Lulzsec teams up with Anonymous to target governments and banksLaunch of Operation Anti-SecurityBy Dean WilsonMon Jun 20 2011, 11:47NINJA PIRATE HACKER GROUP Lulzsec has joined forces with the hacktivist group Anonymous in a global operation targeted at governments and banks.The duo launched Operation Anti-Security today, declaring "unremitting war" on the "freedom-snatching moderators" of the internet. They vowed to fight both the government and what they called "whitehat security terrorists", persumably referring to genuine security outfits like Sophos, which has been highly critical of Lulzsec as being immature and lacking "moral spine".Lulzsec and Anonymous called on others to support their efforts, suggesting hacking government and banking websites. They particularly encouraged the use of the word "Antisec" as digital or physical graffiti in order to spread the message behind attacks.Both groups have gained both support and criticism for a number of recent hacks, but this is the first time they have teamed up to take down a target. They revealed that their top priority is to steal and leak classified government information, particularly emphasising the banking industry. They also promised to break through any attempts to censor them.Lulzsec has been extremely active over the past few weeks, hacking Sony and several other gaming companies, using Distributed Denial of Serivce (DDoS) attacks against the US Senate, International Monetary Fund and CIA web sites, and uploading 62,000 email addresses and passwords it acquired.There appeared to be no real purpose behind those attacks other than the fun of it, but there is a clearer objective with Operation Anti-Security, targeted at those that oppose internet freedom. It's understandable why this has gained the support of Anonymous, which has been a primary supporter of the whistleblowing web site Wikileaks.Lulzsec also targeted the FBI-linked Infragard Connecticut web site, which is now offline. It used SQL injection, a relatively simple form of hacking, to compromise over 1,000 passwords belonging to FBI-affiliated members, claiming that many of these people reuse the same password frequently. It chose not to reveal these passwords to the public. µ
Sega hack took 1.29 million users' detailsLatest hacked game firm confesses to lossesBy Dave NealMon Jun 20 2011, 09:15GAMES COMPANY Sega has contacted users following a hacker attack last Friday and informed them that it is doing all it can be protect their information.In an e-mail sent to Sega Pass users the company said, "Over the last 24 hours we have identified that unauthorised entry was gained to our Sega Pass database. We immediately took the appropriate action to protect our consumers' data and isolate the location of the breach. We have launched an investigation into the extent of the breach of our public systems."The firm revealed that the attack could have affected as many as 1.29 million of its Sega Pass members and taken some of their personal information. However, credit card and banking information appears to have been untouched."1,290,755 customers' information including Sega Pass members name, email addresses, dates of birth and encrypted passwords were obtained," it said.Currently a note on the Sega Pass site puts off new members, and, you could say, any current ones. "Hi", it says, "SEGA Pass is going through some improvements so is currently unavailable for new members to join or existing members to modify their details including resetting passwords. We hope to be back up and running very soon. Thank you for your paitence (sic)."While some might have thought that it was ninja pirates from Lulzsec that were responsible for the attack, this apparently was not the case. In fact Lulzsec offered to help Sega in its time of trouble."Contact us. We want to help you destroy the hackers that attacked you," the group said in tweet, "We love the Dreamcast, these people are going down." µ
Forget passwords yes. Time for heavy biometrics. Eyeball scanners ftw.
Anonymous widens target base, takes on GM foodsGM giant Bayer AG has an enemyBy Dave NealTue Jul 05 2011, 17:35FRIEND OF FUTURE FOOD Bayer AG has earned itself the attention of the hactivist group Anonymous and might want to prepare for some web site downtime and public relations scurrying.In an open letter Anonymous accused Bayer of having committed crimes, and said that it would not let it go unpunished, so it has started Operation Green Rights."You have won our attention after decades of greedy abuses of humanity and nature. Bayer - we see you profiting off of death and destruction! We see you escape unscathed from justice!", it said."Bayer AG pharmaceutical (formerly known as IG Farben) has been involved in countless corporate abuses, which have resulted in the death of thousands in the last century. These abuses have been consistently ignored, and cannot be ignored further."The accusations Anonymous leveled at the German firm included a range of abuses. For example, Anonymous said that Bayer had disregarded "proper and thorough investigation of chemicals, vaccines and substances", is destroying the environment, and employed Nazis. Still, at least it's not the News of the World.Anonymous has had a range of targets. Bayer AG joins amongst others Viacom, Sony, Visa and Mastercard. µ
^^Not really everybody know snuffy and big bird bulling long time now, knowing america they might make a spin off.but on a serious note, this won't end well for either side look how much drama you have to go through just to get through the airport after 911. This will only lead to inappropriate security measures that only seem to alienate the innocent.
