Anonops #7: Meer is beter

twitter:

AnonIRC twitterde op zaterdag 23-07-2011 om 01:39:43 OFFICIAL #ANONOPS #ANTISEC #LULZSEC #LULZ OPERATION STARTS NOW. CALLING IT #OPJIHAD, RT ALL, irc. HomeBase = irc.mibbit.com #OpJihad reageer retweet

quote:

Opgepakte hacker: ik wilde AntiSec oprollen

De opgepakte 17-jarige hacker Time claimt dat hij AntiSecNL heeft opgericht om 'onethische' hackers te kunnen aangeven. "Ik zat daar met één reden: dat stelletje scriptkiddies oprollen", zegt hij in een exclusief interview met Tweakers.net.

De afgelopen dagen is AntiSecNL veelvuldig in het nieuws geweest nadat vier van de leden van dit hackersclubje werden opgepakt. Een 17-jarige hacker met de nickname Time was een van de vier opgepakte mannen. Vrijdag werd hij weer op vrije voeten gesteld, waarna Tweakers.net hem 's avonds sprak. Time volgt momenteel een ict-opleiding en is de oprichter van AntiSecNL.

"Op het moment dat ik AntiSecNL oprichtte begon mijn 'dubbelrol'. Mijn plannen waren al klaar, ik was gedreven om deze groepering op te breken koste wat het kost. Ik heb het niet voor mezelf gedaan maar voor de maatschappij en de internetgebruiker. Want als je gegevens op internet belanden staan en blijven ze daar ook. Ik heb zelf AntiSecNL opgericht met het plan om dieper en dieper in AntiSec te komen en wanneer het moment daar is, alle gegevens van de leden naar het KLPD te brengen. Ik zat daar met maar één reden: dat stelletje scriptkiddies oprollen."

Het verzamelen van informatie is volgens Time wel gelukt. "Ik heb een hoop nicknames, en ik weet wie er achter wat zit omdat ik zoveel vertrouwen heb gewonnen in de wereld. Ze weten dan ook niet dat ik ben opgepakt omdat ik meerdere nicknames gebruikte. Natuurlijk ben ik bang voor mijn rechtszaak, want ik weet dat ik opgesloten kan worden, maar ik weet dat ik dit heb gedaan om ze te vinden en op te kunnen pakken."

De claim dat Time alleen maar de politie wilde helpen, is op dit moment niet te controleren: het OM vertelt niets over de inhoud van de verhoren. Time ontkent tegenover Tweakers.net dat hij zelf actief betrokken is geweest bij de hacks die in het nieuws zijn geweest. Onafhankelijke bronnen bevestigen dit. Van diverse kanten heeft Tweakers.net inmiddels vernomen dat Calimero de man achter de Bronkerk-hack was en dat Dutchd3v1l verantwoordelijk was voor de Nimbuzz-hack. Deze laatste hack kon worden uitgevoerd doordat de inloggevens van het beheersysteem via een open wifi-netwerk konden worden achterhaald toen de beheerder in een café inlogde. Ook werd het clubje hackers in verband gebracht met de aanval op datingsite Pepper.nl, de hack van voip-bedrijf Nimbuzz en het laten uitlekken van gegevens van Politiebond.nl. Saillant detail is dat de hack van Pepper.nl, waarmee AntiSecNL voor het eerst uitgebreid de media haalde, volgens Time niet is uitgevoerd door AntiSecNL maar door AntiSec zelf.

Helemaal als een verrassing kwam zijn arrestatie niet, bevestigt Time desgevraagd tegenover Tweakers.net. "Ik had mijn arrestatie op een punt zelf ook wel verwacht, want ik werd gewaarschuwd door een aantal mensen dat ik er te diep inzat. Natuurlijk is het niet leuk om vier dagen in zo'n rotcel te zitten waar het ijskoud is. Het enige dat ik dan ook heb gedaan was slapen en een beetje voor me uit staren."

De arrestatie ging georganiseerd, blijkt uit het verhaal van Time. Dit keer geen arrestatieteam dat 's nachts een deur inbreekt, maar een goed geregisseerde aanpak. "Er werd tussen 19 en 20 uur aangebeld door een nep-postbode die vroeg of ik wilde tekenen voor een aangetekende brief. Drie minuten later stond mijn woonkamer vol politie, en vijf minuten later zat ik zelf in de auto op weg naar het arrestantencomplex. Wat ze hebben meegenomen weet ik zelf nog niet. Ik weet wel dat ze mijn Blackberry hebben meegenomen en mijn laptop. Mijn drie honden hebben ze in het asiel gestopt. Het is nog maar de vraag of ik die wel terug krijg."

Ook is het de vraag of Time de bij hem in beslaggenomen hardware nog terugkrijgt. "Ik baal er heel erg van dat mijn telefoon is afgepakt, aangezien dat mijn enige communicatiemiddel met mijn familie is. Verder hebben ze alle ingenomen spullen nog in hun bezit natuurlijk. Het is de vraag maar of ik mijn laptop ooit terugzie."

Tegenover Tweakers.net bevestigt Time dat er wel delen van zijn harde schijf zijn versleuteld. "Er werd naar mijn wachtwoorden gevraagd, maar die heb ik niet gegeven omdat er voor mij privacygevoelige informatie op staat, zoals foto's van mijn ex en jeugdfoto's." Ondanks dat Time zegt deze wachtwoorden niet te hebben gegeven, zegt het Openbaar Ministerie dat de opgepakte hackers goed hebben meegewerkt met het onderzoek. Op welke manier wil Justitie niet zeggen.

