LulzSec

How Anonymous spied on FBI / UK Police hacking investigation conference call

Posted on


 

http://sophosnews.files.wordpress.com/2012/02/conference-call-spy-170.jpg” alt=”Conference call spy image from Shutterstock” align=”right” hspace=”10″ vspace=”10″ />

Conference call spy image from ShutterstockLast month, we reported how a conference call, between the FBI and Scotland Yard, discussing their investigation into Anonymous hackers had been secretly recorded by the hacking collective and published on the net.

We surmised at the time that the unknown hackers might have secretly accessed the call by compromising a police investigator’s email account, as the call-in details and passcode were posted by Anonymous on their usual dumping ground – the PasteBin website.

http://sophosnews.files.wordpress.com/2012/02/fbi-email1.jpg” alt=”Conference call email, republished by Anonymous” />

Conference call email, republished by AnonymousYesterday’s announcement by the FBI about the prominent LulzSec hacker Sabu, and other alleged hacktivists, has revealed more details about what actually happened.

According to an FBI press release, a Garda (Irish police) officer who was invited to attend the conference call about ongoing hacking investigations forwarded the message to a personal email account.

Unfortunately, that personal email account was compromised by a hacker.MORE

LulzSec suspect pleads not guilty to Sony Pictures website hack

Posted on


Cody Kretsinger. (CNN/KTVK)

A 23-year-old man, suspected of being a member of the LulzSec hacking gang, has pleaded not guilty to an attack on the Sony Pictures website.

Cody Kretsinger, from Phoenix, Arizona, pleaded not guilty to conspiracy and unauthorized impairment of a protected computer during a hearing at Los Angeles District Court.

Kretsinger is alleged to be the LulzSec member known as “Recursion”, and is accused of being involved in an SQL injection attack that stole information from Sony Pictures in June, exposing users email addresses and passwords.

Approximately 150,000 confidential records were subsequently published online by LulzSec who mocked Sony’s weak security:

"SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now. From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks?"

HideMyAss logoProsecutors claim that Kretsinger used the HideMyAss.com proxy server website to disguise his IP address as he allegedly probed Sony Pictures’ computer systems in May 2011, hunting for vulnerabilities.

HideMyAss.com’s terms and conditions stipulate that their service is not to be used for illegal activity, however, and they co-operated with the authorities when a court order was received requesting information.

Kretsinger’s trial is scheduled to begin on December 13th. If convicted he faces up to 15 years in prison.SRC

LulzSec hacker Topiary released on bail

Posted on Updated on


Jake Davis, an 18-year-old from the Shetland Islands, was released on bail after being charged with five offences relating to computer attacks and break-ins by the LulzSec and Anonymous hacking groups. Davis was granted bail to stay with his mother at their new home in Spalding, Lincolnshire, on condition that he does not access the internet either directly or through anyone else. He also has to wear a tag to ensure a 10pm to 7am curfew. Davis, whom police believe used the online nickname “Topiary” and was a member of the LulzSec and Anonymous hacking groups, was arrested at 2.10pm last Wednesday in Mid Yell, an northern island of the Shetlands.

He was charged on Sunday night with offences under the Computer Misuse Act, the Serious Crime Act, and the Criminal Law Act. Davis is accused of gathering data from National Health Service computers, being involved with attacks on News International and being part of an attack that caused the website for the Serious Organised Crime Agency to collapse. It is claimed that the hacking attacks compromised personal data for hundreds of thousands of people via the NHS, and the bank details of a large number of people when Sony Pictures Entertainment was hacked.

LulzSec hacking suspect ‘Topiary’ arrested in the Shetland Islands

Posted on Updated on


Topiary Tartan LulzSec

A 19-year old man has been arrested by British police in Shetland, UK, under suspicion of launching hacking attacks against a number of websites.

