Anonops #7: Meer is beter

quote:

Op zondag 26 juni 2011 19:05 schreef PiRANiA het volgende:

[..]

Geloof jij het?

quote:

Op zondag 26 juni 2011 19:15 schreef Yuri_Boyka het volgende:
Ik heb die gister gedownload en er zat inderdaad vage shit in.

Maar iig, wie heeft Lulzsec exposed, ik bedoel je komt niet zomaar even aan alle gegevens.

quote:

Op maandag 27 juni 2011 13:30 schreef Disana het volgende:
Zelfs de Volkskrant heeft het opgepikt:

http://www.volkskrant.nl/(...)-stoppen-ermee.dhtml

quote:

Anonymous Claims LulzSec Members, Steps up Attacks

The decision by computer hacking group LulzSec on Saturday to fold operations may be helping another online group, Anonymous, which stepped up attacks over the weekend.

Members of LulzSec appear to have rallied around Anonymous with both the group, and some LulzSec members claiming they were now with Anonymous.

Anonymous claimed over the weekend that it has released information from the website of the Cyberterrorism Defense Initiative, a national counter-cyberterrorism training program funded by the U.S. Department of Homeland Security among others.

It also said it had found a "chest of 40 Terabytes internal data" from an undisclosed company, but was not sure how to put up all the data on the web.

LulzSec said Saturday it had ended its campaign of cyberassaults on government and corporate websites and that it was time for it to "sail into the distance." It did not give a specific reason for its sudden decision.

Anonymous said in a message on Twitter on Sunday that it could confirm that all LulzSec members have reported aboard. A LulzSec member Sabu confirmed on Twitter that its members were now part of Anonymous.

LulzSec and Anonymous came together recently to target government and related agencies in Operation Anti-Security.

There is speculation that the LulzSec, known for its brash comments, had decided to disband after the arrest in the U.K. last week of Ryan Cleary, who is alleged to have been involved with the group.

LulzSec may however have been the victim of attacks from rival hackers it has been squabbling with such as Jester and Web Ninja. A person disclosed over the weekend information on LulzSec and some of its members.

quote:

Anonymous - Press Release 4/26/2011 - OPERATION DARKNET #OpDarknet

In contradiction to the best practices of Anonymous, most VPN's, Tor, and recently I2P users have been prevented from accessing certain IRC services that have previously been associated with Anonymous. The only option left is to connect to these US Based (and otherwise FBI/CIA/DHS friendly/controlled) based IRC servers using your own internet connection with little in the way of privacy.

I2P, or the Invisible Internet Project, is a secure, encrypted, tunnel-based darknet used to maintain anonymity while hosting or accessing content within the darknet, or via proxies to external services on the "normal" net. Created anonymously for the sake of the anonymity of others, this is a great alternative to a centralized system.

I2P is an internet within the internet, unmonitorable and uncensorable from outside. By default, anonymous mail, anonymous filesharing (BitTorrent, Gnutella, i-Mule etc), anonymous chat (IRC/Jabber/I2PMessenger) and anonymous web serving are provided with the installation. Treat I2P like your own private internet, free from interference and oversight. Think privacy, not paranoia, empowerment, not suppression. We have users around the world using I2P to evade censorship, not least in Egypt, Tunisia, Iran, China, and other locations where state level interference is routine.

Moreover, with I2P, you can create your own IRC channels and Ops--there is no censorship, and no authority. With the ability to create your own channels and attract anons to your ideas, you will once again, see the beloved agency return to you.

Now is the time.

Learn more here: http://www.i2p2.de/
Download I2P here: http://www.i2p2.de/download
Follow instructions and soon you will be connected through I2P, completely secure and encrypted. Just connect your IRC client to 127.0.0.1:6668 and you're on board
#anoni2p, #opcannabis, #opdarknet, #anonportal and #i2phelp are some channels you may like to visit once you are.

http://pastehtml.com/view/1e7pi9g.html http://pastehtml.com/view/1e6zzoa.html

Installation:

Requirements: Java Runtime Environment (JRE) 1.6 (Oracle's, IcedTea, OpenJRE etc)

Windows/non-Debian Linuxs, BSD etc.
Grab the installer from http://geti2p.net/download and run, either via the conventional double click route, or from a terminal via java -jar i2pinstall.0.x.x.exe -console (It's a java file with an exe wrapper, so should run anywhere java is installed)

Ubuntu/Debian/etc
apt-add-repository ppa:i2p.packages/i2p as root and then refresh your repo (aptitude update etc). More info here: https://launchpad.net/~i2p.packages/+archive/i2p.