FBI arrests 16 Anons across US; UK police pick up LulzSec memberBy Peter Bright | Published about 2 hours agoThe FBI has made a series of raids at addresses across the US and arrested 16 people accused of participating in Anonymous-branded cyberattacks. Arrests were made in Alabama, Arizona, California, Colorado, the District of Columbia, Florida, Massachusetts, Nevada, New Jersey, New Mexico, and Ohio, with further raids and equipment seizures conducted in New York.14 of those arrested have been charged with conspiring with others to damage computer systems belonging to PayPal. PayPal was the victim of a distributed denial of service attack performed by Anonymous after the site blocked the ability to donate money to WikiLeaks, an action named "Operation Avenge Assange." The defendents range in age from 20 to 42 years old, with 11 males and two females; the 14th defendent has had his or her name withheld.Separately, a 21-year-old man was arrested for breaking into the InfraGard Web site, tweeting about what he did, and providing instructions so that others could also break in.Finally, another 21-year-old man was arrested for stealing confidential information from AT&T's systems while working as a customer support contractor. This is the data that was published as part of LulzSec's retirement from the public eye.The statement issued by the Department of Justice says that in concert with the arrests in the US, one arrested was made in the UK, and four in the Netherlands.Fox News is reporting that the arrest in the UK was of an unnamed 16-year-old whose online handle is tflow. tflow was prominent within Anonymous' denial of service and hacking operations, and a member of LulzSec too.Prior to news of tflow's arrest, the handful of people behind breakaway Anonymous splinter group LulzSec—which yesterday came out of retirement to break into News International's servers—said on their IRC channel that they are unaffected by the arrests and raids. Members of the group have speculated that the DoS participants are being targeted because they're readily traced, especially if they use the LOIC tool that Anonymous has often used to perform such attacks. Typical usage of this tool does nothing to mask identities, making it relatively easy to track down its users. LulzSec members, in contrast, have used software such as Tor and anonymous VPN connections to mask their identities.If tflow has indeed been arrested, he would be the first member of LulzSec to be apprehended; his arrest might also indicate that LulzSec wasn't as anonymous as it thought it was.
Antisec goes after PaypalAnonymous and Lulzsec turn their attention to payment firmBy Dave NealWed Jul 27 2011, 08:55ONLINE PAYMENT FIRM Paypal has once again gained the attention of disgruntled internet users and is the target of an operation mounted by Anonymous and Lulzsec.The payment firm has already been targeted for stopping payments to Wikileaks, and in a separate and apparently random attack, had its Twitter feed taken over in the UK, but this latest attack - for want of another word, aims to hit it right at its heart - its business.Now, because Paypal continues to curry favour with governments, the Antisec movement has had enough and has asked people to vote with their feet and aid its cause by closing their accounts.An Antisec communique criticises the company for harming Wikileaks and helping law enforcement agencies hunt down its members. This, as anyone from HBGary Federal could tell you, is a bad idea."PayPal continues to withhold funds from WikiLeaks, a beacon of truth in these dark times. By simply standing up for ourselves and uniting the people, PayPal still sees it fit to wash its hands of any blame, and instead encourages and assists law enforcement to hunt down participants in the AntiSec movement," wrote the group in a release posted, as per usual, to Pastebin."Quite simply, we, the people, are disgusted with these injustices. We will not sit down and let ourselves be trampled upon by any corporation or government. We are not scared of you, and that is something for you to be scared of. We are not the terrorists here: you are... We encourage anyone using PayPal to immediately close their accounts and consider an alternative."The operation, called Oppaypal, has a lot of traction on Twitter and, in addition to the statement from Antisec, its message has been mirrored on the accounts of others associated with the groups.The @AnonymousIRC account posted this message this morning, "Hello @PayPal: You sue your innocent customers for $500.000. And you, U.S. Gov't want to add 15 years of prison. Well, not gonna take it," adding, "Always remember: We didn't start the fire it, was always burning an it was YOU who put the fucking gasoline in. So don't complain!"So far the campaign seems to be going well, for Antisec at least, and the operation reckons that by the end of the week it could see as many as 9,000 Paypal accounts closed.Some users are donating their remaining funds to charities, while according to reports from others Paypal might be manipulating its close your account pages. µ
