Anonymous PDFThe veil surrounding the group Anonymous may be falling, now that a group claiming to have defected from the ranks of the online mischief making group has begun publishing what it claims are the identities of the hacker collective’s leadership and their roles in recent high profile hacks, including the theft of e-mail from security firm HBGary Federal.

Late Monday, the group, dubbed Backtrace Security, published a PDF that claimed to identify- or partially identify close to 80 members of Anonymous’s leadership by name, and provide mailing addresses, e-mail and social networking accounts for many of those members. The release of the document on the Website, Anonymousdown is the latest in a string of efforts in recent days to poke holes in the wall of anonymity that shields the group’s members.

According to the published list, Anonymous’s top ranks are made up of some eighty individuals scattered mostly across the U.S., Canada and Western Europe, and as far away as Australia and New Zealand. Some of the identities floated in the list have appeared in print before in connection with the group.  For example, the record for ‘Kayla,’ an Anonymous member who claims to be a teenage girl identifies the user of that ‘nick,’ or IRC ID, as a New Jersey based hacker Corey Barnhill. That name turned up in a recent Forbes.com profile, as well.

However, Threatpost has not confirmed that any of the individuals named in the document are Anonymous members and will not publish those names until it has. A source responsible for compiling the list acknowledges that there is reason to believe that some of the names that appear in the PDF could be incorrectly linked to Anonymous. 

Anonymous spokesman Barrett Brown said the list contains inaccuracies, though he said he did not know the identities for most of the group’s members himself.

“They’ve got some small parties, some of whom are hooked up (with Anonymous) and some of whom are not,” he said. Among other things, Brown said the individual identified as the Anonymous user Baas was incorrect, as was the identity for prominent member Topiary, who Brown claimed was BackTrace’s main target.

“I know they don’t have his ID correct,” Brown said.

Brown pointed out that being a part of Anonymous isn’t illegal, in and of itself. However, the published identities could be an aid to law enforcement organizations that are investigating crimes, including the hack of HBGary Federal as well as denial of service attacks on Paypal, Visa and MasterCard. Those attacks have been attributed to Anonymous.

The FBI declined commenting on the publication of the document claiming to identify Anonymous members as there is an ongoing investigation.

The leaks regarding Anonymous’s membership began last week, with the publication online of a document that purports to be the log of IRC chat logs for #HQ, an invite-only channel on Anonops, the group’s network of IRC servers that was frequented by Anonymous’s leadership. Other disclosures followed over the weekend and on Monday, including the publication of a file containing what are purported to be 89 stolen IRC account login credentials belonging to Anonymous members.

Brown said the group was aware of the campaign against it by Backtrace and said that the leaked IRC logs were legitimate. “We cracked those logs yesterday and someone read through them a bit and didn’t seem to be too concerned,” Brown wrote.

Brown claims that BackTrace was a group that was affiliated with th3j3st3r, an online activist best known for launching a denial of service attack on Wikileaks for its publication of leaked U.S. diplomatic cables. Brown said the individuals behind BackTrace are also behind the Anonymousdown Web site and Twitter accounts like @faketopiary and @fakegregghoush that have been publishing links that claim to out, or “dox,” Anonymous members in recent days. Brown said the group was also compiling information on him and his former acquaintances, including an “ex-girlfriend’s 16-year-old daughter” as part of their research on Anonymous.

The back and forth is evidence of what appears to be a civil war between current and former members of the shadowy online mischief making group. The first salvo came on Friday with the release of the IRC chat log containing what appears to be damning evidence connecting a small group of Anonymous members to the hacks of HBGary, Gawker Media as well as online actions against Visa and Paypal that were dubbed “Operation Payback.” A copy of the file was obtained by Threatpost and has also been posted online on the Web site of backtracesecurity.com, a Web site set up by the former Anonymous members.

In an interview with Forbes.com, a spokesman for BackTrace, who used the name Hubris, said the group “aims to put an end to Anonymous ‘in its current form.’” According to the article, BackTrace’s members have become disenchanted with Anonymous’s more strident, political activism – a change from the group’s roots as an anarchic prank-oriented collective whose biggest target had been the Florida based Church of Scientology. “Anonymous has never been about revolutions. It’s not about the betterment of mankind. It’s the Internet hate machine, or that’s what it’s supposed to be,” Hubris is quoted as saying. 

The #HQ log covers IRC chats between the Anonymous members from February 8 through February 19, 2011.  It picks up in the immediate aftermath of the compromise of security firm HBGary, depicts a small circle of Anonymous members reveling in the success of that action and gearing up for further attacks on HBGary partners Palantir and Berico and D.C. law firm Hunton & Williams, but also fearing that their identities will be exposed to law enforcement.  

