Lulz Security


Verizon: Hacktivists Steal Most Data In 2011

It can be hard to parse the results of the Verizon Data Breach Investigation Report (DBIR), what with the shifts from year to year in the sources of breach data collected. Last year’s report, if you recall, found a stunning drop in incidents of data theft in 2010, even as tracking sites like Datalossdb.org reported no noticeable change that year.Frankly, it’s hard to read the DBIR and not have the term “sample bias” float into your head time and again. But the DBIR report has always been a good way to understand the security Zeitgeist, and this year’s report is no different, with more normal-seeming results and a focus on the actions of ideologically motivated hacking groups which, Verizon claims, were linked to 58% of all the data stolen from customers in 2011.

Aaron Barr’s Strange Trip To (Occupy) Wall Street

It was an “Elvis Meets Nixon” kind of moment: former HBGary Federal CEO Aaron Barr sporting blue hair and posing in front of a van sporting the Wikileaks logo down at New York’s Zuccotti Park, home of the Occupy Wall Street protest. What was he doing there? It’s complicated.


By B.K. DeLongWith alleged Anonymous leadership such as Sabu and opponents such as th3j35t3r tweeting about their supposed shenanigans in Las Vegas, the question on everyone’s mind this week is whether Anonymous is truly walking the halls of this week’s Black Hat and DEFCON hacker conferences.  Some believe the answer to that question is almost certainly ‘yes’ but not for the reasons you might think – here’s my opinion based on several discussions I’ve had throughout the week.

The UK’s Metropolitan Police swooped down on the remote, weather beaten Shetland Islands last week to arrrest what the authorities claim is a top ranking member of the international hacker collective Anonymous, which has been terrorizing governments and high profile corporations for most of the last six months. The arrest of Jake Davis, aka “Topiary” capped a busy month for law enforcement in the U.S. and U.K., with raids on dozens of homes and the arrest of reputed leaders of both Anonymous and the affiliated Lulz Security, including Marshall Webb, the Ohio man known online online as “m_nerva,” Ryan Cleary, the alleged botnet operator known as “Ryan,” and a fellow Brit known online as “Tflow.”

ED: Alleged Anonymous Leader Topiary Arraigned in LondonDEK: The authorities have charged Jake Davis, a UK resident from the remote Sheltand islands with five criminal counts. The 18 year old is alleged to be “Topiary,” a prominent member of the inner circle of the hacking groups Anonymous and Lulz Security. The authorities have charged Jake Davis, a UK resident from the remote Sheltand islands with five criminal counts. The 18 year old is alleged to be “Topiary,” a prominent member of the inner circle of the hacking groups Anonymous and Lulz Security.  Davis, whose arrest was announced on July 27, (http://threatpost.com/en_us/blogs/uk-police-arrest-man-they-say-anonymous-member-topiary-072711) is charged with violations of the UK’s Computer Misuse Act, Serious Crime Act and Criminal Law Act, including “Unauthorised access to a computer system,” “Conspiracy with others to carry out a Distributed Denial of Service Attack on the website of the Serious and Organised Crime Agency,” and other conspiracy charges. He appeared in City of Westminster Magistrates’ Court on Monday 1 August, according to the Metropolitan Police (http://content.met.police.uk/News/Man-charged-with-ecrime-offences/1260269346230/1257246745756)The teenager, who appeared in court wearing dark sunglasses and a blue, denim shirt, was released on bail until August 30, but is required to wear a monitoring bracelet and abstain from using the Internet, according to a report in the UK’s Daily Telegraph. (http://www.telegraph.co.uk/technology/news/8674987/LulzSec-hacking-Jake-Davis-had-cache-of-750000-passwords.html). Controversy has swirled around the arrest, with astonishment that a teenager in such a remote corner of the British Isles would be at the center of an international hacking collective, and members of Anonymous claiming that authorities arrested the wrong man. However, the Metropolitan Police have issued numerous statements that suggesting that they have strong evidence linking Davis to the hacker known as Topiary. If that is true, it would be a major score in the international law enforcement effort to bring down the group, which has carried out a string of high profile hacks in the last year, including attacks on HBGary, Sony, the CIA, the UK’s Serious and Organized Crime Agency and others. Leaked IRC chat logs purporting to be from a restricted channel used by the group’s leadership suggest that Topiary was a central player in the attacks on HBGary Federal and its then-CEO Aaron Barr. A user with the IRC handle Topiary is quoted in those logs directing elements of that attack, including the publication of stolen e-mails from the firm. He also served as a spokesman for the group, granting interviews to the press, though leaked chat logs suggest that he was interested in  passing himself off as an “observer” of the group rather than a leading member. The arrest is the second of a top ranked Anonymous member in recent weeks. In June, authorities arrested 19 year-old Ryan Cleary of Essex England. Cleary is alleged to have operated a botnet used t attack on tho carry out denial of service attacks, including the website of the Serious and Organised Crime Agency. The authorities have charged Jake Davis, a UK resident from the remote Sheltand islands with five criminal counts. The 18 year old is alleged to be “Topiary,” a prominent member of the inner circle of the hacking groups Anonymous and Lulz Security. 