OS X
Convenient, pain-free install script here: http://www.megaupload.com/?d=5TGPLLAA or over I2P bittorrent here: http://tracker2.postman.i2p/index.php?view=TorrentDetail&id=12472

Android
Coming soon!

After installation:

- If you're on Windows, and you're not running the portable installation (http://portable-i2p.blogspot.com), you'll want to install the I2P service for best results, and also disable launching the browser at startup, both configurable at http://127.0.0.1:7657/configservice

Then you'll want to head straight for the router console homepage and TAKE TIME to read through the introductory paragraphs. Reading and understanding what's written there will save you time and potential embarassment later, so do it! http://127.0.0.1:7657

CHAT: IRC

Using your favorite IRC Client connect to localhost 6668

for mIRC this would be:

//server -m localhost 6668

WEB PROXY

Open up your browser of choice, set your proxy to localhost:4444 and/or localhost:4445 for HTTPS

Config info here: http://geti2p.net/htproxyports.html

BITTORRENT

http://127.0.0.1:7657/i2psnark for your resident, browser-based I2P BitTorrent client. Active public trackers linked at the top.

ANONYMOUS MAIL

http://127.0.0.1:7657/susimail is your first port of call for anonymous i2p mail with a world reachable return address (you@mail.i2p internally resolves to you@i2pmail.org from the inbound gateway). Create yourself an account at postman's hq (embedded in susimail's login screen), make sure you read the faq and guides regarding acceptable use and being safe online BEFORE you start using your new account.

WEBSERVING ON I2P

You have your own configured-for-i2p webserver ready to go! http://127.0.0.1:7658 for more info.

I2P is Anonymous.

We Are Legion.

We Do Not Forgive.

We Do Not Forget.

Expect US.

quote:

Anonymous releases counter-hacking manual

Anonymous has returned to the forefront of the hacker war against authority with the release of a "counter-cyberterrorism" manual, along with data on the FBI.

With Lulz Security now on permanent hiatus, fellow hacker group Anonymous has filled in the gap with the release of a “counter-cyberterrorism” manual from the US Department of Homeland Security.

According to ABC News, which was first to sort through the 650 MB file posted to MegaUpload, the release was originally thought to have come from a certain private security firm whose website went offline soon after Anonymous released the data. It was later found that the information actually comes from the Federal Emergency Management Agency (FEMA), which originally produced the “Counter Terrorism Defense Initiative” training program in 2009.

Accordring to the program’s website (which has since been taken offline), the “SENTINAL” program — short for “Security and Network Training Initiative and National Education Laboratory” — “is a national initiative to educate technical personnel in cyberterrorism response and prevention.” The program was intended for employees of “public safety, law enforcement, state and local government, public utilities, colleges and universities, and health care providers.” And it “focuses on enhancing the prevention, preparedness, and response capabilities of local, state, tribal, and rural public safety jurisdictions.”

It does not appear that the release contains much that wasn’t already publicly available on the Internet. It does, however, provide a list of all the Federal Bureau of Investigation office locations throughout the United States. Other contents of note include stock letters for officially requesting user information from Internet service providers, and various hacking and coutner-hacking tools. In short, there’s really nothing much here that a determined person couldn’t have found without hacking a single thing.

Regardless of the value of the release, the action shows that the hackers are far from finished. This release is part of the “AntiSec” (anti-cybersecurity) campaign launched by Anonymous and LulzSec (before it disbanded). According to @AnonymousIRC, a 100,000-follower strong Twitter feed that reports on the group’s escapades, “all @LulzSec members” are onboard with the #AntiSec campaign.

