Anonops #7: Meer is beter

quote:

Ook jij staat in superdatabase van Brits bedrijf

Het Britse conglomeraat WPP heeft een database gemaakt met daarin de profielen van 500 miljoen internetters. De superdatabase, naar eigen zeggen de grootste ter wereld, heeft een dekking van bijna 100 procent van de Nederlanders die online zijn. Kom je op internet, dan weet dit bedrijf wat je doet en wie je bent.

WPP bestaat uit een groot aantal reclame- en communicatiebedrijven, die op hun beurt weer samenwerken met derden, waaronder internetgiganten als Google. Het verzamelt informatie over internetters bij bezoek aan bepaalde websites. Leeftijd, geslacht, interesses, koopgedrag, soms zelfs huisadressen, zijn enkele zaken die WPP registreert en doorverkoopt aan veel grote adverteerders.

Of in de toekomst 100 procent van de Nederlandse internetters geregistreerd blijven in de gigantische database, is nog maar de vraag. De Tweede Kamer ging onlangs akkoord met de nieuwe Telecomwet. Daardoor is ook formeel vastgelegd dat er strengere eisen worden gesteld aan websites voor het plaatsen van cookies op de computer van de internetgebruiker. Met cookies, kleine tekstbestanden, worden gegevens over het surfgedrag en persoonlijke voorkeuren van internetgebruikers geregistreerd. Ook kan zo worden bijgehouden welke producten door internetters in een winkelwagentje zijn gedaan. WPP werkt met cookies, maar ook met andere technieken om aan data over internetters te komen.

'Op internet zijn veel websites gratis, omdat adverteerders hun boodschap willen communiceren', zegt directeur Brian Lesser van Xasis, het bedrijf dat voor WPP de database beheert, in The Independent. 'Wij ondersteunen deze interneteconomie om deze bedrijven hun doelgroep te geven.' Volgens Lesser zijn alle gegevens geanonimiseerd.

Privacy-belangenorganisatie Electronic Frontier Foundation (EFF) is toch ongerust. 'Als je weet welke websites iemand bezoekt is het vrij eenvoudig om achter de identiteit van die persoon te komen', zegt John Buckman van EFF. Volgens de organisatie zou de superdatabase ook zeer interessant zijn voor hackers.

quote:

NATO Server Hacked by 1337day Inj3ct0r and Backup Leaked !

Team Inj3ct0r ( 1337day ) claim to hack Apache Tomcat Version 5.5.9 of NATO. The North Atlantic Treaty Organization or NATO also called the (North) Atlantic Alliance, is an inter governmental military alliance based on the North Atlantic Treaty.

They Leak a Backup of Random 2,646 files from Server as Proof of Hack . The archive uploaded by hackers is available at http://www.mediafire.com/?s2chp1v2jqsf52z .

We talk to Team Inj3ct0r about this hack They said :1.) The Reason of Hacking is “Nuclear weapons. its development and financing”2.) They hack Tomcat 5.5 Server using 1337day privat exploit (0day) .3.) They get the root privilege to the Server.4.) They are able to Deface the website of NATO also, but they will not do this. They have just take the backup of server and trying to distribute that on Internet.

quote:

Op dinsdag 5 juli 2011 12:31 schreef YazooW het volgende:

[..]

Als je een beetje een leek bent zou je denken dat ze een Apache helikopter hebben gehackt

quote:

Valt trouwens wel op dat die geuploade bestanden met daarin de gestolen data altijd behoorlijk lang nog op die file hosting sites blijft hangen...

quote:

Amerikaanse Secret Service jaagt op hacker Fox News

De Amerikaanse Secret Service, belast met de bewaking van president Barack Obama, onderzoekt de zes valse tweets over een moord op Obama. Een woordvoerder van de Secret Service heeft dat gisteren (lokale tijd) gezegd.

Hackers verstuurden de tweets gisteren, nadat ze de Twitteraccount van de populaire tv-zender Fox News hadden gekraakt. Een zekere 'Script Kiddie' schreef dat Obama was gestorven door twee kogels. Fox News kon de valse mails pas 10 uur later verwijderen.

quote:

Op dinsdag 5 juli 2011 16:23 schreef joepie91 het volgende:
http://thenextweb.com/eu/(...)talian-police-raids/

[..]

quote:

Op dinsdag 5 juli 2011 17:29 schreef joepie91 het volgende:

[..]

Mja, je moet toch wat als je als landelijke politiemacht niet voor lul wilt staan omdat je een organisatie die geen organisatie is niet aankunt?

quote:

Op dinsdag 5 juli 2011 17:32 schreef joepie91 het volgende:

[..]

Mja goed, het werd eens tijd dat dat het geval was...

YouTube- Yoda YOU WILL BE.wmv

quote:

PyroBatNL
De gegevens van de politiebond: phttp://pastebin.com/y0VVMkPv politiebond.nl is gehackt door leden #AnonOps
19 minutes ago

quote:

lysgu Lsygu Ntpfor
look who's back RT “@_TeaMp0isoN_ As I previously tweeted: Retweet this for #anonops IRC, proof we're not dead - pastie.org/private/h6zibm…”

quote:

FBI Raids Home of Ohio Man Linked to Hacker Group

U.S. authorities raided the home of a Hamilton, Ohio, man who appeared to have links to the hacker group LulzSec, as a probe into recent high-profile computer attacks gained momentum.

Agents from the Federal Bureau of Investigation searched the home Monday, an FBI spokesman confirmed without providing any further detail. A person close to the matter said the arrested man is an alleged LulzSec member.

U.S. authorities in recent months have conducted dozens of searches as part of investigations into Anonymous, a loosely knit group of cyber activists, and splinter group LulzSec.

The groups have claimed responsibility for a number of attacks against companies and government organizations. That has prompted a global law-enforcement crackdown on the groups that has included waves of arrests across Europe and in Turkey.

British police, who are cooperating with the FBI, have made seven arrests this year as part of their probe. That includes 19-year old Ryan Cleary who had been a prominent figure in Anonymous and then LulzSec. U.K. prosecutors last week charged him with five computer-related offenses. Authorities allege he infected computers in order to form a computer network, called a botnet, that he then used to launch online attacks against websites including that of the Serious Organised Crime Agency, a U.K. equivalent of the FBI.

Essex-based Mr. Cleary, who is out on bail, is co-operating with police, his lawyer said. The lawyer added that Mr. Cleary has been diagnosed with Asperger syndrome, a form of autism. The other six individuals arrested in the U.K. have been released on bail and haven't been charged.

LulzSec recently claimed to identify a couple of individuals it said had "tried to snitch" on the group. LulzSec appeared to reveal the full names, addresses and other contact information of two U.S. men it said were involved in criminal hacks. That included details of a person going by the nickname "m_nerva" who LulzSec claimed came from Hamilton, Ohio.

The individual identified by LulzSec, who apparently had a falling out with the group, couldn't be reached for comment.

LulzSec recently said it was ending its campaigns under that banner, but members have since joined a group within Anonymous called "AntiSec," short for "antisecurity."

Anonymous is well-known to U.S. law enforcement. By late last year, the FBI was investigating attacks by Anonymous members against the movie and recording-industry when the group also started targeting individuals and organizations that had tangled with document-sharing website WikiLeaks.

In January, FBI agents conducted searches of more than 40 residences across the U.S. No arrests were announced following those searches. The bureau is also probing subsequent hacks, including of Sony Corp. and HBGary Federal LLC, and an attack on FBI-affiliated organization InfraGuard. The FBI spokesman declined to comment on the probe.