Overigens is het nog maar de vraag of de versleutelde gegevens echt niet toegankelijk waren. De kans bestaat dat de laptop van Time aanstond en dat Justitie de hardware al draaiend heeft meegenomen. Als de versleutelde delen op het moment van inbeslagname waren gemount, dan waren deze gewoon toegankelijk.

Deel uitmaken van een hackersgroep is een vermoeiende hobby, aldus Time. "Bij een hackersgroepering zitten vreet aan je, het doet wat met je, het zet je aan het denken waarom mensen dit doen." Hij zegt zich niet te kunnen vinden in de acties van de andere leden van AntiSecNL. "Persoonlijke gegevens van mensen op straat gooien, dat is niet normaal. Ik had dit dan ook altijd anders gedaan door het bedrijf zelf te mailen over het lek, want wie verdient er iets aan? Jij niet, het bedrijf niet en de gebruikers van wie je de persoonsgegevens op straat gooit ook niet."

quote:

Third Target of FBI Anonymous Probe Steps Forward to Announce Innocence

We’ve been documenting the people that were targeted in the cross country raids on alleged Anonymous members. So far, it seems that every day we are hearing from those who were affected coming forward to state their case that they had no part in Anonymous hacking. Today, we found another person stating their innocence.

In the major sweep of hackers, the score might now be Anonymous: 3, FBI: 0. Still, as time goes on, we are getting a clearer and clearer picture of the kind of people that were arrested or raided. On the 20th, we reported on Scott Matthew Arciszewski, someone who may have done little more than blog about potential security vulnerabilities of Infragard. The second person we found out about was Garrett Deming, a band singer who barely knows how to turn on a computer.

Today, we found a report by the Bay Citizen which details a Santa Rosa man by the name of Drew Ellis. He was one of the reported 14 people that were caught up in the FBI sweep. He’s a 26 year old computer programmer who, unlike Deming, has known about Anonymous. From the report:

Ellis said federal agents came to his home around 6 a.m. Tuesday to arrest him. He said agents had raided his home in January and seized computer equipment.

The agents took him to the U.S. Marshall’s office in San Francisco, where he was later released on bail after agreeing to several conditions, including allowing monitoring software to be installed on his personal computer.

Ellis denied any involvement in the hacking of PayPal, but does admit that he knows a lot about Anonymous:

Ellis said people have it wrong when they call anyone a “member” or a “leader” of Anonymous.

“The Anonymous thing — there are no leaders, it’s just people who are pissed off, and if enough people go into certain chat rooms on the Internet and say, ‘Let’s stand up and fight against these things,’ and if other people consent, maybe these things can happen,” he said.

Now, last I checked, there is a big difference between knowing about something and actively participating in something. It’s not really a crime to know something about Anonymous. I know that Anonymous can be seen as a group of people with idea’s. Does that make me actively involved in Anonymous? No.

Like the previous cases, this seems to be a case of the FBI needing more evidence then what we are seeing here. Really, unless these’s something that turns up in his hard drive that says that he actually participated in the hacking, I think it’ll be very difficult to prosecute this individual.

quote:

Anonymous gets hacked by Syrian Hacker Group

Well it seems that as Anonymous hacks into NATO’s servers, Anonymous get’s 0wn3d itself! We have just gotten tipped that the Anonymous website, www.anonplus.com was hacked. We have confirmed that indeed, their site has been hacked by a Syrian hacker group known as “The Pro”

They link to this Facebook page: http://www.facebook.com/syria.45, which is the Facebook page for the Syrian Electronic Army.

quote:

Hacked By Th3 Pr0 & SaQeR SyRia

Hacked By Syrian Hacker

Syrian Electronic Soldiers | Page : 45


The PRo
Pr0@hotmail.nl

quote:

LulzSec and Anonymous are the least of your hacker worries

NEW YORK (CNNMoney) -- LulzSec took down the CIA's website in mid-June in an effort to prove to the world that the hacker group should be taken seriously.

But in the truly grand ecosystem of cybercriminals, LulzSec, Anonymous, AntiSec and other so-called "hacktivist" organizations are much more of a nuisance than a serious threat. They're fringe groups that are by far the least worrisome of all cyber attackers.

"This isn't juicy stuff that they're getting from their attacks," said Eric Fiterman, founder of Rogue Networks, a security startup backed by Northrop Grumman (NOC, Fortune 500). "They themselves don't know the full cybercrime ecosystem, and they tend to over-inflate their position in the hierarchy."

The global cybercrime universe is terrifying: Cybercrooks often work in organized crime syndicates like the Mafia. Some defraud banks, and many others are government agents that spy on foreign entities and corporations. They threaten our financial systems, our economy, and our national security.

Comparatively, hacktivists groups are the equivalent of graffiti artists, prank callers, hazers and bullies. Like pranksters, they tend to be young, poorly funded and immature. They seek to embarrass companies, individuals, and government agencies in order to make a statement.

They're also extremely disorganized -- the name "Anonymous" is much more of a brand than an actual organization. Solo hacktivists and independent, small groups often band together under its banner. One of the loudest of those groups became LulzSec.

That's not to say Anonymous and its offshoots should be ignored. Its ranks include many skilled hackers who have been able to steal information from the Senate and Arizona state police websites, as well as data from major corporations like Sony (SNE), Bank of America (BAC, Fortune 500) and Nintendo. They've also successfully blocked access to the websites of Visa (V, Fortune 500), MasterCard (MA, Fortune 500), the CIA -- and, most recently, several News Corp. (NWS) newspaper websites.