While LulzSec claims that it planned from the beginning to remain a coherent group for 50 days before splitting up, some believe the hacker sect called it quits after a rival gang of hackers, A-Team, released what it claims are the identities and online properties of all of LulzSec’s members.

quote:

Teen accused of attacking SOCA website released on conditional bail


Ryan Cleary's bail conditions mean he is banned from using any device capable of connecting to the internet

The teenager accused of attacking the website of the UK Serious Organised Crime Agency has been released on conditional bail.

Prosecutors were unsuccessful in their appeal against Ryan Cleary's bail in a hastily convened hearing at Southwark Crown Court in London on Monday.

The 19-year-old, who was diagnosed with Aspergers syndrome last week, was arrested last Monday as part of an international investigation into the internet hacking group LulzSec following attacks on the CIA and US Senate.

Cleary's bail conditions mean he is banned from using any device capable of connecting to the internet. The Essex teenager must observe a curfew between 9am and 7pm. He will be electronically tagged and must not leave the house without his mother, Rita Cleary.

She was in court for the short hearing on Monday afternoon. The court reversed an earlier decision to hear Cleary's case tomorrow after an appeal over his "vulnerability" from his legal team.

The student has spent the past week being interrogated by the FBI and UK police over the alleged attacks. He could yet be charged with further offences.

Cleary's computers, iPhone and PS3 have been confiscated by police.

In a statement read outside court, Cleary's lawyers said: "Ryan Cleary is very relieved to be granted bail and to be home to his mum, his cats and his books.

"He has cooperated with police and will continue to do so. Ryan has last week been diagnosed with Aspergers... He will now be provided with the professional support he needs. His obvious intelligence can now be channelled into a worthwhile pursuit.

"One thing not so positive from this case is that the British police are investigating and appear to be accepting jurisdiction [unlike the Gary McKinnock case]. Ryan will not be making further statement for the time being."

The case is due back at Southwark crown court for a case management hearing on 30 August.

quote:

Security outfit thanks lulzSec for the Lulz

Governments are blasé, blasts bloke

Read more: http://www.thinq.co.uk/20(...)-lulz/#ixzz1QZAlGeQd

Internet security expert Andy Kemshall from SecurEnvoy reckons LulzSec should be applauded for its campaign of online mayhem, as it exposed government complacency and business naivety.

“I firmly believe that the media attention LulzSec’s DDoS attack has recently received is deserving," he burbled. "It’s thanks to these guys, who’re exposing the blasé attitudes of government and businesses without any personal financial gain, that will make a difference in the long term to the security being put in place to protect our own personal data!”

Kemshall continues: "At the end of the day, it comes down to a fundamental failing on the part of the organisation that allows these criminals in. If they didn’t leave their networks unlocked there wouldn’t be a problem.

"Hackers are exposing the holes and bringing the issue out into the open. RSA unbelievably took three months to come clean about their breach and if hackers hadn’t exposed them, through the Lockheed Martin story, would they have come clean at all? The cynic in me thinks not.”

Kemshall discusses an unnamed a local authority which is waiting for its SecurID tokens to be replaced by RSA. "We were astounded to find that the organisation was actually pretty blasé and said they didn’t feel there was a huge risk. This is naïve as, not only is there proof that the tokens are insecure as another organisation has been hacked, but why else would RSA go to the expense of replacing them if there wasn’t a problem?”

Talking of LulzSec and Anonymous, Kemshall said there was "much to be learnt from their expertise and raw talent."

He added: “These techies are up to speed and are useful to the industry – we need them! What people choose to ignore is many of today’s experts are ex-hackers themselves so Anonymous and LulzSec are actually tomorrow’s authority. They offer fresh ideas and they’re exposing new vulnerabilities that the ‘good guys’ may not yet have seen or even considered.
Click here to find out more!

"The simple truth is that we’re going to need their expertise if we’re to defend ourselves against other countries and those malicious hackers who are out for financial gain. Instead of persecuting them, we need to recognise their talent, embrace their expertise and encourage them across from the dark side to turn their expertise into something constructive rather than destructive.”

