Jump to content

CIA, Senate hackers gleefully promise more

Zuthus

By Zuthus
in Technology

 Share

Recommended Posts

Zuthus Newbie

Zuthus

Posted
Posted
t1larg.hacking.lulzsec.jpg

 

(CNN) -- They've breached or busted the websites of the CIA, PBS and the U.S. Senate, and launched at least part of an extended attack on Sony, whose PlayStation Network was brought to a grinding halt for the better part of a month.

 

And, to hear them tell it, it's all for a laugh.

 

Meet Lulz Security, or LulzSec, the gleeful and secretive band of hackers who appear to be responsible for a string of high-profile and sometimes embarrassing Internet attacks.

 

Their most recent strike, and arguably the most ambitious, was a distributed denial-of-service attack Wednesday that shut down the Central Intelligence Agency's website for a couple of hours.

 

A DDoS attack is fairly easy with the right software. But the group has also hacked into sites ranging from Sony Pictures to porn sites, often publishing the passwords and other personal information they find.

 

Instead of hiding in the dark shadows of the Internet, they are front-and-center on an active Twitter feed fueled with taunts, crude jokes and hints about future attacks.

 

For those who don't speak the language, "lulz" is an offshoot of "LOL," webspeak for laughing out loud. Think of it as a substitute for "just for a laugh."

 

"Lulz Security, where the entertainment is always at your expense, whether you realize it or not," read a recent post on the account. "Wrecking your infrastructures since 2011."

 

Analysts said the group appears to be some sort of spin-off of "Anonymous," the loose coalition of hackers that formed in support of whistle-blower site WikiLeaks.

 

But while Anonymous has its own set of moral codes and is largely politically motivated, LulzSec tends to be random.

 

For every hack like the one on PBS, which the group said came out of anger over a documentary about WikiLeaks, there's the cracking of porn site pron.com -- and a subsequent public list of members' e-mail addresses and passwords.

 

Breaches are often followed by cautionary notes: Some have even denigrated their own hacking abilities, saying the sites they targeted were incredibly easy to penetrate.

 

"These seem like they're probably some kids in the garage or something that are just having fun," said David Gorodyansky, CEO and co-founder of security software firm AnchorFree.

 

A request for comment sent to the group's Twitter account was not returned Thursday.

 

Click on the group's website and the theme song from "The Love Boat" plays over an image of what the group calls "The Lulz Boat." The logo is a cartoon dandy in top hat, monocle and handlebar mustache.

 

But if the attitude is lighthearted (They've even set up a request line with a 614 Columbus, Ohio, area code, to solicit future target suggestions), the consequences can be serious.

 

For example, on Thursday LulzSec posted what it said were 62,000 e-mails and their passwords, gleaned from unknown sources (Gizmodo has posted a tool to help discover if your account is one of them).

 

Afterward, they retweeted messages from several followers who bragged they'd gotten access to PayPal, Amazon, Facebook and other accounts from the list.

 

One follower claimed to have hacked into a woman's Facebook account and broken up with her boyfriend.

 

It's unclear whether LulzSec members played a role in the Sony PlayStation Network breach that compromised the information of 77 million users. But they've posted on their website what they claim is proprietary information from Sony Pictures and other Sony properties' websites.

 

After the U.S. Senate breach, LulzSec posted what it called a "just-for-kicks" release of some internal data.

 

"We don't like the US government very much," it wrote. "Their boats are weak, their lulz are low, and their sites aren't very secure. In an attempt to help them fix their issues, we've decided to donate additional lulz in the form of owning them some more!"

 

To help avoid such attacks, Gorodyansky suggested website owners make sure to encrypt them. Using Hypertext Transfer Protocol Secure (https), instead of the "http" that most sites use, makes data more difficult to obtain.

 

He also urged organizations, businesses and governments to make sure they are running the latest updates, or firmware, for their security tools.

 

"You may have the latest and most expensive equipment, but if you don't update the firmware as soon as it comes out, it's very easy for the hackers to exploit," he said.

 

http://edition.cnn.com/2011/TECH/web/06/16/cia.hackers.lulzsec/index.html

 

That sucks.

gigabyte Newbie

gigabyte

Posted
Posted

Not a big deal for the CIA, the CIA doesn't keep any confidential or top secret information on that website. Eventually they will catch them, i mean its the CIA. They are not gonna let this go without any consequences.