LulzSec and Anonymous often gain entry through the same methods that the real bad guys use. Typically, they use so-called "SQL injections," an attack method that has been around for more than a decade. Those attacks exploit vulnerabilities like coding errors in websites' internal databases in order to uncover information.

The key difference between hacktivists and more serious criminals lies in their motivation. Anonymous isn't interested in stealing for profit data like credit cards, payroll information or information critical to national security. Instead, they hack to gain attention for themselves and their causes.
What it actually takes to prevent a hack attack

Hacktivists go in, get out, and post whatever they were able to find quickly. They don't take the months or years it would take to really do significant damage.

Typically, hacktivists have gone after lists of usernames and e-mails associated with a particular site, but in some cases they've been able to access -- and make public -- embarrassing internal corporate e-mails.

If they can't quickly hack a site, they have also been known to launch "denial of service" (DOS) attacks that overload a website's server. That kind of attack isn't technically a hack, since it never compromises a site -- DOS attacks just prevent people from accessing the targeted website.

Hacktivists can be obnoxious. But dangerous?
Face to face with LulzSec

Right before Karim Hijazi was contacted by LulzSec in late May, he knew something was coming.

Hijazi runs a company called Unveillance, which monitors and attempts to commandeer botnets -- large groups of infected computers that cybercriminals use to perform malicious acts, ranging from sending spam to launching DOS attacks to disguising their location and identity.

On May 25, Unveillance's servers started to get hit with an unusually high level of activity from offenders attempting to break in. Hijazi took extra precautions to ramp up security and keep the attackers out. It worked, and he thought he was secure.

But what Hijazi didn't realize was that LulzSec was playing with loaded dice. From an attack LulzSec had previously launched against the website of Infragard Atlanta, a cybersecurity alliance Hijazi participates in, the hacking group was able to get Hijazi's personal e-mail address and the password to that account.

Unable to break into Unveillance's systems, LulzSec contacted Hijazi in an e-mail and put his password in the subject line. Hijazi said the group demanded money or access to a botnet, which it planned to use for future attacks.

Hijazi didn't comply. Soon after, LulzSec posted his work and personal e-mails online for all to see. They further embarrassed Hijazi by claiming that he had paid them to attack his competitors.

In the end, Hijazi's reputation was damaged, but LulzSec didn't get their hands on a botnet.

Muckraking and smear campaigns have so far been hacktivists' most successful method of attack.

For instance, LulzSec -- then operating under the Anonymous banner -- couldn't penetrate the systems of security contracting firm HBGary. But it was able to crack open corporate e-mails and found some pretty salacious stuff, including plans to help the U.S. Chamber of Commerce, an industry trade group, undermine its political opponents through a sabotage campaign. That led to the resignation of HBGary's CEO, Aaron Barr.

Current HBGary CEO Greg Hoglund acknowledged that hacktivists can indeed cause damage, but his view is that their capabilities are still very limited compared to their much more sophisticated cybercrime peers.

"What happened at HBGary pales in comparison to what happened to Sony," Hoglund said. "I was quite embarrassed that my e-mail was put online, but that was really the extent of it."

The attention hacktivists get is often far out of proportion to the the scale of their exploits.

"When the CIA's site went down, it was just a public facing site with no significant information," Hijazi said. "A denial of service attack is not a big deal. But to most people, hearing that the CIA went down sounds scary."

And that's exactly what LulzSec wanted. They love the attention. In fact, the CIA DOS attack was done because a Twitter follower accused them of taking on targets of little consequence. So they aimed for a high-profile victim -- with a low-tech attack. Even LulzSec acknowledged the trick's ease, tweeting, "People are saying our CIA attack was the biggest yet, but it was really a very simple packet flood."

If there's anything positive to come from all the attention they've been getting, it's that hacktivists have rattled the apple cart enough to shine a light on the global cybersecurity problem.

"The great irony of all of this is that LulzSec has had a positive effect on security," said Deepak Taneja, chief technology officer of Aveksa, a security software company. "They're nothing, they're pranksters. But all the press that they're getting has helped security permeate the C-suite level at companies. Now, they're waking up to the risk management they really need to defend against the more serious threats."

But hacktivists are just the very tip of the iceberg. The most serious threats are powerful, dangerous, and loaded with cash -- and they're operating in the shadows.

quote:

CNAIPICowned

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ____ _______ ________
| | \ _ \ _____ \______ \
| | / /_\ \\__ \ | | \
| |__\ \_/ \/ __ \_| ` \
|_______ \_____ (____ /_______ /
\/ \/ \/ \/

////////////////////////////////////////////////////////////////////////////////////////////
+Legion of Anonymous Doom+ Release Zero1+
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Heynow,
This is a prerelease of a series we are going to make to reveal the biggest in history of European LE cyber operation Evidence exploitation and abuse. Thing's gonna get published and twittered all over anonymous and lulzsec community.

Today we were granted with the Italian law enforcement Pandora box, we really think it shall be a new era of “regreaissance” to the almighty Homeland Security Cyber Operation Unit in EU.
So we decided to leak everything they got since they were established as a full scale cyber taskforce named CNAIPIC.

This corrupted organization gathered all the evidence from the seized property of suspected computer professional entertainers and utilized it over many years to conduct illegal operations with foreign intelligence agencies and oligarchy to facilitate their lust for power and money, they never used obtained evidence to really support ongoing investigations.