Read more: http://www.thinq.co.uk/20(...)-lulz/#ixzz1QZAetA6i

quote:

Operation Anti-Security: Anonymous release the identities of 2800 Columbian Black Eagles Special Police Unit members

Hacktivist group Anonymous today posted the names of 2800 of the right-wing Columbian Black Eagles Special Police Unit's members online, the published data has been credited as part of it and LulzSec's ongoing Operation Anti-Security.

The data was revealed earlier today via Anonymous Twitter feed. The tweet read, "#AntiSec Results: http://bit.ly/mw48D5 | List of ~2800 officers from the Peruvian Águilas Negras (Black Eagles Special Police Unit)".

The Black Eagles, or Aguilas Negras as the group is known in its native Columbia, are collection of fragmented right wing, counter-revolutionary, paramilitary cells, thought to have been born from the paramilitary Self-Defense Units of Colombia (AUC).

The AUC faction the group originated from was an umbrella organisation of death squads designed to combat the Columbia's leftist guerrilla fighters and generate income through drug trafficking.

The group is commonly thought to have no centralised authority and is fragmented into different cells each with its own chain of command.

The Black Eagles group is infamous for its involvement in numerous massacres and mass displacements across Columbia. As well as drug trafficking, certain cells have been linked to kidnapping, extortion and racketeering.

The release was credited as being a part of it and LulzSec's ongoing Operation Anti-Security. The operation is a new cyber campaign led by the two hacking collectives designed to protest and combat any and all institutions or governments attempts to censor or moderate the internet.

Already its brother-in-arms LulzSec has taken credit for attacks and hacks on Arizona law enforcement, the U.K.'s Serious Organised Crime Agency and two Brazilian Government owned websites.

Anonymous is yet to release a formal statement outlining its reasons for the hack.

quote:

http://www.bronkerk.nl/page/page.php?ID=1

De site van de Bronkerk te Ugchelen is helaas niet bereikbaar. Dit komt door hackerspraktijken. Wij hopen dat wij zo snel mogelijk contact krijgen met deze hacker.

SPOILER

Om spoilers te kunnen lezen moet je zijn ingelogd. Je moet je daarvoor eerst gratis Registreren. Ook kun je spoilers niet lezen als je een ban hebt.

quote:

https://thepiratebay.org/torrent/6502765/antisec01

---- #ANTISEC ---- #ANONYMOUS ---- #HELLOCLOWNS ----

This is the first official #antisec release and within this archive you will find:

* ) Zimbabwean government dumps
* ) Mosman Municipal Council (mosman.nsw.gov.au) dump
* ) Universal Music Group Partners dump 1 & 2 containing umusic.com's user:passwords
and other data
* ) Viacom dump containing internal mapping of Viacom and its servers
* ) Assorted Brazillian Government dumps and passwords

Greetings fellow Anons, Swashbuckers and Lizards.

It has been a week since the LulzBoat lowered the LulzSec flag, she now proudly flies under the #AntiSec colors. Since this day, the movement is organized by a flotilla of independent but allied vessels.

In this short time, the friendly vessels were able to capture copious amounts of booty, all claimed in the name of #AntiSec. Make no mistake: While the LulzBoat is still sailing with us (albeit not with the LulzSec flag), the objective of #AntiSec is different. Despite being still driven by Lulz and therefore also providing them, the mission has become larger than us. #AntiSec is more than Lulz and more than even Anonymous: It is our true belief that this movement has the capability to change the world. And should that fail, we will at least rock the world.

Thus, the introductory #AntiSec release (dubbed AntiSec-001) does not contain the type of data that a typical Lulz Lizard can just abuse mindlessly. Instead, we provide material that is primarily against corrupt Governments (in our world this is all Governments) and corrupt companies. And keep in mind: #AntiSec vessels have a very large cache of valuable goods aboard; the crews are currently working hard to sort the loot in a way that even the lousy media sailboats are able to just grab it and sail away for the horizon. You will hear from us very soon.

And always remember: Let it flow and it will flow back to you.