In April, the FBI raided the home of Darrin Lantz in Gig Harbor, Wash., according to court filings. Authorities suspect Mr. Lantz was involved in an Anonymous campaign against websites belonging to Gene Simmons, of rock band Kiss, in retaliation for anti-piracy comments he made, court filings say.

Authorities say the attacks knocked Mr. Simmons's websites offline for 36 hours, causing tens of thousands of dollars in damage as a result of downtime and costs associated with changing computer servers and website hosts. During one strike, Mr. Lantz's computer attacked a website 48,471 times during a 47-minute period, authorities said.

Mr. Lantz, who hasn't been charged, didn't respond to a request for comment.

quote:

Op dinsdag 5 juli 2011 18:40 schreef joepie91 het volgende:

Veel geblaat, weinig wol. Ryan had vrijwel niets met Lulzsec te maken en was zeker geen "prominent lid", en de raid op Laurelai was waarschijnlijk een onzinverhaal (oftewel misinfo).

quote:

Leaked proposals reveal UK web censorship plans
Result of closed-door discussions

Ed Vaizey, the UK's Minister for Culture, Communications and Creative Industries, has been taking part in closed meetings with copyright lobbyists, apparently working on a proposal that could amount to internet censorship.

Leaked online, the proposed "voluntary website blocking" scheme would "inhibit access to specific sites" based on the opinions of "expert bodies" and through shotgun court hearings.

Ed Vaizey has already admitted in parliament that he has held a number of roundtables with ISPs but public interest organisations like the Open Rights Group who asked to attend the meetings were denied access.

Industry bias

The document relates to copyright infringement, but has also been linked to online child safety and there are fears that it could become a one-stop-censorship-shop for anything this "expert body" deems inappropriate.

Other rights-holding organisations involved in the talks include the Football Association, the Publishers Associations, the Motion Picture Association and music industry execs.

While these organisations are keen to protect their own content and stamp out online piracy, rights infringement and plagiarism, the fact that only one group with the interests of the average consumer have been invited to participate in just one session poses a real concern.

Access to the open internet is gradually becoming a human rights issue, and taking on only the views of a biased few when discussing actively blocking websites could have longterm repercussions for Brits.

Human rights

The Digital Economy Act has already proposed blocking sites for copyright infringement, but it's an act that has been the subject of much debate and concern among web-users and some ISPs.

As the Open Rights Group says, "Open policy making that takes on board the broadest range of views is not something within the gift of politicians but a responsibility they bear."

"It is critical that policy making happens through a broad and open public debate, especially on matters that so tangibly affect rights such as access to information and freedom of expression.

"This is not simply about the rights of 'sites that facilitate infringement' or those running them. It is about the processes through which decisions are made about what you are allowed to see and do. Clumsy, quasi-judicial and unaccountable website blocking is dangerous for exactly that reason."

Via BoingBoing

Read more: http://www.techradar.com/(...)969390#ixzz1RFa6X5uT

quote:

Op dinsdag 5 juli 2011 18:45 schreef joepie91 het volgende:

[..]

Wacht, kan zijn dat die in Ohio m_nerva was, en niet Laurelai... m_nerva was inderdaad gedoxt door Lulzsec voor zover ik weet, en heeft idd een bezoekje van de FBI gehad. Laurelai was al eerder aangewezen door Anonymous (ivm de puinzooi die hij/zij aangericht had met Anonleaks), maar die is dus niet geraid, en heeft zelf waarschijnlijk misinfo lopen verspreiden.

Ik ben even kwijt welke van de twee in Ohio woonde

quote:

Exclusive first interview with key LulzSec hacker

[quote]It was early May when LulzSec's profile skyrocketed after a hack on the giant Sony corporation. LulzSec's name comes from Lulz, a corruption of LOL, often denoting laughter at the victim of a prank. For 50 days until it disbanded, the group's unique blend of humour, taunting and unapologetic data theft made it notorious. But knowing whether LulzSec was all about the "lulz" or if it owed more to its roots as part of Anonymous – the umbrella group of internet subculture and digital activism – was pure speculation. Until now.

quote:

http://pastebin.com/TvSxycCf

To all friendly and enemy vessels,

Today we want to introduce you to Nimbuzz, a Dutch company providing a free
mobile messaging application carrying the same name. This company is not
situated in just the Netherlands as they have offices in Argentina, India,
Indonesia and all over Europe. So why does this company interest us? Well,
simply put, they are capable and self-admittingly willing to co-operate with
governments to help censor the public's use of the very service they offer.

Now it should be noted that some of our blackhat friends who are extensively
involved in the AntiSec movement have had access to this company's networks for
some time. Their access to this network is best described as complete access to
everything in their network including all of their source code on Nimbuzz's svn
server. The gross incompetence of the security model put in place for this
server astounded even us.

We have access to many many networks and because of this we have to prioritize
what is of interest or use to us (or you, the public that we love so much).
However, we had some friends bring it to our attention that this Nimbuzz
company is actually enacting policies that directly go against everything
Antisec stands for. Thus, here we are.

To prove that we aren't making this up here is a document in their CMS
displaying the procedure of how, if requested, they can switch off VOIP
services BY GOVERNMENT REQUEST. A quote from the document:

"In some countries governments and/or operators have reasons for not allowing
VoIP over (mobile) data networks. They may use technical means to active
block and / or throttle the Nimbuzz traffic over their network. This results
in total, partial or severe Nimbuzz service degradation towards the end-user.

When these cases are known, Nimbuzz will open dialogue with the
government/operator. Aim is to resolve the service degradation and restore
quality of service. In return for allowing Nimbuzz service to run properly,
we can offer to switch of VoIP calls on this operator network."

The document goes further to state that Nimbuzz currently blocks all VOIP
traffic in Syria and Egypt and even includes specific data such as IP ranges
given by providers.

This is entirely unacceptable and let's make this perfectly clear:

We DO NOT tolerate any kind of censorship of communication.

We DO NOT tolerate companies working in collusion with governments to stop the
free flow of information

We WILL expose these companies to the public to show how their information can
be manipulated and censored by the governments and corporations that work with
them

Thus, we release the document mentioned above in full as well as some other
information from their CMS. As a bonus we have also acquired some code from the
/trunk directory on their svn. In total we downloaded over 120 Gigabyte of
source code but will not release it..yet.

Take heed, governments that seek to oppose the people who elect them and the
corporations who the people work for - We will not stand idly by while you take
away our electronic and physical freedom.

"People should not be afraid of their governments. Governments should be afraid
of their people."

FILE VIEW/DOWNLOAD:

VOIP Block CMS Site: http://pastehtml.com/view/azgwu5ol2.html
AntiBuzz.rar (4.25 MB): http://www.mediafire.com/?zj9q7gng34ptais

Mirrors available soon, also to be included in next torrent release. Let it flow!

quote:

2011-07-05 LocalLeaks and HackerLeaks Press Release

First we would like to thank the global media for being so attentive to the launch of our two new disclosure platforms. We would also like to thank the several dozen people who already trusted us with their sensitive leaks. It has been a remarkable week for those of us who staff these two important projects. None of us ever expected in our wildest dreams the enormity of the reaction to these two ideas.

However we have some sobering news to report. Today, Independence Day in the USA no less - our registrar has suspended our Top Level Domains and shut down both sites. Having failed to explain their reasoning we are left to assume that it was our content they didn't like, and so both HackerLeaks and LocalLeaks have been effectively silenced - censored - and shut down.