Today we reveal a whole Load of stuff (estimated leak would be over 8Gb) from such owned institutions, just to make it clear all of this stuff was stored on CNAIPIC evidence servers for years while people are doing time in jail waiting for the trial while CNAIPIC used the evidence in the global spy game galore:
Egypt: Ministry of Transport and Communication
Australia: Ministry of Defence
Russia: Atomstroyexport, Diaskan, Sibneft, Gazprom etc.
Ukraine: several embassies and consulates on it’s territory
Nepal: Ministry of Foreign Affairs
Belarus: Ministry of Foreign Affairs, Belneftehim, Belspetzexport
Gibraltar, Cyprus, Cayman Islands etc: Tecno Develp, Line Holdings, Dugsberry Inc, Alpha Prime, Alpha Minerals etc.
Vietnam: PetroVietnam (PTSC), Ministry of Natural Resources (MONRE)
USA: EXXON MOBIL, US Department of agriculture and hundreds of attorneys and DOJ accounts including: McCallion & Associates LLP, Goodkind, Labaton, Rudoff & Sucharow, LLP, and hundreds of bullshit agencies we don’t even know why we pay taxes to support all of them.

So to cut the crap let’s get it over with fellaz…

http://imgur.com/a/tkFdY#UTByw
Is the image preview to get a glimpse on what is meant to be said.

http://depositfiles.com/files/tm7zeqiq9
first of 2 preview archives with preview documents to get a general idea.

http://depositfiles.com/files/nn6dbleyv
2nd preview archive

http://www.sendspace.com/file/ta62tk
CNAIPIC file structure and listing Part 1


Thank you all,
Stay tuned...4 update on this one.
NKWT LOAD

quote:

US-CERT Director Leaves Abruptly

Randy Vickers, head of the organization responsible for protecting the U.S. against cyber attacks, has resigned effective immediately.

The director of the agency that protects the federal government from cyber attacks has resigned abruptly in the wake of a spate of hacks against government networks.

U.S. Computer Emergency Readiness Team (US-CERT) director Randy Vickers resigned his position Friday, effective immediately, according to an e-mail to US-CERT staff sent by Bobbie Stempfley, acting assistant secretary for cybersecurity and communications, and obtained by InformationWeek. A Department of Homeland Security (DHS) spokesperson confirmed the email was authentic.

The DHS has not provided a reason for Vickers' sudden departure and the spokesperson, who asked to remain anonymous, declined to discuss the matter further. Vickers served as director of US-CERT since April 2009; previously, he was deputy director.

Current US-CERT deputy director Lee Rock will serve as interim director until the DHS names a successor for Vickers, according to the email.

"We are confident that our organization will continue its strong performance under his leadership," Stempfley wrote, adding that the agency wishes Vickers success in future endeavors.

Vickers' departure comes at a critical time for the organization, as federal networks have come under a barrage of attacks lately by a series of hacker groups--including Anonymous, LulzSec and AntiSec--that specifically are targeting government networks.

In the last month and a half, federal organizations that have experienced attacks include the Navy, the FBI, and the CIA. Federal contractors that handle sensitive and confidential government information also have been the targets of hackers, including Booz Allen Hamilton and IRC Federal.

In response to those attacks last week, US-CERT issued a comprehensive new set of security recommendations for federal agencies and organizations to follow in the hope of preventing future intrusions.

US-CERT is a division of the DHS responsible for responding to and defending against cyber attacks for the federal government's IT infrastructure. It also is in charge of sharing information and collaborating with state and local governments, as well as the private sector, to protect critical infrastructure in the United States.

One of the organization's jobs is to keep track of attacks on federal networks and compile a list of them by type and number for a yearly report released by the Office of Management and Budget. The report helps the feds better understand where vulnerabilities lie as part of an overall cybersecurity strategy that has become increasingly important in the last several years.

quote:

Anonymous bid to destroy Norwegian killer Anders Behring Breivik's manifesto

WHAT was supposed to be a mass-murderer's legacy is about to be obscured forever on the internet.

Shortly before his horrific attacks, Norwegian killer Anders Behring Breivik published a 1500-page manifesto on the web outlining his motives and beliefs.

"I ask that you distribute this book to everyone you know," Breivik wrote in the introduction.

Now, a group of online activists are about to do just that - though perhaps not in the way the killer anticipated.

Anonymous has called on internet citizens to destroy Breivik's legacy by creating altered versions of the text which mock the author and promoting them as the real document.

Through an exercise titled "Operation UnManifest", the group hopes that, eventually, no one will be able to figure out which manifesto is the original.

"Anders Behring Breivik wants to use the cruel action of killing over 90 young people to promote his 1516-page manifesto," says a message posted online.

"Anonymous suggests:

"1. Find the manifesto of Anders Behring Breivik: '2083 - A European Declaration of Independence'.

"2. Change it, add stupid stuff, remove parts, shop his picture, do what you like to.

"3. Republish it everywhere and up vote releases from other people, declare that the faked ones are original.

"4. Let Anders become a joke, such that nobody will take him serious anymore.

"5. Spread this message around the internet and real life, translate it.

"6. Have a moment for the victims of his cruel attacks."

The note ends: "We all are anonymous, We all are Legion, We all do not forgive murder, We all do not forget the victims."

Read more: http://www.news.com.au/te(...)267855#ixzz1TEIwzsAJ

quote:

Minority Rules: Scientists Discover Tipping Point for the Spread of Ideas

Scientists at Rensselaer Polytechnic Institute have found that when just 10 percent of the population holds an unshakable belief, their belief will always be adopted by the majority of the society. The scientists, who are members of the Social Cognitive Networks Academic Research Center (SCNARC) at Rensselaer, used computational and analytical methods to discover the tipping point where a minority belief becomes the majority opinion. The finding has implications for the study and influence of societal interactions ranging from the spread of innovations to the movement of political ideals.