If accurate, the IRC log tends to support analysis, put forward by former HBGary CEO Aaron Barr, among others, that Anonymous is less a leaderless collective than a small cadre of skilled hackers with legions of mostly passive followers. Ironically, it was the efforts of HBGary Federal CEO Aaron Barr to similarly identify the Anonymous membership that led to the hack of HBGary in the first place, the theft and publication of tens of thousands of confidential e-mail messages and Barr’s eventual resignation.

At the time, Anonymous members alleged that Barr’s efforts to publicly identify its members were woefully inaccurate, and Barr himself acknowledged that the leaked profiling work was incomplete.

Brown said the methods used by BackTrace to gather information were “weird” and unreliable. He said that those behind the group were former Anonymous members, but that he and other members were not yet sure of their real identity.

“There’s a name floating around, but I can’t confirm it’s (them),” he said. As with the attack on Barr, Anonymous wouldn’t refrain from retaliating when it is confident it has identified the individual or individuals behind BackTrace and Anonymousdown, he said.

Categories: Data Breaches, Government

Comments (39)

  1. Anonymous
    3

    Backtrace is a joke, they have clearly shown they are in it for the lulz. Why trust any information they provide when their business is clearly trolling? 

  2. MicheleMoore-Happy1
    5

    BackTrace resents and dislikes all the GOOD WORK Anonymous supporters are doing,
    “moral fags” Hubris called them, and BackTrace actually
    got some media coverage for their venom.

    Didn’t see a whole lot of comment about
    this on the various Anon Twitter feeds I follow – looks like it was
    another big yawn.

    Anonymous supporters were probably too
    busy helping people in oppressed countries get around government
    censorship or digging up and disclosing bank fraud, the very things BackTrace so despises. 

    Directly stated, BackTrace’s intention is to
    distract, delay, discredit and detract from all the good work done by
    Anonymous supporters.

    Hardly worth a whole of time or media attention.  I’m sure Anonymous will find ways of dealing with them.

  3. Anonymous A5h3r4h
    7

    Actually, it was because we disliked the illegal hack attacks, the
    stalking, the mob mentality, the complete lack of accountability.

    Seeing #hq members discuss breaking into NSA and DOD computers,
    taking out Wikileaks rivals and personal enemies- all of these things
    made it obvious that intervention is necessary. The plans to stalk and
    harass the families of servicemen at Quantico and the harassment of
    innocent Bank of America employees was the final nail in the coffin.

    We don’t care if anonymous wants to engage in legal activism. But as
    long as there is illegal behavior, stalking and harassment, and
    break-in attempts, we will be watching you.

  4. Anonymous
    8

    This reeks of the Jester pairing up with the Barr crew. A military dDosr who hates Wiki, and Barr for being exposed. It is kinda lulaffy in a way.

  5. Anonymous A5h3r4h
    10

    Not sure who the “source” involved is that you quote, but I am the author of that list.  It may have minor mistakes, but it is being taken seriously, I guarantee.

     

    Also, desperate anons are desperate, hitting sites everywhere with some old dox they scraped up that have NOTHING to do with anyone at backtrace.

  6. Anonymous
    11

    Yeah they do.  Just look at this crud job by backtrace.  I feel sorry for the people fingered.  That gives any actual Anons listed an easy out since those records aren’t accurate or worth a damn.

    Fission Mailed, Backtrace.

  7. Anonymous
    13

    But they DO know who “Barrett Brown” is and his position or affiliation with the group… so by being a “known” spokesman” for the group, why not just round him up and sweat him some for what he does know… too easy.

  8. Disgusted
    14

    A5h3r4h,

    “Site was taken down to remove docs at FBI request…will return soon, no need to panic.”

    So why are the dox still up on your sister site?

    Your story makes about as much sense as that bot you dox’d. You do know what an irc bot is don’t you? Almost everyone who is in those Dox is still around post release. Do you want to know why?

    Your work is a joke. That is why. No one is scared. What they are worried about is the innocent ppl who may get hassled by your shoddy work.

  9. Mike3620
    17

    They got my info wrong.

    My real name is Jeff Stutler.

    I live in Batavia, NY

    My cell phone number is: (585) 201-9728

  10. Anonymous
    18

    Lulz…..Poor Jeff Stutler….By the way thanks for the new wave of support and media. You are brining down a few people only to have thousands take their place. Keep up the good work doxing people.

     

  11. Anonymous A5h3r4h
    19

    There are only a handful of actual “hackers” in anonymous.  Once they’re gone, it doesn’t matter how many “thousands (there aren’t that many) are left to put GF masks on their Facbook pages, their destructive power will be muted.

    After that, the privacy advocates whose legal and sane activism is being destroyed by these vindictive brats and their harassment campaigns will mop up the rest.

    Did you really think you could go on with this sort of behavior infinitly?  Too many hornets is a pestilence, and calls for an exterminator.  I am that exterminator.