#AntiSec
irc.anonops.li

quote:

AntiSec Slams Arizona Cops (Again) with Super Personal Data Spill

Looks like last week's "Chinga La Migra" strike against the Arizona Border Police was only part one—the sequel's landed today, and this time it's personal. Like, really personal: Anonymous is claiming social security numbers, girlfriend pics, and more. [...]

quote:

In this second bulletin, we're dumping booty pirated from a dozen Arizona police officer's personal email accounts looking specifically for humiliating dirt. This leak has names, addresses, phone numbers, passwords, social security numbers, online dating account info, voicemails, chat logs, and seductive girlfriend pictures belonging to a dozen Arizona police officers. We found more internal police reports, cops forwarding racist chain emails, k9 drug unit cops who use percocets, and a convicted sex offender who was part of FOP Maricopa Lodge Five.

We also hit the AZDPS spokesperson Stephen Harrison who been bragging to the news about how they are upgrading their security and how they will catch the evil hackers who exposed them. Clearly not secure enough, because we owned his personal hotmail, facebook and match.com accounts and dumped all his personal details for the world to see. The same fate will meet anyone else who tries to paint us as terrorists in an Orwellian attempt to pass more pro-censorship or racial-profiling police state laws.

quote:

Security researchers discover 'indestructible' botnet

More than four million PCs have been enrolled in a botnet security experts say is almost "indestructible".

The botnet, known as TDL, targets Windows PCs and is difficult to detect and shut down.

Code that hijacks a PC hides in places security software rarely looks and the botnet is controlled using custom-made encryption.

Security researchers said recent botnet shutdowns had made TDL's controllers harden it against investigation.

The 4.5 million PCs have become victims over the last three months following the appearance of the fourth version of the TDL virus.

The changes introduced in TDL-4 made it the "most sophisticated threat today," wrote Kaspersky Labs security researchers Sergey Golovanov and Igor Soumenkov in a detailed analysis of the virus.

"The owners of TDL are essentially trying to create an 'indestructible' botnet that is protected against attacks, competitors, and anti-virus companies," wrote the researchers.

Recent successes by security companies and law enforcement against botnets have led to spam levels dropping to about 75% of all e-mail sent, shows analysis by Symantec.

A botnet is a network of home computers that have been infected by a virus that allows a hi-tech criminal to use them remotely. Often botnet controllers steal data from victims' PCs or use the machines to send out spam or carry out other attacks.

The TDL virus spreads via booby-trapped websites and infects a machine by exploiting unpatched vulnerabilities. The virus has been found lurking on sites offering porn and pirated movies as well as those that let people store video and image files.
Continue reading the main story
“Start Quote

It's definitely one of the most sophisticated botnets out there”

Joe Stewart

The virus installs itself in a Windows system file known as the master boot record. This file holds the list of instructions to get a computer started and is a good place to hide because it is rarely scanned by standard anti-virus programs.

The majority of victims, 28%, are in the US but significant numbers are in India (7%) and the UK (5%). Smaller numbers, 3%, are found in France, Germany and Canada.

However, wrote the researchers, it is the way the botnet operates that makes it so hard to tackle and shut down.

The makers of TDL-4 have cooked up their own encryption system to protect communication between those controlling the botnet. This makes it hard to do any significant analysis of traffic between hijacked PCs and the botnet's controllers.

In addition, TDL-4 sends out instructions to infected machines using a public peer-to-peer network rather than centralised command systems. This foils analysis because it removes the need for command servers that regularly communicate with infected machines.

"For all intents and purposes, [TDL-4] is very tough to remove," said Joe Stewart, director of malware research at Dell SecureWorks to Computerworld. "It's definitely one of the most sophisticated botnets out there."

However, the sophistication of TDL-4 might aid in its downfall, said the Kaspersky researchers who found bugs in the complex code. This let them pry on databases logging how many infections TDL-4 had racked up and was aiding their investigation into its creators.

quote:

Anonymous Launches A WikiLeaks For Hackers: HackerLeaks

Despite countless WikiLeaks copycats popping up since the secret-spilling site first dumped its cache of State Department cables last year, the new generation of leaking sites has produced few WikiLeaks-sized scoops. So instead of waiting for insider whistleblowers, the hacker movement Anonymous hopes that a few outside intruders might start the leaks flowing.