“When the number of committed opinion holders is below 10 percent, there is no visible progress in the spread of ideas. It would literally take the amount of time comparable to the age of the universe for this size group to reach the majority,” said SCNARC Director Boleslaw Szymanski, the Claire and Roland Schmitt Distinguished Professor at Rensselaer. “Once that number grows above 10 percent, the idea spreads like flame.”

As an example, the ongoing events in Tunisia and Egypt appear to exhibit a similar process, according to Szymanski. “In those countries, dictators who were in power for decades were suddenly overthrown in just a few weeks.”

The findings were published in the July 22, 2011, early online edition of the journal Physical Review E in an article titled “Social consensus through the influence of committed minorities.”

An important aspect of the finding is that the percent of committed opinion holders required to shift majority opinion does not change significantly regardless of the type of network in which the opinion holders are working. In other words, the percentage of committed opinion holders required to influence a society remains at approximately 10 percent, regardless of how or where that opinion starts and spreads in the society.

To reach their conclusion, the scientists developed computer models of various types of social networks. One of the networks had each person connect to every other person in the network. The second model included certain individuals who were connected to a large number of people, making them opinion hubs or leaders. The final model gave every person in the model roughly the same number of connections. The initial state of each of the models was a sea of traditional-view holders. Each of these individuals held a view, but were also, importantly, open minded to other views.

Once the networks were built, the scientists then “sprinkled” in some true believers throughout each of the networks. These people were completely set in their views and unflappable in modifying those beliefs. As those true believers began to converse with those who held the traditional belief system, the tides gradually and then very abruptly began to shift.

“In general, people do not like to have an unpopular opinion and are always seeking to try locally to come to consensus. We set up this dynamic in each of our models,” said SCNARC Research Associate and corresponding paper author Sameet Sreenivasan. To accomplish this, each of the individuals in the models “talked” to each other about their opinion. If the listener held the same opinions as the speaker, it reinforced the listener’s belief. If the opinion was different, the listener considered it and moved on to talk to another person. If that person also held this new belief, the listener then adopted that belief.

“As agents of change start to convince more and more people, the situation begins to change,” Sreenivasan said. “People begin to question their own views at first and then completely adopt the new view to spread it even further. If the true believers just influenced their neighbors, that wouldn’t change anything within the larger system, as we saw with percentages less than 10.”

The research has broad implications for understanding how opinion spreads. “There are clearly situations in which it helps to know how to efficiently spread some opinion or how to suppress a developing opinion,” said Associate Professor of Physics and co-author of the paper Gyorgy Korniss. “Some examples might be the need to quickly convince a town to move before a hurricane or spread new information on the prevention of disease in a rural village.”

The researchers are now looking for partners within the social sciences and other fields to compare their computational models to historical examples. They are also looking to study how the percentage might change when input into a model where the society is polarized. Instead of simply holding one traditional view, the society would instead hold two opposing viewpoints. An example of this polarization would be Democrat versus Republican.

The research was funded by the Army Research Laboratory (ARL) through SCNARC, part of the Network Science Collaborative Technology Alliance (NS-CTA), the Army Research Office (ARO), and the Office of Naval Research (ONR).

The research is part of a much larger body of work taking place under SCNARC at Rensselaer. The center joins researchers from a broad spectrum of fields – including sociology, physics, computer science, and engineering – in exploring social cognitive networks. The center studies the fundamentals of network structures and how those structures are altered by technology. The goal of the center is to develop a deeper understanding of networks and a firm scientific basis for the newly arising field of network science. More information on the launch of SCNARC can be found at http://news.rpi.edu/update.do?artcenterkey=2721&setappvar=page(1)

Szymanski, Sreenivasan, and Korniss were joined in the research by Professor of Mathematics Chjan Lim, and graduate students Jierui Xie (first author) and Weituo Zhang.

quote:

Operation Intifada: Anonymous Prepares For DDOS Attack On Israel Parliament

The latest target of Operation Anonymous, which following the dissolution of LulzSec is the last substantial non-amorphous hacker collective left out there, could lead to some substantial geopolitical fallout. That is because the target of the just announced upcoming DDOS attack is none other than the Israeli Parliament, the Knesset, and while Israel has allegedly been happy to dispense hack attacks in the past, the onslaught on the Iranian nuclear power plant courtesy of the Stuxnet virus coming to mind, we doubt it will as happy to be seen on the receiving end of decentralized computer warfare.

quote:

FBI Targets 12 In Koch Industries Online Assault

Confidential affidavit details probe of attack on GOP benefactors

JULY 26--As part of its multi-front assault on “Anonymous,” the FBI has identified 12 “targets” it alleges participated in coordinated online assaults earlier this year against business web sites operated by Koch Industries, the Kansas-based conglomerate owned by billionaire brothers--and leading Republican benefactors--Charles and David Koch, The Smoking Gun has learned.

Details of the ongoing criminal investigation are contained in a confidential FBI affidavit obtained by TSG. That document, excerpted here, includes the names, addresses, and IP numbers of a dozen U.S. residents who are subjects of the federal probe of a series of distributed denial of service (DDoS) attacks on Koch Industries web sites in February and March.

FBI agents last week raided the homes of individuals suspected of engaging in the Koch Industries DDoS campaign. The bureau’s target list appears to be a mix of actual DDoS participants as well as individuals whose names appear on the accounts from which attacks were launched.

