LulzSec members called out TeaMp0isoN, and ta-da, we’ve got ourselves a hacker fight; although, with TeaMp0isoN, it goes a little deeper than that. Not only are LulzSec’s (and Anonymous’) methods derided, the ultimate goal is too. is LulzSec a group of modern-day Robin Hood hackers or are their exploits doing something a little more criminal?

Unveillance, a recent LulzSec victim, thinks so:

Over the last two weeks, my company, Unveillance, has been the target of a sophisticated group of hackers now identified as “LulzSec.” during this two week period, I was personally contacted by several members of this group who made threats against me and my company to try to obtain money as well as to force me into revealing sensitive data about my botnet intelligence that would have put many other businesses, government agencies and individuals at risk of massive Distributed Denial of Service (DDoS) attacks.

Is extortion part of the LulzSec appeal? So far, there hasn’t been much in the way of response from LulzSec, aside from the misguided denial from Slootweg. While their Twitter account is going strong, there’s nothing in the way of this subject being discussed. Was TeaMp0isoN’s message heard loud and clear, and as a result, is LulzSec steering clear, or is there more to come? Perhaps this LulzSec tweet offers a glimpse…

 

 

Source Link