Anonymous

How Anonymous spied on FBI / UK Police hacking investigation conference call

Posted on


 

http://sophosnews.files.wordpress.com/2012/02/conference-call-spy-170.jpg” alt=”Conference call spy image from Shutterstock” align=”right” hspace=”10″ vspace=”10″ />

Conference call spy image from ShutterstockLast month, we reported how a conference call, between the FBI and Scotland Yard, discussing their investigation into Anonymous hackers had been secretly recorded by the hacking collective and published on the net.

We surmised at the time that the unknown hackers might have secretly accessed the call by compromising a police investigator’s email account, as the call-in details and passcode were posted by Anonymous on their usual dumping ground – the PasteBin website.

http://sophosnews.files.wordpress.com/2012/02/fbi-email1.jpg” alt=”Conference call email, republished by Anonymous” />

Conference call email, republished by AnonymousYesterday’s announcement by the FBI about the prominent LulzSec hacker Sabu, and other alleged hacktivists, has revealed more details about what actually happened.

According to an FBI press release, a Garda (Irish police) officer who was invited to attend the conference call about ongoing hacking investigations forwarded the message to a personal email account.

Unfortunately, that personal email account was compromised by a hacker.MORE

Hacker’s phone call to Boston Police saying he defaced their website.. because he was bored

Posted on


AntiSec

A number of websites associated with US police have been compromised by AntiSec hackers in apparent support of the “Occupy” demonstrations.

One of the sites targeted was the Boston Police Patrolmen’s Association (BPPA), which suffered a hack which resulted in the release of a thousand usernames and passwords. An obvious danger is that staff may be using the same username/password combinations on other sites – such as their email accounts or Facebook.

In addition, the AntiSec movement claimed in an online press release to be publishing more than 600MB of data stolen from the International Association of Chief of Police (IACP) website, including names and addresses, passwords and internal documents.

Names, addresses, phone numbers and social security numbers for police officers in Alabama have also been exposed, and a contact database associated with employees and clients of the internet company Matrix Group made public. Read the rest of this entry »

Anonymous hacks BART, creating even more innocent victims

Posted on


Guy Fawkes mask protester

Anonymous continued their crusade against governments and organizations this weekend, attacking the myBART.org website belonging to San Francisco’s BART (Bay Area Rapid Transit) system.

They performed a SQL injection (SQLi) attack against the site and were able to extract more than 2,000 records containing names, usernames, passwords (plain text), emails, phone numbers, addresses and zip codes.

They also defaced the website with Guy Fawkes masks, which BART has yet to remove more than four hours later.

Mybart.org defacement

While it is understandable that people are upset with BART after the recent blocking of cell phone communications to prevent protesters from organizing, it is puzzling to me how exposing thousands of innocent people’s personal information hurts BART more than it hurts transit users.

Users of rapid transit are certainly not the problem, and this simply takes a bad situation and makes it worse by creating even more victims.

During my interview about the incident with KCBS radio in San Francisco this afternoon, I was asked what people can do to protect themselves against these types of attacks. What an interesting question…

Personally, I am skeptical of anyone asking for my information for almost any reason. We can’t know how that data will be protected, shared or sold regardless of what the privacy policy may say.

The best approach is to not provide your personal information where it isn’t needed and make sure you always use a unique password for every website, regardless of how unimportant you think the site may be.

If you are a user of myBART.org, I recommend changing your passwords anywhere you might have used the same password. Aside from that, there is little you can do now that your information has been published.

Website admins, if you are still storing passwords in plain text and haven’t examined your web site for SQL injection vulnerabilities, even after the attacks against Sony, I highly recommend doing so. This is not a list you want your site to be added to.

LulzSec hacking suspect ‘Topiary’ arrested in the Shetland Islands

Posted on Updated on


Topiary Tartan LulzSec

A 19-year old man has been arrested by British police in Shetland, UK, under suspicion of launching hacking attacks against a number of websites.

Officers from the Metropolitan Police Service’s Police Central e-Crime Unit (PCeU) arrested the man as part of an international investigation into the activities of the Anonymous and LulzSec hacktivist groups.

The man, who was arrested at a residential address in Shetland, is said to have used the online nickname “Topiary” and acted as a spokesperson for the groups via forums such as Twitter.

The suspected hacker is currently being transported to a central London police station, and a search is taking place at his home.

Shetland Islands“Topiary” has been identified in the past as having a leading role in hactivist attacks launched by the LulzSec and Anonymous groups.

In recent months the LulzSec gang have hacked and launched denial-of-service attacks against a number of high profile websites including The Sun, the CIASOCASonyPBS and the US Senate.

In a related police operation, officers are searching a residential address in Lincolnshire where a 17-year-old male is being interviewed under caution in connection with the inquiry. He has not been arrested.

The truth is that LulzSec and other hacktivist groups have recently been playing an extremely dangerous game – taunting the likes of the FBI and British police with a series of hacks and attacks and believing themselves to be invincible.

If the arrested man is indeed a key member of the LulzSec gang, it could be the British police who have the last laugh.

Interestingly, Topiary deleted all the messages he had previously posted on Twitter recently, replacing them with a simple message:

"You cannot arrest an idea"

Is it possible he saw the writing on the wall?

Just last week, the UK’s PCeU arrested a 16-year-old youth – believed to be the LulzSec/Anonymous hacker known as “T-Flow” – in South London, on suspicion of breaching the Computer Misuse Act. Other arrests took place at the same time in the United States and the Netherlands.

 

CNAIPIC hacked – Italian cybercrime unit files published by Anonymous

Posted on


Anonymous, the loosely-knit hacktivist collective, is claiming to have got its hands on 8GB of “secret documents” from CNAIPIC, Italy’s cybercrime unit responsible for protecting the country’s critical IT infrastructure.