So while the list includes the names of a college student studying computer science and a systems administrator/blogger who has written negatively about the Koch brothers's views on global warming, other targets appear to be the parents or relatives of DDoS participants, like the Ohio university administrator with two sons or the 51-year-old Iowa woman who works as a project manager for an insurance company or the 83-year-old Florida grandmother. Perhaps some targets simply never bothered to password protect their wireless Internet router, in the process giving others free access to their IP address.

Since the FBI affidavit likely includes the names of individuals who had nothing to do with the Koch Industries blitz, TSG has obscured the 12 names. A review of federal court records indicates that none of the targets listed in the affidavit have been charged in connection with the illegal DDoS campaign.

The FBI identified the targets with the aid of “firewall logs” provided by Koch Industries. These records reportedly revealed the IP addresses from which “a large number of connections” were directed at one or more of the company’s web sites. According to the FBI affidavit, such a traffic bombardment was “consistent with a denial of service attack.”

For example, Koch Industries records showed that one blogger accessed the firm’s Angel Soft toilet paper web site nearly 16,000 times during one nine-minute period in March. The DDoS attacks, according to the affidavit, also involved the Koch Industries web site (kochind.com) and a web site for Quilted Northern, another of the firm’s toilet paper brands.

A DDoS attack attempts to flood a site with so many requests that it leaves the site unavailable for legitimate visitors. Such a swamping of a site is often done via the “firing” of a tool known as a Low Orbit Ion Cannon. Originally developed as an open source method to test network vulnerabilities, the LOIC “can be modified to DDoS a target website by overwhelming that websites’ servers with a high volume of repeated requests until the site becomes inoperable,” according to the FBI affidavit.

Last week, the FBI arrested 14 individuals who were indicted for allegedly participating in a DDoS attack against PayPal in retaliation for the company suspending the account of Wikileaks. The 12 individuals suspected of involvement in the Koch Industries attack are being investigated for an identical federal violation, knowingly causing the transmission of “a program, information, code, or command” that intentionally causes damage to a “protected computer.”

The FBI probe of the online assault on Koch Industries began after the company contacted the bureau’s Kansas City office on February 27 to report that its Quilted Northern site was under siege. Agent Richard Thompson was assigned to the case, which quickly grew to include DDoS efforts directed at the two other Koch Industries web sites.

The affidavit reveals that three days before the first DDoS attack was launched, Koch Industries received an e-mail warning that “Anonymous” was plotting an attack on several of the company’s web properties. Sent to kochind.com from the account “boxoftrial@gmail.com,” the message carried the subject line, “URGENT: Cyberattack Planned on Koch Web Properties.” The identity of the e-mail’s author is not disclosed in the FBI affidavit, nor is it clear whether agents even know who gave the company a heads-up about the plans of “Anonymous.”

The online confederation of hackers and activists targeted the Koch brothers in connection with the pair’s support of Wisconsin Governor Scott Walker, who earlier this year launched a crackdown on public employees unions that included the elimination of collective bargaining rights for state workers. In retaliation, “Anonymous” launched Operation Wisconsin, an effort aimed at exploiting “online loopholes and vulnerabilities into the systems and servers related to” the Koch brothers and Walker.

Charles (left) and David Koch are pictured above.

The FBI alleges that “Anonymous” publicized and organized the DDoS attacks via several Internet Real Chat (IRC) channels, including “#opkochblock” and “#opeternalruin.” Additionally, “Anonymous” members referred to postings on 4chan.org’s /b/ board which sought individuals willing to participate in the Koch Industries attack. One IRC message referred to an attempt to recruit 4channers: “need to be ready, cause im gearing up to bring /b/ over here for some brunch DDos.”

At the outset of the Koch Industries assault, an IRC poster asked if the Quilted Northern web site was being targeted. The response, the FBI noted, was, “yes we need moar loic gunhands, please target: quiltednorthern.com.” Subsequent advice included, “if you need more cannons, you have to spread the word of the attack” and “spam /b/.” (8 pages)

Anonymous - AntiSec - OP Paypal

quote:

A message to PayPal, its customers, and our friends


Dear PayPal, its customers, and our friends around the globe,

This is an official communiqué from Anonymous and Lulz Security in the name of AntiSec.

In recent weeks, we've found ourselves outraged at the FBI's willingness to arrest and threaten those who are involved in ethical, modern cyber operations. Law enforcement continues to push its ridiculous rules upon us - Anonymous "suspects" may face a fine of up to 500,000 USD with the addition of 15 years' jailtime, all for taking part in a historical activist movement. Many of the already-apprehended Anons are being charged with taking part in DDoS attacks against corrupt and greedy organizations, such as PayPal.

What the FBI needs to learn is that there is a vast difference between adding one's voice to a chorus and digital sit-in with Low Orbit Ion Cannon, and controlling a large botnet of infected computers. And yet both of these are punishable with exactly the same fine and sentence.

In addition to this horrific law enforcement incompetence, PayPal continues to withhold funds from WikiLeaks, a beacon of truth in these dark times. By simply standing up for ourselves and uniting the people, PayPal still sees it fit to wash its hands of any blame, and instead encourages and assists law enforcement to hunt down participants in the AntiSec movement.

Quite simply, we, the people, are disgusted with these injustices. We will not sit down and let ourselves be trampled upon by any corporation or government. We are not scared of you, and that is something for you to be scared of. We are not the terrorists here: you are.

