The Yes, This Big Header Banner
Stickies
No stickies found.
Random Comment
Comment #6713
it's nice to see them put effort into a nintendo console again
 

Anonymous Takes on Security Company

at 16:31 - 7th, February 2011
This is too good, seriously brought a smile to my face when i read it.

Some history
Wikileaks spills the beans on several political entities including the US. US Government issues cease and desist to the servers wikileaks is hosted on, the credit cards used to pay for the servers and pretty much anything else they can that relates to wikileaks, this includes paypal. Enter Anonymous, they find out and certain members of anonymous (maybe all of them, i don't know) were outraged by the actions of the government. Anonymous attacks websites of the companies who complied to the US governments requests. FBI now gets involved and arrests those who DDoS the servers/sites of the companies involved.

Then this happens.

Taken from ArsTechnica

Internet vigilante group Anonymous turned its sights on security firm HBGary on Sunday evening in an attempt to "teach [HBGary] a lesson you'll never forget." The firm had been working with the Federal Bureau of Investigation (FBI) to unmask members of Anonymous following the group's pro-WikiLeaks attacks on financial services companies, and was prepared to release its findings next week.

HBGary had been collecting information about Anonymous members after the group's DDoS attacks on companies perceived to be anti-WikiLeaks. The firm had targeted a number of senior Anonymous members, including a US-based member going by the name of Owen, as well as another member known as Q. In addition to working with the FBI (for a fee, of course), HBGary's CEO Aaron Barr was preparing to release the findings this month at a security conference in San Francisco.

Anonymous, however, felt that HBGary's findings were "nonsense" and immediately retaliated—but this time with something other than a DDoS attack. Instead, Anonymous compromised the company's website, gained access to the documents that HBGary had collected on its members, and published more than 60,000 of HBGary's e-mails to BitTorrent. They also vandalized Barr's Twitter and LinkedIn accounts with harsh messages and personal data about Barr, such as his social security number and home address.

"We’ve seen your internal documents, all of them, and do you know what we did? We laughed. Most of the information you’ve ‘extracted’ is publicly available via our IRC networks," Anonymous wrote in a statement posted to HBGary's site on Sunday. "So why can't you sell this information to the FBI like you intended? Because we're going to give it to them for free."

HBGary cofounder and security researcher Greg Hoglund confirmed on Sunday evening that the latest attacks were sophisticated compared to the group's past shenanigans. "They broke into one of HBGary’s servers that was used for tech support, and they got e-mails through compromising an insecure Web server at HBGary Federal," Hoglund told KrebsonSecurity. "They used that to get the credentials for Aaron, who happened to be an administrator on our e-mail system, which is how they got into everything else. So it’s a case where the hackers break in on a non-important system, which is very common in hacking situations, and leveraged lateral movement to get onto systems of interest over time."

As for the 60,000 e-mails that are now available to anyone with a torrent client, Hoglund argued that their publication was irresponsible and would cost HBGary millions of dollars in losses due to the exposure of proprietary information. "Before this, what these guys were doing was technically illegal, but it was in direct support of a government whistle blower. But now, we have a situation where they’re committing a federal crime, stealing private data and posting it on a torrent," Hoglund said.

It's unlikely that Anonymous cares about what Hoglund thinks, though. Several of the company's e-mails indicated that Barr was looking for ways to spin its info about Anonymous as a pro-HBGary PR move, which Anonymous took special issue with. The group warned HBGary that it had "charged into the Anonymous hive" and now the company is "being stung."

"It would appear that security experts are not expertly secured," Anonymous wrote.



so very happy.

• Alex


 

Similar posts

Back in the driver's seat
I'm back in Montreal and with my triumphant return comes the site as well. Maybe you d...

 
How they looked when they started
Remember the days when the word Google was not interchangeable with int...
Moot wins time100 contest
In a stunning result, the winner of the third annual TIME 100 poll and ...

 

Join the conversation
Login.

U:
 
P:
Don't have a username? Register Now
Can't remeber your login? Find Password