ImageThe company responsible is located at www.dot.tk and we encourage all free speech and free information advocates to contact this company and let them know exactly how you feel about censorship. We are seeking legal assistance to help us, and if you're a lawyer and can volunteer your time please contact us at PLF@cyber rights.net

We are in process of registering new Top Level Domains for HackerLeaks and LocalLeaks. The sites and the platforms themselves are fine, and anyway we have back-up copies of both sites as well as mirror servers. Both of these important offerings will be back online within 48 hours and this will not stop our project. This censorship has cost nothing other than it has prevented the world from seeing our disclosures and the people from having a safe place to disclose, and that for only a short time. We will return shortly, expect us.

SIGNED -- LocalLeaks & HackerLeaks Team

quote:

Raymond DeRoo
@rderoo
Hi, I am Raymond and due to my gross incompetence I handed our company Nimbuzz to the #antisec movement. They have all of our CMS and SVN content. Yay!

quote:

rderoo Raymond DeRoo
Hello @Nimbuzz, am I gonna keep my job? Just wondering.
15 minutes ago Favorite Retweet Reply

quote:

Anonymous: Bigger, More Contentious, More Chaotic… but Better?

Much has been made about conflicts that have arisen within the hacker community; the main stream media has made sure of that. Stories of rogue programmers sabotaging parts of networks, or supposed splinter groups pursuing alternative agendas have proliferated. Focus has been put on isolated cases, and rumors of questionable provenance, in order to present a negative opinion of Anonymous with the intent of eroding their overwhelming global support and participation.

Differences of opinion about how to achieve shared goals are the lifeblood of progress, even as they appear to be barriers. Any relationship without debate is stagnant. Any opinions discussed without dissension lack foundation. Any operation carried out without the vetting of competing strategies is poorly planned. Conflict and struggle are often necessary for progress, particularly with group dynamics, and the presence of any element of contention proves the growing strength of the Anonymous movement. The media has simply misrepresented positive group dynamics and presented them in a way that supports their anti-Anonymous narrative.

Conflict can be the harbinger of discovery when welcomed by, and dealt with as, a community of peers. The push-and-pull of passionate participants is often chaotic despite the beauty of the resolutions achieved. Democracy, in all its glory, can be a wonderfully messy and disorganized experience.

The influence of any negative elements, or destructive agendas, such as those present in any large community, can find fertile ground in a community that encourages equal participation within a decentralized and non-hierarchical structure. The process of dealing with these issues through inclusion, transparency, and informed debate may have the appearance of vulgarity but results in the sophisticated inclusion of all while identifying negative forces that will be expelled by the group as a whole. It’s quite democratic. Exclusion of dissension, or minority opinion, may have the appearance of efficient deliberation, but the consensus is false and the issues have been left unresolved and ignored. Sometimes you gotta get in and mix it up a little in order to solve a problem and make some progress. This is the nature of an inclusive and egalitarian community.

Anonymous has grown. It is growing exponentially. It is no longer a semi-closed, elite community of anti-Scientology activists or digital pranksters… well, not only (lulz:). The massive increase in the size of the community has brought development and maturity in the community’s sense of purpose and level of effectiveness. It is truly becoming a global community, as dynamic and multifaceted as any, but much more democratic, and far more threatening to the status quo, than others.

Thus, Anonymous is the target of main stream media assaults and the victim of repeated smear campaigns. It is the subject of disdain for politicians and CEOs, and the identified enemy of governments. It is the thorn in the side of corporations and predatory global capitalist. Anonymous unites heads of state from North America and Europe with dictators and tyrants around the world in a common goal of subversion, and censorship, against this entity that threatens their power and control.

The funny thing is, Anonymous is you. Anonymous is all of us. Anonymous is nothing more than a democratic movement of the people of the planet. Decentralized, and non-hierarchical, this movement represents the collective will of the people of this planet. However, as we are discovering, the will of the people is not the same as the will of the power-that-be. Polls of the people say one thing, but our governments always seem to vote with the corporations. People want to end the wars but our governments keep sending our young to be canon fodder for corporate expansion and resource acquisition. The divide between the people of this planet, and those that lord over them, is becoming increasingly apparent, and increasingly unacceptable.

The corporate controlled media will shine a light on those that disagree with, and seek to do harm to, Anonymous, or even those that try to undermine the credibility of Anonymous by assuming that mantle. Every large community has miscreants. The success and progress of Anonymous has not been effected by minor internal strife, quite the contrary, nor has the relentless media campaign achieved its goal. Anonymous has become a global force to be reckoned with, and this is making a lot of very powerful people very anxious.

Those that hold the power, and control the resources, do not want democracy, transparency, equality or emancipation for the people of this planet. This system is working very well for their interests. Anonymous, all of us, you and me, the people of this planet, informed, enlightened, and communicating, is their worst nightmare. We are Anonymous. We are those whom they are using all of their resources, technologies, law enforcement, and political institutions to stop, censor, and silence. We, the people of this planet, have become a serious threat to those that would own each and every one of us (as they do through imposed financial indebtedness to them) as well as our food, our water, and our planet itself.

So, before you buy into the media spin on the supposed problems within Anonymous, or conflict among hackers, take a look at the following videos. These videos are just a sampling of very current Anonymous and AnonOps operations and activities. Anonymous is now able to fight wars on multiple fronts. Anonymous is now able to directly confront some of the largest and most powerful governments and corporations on the planet. Anonymous is so big it can no longer be hidden like a digital light under a proverbial bushel, nor should it be.

quote:

THIS DOMAIN HAS BEEN SEIZED IN THE NAME OF

$$\ $$\ $$\ $$\
$$ \$$ \ $$ | \__|
$$$$$$$$$$\ $$$$$$\ $$$$$$$\ $$$$$$\ $$\ $$$$$$$\ $$$$$$\ $$$$$$$\
\_$$ $$ | \____$$\ $$ __$$\\_$$ _| $$ |$$ _____|$$ __$$\ $$ _____|
$$$$$$$$$$\ $$$$$$$ |$$ | $$ | $$ | $$ |\$$$$$$\ $$$$$$$$ |$$ /
\_$$ $$ _|$$ __$$ |$$ | $$ | $$ |$$\ $$ | \____$$\ $$ ____|$$ |
$$ |$$ | \$$$$$$$ |$$ | $$ | \$$$$ |$$ |$$$$$$$ |\$$$$$$$\ \$$$$$$$\
\__|\__| \_______|\__| \__| \____/ \__|\_______/ \_______| \_______|

Visit us on IRC, server irc.anonops.li channel #antisec

We also would like to deliver the following message from Anonymous:

quote:

AnonymousIRC AnonymousIRC
So the word is that admins have been locked out from government servers. http://icdh.gov.tr/

| Let's see when they pull the plug. #AntiSec

quote:

Anonymous eyes political role, but won't go legit

Hacker group Anonymous plans to promote an affiliated political party to attract people who share its civil liberties goals, but do not agree with its methods.

The move appears similar to those by many protest movements that floated legal organizations and parties to represent their case in political, social and legal forums. But the decentralized nature of Anonymous, which claims no central leaders or control structure, will likely make it difficult to get support from all members.

There's some evidence of that already.

Anonymous had earlier said in a video that it will stop hacks and DDoS (distributed denial of service) attacks, and will restructure the system from the inside. "Although these methods were effective in turning the media's attention to civil rights violations when our numbers were small, and we had limited options, we now have the numbers to make a difference legally," it said.

Message From TheAnonParty

The video posted on July 4 on YouTube did not go down well with some group members. It also did not prevent Antisec, a movement led by Anonymous, from hacking and defacing websites in Turkey on Wednesday.