We encourage anyone using PayPal to immediately close their accounts and consider an alternative. The first step to being truly free is not putting one's trust into a company that freezes accounts when it feels like, or when it is pressured by the U.S. government. PayPal's willingness to fold to legislation should be proof enough that they don't deserve the customers they get. They do not deserve your business, and they do not deserve your respect.

Join us in our latest operation against PayPal - tweet pictures of your account closure, tell us on IRC, spread the word. Anonymous has become a powerful channel of information, and unlike the governments of the world, we are here to fight for you. Always.

Signed, your allies,

Lulz Security (unvanned)
Anonymous (unknown)
AntiSec (untouchable)

quote:

Police arrest suspected LulzSec spokesman: statement

AFP - Police said they had arrested a 19-year-old man in a remote Scottish archipelago on Wednesday on suspicion of being a spokesman for the Lulz Security and Anonymous computer hacking groups.

Officers from a London-based cybercrime unit detained the man in a "pre-planned intelligence-led operation" on the Shetland Islands, off the northeast coast of Scotland, London's Metropolitan Police said.

"The man arrested is believed to be linked to an ongoing international investigation into the criminal activity of the so-called 'hacktivist' groups Anonymous and LulzSec, and uses the online nickname 'Topiary' which is presented as the spokesperson for the groups," the statement said.

He was being transported to a London police station and a search was under way at his house, the statement said.

Lulz Security has claimed responsibility for a hacking rampage in the United States which saw the group target websites of the Central Intelligence Agency, the US Senate, Sony and others.

Anonymous gained prominence after launching retaliatory attacks on companies perceived to be enemies of the whistle-blowing website WikiLeaks.

quote:

Op woensdag 27 juli 2011 17:07 schreef Papierversnipperaar het volgende:

[..]

twitter:

AnonymousIRC twitterde op woensdag 27-07-2011 om 17:05:06 Yes, it seems @PayPal has taken down the online site to close accounts (orly? how lame!). Well, cancel by phone: +1-888-221-1161 | #OpPayPal reageer retweet

quote:

Facebook's Randi Zuckerberg: Anonymity Online 'Has To Go Away'

Randi Zuckerberg, Facebook’s marketing director, has a fix for cyberbullying: stop people from doing anything online without their names attached.

Facebook requires all members to use their real names and email addresses when joining the social network -- a policy that has been difficult at times to enforce, as the prevalence of spam accounts or profiles assigned to people’s pets suggest.

Zuckerberg, who is Facebook co-founder Mark Zuckerberg’s sister, argued that putting an end to anonymity online could help curb bullying and harassment on the web.

“I think anonymity on the Internet has to go away,” she said during a panel discussion on social media hosted Tuesday evening by Marie Claire magazine. “People behave a lot better when they have their real names down. … I think people hide behind anonymity and they feel like they can say whatever they want behind closed doors.”

Former Google CEO Eric Schmidt has also made this suggestion, calling online anonymity “dangerous” and predicting that governments will eventually “demand” that people use their names for all online activity.

But the proposal to tie real-world identities to online actions is a controversial one, with many privacy and free speech advocates countering that anonymity is necessary to protect dissidents and other individuals, such as sexual abuse victims.

Gigaom’s Matthew Ingram wrote recently, “Many people believe that requiring real names will solve the problems of trolls and bad behavior, but they don’t -- and that policy can have negative consequences in terms of suppressing dialogue about important topics.”

Though pressed several times to name what new features Facebook will offer to better safeguard security on the social networking site, Zuckerberg declined to offer specific examples of forthcoming initiatives.

“There's so much more we can do,” she said. “We’re actively tying to work with partners like Common Sense Media and our safety advisory committee.”

Erin Andrews, an ESPN anchor who had a naked video of her posted online by a stalker, joined Zuckerberg as a panelist and addressed her struggles to have the illegally-obtained video removed from the web. She became emotional at points during the conversation and described her frustration working Google and other companies that declined to pull the video from the websites hosting it.

Andrews praised Google for its “remarkable” contribution to the campaign against bullying titled "It gets better," but noted she also found it inconsistent: Google searches for her name still turn up the images and videos posted by her stalker, even as the search giant professes to be taking a stand against online harassment.

“So when does it get better? I’m confused,” said Andrews, who suggested that her situation may have been viewed differently because it involves a “woman in her 30s.” “It’s still cyberbullying. Somebody needs to step in. As a family we're always asking, what is it going to take?”

twitter:

madkentdragon twitterde op woensdag 27-07-2011 om 21:10:21 RT @Dogma1979: Paypal supports Oslo Terrorists EDL & KKK but bans @Wikileaks. wht R they afraid of? #OpPaypal http://pastebin.com/LAykd1es reageer retweet

quote:

PayPal boycott chops $1 billion off eBay stock value in mere hours

Following the announcement of a boycott by hacktivist groups "Anonymous" and "LulzSec," shares in PayPal parent company eBay plunged by over $1 billion in value before perking back up as opportunistic investors bought into the company in hopes of a deal.

The boycott, popularized by the "#OpPayPal" hashtag on Twitter, called for PayPal users to close their accounts. It was launched in response to the company's refusal to send donations to anti-secrecy website WikiLeaks.

PayPal suspended all transactions headed toward WikiLeaks last year, in the weeks following their groundbreaking publication of secret U.S. diplomatic cables. MasterCard, Visa and Bank of America followed suit shortly thereafter, freezing the majority of WikiLeaks' funds.

In response, the anti-secrecy site pointed out that PayPal still accepts donations for the Ku Klux Klan hate group, and a group connected to the mass murderer in Oslo, Norway.