     

  12. Anonymous
    21

    A5h3r4′s real name is Jennifer Emick.  She goes by the handle A5h3r4h (or Asherah if you convert the numbers to letters) because she is a “spirituality” jinkie. Look her up and you’ll see. Asherah is the name of a Jewish goddess.

    Some Anon has already registered http://www.jenniferemick.com

    She also already has a ED article.

  13. Anonymous
    24

    This is hilarious!

    “Hubris” proclaims war against moralfags, while Jennifer/”Uncramming Officer” proclaims it against non-moralfags.  Why aren’t they doxing each other?

    Anonymous has always been plagued by people known as “leaderfags,” who tried to tell everyone else what they ought to be doing. They’ve ranged from old school /b/tards, to OSA operatives, to garden variety morons. A few had a little success, but most were mocked and laughed at. This is just some very conflicted trolling/leaderfaggotry. The only new thing about it is that this particular batch of wannabe leaderfags are in absolute disagreement with each other about direction, their alliance makes no sense whatsoever. If it isn’t a troll’s joke, it OUGHT to be.

    Also, the list is wrong.

     

  14. Anonymous
    25

    “Strenuous campaign to discredit” the list? No, merely an observation.

    As an extremely obvious example, between NY, SF/SJ and  Boston, there were around 400 anons who regularly attended protests, etc., and at least several of those have very high levels of technical skills (extensive backgrounds in IT security, gave talks at major security conferences, etc.).   Despite this, you list a grand total of one resident of all of those metropolitan areas combined, and that person is a moralfag anti-scientology activist with no IT skills beyond what it takes to post a youtube video. There are hundreds of people who had at least equal qualifications to make that list, but where are they? Either you’re singling out people because they pissed you off on some personal level, or you royally suck at intelligence gathering. No other conclusions seem possible.

    I don’t think I’ll bother to read anything by or about backtrace again, until the lulzy HBGary implosion phase arrives.

  15. badGync
    26

    егэ по русскому языку 2010 год [url=http://mk-ho.co.cc/index.html]интерактивный вариант егэ математика[/url] реальные задания по обществознанию 11 класс егэ, демоверсии по егэ по русскому языку [url=http://joemv3vantil.narod2.ru/index.html]демонстрационный вариант егэ 2011 история[/url] егэ демо-версия 2010 история общество, егэ 2011 математика система статград миоо [url=http://candyceclsymeinel.narod2.ru/chapter/index.html]самоподготовка к егэ по физике[/url] егэ по русскому языку сычёва павлова, демонстрационный вариант егэ по географии 2010 11 класс [url=http://elnaaflrrenzelman.narod2.ru/content/index.html]егэ по русскому языку 2010 год[/url] пройти тест егэ по русскому языку 2010, пробное егэ по математике нижегородская область [url=http://fakivuk.66ghz.com/2009/index.html]тесты егэ по разным предметам[/url] пройти егэ по русскому языку, егэ-2010 математика реальные варианты [url=http://forum.naturaroma.ru/showthread.php?p=68237#post68237]демонстрационный вариант егэ по метематике 2011[/url] электронное егэ по русскому языку, пробный егэ по алгебре он-лайн [url=http://www.chatcheaters.com/forums/showthread.php?p=68577&posted=1#post68577]вопросы русский язык егэ[/url] пробные тесты егэ по биологии, поиск егэ по химии 11 класс [url=http://agonyguild.guildlaunch.com/forums/posting.php?mode=reply&t=1824258&gid=57836%25252525252525252525255Dfirst]шноль егэ 2011 математика задача в1[/url] ответы егэ по истории в 2010

  16. Anonymous A5h3r4h
    29

    Kinda funny, but not us, keep trying.  We’re not even hiding, ironically.  Anonymous just stinks at records.  :D

  17. Anonymous A5h3r4h
    32

    None of that has anything to do with Backtrace.  Please keep spreading that, though.  It shows the world the true face of anonymous- vindictive, evil bullies who are a far, far cry from the earnest do-gooder image they try to project to the media.  Great work guys.

  18. Anonymous A5h3r4h
    33

    Site was taken down to remove docs at FBI request…will return soon, no need to panic.

  19. Anonymous A5h3r4h
    37

    You’re a moron.  Asherah is a dude, and it has nothing to do with “spirituality.”  Asherah is the name of the virus in Snowcrash.  Lrn21337

     

    Worse, he’s not hiding his identity.

     

    You guys SUCK at this.

  20. Anonymous
    38

    A5h3r4 is a boy.  The name has nothing to do with religion, it’s the virus from Snowcrash.  You guys fail at internet detective and should stick to ddos.

  21. Anonymous
    39

    If the list is wrong, why such a strenuous campaign to discredit it?  Because it’s not wrong.

Comments are closed.