Officers from the Metropolitan Police Service’s Police Central e-Crime Unit (PCeU) arrested the man as part of an international investigation into the activities of the Anonymous and LulzSec hacktivist groups.

The man, who was arrested at a residential address in Shetland, is said to have used the online nickname “Topiary” and acted as a spokesperson for the groups via forums such as Twitter.

The suspected hacker is currently being transported to a central London police station, and a search is taking place at his home.

Shetland Islands“Topiary” has been identified in the past as having a leading role in hactivist attacks launched by the LulzSec and Anonymous groups.

In recent months the LulzSec gang have hacked and launched denial-of-service attacks against a number of high profile websites including The Sun, the CIASOCASonyPBS and the US Senate.

In a related police operation, officers are searching a residential address in Lincolnshire where a 17-year-old male is being interviewed under caution in connection with the inquiry. He has not been arrested.

The truth is that LulzSec and other hacktivist groups have recently been playing an extremely dangerous game – taunting the likes of the FBI and British police with a series of hacks and attacks and believing themselves to be invincible.

If the arrested man is indeed a key member of the LulzSec gang, it could be the British police who have the last laugh.

Interestingly, Topiary deleted all the messages he had previously posted on Twitter recently, replacing them with a simple message:

"You cannot arrest an idea"

Is it possible he saw the writing on the wall?

Just last week, the UK’s PCeU arrested a 16-year-old youth – believed to be the LulzSec/Anonymous hacker known as “T-Flow” – in South London, on suspicion of breaching the Computer Misuse Act. Other arrests took place at the same time in the United States and the Netherlands.

 

LulzSec and Anonymous hacker suspects arrested by US, UK and Dutch authorities

Posted on Updated on


Anonymous and LulzSec

Computer crime authorities will be hoping that they have struck a significant blow against the Anonymous and LulzSec hacking groups, following a series of raids and arrests on both sides of the Atlantic.

In the United States, 16 people have been arrested in connection with an internet attacklast year against PayPal – an assault which was claimed by the loosely-knit hacktivist group known as “Anonymous”, in retaliation for the website withdrawing support for WikiLeaks.

According to a Department of Justice press release, arrests were made in Alabama, Arizona, California, Colorado, the District of Columbia, Florida, Massachusetts, Nevada, New Mexico, Ohio and the District of New Jersey.

In all, FBI agents executed more than 35 search warrants as part of the co-ordinated investigation.

In addition, the UK’s PCeU arrested a 16-year-old youth known as ‘T-Flow’ in South London, on suspicion of breaching the Computer Misuse Act. The teenager is allegedly connected to hacks perpetrated by the LulzSec and Anonymous groups.

Finally, the Dutch National Police Agency arrested four individuals for alleged cybercrimes related to the case.

Defendants named by the US authorities include:

* Christopher Wayne Cooper, 23, aka “Anthrophobic”
* Joshua John Covelli, 26, aka “Absolem” and “Toxic”
* Keith Wilson Downey, 26
* Mercedes Renee Haefer, 20, aka “No” and “MMMM”
* Donald Husband, 29, aka “Ananon”
* Vincent Charles Kershaw, 27, aka “Trivette”, “Triv” and “Reaper”
* Ethan Miles, 33
* James C. Murphy, 36
* Drew Alan Phillips, 26, aka “Drew010″
* Jeffrey Puglisi, 28, aka “Jeffer”, “Jefferp” and “Ji”
* Daniel Sullivan, 22
* Tracy Ann Valenzuela, 42
* Christopher Quang Vo, 22

Infragard logoIn addition, 21-year-old Scott Matthew Arciszewski, 21 who was arrested by the FBI in Florida, was charged with hacks targeted at the Tampa Bay InfraGard website.

InfraGard is a public-private partnership for critical infrastructure protection sponsored by the FBI.

Meanwhile, 21-year-old Lance Moore, of Las Cruses, New Mexico, was charged with allegedly stealing confidential business information from AT&T’s web servers. Moore is said to have worked as a customer support contractor at the firm and is alleged to have downloaded thousands of documents and other files that he was not authorised to access.