Key LulzSec figure nabbed as new attack on PayPal launchedBy Peter Bright | Published about 2 hours agoAnonymous has resumed its fight with PayPal, but this time with a twist: instead of engaging in more denial-of-service attacks against the online payment processor, the group is exhorting its supporters to close their PayPal accounts and cease using the service. This new OpPayPal comes in the wake of arrests the FBI announced last week that were made in response to the large denial of service attacks made against PayPal after PayPal stopped processing donations to WikiLeaks.The statement issued by Anonymous denounces PayPal for acquiescing to government pressure and blocking payments to WikiLeaks. The statement also expresses the group's outrage that the FBI has arrested suspected criminals, who face the possibility of 15 years in prison and fines of up to $500,000. As punishment for this Anonymous-unapproved action, the statement encourages everyone to use alternative services to PayPal, close their PayPal accounts, and post pictures of the closures to Twitter. Those who can't close their accounts for any reason are invited to complain to the company instead.Reports on Twitter of account closures in response to Anonymous' boycott number in their hundreds, and Anonymous itself is claiming that some 35,000 accounts have been closed. eBay, owner of PayPal, saw its share price drop by around 2 percent when the markets opened this morning, and Anonymous is taking credit for this decline. However, given that the NASDAQ as a whole has dropped by about 1.8 points at the time of writing, this fall in price looks more likely to be a reflection of prevailing market trends, rather than any specific response to the PayPal boycott.Meanwhile, the arrests have continued. The Metropolitan Police in the UK are claiming to have arrested Topiary, a key player in both AnonOps and Lulz Security. The report says that a 19-year-old male was arrested in the Shetland Islands as part of continuing investigation into the denial-of-service and hacking attacks made under both the Lulz Security and Anonymous banners. Other addresses in the north of England are being searched, and a 17-year-old male is also being interviewed in connection with the inquiry.
FBI working from list of top 1,000 protestors in Anonymous raidsBy Kevin Poulsen, wired.com | Published about 7 hours agoIt turns out there’s a method behind the FBI’s raids of suspected Anonymous members around the country. The bureau is working from a list, provided by PayPal, of the 1,000 internet IP addresses responsible for the most protest traffic during Anonymous’ DDoS attacks against PayPal last December.FBI agents served 40 search warrants in January on people suspected of hosing down PayPal during ”Operation Payback”—Anonymous’ retaliatory attack against companies who blacklisted WikiLeaks. On July 19, the feds charged the first 14 defendants under the Computer Fraud and Abuse Act, and raided an additional 35 suspects for evidence.An FBI affidavit first published Tuesday by an NBC affiliate in Dallas lays out how the FBI decided on its targets, and suggests the bureau may have plenty more.According to the affidavit by FBI agent Chris Thompson, PayPal security officials were in close contact with the bureau beginning on December 6, two days after PayPal froze WikiLeaks’ donation account and the first day it began receiving serious denial-of-service traffic. FBI agents began monitoring Anonymous press releases and Twitter postings about Operation Payback, while PayPal collected traffic logs on a Radware intrusion prevention system installed on its network.On December 15, the company turned over a USB thumb drive containing the Radware reports, which documented “approximately 1,000 IP addresses that sent malicious network packets to PayPal during the DDoS attacks.” The list represented the “IP addresses that sent the largest number of packets.”It was easy to distinguish the packets coming from the’ “Low Orbit Ion Cannon”—Anonymous’ fire-and-forget DDoS tool—because they contained strings like “wikileaks,” “goof,” and “goodnight,” the affidavit notes.The newly released affidavit was offered in support of a search warrant for the home of an Arlington, Texas couple and their son, who were among the July 19 targets, and have not been charged. The house was the source of 3,678 packets in about two-and-a-half hours starting December 8.