ED: FBI Arrests, Searches Do Little to Quiet AnonymousDEK: There are more questions than answers two days after a spate of arrests of alleged members of the group Anonymous, with the group’s core leadership escaping attention. Was the arrest of more than a dozen members of the group Anonymous a decisive blow to the amorphous hacking collective, or an example of federal authorities rounding up “the usual suspects?” Two days after FBI agents conducted raids and searches on homes in nine states and the District of Columbia and arrested 16 suspected members of the anarchic hacking group Anonymous, security experts are asking that very question, as Anonymous promises retribution for the arrests and more hacks, suggesting its core leadership was untouched by the massive law enforcement action. The FBI arrests targeted individuals who participated in a distributed denial of service (DDoS) attacks on the Web sites of Paypal, the online payment Web site in December, 2010, according to a 15 count indictment published in U.S. District Court in San Jose California. Fourteen of the accused are alleged to have distributed a denial of service software application, dubbed LOIC – for the Low Orbit Ion Cannon – and to have used that program to attack servers belonging to Paypal. Two other defendents are linked to the theft and publication of data related to AT&T and the FBI’s Infraguard Program. On Thursday, Anonymous and the affiliated group Lulz Security issued a statement via Twitter lambasting the FBI and “international law authrities” for statements made in the aftermath of the arrests promising further action. “We’re back – and we’re not going anywhere. Expect us,” the statement read. (http://pastebin.com/RA15ix7S) Anonygroup also hinted at new disclosures stemming from hacks of Rupert Murdoch’s Sun tabloid in the UK and a reported breach of systems belonging to NATO. As it stands, none of the sixteen individuals named in the published  indictments shows up in lists of known and suspected leaders of Anonymous, which have been publicized by groups like Backtracesecurity.com, Rather, the arrests and searches appear similar to those conducted in Europe, including the December, 2010 arrest of a Dutch teenager for participating in DDoS attacks on the Web sites of Mastercard and Visa. (http://threatpost.com/en_us/blogs/dutch-arrest-16-year-old-wikileaks-attack-121010) Similarly, 35 searches of homes were carried out on Tuesday, with authorities stressing that, in some cases, the computers seized in those searches may have been involved in DDoS attacks without the knowledge or explicit consent of their owners. Rather than technical leaders responsible for coordinating and carrying out the hacks of firms like HBGary, Sony, The Sun or Booz Allen Hamilton, the Anonymous members brought to court this week  – almost all in their early- to mid twenties – are likely sympathizers who acted as functionaries or low level foot soldiers, helping to coordinate or carry out DDoS attacks. Still in question is the status of arrests and searches carried out in recent weeks on higher level members. They include the rumored arrest of a high ranking member of AnonOps known as “ev0”, the search and arrest of 19 year-old Ryan Cleary of the UK on June 20 and the search of the  Ohio home belonging to Marshal Webb, who used the online handle m_nerva among others.http://threatpost.com/en_us/blogs/home-outed-lulzsec-member-mnerva-raided-ohio-062911There are more questions than answers two days after a spate of arrests of alleged members of the group Anonymous, with the group’s core leadership apparently escaping the attention of law enforcement. 

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.