Just days after a successful attack on the security think tank Stratfor, Anonymous, the anarchic hacking collective, is getting headlines again for an attack on Specialforces.com, a Web site used by members of the armed forces law enforcement officers and gun enthusiasts. However, an employee working for the online store said the group is playing the media by taking credit for a hack that happened months ago.

The group on Tuesday posted notice of the attack on the Website, specialforces.com, an online store and community that caters to military and gun enthusiasts. The site sells guns, ammunition and military surplus equipment and other supplies and counts members of the U.S. military and special forces, as well as law enforcement officers and private security professionals among its customers. Details of more than 18,000 customers of specialforces.com have been leaked, according to data reviewed by Threatpost. 

In a message posted on the Web site hacktalk.net, an individual claiming to represent Anonymous, linked the attack to the hack earlier this week of Stratfor and said it was part of a “week long celebration of wreaking utter havoc on global financial systems, militaries, and governments.” Specialforces.com was targeted because of its customers, who the group said were “military and law enforcement affiliated individuals who the attackers linked to recent police actions against student protestors and members of the Occupy Wall Street movement.

An employee at Specialforces.com acknowledged that a breach took place, but said it happened more than six months ago and suggested the group was recycling old news to promote its image.

“We got hacked about six months ago,” said the employee, who asked not to be named, in a phone conversation with Threatpost. The company informed its customers of the breach at the time, though now public mention of it appears on the Specialforces.com Web site, he claimed.

The breach included the theft of credit card information, which was encrypted. However, Anonymous claims to have been able to decrypt it by way of a a separate attack on the military supplier’s server which yielded the private encryption keys used to protect the passwords. “We then wrote a few simple functions to recover the cleartext passwords, credit card numbers, and expiration dates to all their customers’ cards,” the group wrote.

It was unclear Wednesday whether the attack on Specialforces.com was, in fact, an old incident that was being publicized now to create the impression of a sustained campaign.

Joshua Corman, the Director of Security Intelligence at Akamai said that Anonymous has proven itself to be media savvy, and that the coordinated disclosure of breaches as part of the group’s “LulzXmas” may be part of a campaign to promote the perception of the group’s hacking prowess. “They certainly know that a tight cluster of successful attacks will make a bigger splash than the drip, drip, drip of revelations,” Corman told Threatpost. “It’s very possible that these targets were compromised a while ago, while other, failed hacks are hidden from view entirely.

Categories: Cryptography, Data Breaches, Government, Hacks, Scams, SMB Security, Vulnerabilities, Web Security

Comments (5)

  1. MicheleMoore-Happy1
    1

    It would be silly for ANY hacker to relase news of their hack immediately – they would want to milk the list of passwords and emails carefully to see what else it would give them access to.

     

  2. Anonymous
    2

    Anonymous claims responsibility for the original hack six months ago, but what they’re claiming now is that they went back:

    Nevertheless, our voodoo prevailed and we were quickly able to break back into the military supplier’s server and steal their encryption keys. We then wrote a few simple functions to recover the cleartext passwords, credit card numbers, and expiration dates to all their customers’ cards. That’s how we roll.” (emphasis added)

    Pastebin(dot)com/vuMypejL

  3. Anonymous
    3

    We will find whoever did this, hunt you down and slit your throat infront of your children and see who laughs first. You a holes think stealing someones credit card info is funny? Let’s see who prevails in the end. The law is there forever and those that defy it are only temporarily living a normal life-till I throw your ass in the slammer with bubba. Lol. Can’t wait.

  4. SF member
    4

    What I find interesting about this hacker claiming glory over such a serious offense to the ones THEY should worry about the most…the entire SF community has a brotherhood unimaginable to most people. Especially children playing in a sand box that is full of very serious, intense, focused, and extremely well trained in so many areas of counter intel and let’s say….tracking abilities.
    We, SF members, really have little interest in the hacking of our brothers site. We are VERY interested in the overall damage inflicted upon this mans family and livelihood. The same in which as a GB, did unthinkable acts to provide a place where you are free and capable to choose the types of acts you wish to execute. As a former FORECON operator, SERE instructor and PROUD member of a capable branch of SAD/SOG.
    I have taken special interest in this act of defiance towards the very same people that fought and some died to enable you to live in a Country such as ours. Your act is really more of a terroristic nature than one of a child like rush that you must retain after executing such a dangerous campaign. Dangerous in the sense that you have stirred the pot which resides in a camp which houses the truly capable ghosts of destruction. It certainly did not help your “cause,” when your terroristic act fell upon an actual personal friend of mine that I have immense levels of respect and admiration (words that do not reside in your vernacular )
    Please understand that soon your party, your fun..soon will end. And I’m very sorry to inform you that your “end” in addition to being near, will be incredibly painful. This is not a threat son, it is a promise executed among truly capable men. A promise that does not go unkept. I would offer you, as I have offered many of enemy, a way to restore or create dignity in some way. Perhaps making Dave hole again somehow. But, I’m afraid that job has already been taken by his SF brothers across the world. We have been, “cause-less” for several years. So, we do wish to thank the 4 of you for allowing us to “get back to work,” so to speak. Dave…has us…NOBODY can protect you. Young, female, ignorance , none of which is either a defense or concern to us as, you are simply viewed as targets, not even human. You will never see us coming or going…and if you run! You will only die tired.
    Until then, take care.
    The Entire Special Forces Cummunity

  5. Anonymous
    5

    Slitting throats in front of children? Gosh. That’s harsh. Typical of the gun-totin’ NRA fanatics. 

Comments are closed.