"This (party) is just another group that wants to support the goals of Anonymous. It isn't going to replace it," said Testudo Smith, a spokesman for the group behind the push to form a political party.

Smith said the group's mission at this point is to set up an advocacy group to provide Anonymous with legal channels with which it can fight for its goals of Internet freedom and civil rights. These legal channels are what Anonymous is most lacking at the moment, he added.

A website set up for the Anonymous Party of America sets out a broad agenda for a political party that is largely focused on U.S. politics, and will work towards transparency and accountability in government, individual rights, and common sense. It calls on "any Congressman or Senator that has any honor left, to resign from their corrupted parties and join our call for and end to the present system".

The group might find it difficult to gain legitimacy if other hackers, under the banner of Anonymous, continue to carry out attacks on the websites and networks of companies and organizations.

Smith admitted that getting all hackers to support his group's goals would be difficult.

"We have no control over Anonymous as a whole. There aren't any leaders, and it would be futile to attempt to control Anonymous," Smith said.

But should the political pressure group gain widespread support, the group has grander plans.

"Eventually, when we have enough support, and if we think that it is the best way to make a political impact, then we will register ourselves," Smith said. That's in the very long term though, he added.

Anonymous has been the target of police actions in some countries, including Turkey, Spain, Italy, and the U.K. It also found itself alienated from the mainstream population that supports Internet freedom and individual rights, but were not in favor of the group's methods.

quote:

http://thepiratebay.org/torrent/6525567

Today we release the ownage of another government-contracted IT company, IRC
Federal. They brag about their multi-million dollar partnership with the FBI,
Army, Navy, NASA, and the Department of Justice, selling out their "skills" to
the US empire. So we laid nuclear waste to their systems, owning their pathetic
windows box, dropping their databases and private emails, and defaced their
professional looking website.

In their emails we found various contracts, development schematics, and internal
documents for various government institutions including a proposal for the FBI
to develop a "Special Identities Modernization (SIM) Project" to "reduce
terrorist and criminal activity by protecting all records associated with
trusted individuals and revealing the identities of those individuals who may
pose serious risk to the United States and its allies". We also found
fingerprinting contracts for the DOJ, biometrics development for the military,
and strategy contracts for the "National Nuclear Security Administration
Nuclear Weapons Complex".

Additionally we found login info to various VPNs and several Department of
Energy login access panels that we are dumping *live* complete with some URLs
to live ASP file browser and upload backdoors - let's see how long it takes for
them to remove it (don't worry we'll keep putting it back up until they pull
the box ;D)

Before we begin the drop, a personal message to the employees of IRC Federal:

If you place any value on freedom, then stop working for the oligarchy
and start working against it. Stop aiding the corporations and a government
which uses unethical means to corner vast amounts of wealth and proceed
to flagrantly abuse their power. Together, we have the power to change
this world for the better.

“He who passively accepts evil is as much involved in it as he who helps
to perpetuate it.” –Martin Luther King, Jr.

Props to our black hat and antisec comrades: bantown, dikline,
h0no, phrack high council, ~el8 and all you kick-ass motherfuckers
we've never even heard of. Thank you.


################################################################################
## own & rm # own & rm # own & rm # own & rm # own & rm # own & rm # own & rm ##
################################################################################

ello ej33t hax0urz! We decided to throw in a little bonus for those of you that
sojourned through this boring-ass document to give you a little taste (and
hopefully some ideas!) of how this went down.

Before you Adrian Lamo-type el33t (lololol !!!) hackers get sticks up your
asses, just keep the previous doc in mind and remember: even if all you can do
is sql injection, you're still ~300% more talented than most grandmas!
h0h00h0h0!!! (srsly tho)

http://www.ircfederal.com(...)0select%201,username,
mynumber,1%20FROM%20logins%20WHERE%20username%20%3C%3E%20%27bhunt%27

# admin login!

Once we had the admin login, there was a script to upload images. They had
blacklisted extensions (note to self: a whitelist would be more appropriate
here!), that disallowed ASP among others. What they didn't check for was .cfm

There were a few others as well. There was an internal phpbb database that we
downloaded and cracked and got some email passwords.

So now you know! Protect your shit and keepz it realz!

################################################################################
## own & rm # own & rm # own & rm # own & rm # own & rm # own & rm # own & rm ##
################################################################################

quote:

Op zaterdag 9 juli 2011 00:24 schreef Yuri_Boyka het volgende:
Bestond Anon al in 2008?

Message to Scientology

quote:

Op zaterdag 9 juli 2011 09:55 schreef RobertoCarlos het volgende:
Stel dat iemand kritiek heeft op anonops, wordt die persoon dan aangepakt of is dat dan het vrije woord?

quote:

Anonymous threatens police over phone hacking and Julian Assange


Senior source inside hacker collective seeks to embarrass Metropolitan police and judges with 'explosive' revelations

Figures at the top of hackers' collective Anonymous are threatening to attack the Metropolitan police's computer systems and those controlled by the UK judicial system, warning that Tuesday will be "the biggest day in Anonymous's history".

The collective is understood to be seeking to express anger over News International's phone hacking and at the threatened extradition of WikiLeaks founder Julian Assange.

A Twitter feed purporting to belong to Sabu, a senior figure within the group and the founder of the spin-off group LulzSec, which hacked a site linked to the CIA and the UK's Serious Organised Crime Agency, promised two releases of information would be launched within a day.

"Everyone brace," he tweeted. "This will be literally explosive."

A follow-up message read: "ATTN Intelligence community: Your contractors have failed you. Tomorrow is the beginning."

The account, @anonymouSabu, has not been verified as belonging to Sabu – but it has over 7,700 followers and has been referenced by the "official" Anonymous @anon_central account on Twitter.

Sources close to the collective were unusually close-lipped about the targets of tomorrow's hack, but talk within chat channels has suggested several top-level members of Anonymous are eager to launch attacks based around Julian Assange's appeal hearing against extradition, which begins on Tuesday.

Others are also believed to have proposed targeting the Met in retaliation for alleged payments to police officers by News of the World reporters, and the general response to the phone hacking scandal.

Other speculation centres around material claimed to have been obtained last week from contractors relating to security and secrecy of "former world leaders", or plans to target a senior leaders' retreat at Bohemian Grove, California.

As is typical in the chaotic and occasionally paranoid Anonymous community, other sources close to the collective are warning some prominent members are probably engaging in "disinformation campaigns" ahead of any action.

Communication problems around the planned releases were compounded as the main chat channel used by Anonymous was offline for much of Monday, leaving even those close to senior members of the collective unable to verify rumours ahead of the release.

Rumours on Friday suggested that one Anonymous member had broken into the News International servers and taken copies of some internal emails which were being offered for sale or even ransom. However this could not be confirmed, and the Guardian has not seen any evidence that the claimed email stash is legitimate, although News International's site is understood to have been "probed" by members of Anonymous at the end of last week.

Last Wednesday, two days after the Dowler revelations, a listing of emails of NoW staff appeared on Pastebin, a favourite site for posting the results – or beginnings – of attacks against all sorts of sites by Anonymous and other hacker groups.

One source told the Guardian that News International's server had been probed for up to 30 minutes at a time last week by hackers using "proxy chaining" – a method of logging in via a number of remote computers – to disguise their identity. "Everyone thinks Interpol will get involved at some point," the source said.

The hackers' anger at the company was ignited by the revelation last week that a private detective acting for NoW had listened into voicemails on the phone of the murdered teenager Milly Dowler, which may have interfered with the police investigation to find her.