If it’s true that security at CNAIPIC has been breached by hackers, that would be a genuine concern as the group works with intelligence agencies around the world.

CNAIPIC - Centro Nazionale Anticrimine Informatico per la Protezione delle Infrastrutture Critiche

An Anonymous Twitter account announced the data breach, and links were posted up on Pastebin pointing to a selection of the stolen files, which included information related to various government departments around the world, including the US Department of Agriculture and Australia’s Ministry of Defence.

Documents about a number of private firms also appear to be included in the haul, which was claimed by The Legion of Anonymous Doom who are presumed to be a subgroup of Anonymous.

Hacker statement

A message posted on the internet in poorly-written English claimed that there would be more information and files released in due course:

"This is a prerelease of a series we are going to make to reveal the biggest in history of European LE cyber operation Evidence exploitation and abuse. Thing's gonna get published and twittered all over anonymous and lulzsec community."

A screenshot of a list of all the files that had been compromised was posted on the internet, and included in a news report by The Hacker News. A small portion of it is reproduced below.

Small selection of some of the allegedly stolen CNAIPIC files

So, why is Anonymous apparently targeting the Italian cybercrime authorities?

Well, earlier this month, Italian police searched dozens of houses and charged suspects, in an investigation into the Italian branch of Anonymous – which is suspected of hitting government, business and media websites with denial-of-service attacks.

Inevitably there will be speculation that this is a counter-attack against the Italian authorities following the arrests.

LulzSec and Anonymous hacker suspects arrested by US, UK and Dutch authorities

Posted on Updated on


Anonymous and LulzSec

Computer crime authorities will be hoping that they have struck a significant blow against the Anonymous and LulzSec hacking groups, following a series of raids and arrests on both sides of the Atlantic.

In the United States, 16 people have been arrested in connection with an internet attacklast year against PayPal – an assault which was claimed by the loosely-knit hacktivist group known as “Anonymous”, in retaliation for the website withdrawing support for WikiLeaks.

According to a Department of Justice press release, arrests were made in Alabama, Arizona, California, Colorado, the District of Columbia, Florida, Massachusetts, Nevada, New Mexico, Ohio and the District of New Jersey.

In all, FBI agents executed more than 35 search warrants as part of the co-ordinated investigation.

In addition, the UK’s PCeU arrested a 16-year-old youth known as ‘T-Flow’ in South London, on suspicion of breaching the Computer Misuse Act. The teenager is allegedly connected to hacks perpetrated by the LulzSec and Anonymous groups.

Finally, the Dutch National Police Agency arrested four individuals for alleged cybercrimes related to the case.

Defendants named by the US authorities include:

* Christopher Wayne Cooper, 23, aka “Anthrophobic”
* Joshua John Covelli, 26, aka “Absolem” and “Toxic”
* Keith Wilson Downey, 26
* Mercedes Renee Haefer, 20, aka “No” and “MMMM”
* Donald Husband, 29, aka “Ananon”
* Vincent Charles Kershaw, 27, aka “Trivette”, “Triv” and “Reaper”
* Ethan Miles, 33
* James C. Murphy, 36
* Drew Alan Phillips, 26, aka “Drew010″
* Jeffrey Puglisi, 28, aka “Jeffer”, “Jefferp” and “Ji”
* Daniel Sullivan, 22
* Tracy Ann Valenzuela, 42
* Christopher Quang Vo, 22

Infragard logoIn addition, 21-year-old Scott Matthew Arciszewski, 21 who was arrested by the FBI in Florida, was charged with hacks targeted at the Tampa Bay InfraGard website.

InfraGard is a public-private partnership for critical infrastructure protection sponsored by the FBI.

Meanwhile, 21-year-old Lance Moore, of Las Cruses, New Mexico, was charged with allegedly stealing confidential business information from AT&T’s web servers. Moore is said to have worked as a customer support contractor at the firm and is alleged to have downloaded thousands of documents and other files that he was not authorised to access.

The AT&T files were later published by the LulzSec hacking group.

Computer crime authorities will no doubt be hoping that they have struck a significant blow against the Anonymous and LulzSec hacking groups – but anyone who believes we have heard the last of the hacktivists is probably going to be sourly disappointed.

FBI searches homes of suspected Anonymous hacktivists in New York

Posted on


FBI badge

In the early hours of this morning, the FBI executed search warrants at to gather evidence at the homes of alleged members of the Anonymous hacktivist group.

According to a Fox News report, two homes in Long Island, New York, and one in Brooklyn, were searched by FBI agents looking for evidence that computers at the addresses had been used in distributed denial-of-service (DDoS) attacks against a number of websites.

Computer equipment is said to have been removed from the home of Giordani Jordan in Baldwin, Long Island by FBI agents.

In recent months, a number of high profile websites (including those belonging to Mastercard, Visa and the Recording Industry Association of America) were blasted off the internet in a series of DDoS attacks, with different computers scattered across the world deployed to bombard targeted sites with traffic using a tool called LOIC.

However, the Low Orbit Ion Cannon (LOIC) tool doesn’t do a very good job of covering the tracks of attackers – making it potentially easy for computer crime authorities to track those behind the attacks.

The raids in New York followed just hours after hackers launched an attack against The Sun newspaper, redirecting visitors to a false news story that News Corporation CEO Rupert Murdoch had been found dead.

In recent months we have seen Anonymous-related arrests in the USAUK,Spain, and Turkey.

Facilitating or conducting a DDoS attack is illegal in many countries around the world, and in the United States is punishable by up to 10 years in prison and considerable fines.