"PayPal continues to withhold funds from WikiLeaks, a beacon of truth in these dark times," the groups said in a statement. "We encourage anyone using PayPal to immediately close their accounts and consider an alternative."

"The first step to being truly free is not putting one's trust into a company that freezes accounts when it feels like, or when it is pressured by the US government," they added.

The torrent of newly closed accounts was apparently enough to cause PayPal to suspend the page that allows users to close accounts from the Internet, forcing protesters to call their customer service line and wait for a representative. Reports from users by mid-afternoon seemed to indicate they had restored the ability to cancel accounts online.

Reached for comment, a PayPal spokesperson told Raw Story they had not seen "any changes to our normal operations (including account opening and closing) overnight." On a follow-up noting that the original question had been posed about today's activity, they issued the same statement again but dropped "overnight."

Fourteen alleged members of Anonymous were arrested last week in relation to Distributed Denial of Service (DDoS) attacks against PayPal, launched by Anonymous after the online payments giant suspended WikiLeaks' funds. Law enforcement officials were reportedly making arrests based on a list of the top 1,000 Internet protocol addresses recorded during the attack, as compiled by PayPal.

It was, however, not clear whether the arrestees were actually committing a crime when they allegedly participated in the PayPal attack. Conducting a DDoS with an army of computers controlled through malicious software -- known as a botnet -- is a crime and a serious threat to any company on the Internet. On the other hand, a voluntary botnet, comprised of thousands of people willingly directing their computers to request pages from a server, is legally ambiguous and the charges may not stand up in court.

One of the arrestees, a journalism student from Nevada, faces up to 15 years in prison.

Anonymous and LulzSec said in their boycott announcement that they were "outraged" by the FBI's "willingness to arrest and threaten those who are involved in ethical, modern cyber operations" against "corrupt and greedy organizations, such as PayPal."

EBay's stock value was down about 2 percent at time of this story's publication. An update will be posted after markets close.

quote:

HBGary censors former staffer

Former HBGary Federal CEO Aaron Barr has been forced out of talking about Anonymous at a security conference.

According to Threatpost Barr was supposed to be talking to the DEFCON conference about attacks by Anonymous on February 5.

Barr has told DEFCON organisers he was withdrawing from an August 6 panel discussion after attorneys representing HBGary Federal threatened to file an injunction against him if he did not quit.

DEFCON is used to it. There is hardly a single conference where someone is not silenced by laywers. Barr was supposed to be participating in a panel called ''Whoever Fights Monsters...' Aaron Barr, Anonymous and Ourselves."

Barr and his former employer were both targets of Anonymous. The group was miffed when Barr told the Financial Times that he was going to divulge the identities of Anonymous's leadership.

HBGary Federal's e-mail server and Barr's private accounts was hacked and thousands of documents and confidential company correspondence were posted online.

Barr resigned from his post as CEO weeks after the hack as the company suffered from some difficult disclosures about its business.

The DEFCON panel promised what was described as a "gritty and frank" discussion of issues raised by the recent attacks by groups such as Anonymous and LulzSec.

Barr who has done extensive research on Anonymous and its activities, was planning to talk about the significance of the group and about methods for combating Anonymous and other "chaotic actors."

The lawyers for HBGary Federal are saying that Barr cannot comment on the attacks, and have his exit document to show the court if he tries to speak.

Read more: http://www.techeye.net/se(...)taffer#ixzz1TPHx2lcT

quote:

Anonymous Hacks ManTech, FBI Cybersecurity Contractor

Following the celebration of its 103rd year in existence this week, the FBI is watching closely to see what hacking group anonymous has up its sleeve, as the group hinted several times this week that it would be releasing FBI related materials that it acquired through its ongoing hacking efforts. Tonight the group gave some hints as to what may have been hacked, this time pointing to ManTech, a contractor that provides cyber security services to the FBI and helps protect and secure the FBI’s classified communications infrastructure, and indicating that they would release about 500MB of data on Friday.

Update 2:10AM: Shortly after publishing this story, Anonymous posted a "teaser" file which consisted of a resume in PDF format of an individual (Robert Kristopher Beaman) with a significant military and law enforcement background. While a resume isn't incredibly sensitive, it could indicate the the nature of the system breach was possibly Human Resources or project management platform. Many talent management systems and online job applications allow applicants to submit resume via the Web. Could they have possible used one of their favorite method of SQL Injection attack to breach such a system and extract thousands of resumes and/or ManTech project files?

Update: 2:26AM: A second file was posted, this one a "statement of work" document dated February 18, 2010 on ManTech letterhead addressed to NATO Communication & Information Systems Services Agency. The document appears to outline personnel to be deployed to a "NATO Theater of Operations." The document isn't marked restricted, confidential or classified, but ironically the footer of the page has the tagline, "Leading the Convergence of National Security and Technology."

This news comes not even a full two days after ManTech announced its Q2 2011 revenue of $752 million, something Anonymous doesn't like to see. "So @ManTech, we have question: You collect over 200 Million of fucking tax payer's moniez to protect them from us. And now?," the group posted.

quote:

A New Tool For AntiSec’s – Pastebin Dead

Pastebin was down from 0900 – 0942 GMT on 7/29. We were testing a new product for our fellow anons and AntiSec folks. We ran the software for 17 seconds at 0859 GMT and exited the project page with the java run program. Passtebin was down for 42 minutes after that, with me only having mIRC and Vidalia TOR open. Wow. Get excited. Coming Fall 2011 to a Server Near You.