Anonymous has previously attacked PayPal and Visa over their refusal, following orders from the US government, to process donations for WikiLeaks. It has also carried out online attacks against the Church of Scientology over what is seen as suppression of information.

quote:

Military Meltdown Monday


Hello Thar!

Today we want to turn our attention to Booz Allen Hamilton, whose core business
is contractual work completed on behalf of the US federal government, foremost
on defense and homeland security matters, and limited engagements of foreign
governments specific to U.S. military assistance programs.

So in this line of work you'd expect them to sail the seven proxseas with a
state- of-the-art battleship, right? Well you may be as surprised as we were
when we found their vessel being a puny wooden barge.

We infiltrated a server on their network that basically had no security
measures in place. We were able to run our own application, which turned out to
be a shell and began plundering some booty. Most shiny is probably a list of
roughly 90,000 military emails and password hashes (md5, non-salted of course!).
We also added the complete sqldump, compressed ~50mb, for a good measure.

We also were able to access their svn, grabbing 4gb of source code. But this
was deemed insignificant and a waste of valuable space, so we merely grabbed
it, and wiped it from their system.

Additionally we found some related datas on different servers we got access to
after finding credentials in the Booz Allen System. We added anything which
could be interesting.

And last but not least we found maps and keys for various other treasure chests
buried on the islands of government agencies, federal contractors and shady
whitehat companies. This material surely will keep our blackhat friends busy
for a while.

A shoutout to all friendly vessels: Always remember, let it flow!

http://wikisend.com/download/405742/military_email_pw.rar

#AntiSec

quote:

BONUS ROUND: BOOZ ALLEN HAMILTON KEY FACTS

quote:

BONUS ROUND TWO: ANONYMOUS INTERESTS

quote:

Enclosed is the invoice for our audit of your security systems, as well as the
auditor's conclusion.

4 hours of man power: $40.00
Network auditing: $35.00
Web-app auditing: $35.00
Network infiltration*: $0.00
Password and SQL dumping**: $200.00
Decryption of data***: $0.00
Media and press****: $0.00

Total bill: $310.00

*Price is based on the amount of effort required.
**Price is based on the amount of badly secured data to be dumped, which in
this case was a substantial figure.
***No security in place, no effort for intrusion needed.
****Trolling is our specialty, we provide this service free of charge.

Auditor's closing remarks: Pwned. U mad, bro?

We are Anonymous.
We are Legion.
We are Antisec.
We do not forgive.
We do not forget.
Expect us.

quote:

BoozAllen Booz Allen Hamilton
by AnonymousIRC
As part of @BoozAllen security policy, we generally do not comment on specific threats or actions taken against our systems.

quote:

A Glimpse into the Shady World of Romas/COIN

In February, the hacktivist group Anonymous released 70,000 emails from security firm HBGary Federal, revealing that the firm had been part of an effort to sell its information-warfare services to companies seeking to attack WikiLeaks. Barrett Brown combed through the emails and found evidence of what he says is a massive surveillance effort involving numerous security firms. According to Brown, this effort is primarily targeting the Arab world, and is evidently run for the U.S. government. Even Disney/Pixar appears to have been caught up in the effort, at least peripherally. The HBGary Federal emails suggest the alleged program, known as Romas/COIN, is about to be upgraded to a new program known as Odyssey.

quote:

What happened to all the good things we did? Scientology, Habbo, Tunisia, Egypt, true crowd power. We are left with 2 individuals who front an extend group of less than 20 individuals. Wtf.

'Why do we protest?' - We are forgetting.

Over recent months we have all stood by and watched a few members of our beloved Anonymous form their own 'splinter' group known as lulz Security. In the beginning many of us cheered them on as they provided us with the 'lulz'. As their ego's grew so did their unethical ambitions, and to be more precise their motives changed.

Around June 25th, after realizing that not only had their random spree attracted the attention of Law Enforcement but also other well-known and well respected hackers, they decided to merge back into OUR mothership - they had pissed off everybody and then wanted back in - to hide - to blend amongst the mass that is Anonymous, in order to divert unwanted attention back to all Anons.

These individuals have lost their way and lost sight of the original Anonymous ethos. They are attempting to rail-road the collective for their own agenda. Do not allow it.

They are not heroes. They are not powerful or to be feared.

They are vulnerable and they know it.

THEY DON'T SPEAK FOR ALL OF US

They have made powerful enemies, and their so-called 'friends' display the usual characteristics of either bots, or mal-adjusted children who troll and look up to fools in the abscence of a real cause. The sense of victory that some of us feel right now is false and will be short-lived. History will very soon remember these individuals as ego-driven maniacs with no cause. Pathetic individuals who thrive on releasing private information, that is endangering real people in the real world. They do this in the name of Anonymous. This is how we will be remembered too.....unless we prevent it.

Look at the feed above, that's anonymous falling apart - LIVE at the hands of a few scared and insignificant info-rapists.

It's not their anonymous, just as it's not ours. Why are we letting them treat us as theirs?

I think it's time we showed these fools how WE are legion, and we do not forgive, or forget.

df6ee8f33f8878e46149af369ef26428

quote:

Operation Green Rights\' Project Tarmaggedon

JULY 12, 2011 -- -- Operation Green Rights presents: Project Tarmeggedon

Free-thinking citizens of the world:

Anonymous' Operation Green Rights calls your attention to an urgent situation in North America perpetuated by the boundless greed of the usual suspects: Exxon Mobil, ConocoPhillips, Canadian Oil Sands Ltd., Imperial Oil, the Royal Bank of Scotland, and many others.
This week, activists are gathering along U.S. Highway 12 in Montana to protest the transformation of a serene wilderness into an industrial shipping route, bringing "megaloads" of refinery equipment to the Alberta Tar Sands in Canada (see Tar Sands FAQ Sheet below).
Anonymous now joins the struggle against "Big Oil" in the heartland of the US. We stand in solidarity with any citizen willing to protest corporate abuse. Anonymous will not stand by idly and let these environmental atrocities continue. This is not the clean energy of the future that we are being promised.

We will, over the course of the next few days, use the powers we posses to spread news about this scenario and the corporations involved. We are actively seeking leaks to expose the corruption that we all KNOW is beneath this. Anonymous will support the activists on July 13-14 when they initiate civil disobedience and direct action to confront this dire issue. We urge you to get involved. Montana and Idaho citizens, we ask you to join local protests and attend the Highway 12 rally if you are close enough! If you're not, join us in the IRC listed below for our own good times.
The continued development of the tar sands is a major step backward in the effort to curb global warming. Anonymous will not suffer this without a fight, and Operation Green Rights will always support the rights of the people to live in an unpolluted world, and aim to help safeguard it for the future. One way or another.

We are Anonymous.
We are Legion.
We do not forgive.
We do not forget.
Expect us.
IRC: irc.anonops.li channel #operationgreenrights
Location of Protest: http://tinyurl.com/5sy57bg
Sign up to protest! http://www.tarsandsaction.org/sign-up/

quote:

Op dinsdag 12 juli 2011 22:42 schreef Papierversnipperaar het volgende:
http://www.whyweprotest.net

[..]

twitter:

AnonBroadcast twitterde op woensdag 13-07-2011 om 16:33:06 @LR6security #lulzsec with #jester leadership successfully DDoS'd anonyops.net,injected #whyweprotest & #trolling @anonymousabu via twitter reageer retweet

twitter:

RichRoma twitterde op woensdag 13-07-2011 om 23:08:15 @anonymouSabu Thank you for keeping your promise like a man - you said you'd affirm/deny when you are finally doxed successfully cheers m8 reageer retweet

twitter:

anonymouSabu twitterde op woensdag 13-07-2011 om 23:10:18 @RichRoma I am honest. No need to hide who I am. Now come and get me. I have more surprises up my sleeve, putahna;) reageer retweet

quote:

PayPal CSO calls for AntiSec hunt

PayPal’s chief security officer has called on the industry to reveal the identities of hackers involved in the online Anti Security (AntiSec) movement in order to stop a string of attacks against organisations.