Three out of four rootkit infections are on Windows XPReport is not good news for the Microsoft OSBy Inquirer StaffThu Jul 28 2011, 15:43FREEMIUM antivirus vendor Avast warns that unpatched Windows XP machines continue to pose a serious threat to the internet ecosystem by harbouring three quarters of all rootkit infections.The company has an unique insight into the threat landscape thanks to over 130 million active Avast! antivirus installations worldwide that send it malware telemetry. According to a recent analysis performed by the firm's researchers, 74 per cent of 630,000 rootkit samples found in the wild originated from Windows XP machines.This rootkit infection rate is almost two times higher than the decade-old operating system's global usage share of 38 per cent. Avast's statistics show that 49 per cent of its customers have XP running on their computers.The numbers clearly show that the high Windows XP infection count can't simply be explained by its market share. "One issue with Windows XP is the high number of pirated versions, especially as users are often unable to properly update them because the software can't be validated by the Microsoft update," said Przemyslaw Gmerek, Avast's leading rootkit expert.Rootkits are serious threats because they function at the lowest levels of the operating system, which makes them hard to detect. For example, some rootkits hook the file system drivers to hide malicious files.Others even operate outside the OS, giving them much more control over machine. These are called bootkits because they infect a partition's Master Boot Record (MBR) and, according to Avast, they are responsible for 62 per cent of all rootkit infections.The top MBR rootkit family is known as Alureon, TDL or TDSS. The latest variant, TDL4, is capable of self-propagation and can infect 64-bit versions of Windows Vista and Windows 7.These Windows flavors employ advanced protection technologies like mandatory driver signing, Patchguard and User Access Control (UAC).Computers infected with TDL4 operate as part of a botnet whose use of the KAD peer-2-peer network for updating purposes has led to security researchers from Kaspersly Lab calling it indestructible.Avast claims that Alureon variants account for 74 per cent of all MBR rootkit infections, but just to put this number into perspective, Kaspersky Lab estimates that the TDL4 botnet alone is made up of 4.5 million infected computers.Windows 7 has slowly eaten away at Vista and XP's market share for the past two years, but the rootkit problem won't go away anytime soon. Microsoft will continue to support Windows XP until 8 April, 2014, and rootkit creators have already demonstrated their ability to defeat all defences in its newer operating systems.On 12 April, Microsoft issued a Windows 7 security update which, according to security researchers, targeted TDL4 in particular. The modifications it made rendered the rootkit ineffective, but new variants bypassing the patch were spotted by 3 May. µ
Anonymous member leaves and slates hacktivist groupCalls on hackers to abandon AnonymousBy Dean WilsonMon Aug 22 2011, 11:51AN ALLEGED MEMBER of hacktivist group Anonymous has announced his departure from the group on Pastebin, citing disagreements over the group targeting the information of innocent people.The man, supposedly called Matthew, who goes by the online handle Sparkyblaze and claims to be from Manchester in the UK, posted a scathing message about how things have gone downhill within the hacktivist camp."They are removing peoples [sic] right to anonymity, a right which they claim to protect and uphold," he wrote. "Sending some packets to a server and putting info on-line is not helping or solving anything."He said that things have changed inside Anonymous, particularly with the advent of Lulzsec and the Antisec campaign, which both go against what he stands for and what Anonymous is supposed to stand for.He also claimed that Anonymous has a leadership that he said does not care about anyone. He slated Anonymous for not helping out with media attention or donations for people being arrested for DDoSing Paypal, pointing out the hypocrisy of what they did when well-known hacker Topiary was arrested, a member that Matthew claims is "higher up" in the rankings in the group.Matthew said that Anonymous is not responsible for toppling governments. He said it was the people on the streets that brought down dictators in countries across the world. He said the group has tricked people into thinking they are helping in situations like this, but in reality they are not.He called on governments to "arrest the leaders", not the kids. Of course, if this suggestion that there is an Anonymous leadership group is true, it might be harder to get to them than the average Joes on the bottom, many of whom do not know how to protect their identity online nor realise the implications of being arrested for hacking crimes.Matthew claimed that Anonymous is a "media whore" and that it has preyed on people's willingness to help others. He called on members of Anonymous to "quit while you still can". µ