Earlier this week members of the hacker collective, and specifically a sub-group known as the People’s Liberation Front, (PLF) launched two new leaking sites, LocalLeaks.tk (not to be confused with the similarly named Localeaks.com) and HackerLeaks.tk. Both hope to receive documents through anonymous submission channel, analyze them, and then distribute them to the press to get “maximum exposure and political impact.”

But while LocalLeaks aims to use WikiLeaks’ model of insider sources to expose corruption on the local scale, HackerLeaks openly invites data thieves to upload documents through its submission system, so that they can be analyzed and publicized. “You download it, we’ll disclose it for you,” the site’s homepage reads, listing potential booty such as “databases, exploits, security flaws, documents, and email spools.”

On Tuesday, according to one of the hackers involved who goes by the name Commander X, the leaking site got its first submission: a list of the personal details of Orlando officials including addresses, home values, incomes and other data. That “leak,” which Commander X says was submitted anonymously to HackerLeaks but posted, confusingly, on LocalLeaks, comes as Anonymous has been in the middle of what it calls “Operation Orlando.” Since early Tuesday hackers have been launching attacks on Orlando-based targets including OrlandoFloridaGuide.com and the websites of the Orlando Chamber of Commerce and Universal Studios in retaliation for arrests of Orlando workers for the non-profit Food Not Bombs who lacked permits.

“These are the folks that wrote and are enforcing a very brutal law against very poor people,” Commander X, who says he is serving as the current “editor in chief” of the two sites, wrote to me over instant message. ”They themselves appear to be very very rich, so we thought we would point that out.”

And why is a leaking site necessary for hackers, who have lately used sites like Pastebin to publish information on their own? Commander X argues that Anonymous and the PLF already have connections to press that can help better expose important data, and that they hope to also provide “unique and enlightening analysis.”

“We just wanted to make our own offering, compete in the disclosure marketplace and maybe fill a unique role if we can,” writes Commander X. He argues that part of that unique role is that HackerLeaks will be legal, despite publishing hacked materials. “We don’t obtain this material. We merely publish it. This violates no sane law anywhere.”

That’s an argument that sound much like the one used by WikiLeaks, which has also published hacked data including Sarah Palin’s emails and East Anglia University’s stolen emails related to climate change.

But that legal stance may be a tough sell for Commander X of all people. Although he refused to comment on whether he had engaged directly in illegal hacking, he describes himself as “field commander of a global cyber militia” and says that he has had some part in Anonymous operations that have involved attacks on Visa, MasterCard, and PayPal in retaliation for their severing ties with WikiLeaks, as well as attacks on the governments of Tunisia, Iran, and Egypt.

Commander X was also named by HBGary Federal chief executive Aaron Barr in a planned presentation to out Anonymous’ leaders. But Barr misidentified Commander X, who tells me is a “50ish” American hacker, as Ben De Vries, the founder of a Facebook group called Global Strike 2011. Barr’s digging incited Anonymous to attack HBGary Federal, dumping thousands of its emails in February on a site called AnonLeaks, Anonymous’ first experimentation with a WikiLeaks-like interface. Barr resigned later that month. Commander X says he wasn’t involved in the HBGary hack.

Commander X’s subgroup of Anonymous isn’t the only one that’s getting into the leaking game. The last release from the hacker group LulzSec included half a gigabyte of data from AT&T that has been reported to have come from an insider source at the company.

As part of its ongoing campaign known as AntiSec, aimed at exposing corporate and government data and humiliating security firms, one Anonymous twitter feed suggested earlier this week that leakers contact the group over IRC to spill insider secrets: “If you are working for a corrupt government/company: Leak the data.”

quote:

Report: FBI Raids Home of Woman With LulzSec, Anonymous Ties

When LulzSec closed up shop over the weekend, there were questions as to whether they were running from the authorities. Though no LulzSec-specific arrests have been made, it appears that U.S. authorities are actively pursuing those carrying out these types of hacks.

In an interview with Gawker, 29-year-old Laurelai Bailey said her Iowa home was raided last week by FBI agents looking for dirt on hackers with whom Bailey had been associating. The agents were reportedly looking into the February cyber attack on HBGary Federal carried out by Anonymous.