The movement was run by activists, some within the online Anonymous collective, who had banded together with others to attack organisations it accused of corruption and censorship.

Individuals and groups hacked and launched denial of service attacks against US police, defence and intelligence departments, large technology companies and security firms, and dumped troves of sensitive data on public forums.

This had to stop, according to PayPal security chief Michael Barrett.

“I believe it’s crucial for all companies to do what they can to try to identify these individuals,” Barrett said.

“They delude themselves that they are anonymous on the internet. They are not.

"They can be found, and for the continued safety of the internet, we must identify them and have legitimate law enforcement processes appropriately punish them.”

PayPal’s own Electronic Crime and Threat Intelligence Unit, home to a veteran cybercrime investigator and former consultant to the FBI, Scotland Yard and the US Secret Service, had been on the tails of hacktivist groups for years.

The payments giant also has a personal interest in tracking down hacktivist groups. AntiSec hackers had encouraged others to attempt to access PayPal customer accounts using leaked usernames and passwords. Last year, PayPal's blog website was taken offline following a distributed denial of service attack launched by activists angry that the company had frozen a donations account used by whistle blowing website WikiLeaks.

The AntiSec movement had existed for around a decade and was loosely guided by a mission statement to reveal poor security practice and put an end to security exploit disclosure which it said gave ammunition to criminal ‘black hat’ hackers and put consumers in danger.

But that was a false philosophy, according to Barrett.

“While many of them claim to be defending the internet they love, in practice it would seem that they are only hastening its demise. A cynical interpretation would suggest that what most of them desire is actually their ‘fifteen minutes of fame’.”

He disagreed with some commentators who argued the AntiSec movement may be effective in its mission to force organisations to improve poor information security practice.

“Thoughtfully designed industry regulation” like the Payments Card Industry Data Security Standard (PCIDSS) would do a better job, according to Barrett.

“No one would suggest encouraging improved physical security in the real world by decriminalising breaking and entering and classifying it as a sport; why should the online world be any different?” he said.

The AntiSec movement was brazen. Data stolen during the attacks was typically uploaded to pastebin.org and popular filesharing and BitTorrent websites, and promoted in the relentless stream of Twitter conversations under the AntiSec hashtag.

The most recent high-profile victim of the AntiSec assaults was agricultural giant Monsanto in which 2550 names, addresses phone numbers and email addresses reportedly linked to the company were exposed.

Previous targets included the CIA, Arizona Police department and the beleaguered tech monolith Sony.

Yet for all the bravado of the attacks, Barrett said the participants, typically teenage or young men, were terrified of being arrested.

“They are terrified of being ‘vanned’ (arrested), and if enough of them are, then I believe we’ll start to see a significant reduction in the activities of these groups," he said.

If law enforcement failed to catch the perpetrators, Barrett believed the AntiSec movement would continue unchecked.

In the meantime, the security industry should keep on its toes.

“Security companies and security experts are targets too,” Ron Gula, chief executive of Tenable Network Security said.

“We should not feel that we are ‘above’ being attacked or get some sort of pass for not being a victim just because we're part of the good guy team.

“We all need to collectively watch our backs and realise that if and when we are targeted, it is a serious matter and should not be something that is taken lightly.”

quote:

The Quest to Unmask the Ringleader of Anonymous

A Wednesday blog post from a hacker known as The Jester claimed to unmask the ringleader of Anonymous. The thing is, it's pretty unclear if this claim is anything close to legit. First, let's go through The Jester's story.

Known online only as Sabu, the hacker leader The Jester claims to expose made a name for himself with an Anonymous attack on the internet security firm HBGary earlier this year. A series of internet relay chat (IRC) logs from that time period shows Sabu's leadership tendencies within Anonymous. Instructing other hackers and taking taking credit for bringing down HBGary, Sabu appears in those #HQ chat logs to be the group's mastermind. And at one point, while discussing how to set up mirror sites for the HBGary data, Sabu claims ownership of a private web domain. "I can setup anonleaks.prvt.org let me know," said Sabu in IRC. "It's one of my private domains."

On another occasion, Sabu accidentally pasted this domain (prvt.org) into the chat, and The Jester says that by using this URL and the identifying data behind it, we can trace Sabu's identity to Hugo Carvalho an IT professional from Portugal. Using the domain registry information, The Jester links prvt.org to an email address owned by Carvalho's company Host Squadron, as well as the hacker handle, Visigod, which he says Sabu used when he started his Anonymous work. As further proof, The Jester reminds us that Sabu regularly tweets in Portuguese and references Brazil, the address on the domain registry. He links to Carvalho's website, Facebook, MySpace and LinkedIn profiles to show further how he fits the Sabu profile.

The Jester's claim is suspect for a couple of reasons. First of all, Hugo Carvalho flatly denies that he's a hacker called Sabu. "I'm Hugo Carvalho, and the story behind me and this nick guy Sabu is a complete lie. Someone stole my photo from one of my Web sites and started to spread the rumor that I was affiliated with this hacking group," he said in an e-mail to CNET's Elinor Mills. "Feel free to post this e-mail in your Web site and state that there is no relation between me and anyone related to that hacking stuff."

Second, domain registry information is not that hard to change or forge. According to Domain Tools, the owner information on prvt.org has been changed 59 times since November 2007. In fact, the domain was made private from 2009 to June 23, 2011, leaving no history during Anonymous's most active time period. Without access to all those records, we might assume that The Jester is just filling in the blanks with his own theories. The Jester is the first to admit that Sabu could be using the prvt.org as a disinformation tool to mislead authorities and points to a tweet that reads, "@anonymousabu: If its not already obvious already: my!=hector/xavier/rafael lima/monsegur/de leon/kaotico/negron.Disinfos my game – enjoy the ridemates." The list is of some of the many names attached to Sabu, and "!=" is "not equal to," indicating that Sabu is saying none of them are correct.

Sabu actually preempted The Jester's latest claims on Twitter. "OK You found me. I am Hugo. I am in Portugal. Next question is: Can you stop me? " he tweeted on Monday. After The Jester's post Wednesday he went into rapid fire mode, tweeting and retweeting dozens of times an hour about the claims. "Extradite me, then I impress," he tweeted at The Jester just after the blog post went live. "The government of Portugal will not extradite me," he tweeted a few minutes later. "Lets see how far they will go. If you can extradition rights within Portugal I will impress. Next question is: where in europa?" he tweeted to a question from @revmagdalen about the claims. "So make it happen. I am personally challenging you to force your gobernment to force my gobernment to give me up. Your new task," he said in a follow up tweet.

The Jester's claim has renewed interest in unmasking Sabu, but it's a Sisyphean task. As has happened when trying to factcheck older claims to Sabu's identity--some of which have attempted to use prvt.org as a lead--the case is always pretty thin. Though rivals deny that Anonymous hackers are that talented, leaders like Sabu, kayla and Topiary have been successful at dodging or convoluting attempts to reveal their real identities. It's worth remembering that Anonymous has always described itself as a leaderless organization. "We are Legion," reads their motto.