The AT&T files were later published by the LulzSec hacking group.

Computer crime authorities will no doubt be hoping that they have struck a significant blow against the Anonymous and LulzSec hacking groups – but anyone who believes we have heard the last of the hacktivists is probably going to be sourly disappointed.

FBI searches LulzSec suspect’s home in Hamilton, Ohio

Posted on Updated on


The international investigation into the notorious LulzSec hacking gang continues, with news that FBI agents have searched a house in Hamilton, Ohio.

According to local media reports, federal agents are said to have searched a teenager’s home in Jackson Road, Hamilton, although no-one was charged after the search warrant was served.

Whether the FBI was acting upon information gleaned from Ryan Cleary, the British teenager who was charged last week in relation to a series of denial-of-service attacks, is unclear.

However, there is speculation that US law enforcement officers may have been acting in part based upon information released by the LulzSec group earlier this group, outing members believed to have leaked the group’s private online chat logs.

A June 21st posting by LulzSec on PasteBin claimed to reveal the true identities of members who called themselves “m_nerva” and “hann”. Apparent real names and addresses were given for both individuals by LulzSec who said:

"These goons begged us for mercy after they apologized to us all night for leaking some of our affiliates' logs. There is no mercy on The Lulz Boat."

In m_nerva’s case, his address was listed by LulzSec as being in Hamilton, Ohio.

Part of a statement from LulzSec

A tweet published at the same time as the information was posted indicated that there was little love between LulzSec members and the member they believed had snitched on them.

The Lulz Boat@LulzSec
The Lulz Boat

Remember this tweet, m_nerva, for I know you’ll read it: your cold jail cell will be haunted with our endless laughter. Game over, child.

Hackers, eh? You just can’t trust ‘em..

With rival hackers apparently turning on each other, and with law enforcement agencies around the world on their tail, it certainly feels as if those who sailed on the Lulz Boat may not be quite so merry as they once were.

 

 

FOR LATEST NEWS ON SCAM, SPAM ALERTS, HACKING, TECHNOLOGY NEWS. PLEASE

FOLLOW “COMPUTER ADDICTED” PAGE IN FACEBOOK:CLICK HERE

Anonymous Picks up Slack as LulzSec Calls it Quits

Posted on


Hacking season is not over yet. Even though LulzSec, the group of hackers who made a name for themselves by hacking Sony, Nintendo, and PBS among others, called it quits on Saturday, another group wants to pick up the slack.

hackers lulzsecAfter announcing the end of its activities, Lulzsec encouraged its 281,870 Twitter followers to follow the account of Anonymous, another hacking organization, which on Monday published new materials on counter-hacking tools and addresses of U.S. FBI locations. Anonymous also picked up more than 60,000 Twitter followers over the past 24 hours.

Acknowledging LulzSec’s retirement, the group released a torrent file containing all the data it obtained over the past seven weeks, including data from prominent targets such as the CIA, U.S. Senate, Sony, and AOL.

Even though LulzSec has been active for only 50 days, the hacking group garnered a significant amount of media attention: “For the past 50 days we’ve been disrupting and exposing corporations, governments, often the general population itself, and quite possibly everything in between, just because we could,” the group says in a goodbye note.

anonymous hackersAnonymous is the hacking group that was alleged (but denied any involvement) to be behind the massive Sony PlayStation Service hack earlier this year.

The files Anonymous released Monday include documents and hacking and counter-hacking tools. The data weighs in at 625MB and its exact source is not mentioned, except a link to the CDI Sentinel program page, which provides free cybersecurity training using a mobile computer lab.

Follow Daniel Ionescu and Today @ PCWorld on Twitter 

FOLLOW “COMPUTER ADDICTED” PAGE IN FACEBOOK:CLICK HERE