Bailey said the FBI was there for five hours, and took hard drives, a camera, and other equipment. The agents also asked her if she could infiltrate the hacking community, indicating a particular interest in a hacker known as "Kayla." As far as LulzSec goes, however, Bailey is not exactly their favorite person because she leaked the IRC logs detailing the HBGary Federal attack.

The reported Twitter account for "Kayla" includes a message that says users reaching the feed via Gawker "just got trolled." The LulzSec Exposed blog also claims the raid never happened.

Bailey denied being involved in any illegal hacking activity.

Among one of LulzSec's final targets, meanwhile, was the Arizona Department of Public Safety. In a Monday statement, the agency said LulzSec's demise does not mean it will stop its investigation.

"While the department noted that LulzSec has decided to disband, it does not diminish the intrusion into the privacy of our officers and the release of sensitive information. Nor does this relieve them of their criminal responsibility which may include both federal and state charges," the department said.

The department's email system was compromised during the week of June 20, and data from that system was posted online. "There is no evidence the attack has breached the servers or computer systems of DPS, nor the larger state network. Likewise, there is no evidence that DPS records related to ongoing investigations or other sensitive matters have been compromised," officials said.

At this point, remote access to DPS email remains frozen and the agency now has 24-7 monitoring of its Internet gateway.

For more, see PCMag's Guide to Knowing Your Hackers, as well as 50 Days of Mayhem: How LulzSec Changed Hacktivism Forever, and Did LulzSec Change the Hacking Game, or Just Get Lucky?

Update: The Anonymous collective on Wednesday released a new batch of data stolen from the Arizona Department of Public Safety, which includes everything from Social Security numbers to voicemails.

For more from Chloe, follow her on Twitter @ChloeAlbanesius.

quote:

Google is Your Friend - If You're a Lulzer

While the digital paparazzi were lined up waiting to snap photos of the Lulzboat crew getting vanned, some of us focused on how this collection of low tech script kiddies were able to knock over SONY, AT&T, the CIA, Arizona's DPS and numerous other sites and make off with highly confidential contents again and again.

It turns out that they had an accomplice, Google. Now before the good townspeople grab their torches and pitchforks and beat a hasty path to Mountain View, let it be known that Google's part in these massive hacks isn't actually Google's fault.

Or perhaps it can be if the public still wants to blame them anyway and question why this information is there on Google for the taking in the first place. But that's not really the issue at all.

The blame in my opinion lies once again with the administrators of the sites which were attacked. Google merely indexed the available booty for the lulzers and others and left the cardboard box on the curb where it could be picked up by anyone who drove by.

After all, page crawls weren't considered privileged information - they're all part of the "public internet" available to anyone who drops by.

How could this be? How could Google allow these kids to troll the internet and easily locate SQLi vulnerabilities or remote logins, passwords or even entire databases for the taking without any real effort at all? Simple.

A little thing known as SEO, sitemaps and the little spiders that go bump in the night. Let's look at the problem, along with a few specifics since the bad guys have been doing this for years and years and it's not a secret at all. Then I will explain what site admins can do to see to it that this information is not left at the curb any longer.

The problem:

Copy and paste the following into a Google searches in a new window. I'll wait:

filetype:sql hotmail gmail password

or

inurl:"login.(asp|php) inurl:"id=1"

You can try the above and substitute any of these too:

* userid=
* index=
* form=
* username=

You might even see some major security companies and governments turn up in there. For extra credit, use the "site:your website url here" and see what comes up on yours!

THIS is what the script kiddies do when they do their Google drive-bys. The victims of lulzsec and others fell because of such simple Google searches, and they're made even easier when you have a target URL in mind to play "anybody home?"

As long as Google has it in their indexes, and you know the keywords to search for sites, then it certainly isn't "nuclear brain science" when an injectable site is found.

There's plenty of tools to automate the attacks on the database behind the site once you know how to POST or GET to it. I've seen apologists claim "we don't use MYSQL."

Rest assured that there are exploit GUI's readily available for PostgreSQL, MSSQL and Oracle as well as lesser and older databases. If it's there, and they can find it, and they can talk to it, and you're not properly filtering what can get to it, your site could very well be the next breaking news story.