But this peek into the finger-pointing world of hackers does reveal is a culture of superlatives and sabotage. "[Those who try to unmask us] are lonely people that are programmed to feel that they need an enemy at all times," Topiary told Gawker last month. "If we're out of their lives, they don't have much going for them." Topiary goes on to say he's not worrying about getting caught, despite the recent arrest of Anonymous-affiliated hacker Ryan Cleary in the U.K. He may be lying, but we'll never know.

Neither The Jester nor Sabu responded to requests for comment.

quote:

http://opcannabis.wordpress.com/

Welcome!

Anonymous Operation Cannabis is an awareness and reform effort. Under the banner of #OpCannabis we will be informing the public on much of the disinformation that is available and what the reality of the situation is. Through us you will also find petitions, protest dates and other resources to help us in our efforts.

Stay tuned for more information.

To join in discussion, Get I2P – Official Homepages I2PProject.net / I2P2.de Download I2P Installer v0.8.7

Point your IRC client at 127.0.0.1:6668 and /join #OpCannabis

In the meantime enjoy the following documentaries

quote:

Pentagon declares the Internet a war domain

The Pentagon released a long-promised cybersecurity plan Thursday that declares the Internet a domain of war.

The plan notably does not spell out how the U.S. military would use the Web for offensive strikes, however.

The Defense Department’s first-ever plan for cyberspace calls on the department to expand its ability to thwart attacks from other nations and groups, beef up its cyber-workforce and expand collaboration with the private sector.

Like major corporations and the rest of the federal government, the military “depends on cyberspace to function,” the DOD plan says. The U.S. military uses cyberspace for everything from carrying out military operations to sharing intelligence data internally to managing personnel.

“The department and the nation have vulnerabilities in cyberspace,” the document states. “Our reliance on cyberspace stands in stark contrast to the inadequacy of our cybersecurity.”

Other nations “are working to exploit DOD unclassified and classified networks, and some foreign intelligence organizations have already acquired the capacity to disrupt elements of DOD’s information infrastructure,” the plan states. “Moreover, non-state actors increasingly threaten to penetrate and disrupt DOD networks and systems.”

Groups are capable of this largely because “small-scale technologies” that have “an impact disproportionate to their size” are relatively inexpensive and readily available.

The Pentagon plans to focus heavily on three areas under the new strategy: the theft or exploitation of data; attempts to deny or disrupt access to U.S. military networks; and attempts to “destroy or degrade networks or connected systems.”

One problem highlighted in the strategy is a baked-in threat: “The majority of information technology products used in the United States are manufactured and assembled overseas.”

DOD laid out a multi-pronged approach to address those issues.

As foreshadowed by Pentagon officials’ comments in recent years, the plan etches in stone that cyberspace is now an “operational domain” for the military, just as land, air, sea and space have been for decades.

“This allows DOD to organize, train and equip for cyberspace” as in those other areas, the plan states. It also notes the 2010 establishment of U.S. Cyber Command to oversee all DOD work in the cyber-realm.

The second leg of the plan is to employ new defensive ways of operating in cyberspace, first by enhancing the DOD’s “cyber hygiene.” That term covers ensuring that data on military networks remains secure, using the Internet wisely and designing systems and networks to guard against cyberstrikes.

The military will continue its “active cyber defense” approach of “using sensors, software, and intelligence to detect and stop malicious activity before it can affect DOD networks and systems.” It also will look for new “approaches and paradigms” that will include “development and integration … of mobile media and secure cloud computing.”

The plan underscores efforts long under way at the Pentagon to work with other government agencies and the private sector. It also says the Pentagon will continue strong cyber R&D spending, even in a time of declining national security budgets.

Notably, the plan calls the Department of Homeland Security the lead for “interagency efforts to identify and mitigate cyber vulnerabilities in the nation’s critical infrastructure.” Some experts have warned against DOD overstepping on domestic cyber-matters.

The Pentagon also announced a new pilot program with industry designed to encourage companies to “voluntarily [opt] into increased sharing of information about malicious or unauthorized cyber activity.”

The strategy calls for a larger DOD cyber-workforce.

One challenge, Pentagon experts say, will be attracting top IT talent because the private sector can pay much larger salaries — especially in times of shrinking Defense budgets. To that end, “DOD will focus on the establishment of dynamic programs to attract talent early,” the plan states.

On IT acquisition, the plan lays out several changes, including faster delivery of systems; moving to incremental development and upgrading instead of waiting to buy “large, complex systems”; and improved security measures.

Finally, the strategy states an intention to work more closely with “small- and medium-sized business” and “entrepreneurs in Silicon Valley and other U.S. technology innovation hubs.”

quote:

Why hacker group LulzSec went on the attack

LulzSec gained instant notoriety by targeting the CIA, multi-nationals and government websites. Then, at the height of its popularity, it disbanded. One of its founders tells why

Its audacity was brazen and apparently fearless. Among its high-profile victims were Sony, the CIA, the FBI, the US Senate and even the UK's Serious Organised Crime Agency. Exposing frailties in government and corporate networks, the group leaked hundreds of thousands of hacked passwords, and in the process garnered more than a quarter of a million followers on Twitter. But after just 50 days, on 25 June, LulzSec suddenly said it was disbanding.

Just hours before this announcement, the Guardian had published leaked internet chat logs revealing the inner workings of the group, which appeared to consist of six to eight members. The logs showed that authorities were often hot on their heels, and that after an attack on an FBI-affiliated website two hackers had quit LulzSec as they were "not up for the heat". As media attention mounted, Ryan Cleary, an Essex-based 19-year-old suspected of affiliation to LulzSec, was arrested in a joint UK-US "e-crime" investigation. Had the pressure simply got too much to handle?

To find out, the Guardian tracked down one of LulzSec's founding members, "Topiary". A key figure in the tight-knit group, he was revealed in the logs to have managed LulzSec's Twitter account and to have written their press releases. After verifying his identity by asking him to send a direct message from the account – "This is the captain of the Lulz Boat," he confirmed – we began a long conversation by Skype.

"I know people won't believe this, but we genuinely ended it [LulzSec] because it was classy," he says. "The leaks we promised happened . . . 50 days were reached, we just about hit 275,000 Twitter followers, things were on a high, so we redirected our fans to [hacker collective] Anonymous and [hacking movement] AntiSec and wrapped it up neatly . . . A high note, a classy ending, a big bang, then a sail into the distance."

LulzSec's jovial public image undoubtedly helped it achieve unusual popularity within a short time. Its stated aim was to provide "high-quality entertainment at your expense," and the word "Lulz" is itself internet slang for laughs. The group's popularity spiked after it planted a fake story on US news outlet PBS.com in protest over what it claimed was a misrepresentative WikiLeaks documentary made by the broadcaster. The story falsely reported that rapper Tupac Shakur, who was killed in a shooting 15 years ago, had been found alive and well in New Zealand.

"What we did was different from other hacking groups," says Topiary. "We had an active Twitter (controlled by me), cute cats in deface messages, and a generally playful, cartoon-like aura to our operations. We knew when to start, we knew when to stop, and most of all we knew how to have fun."

But the group's mission, Topiary explains, was not calculated. Almost everything LulzSec did – from choosing its name to its next target – happened spontaneously. "We made it up as we went along. We were originally @LulzLeaks on twitter, but I forgot the password so we became @LulzSec. My first name was The Lulz Train, then The Lulz Cannon, then The Lulz Boat. I had no idea what The Love Boat was, it was a complete accident . . . I wrote every press release in Notepad without planning. That's what made us unique, we just came out and made stuff up out of nowhere . . . We released when it felt right, we tweeted what felt right, we wrote what we felt needed to be wrote. We weren't burdened by plans or board meetings, we just did it."

The leaked chat logs also revealed the hackers appeared to revel in the international attention they received. However, Topiary says it wasn't that LulzSec was media-hungry, but that the media was LulzSec-hungry.

"We didn't contact a single media outlet for at least the first 40 days, they just kept reporting on our humble tweets," he says, though he admits the attention "gave us more reasons to leak more. It was a thrill, sure, and it did play a role. We enjoyed occasionally confusing and pranking media with weird tweets, or giving exclusives to certain journalists to piss off other certain journalists. It was another aspect of the situation that helped us leverage the entertainment."

Yet although many of LulzSec's attacks were perpetrated "for the lulz", the group was accused of attempted extortion by one US security company, Unveillance – a charge Topiary staunchly denies. It was also criticised after it hacked and dumped thousands of Sony Pictures Europe customers' usernames and passwords online, some of which were reportedly later used in scams by fraudsters. But Topiary is unapologetic.

"It's Sony's fault for not defending – and encrypting – its customers' data," he says. "Similarly, in a perfect world, we'd have dumped said data and nothing would have happened. These scams simply prove that other people (our fans/spectators) are more evil than us."

Towards the end of LulzSec's reign, it seemed to gravitate towards more overtly political causes. It occasionally compared itself to WikiLeaks in tweets, and its penultimate leak was a joint effort with Anonymous to expose Arizona police as "racist and corrupt", and to "sabotage their efforts to terrorise communities fighting an unjust 'war on drugs'."

Anonymous is well known for its acts of political "hacktivism". On Monday it reportedly threatened to attack the Metropolitan police over News International's phone hacking and the possible extradition to Sweden of WikiLeaks founder Julian Assange. Earlier this year the group claimed responsibility for a series of Distributed Denial of Service (DDoS) attacks on government websites in Tunisia, Iran, Egypt and Bahrain, and in 2008 it attacked the Church of Scientology after it allegedly attempted to suppress a leaked video interview with actor and scientologist Tom Cruise. Topiary has been heavily involved with Anonymous in the past, occasionally acting as its spokesman in televised interviews.

"Anonymous has been a great way for the younger generations to get involved through methods they understand, like utilising the internet," he says. "My main goal with Anonymous was to spread the word of revolution to those who might be seeking something new."

How does he define revolution? "Revolution is kicking the Tunisian government in the teeth by rendering their malicious Javascript embedments inert, allowing Tunisian citizens to surf Facebook without fear of password sniffing. Revolution is a horde of activists holding up Anonymous masks and thanking us for assisting their hard work by obliterating their government's ministry, stock and finance websites, replacing them with inspiring words. Revolution, to me, is bringing down the big guy while not forgetting to stand up for the little guy."

Though Topiary will not disclose his age, he describes himself as a teenager and "an internet denizen with a passion for change". He believes he is part of a generational shift in the way technology – specifically the internet – is increasingly being used as a tool to influence the world. The actions of Anonymous in particular, he says, have brought attention to the idea that actions taken online can have a major impact in real life – "linking the two realities". But he also recognises that the actions of Anonymous, LulzSec and other affiliated hackers can be used by governments as justification for greater control of the internet. So how does he balance his actions with that knowledge?

"It only results in greater government control if we remain apathetic and let it happen," he says. "The goal with Anonymous is to brutally cut down the middle of that decision and shout 'NO' to laws we don't agree with. Laws are to be respected when they're fair, not obeyed without question."

For now, however, Topiary is taking a break from law-breaking. He says he will continue operating on the margins of Anonymous, but will not engage in any more hacking. Instead, he intends to create art, video and graphics for the group to help with a new public relations project, to be titled Voice.

"I've been at this non-stop for a while, it's a big time-sink," he says. "Some people can handle it for years on end, and I respect those people. I just needed some air and a new page in the Anonymous/LulzSec era."

After the arrest of Cleary last month, suspected US hackers believed to be affiliated with LulzSec had their homes raided in Ohio and Iowa. In the past, hackers have been offered immunity from prosecution if they cooperate with the authorities. But, if caught, Topiary says he would "never snitch" on other hackers and that he would "pretty much" rather go to jail than work for the government in any capacity.

"Not sure I'd have a place in government security, unless they enjoy bizarre tweets," he says. "But again, no, I wouldn't accept a job that would fight against the things I've fought for. As for the authorities, well, if they have their claws in, they have their claws in, there's not much I can do about it. But I can only hope that they haven't pinned any of us, especially my friends from LulzSec."

twitter:

atopiary twitterde op donderdag 14-07-2011 om 22:43:24 This is accurate, just wish it focused more on the team effort of LulzSec rather than me: http://t.co/VnzKzqp A good, informative piece. reageer retweet

quote:

https://threatpost.com/en(...)ymous-attacks-071411
McCain Pushes For Select Committee to Address Wikileaks, Anonymous Attacks

In the face of continued attacks on federal agencies and contractors such as Booz Allen Hamilton and IRC Federal that do highly sensitive security work for the U.S. government, Sen. John McCain has asked Senate leaders to appoint a select committee to look into the attacks and data leaks that have plagued Washington throughout 2011.

In a letter to Senate Majority Leader Harry Reid and Senate Minority Leader Mitch McConnell, McCain (R-Ariz.) said that a temporary Senate committee is necessary in order to get a handle on all of the disparate cybersecurity legislation proposals and to address the threat posed by groups such as Anonymous, LulzSec and Wikileaks.

"I write to renew my request that the Senate create a temporary Select Committee on Cyber Security and Electronic Intelligence Leaks. I feel this Select Committee is necessary in order to develop comprehensive cyber security legislation and adequately address the continuing risk of insider threats that caused thousands of documents to be posted on the website Wikileaks," McCain said in his letter, which he sent Thursday.

The request for the select committee comes on the heels of renewed attacks on federal agencies and contractors by Anonymous and other groups affiliated with the AntiSec movement. The most recent incidents in this campaign are the attack by Anonymous on Booz Allen Hamilton revealed on Monday and the attack on IRC Federal last weekend. Both companies are involved in national security work for the federal government, and such companies have become prime targets for the groups in the AntiSec campaign.

In his letter to Reid and McConnell, McCain says that the select committee he is proposing is necessary for a number of reasons, not the least of which is the need to decipher the tangle of legislative proposals and agencies involved in the cybersecurity discussion.

"As you know, cyber security legislation has been drafted by at least three committees and at least seven committees claim some jurisdiction over the issue. The White House put forward a legislative proposal in May and the Department of Energy put forth requirements and responsibilities for a cyber security program that same month. Earlier this month, the Department of Commerce sought comment on its proposal to establish voluntary codes of behavior to improve cyber security and the Department of Defense issued its strategy for operating in cyberspace. With so many agencies and the White House moving forward with cyber security proposals, we must provide congressional leadership on this pressing issue of national security," McCain wrote in the letter.

In addition to the attacks on contractors and federal agencies, the government has been dealing with the fallout from the myriad revelations in the Wikileaks documents that have been trickling out since last year. McCain said in the letter that he thinks the government's current plan for dealing with these things is inadequate.

"I truly believe the only way to ensure the protection of sensitive and valuable information from tampering or dissemination by unauthorized persons is a Select Committee," McCain said.