Chuckun Newbie

Chuckun

Posted
Posted

For anyone to call DDoS hacking is f***ing laughable. ANY group of people can DDoS a website. FA alone could shut down the CIA website and many others for as long as we wanted to via DDoS.. It's not hacking IMO.

 

However, the rest is pretty funny. I feel for those who have had their sensitive data leaked, BUT - maybe this will stop people using said services, and as a result, these companies will be forced to actually ensure data is kept safe.

 

Meh. Every password I use is different for all sites so I'm not worried.

Krauersaut Newbie

Krauersaut

Posted
Posted

For anyone to call DDoS hacking is f***ing laughable. ANY group of people can DDoS a website. FA alone could shut down the CIA website and many others for as long as we wanted to via DDoS.. It's not hacking IMO.

 

However, the rest is pretty funny. I feel for those who have had their sensitive data leaked, BUT - maybe this will stop people using said services, and as a result, these companies will be forced to actually ensure data is kept safe.

 

Meh. Every password I use is different for all sites so I'm not worried.

Rather cracking since they released the data to the public instead of showing up vulnerabilities. And I honestly doubt F|A would be able to shut down the CIA website with a DDoS attack.

 

However, being able to retrieve the data doesn't justify releasing it, no matter if people use the same password for more than one site. Just because you are allowed to buy a weapon doesn't mean you are allowed to rob a bank with it.

Chuckun Newbie

Chuckun

Posted
Posted

However, being able to retrieve the data doesn't justify releasing it, no matter if people use the same password for more than one site. Just because you are allowed to buy a weapon doesn't mean you are allowed to rob a bank with it.

 

Agree 100%

 

Hacking for the purpose of vulnerability highlighting = Ethical IMO.

Hacking 'for the lulz' to get back at a company = Understandable.

Hacking 'for the lulz' and releasing innocent people's data = Unethical, and shameful.

Antichrist Newbie

Antichrist

Posted
Posted

 

Hacking 'for the lulz' and releasing innocent people's data = Unethical, and shameful.

 

And in the case of Sony, those involved should be held resposible for repaying all of the revenue that Sony lost :)

Chuckun Newbie

Chuckun

Posted
Posted

Supposedly they caught one of the guys responsible for the Sony hacks in London:

 

http://articles.cnn.com/2011-06-21/world/uk.sony.hack.arrest_1_sony-pictures-denial-of-service-attacks-website?_s=PM:WORLD

 

That's b/s.. The newspapers here name suspects and land people in a lot of shit when they're wrong.. So that's a story to put people's minds at ease - it's not illegal to name a suspect here.. Or if it is, they ignore that little legality in our news papers & TV.

  • Administrators
JoeDirt Newbie

JoeDirt

Posted
  • Administrators
Posted

Misguided kids blowing smoke at media. I am going to start a twitter where I am going to claim I am god.

Zuthus Newbie

Zuthus

Posted
  • Author
Posted

Misguided kids blowing smoke at media. I am going to start a twitter where I am going to claim I am god.

 

I'll follow u :)

docwarren Newbie

docwarren

Posted
Posted

Misguided kids blowing smoke at media. I am going to start a twitter where I am going to claim I am god.

 

Shhhhhhhh! Half the people here think you are god!

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

About Us

We are glad you decided to stop by our website and servers. At Fearless Assassins Gaming Community (=F|A=) we strive to bring you the best gaming experience possible. With helpful admins, custom maps and good server regulars your gaming experience should be grand! We love to have fun by playing online games especially W:ET, Call of Duty Series, Counter Strike: Series, Minecraft, Insurgency, DOI, Sandstorm, RUST, Team Fortress Series & Battlefield Series and if you like to do same then join us! Here, you can make worldwide friends while enjoying the game. Anyone from any race and country speaking any language can join our Discord and gaming servers. We have clan members from US, Canada, Europe, Sri Lanka, India, Japan, Australia, Brazil, UK, Austria, Poland, Finland, Turkey, Russia, Germany and many other countries. It doesn't matter how much good you are in the game or how much good English you speak. We believe in making new friends from all over the world. If you want to have fun and want to make new friends join up our gaming servers and our VoIP servers any day and at any time. At =F|A= we are all players first and then admins when someone needs our help or support on server.

Player Gaming Stats for =F|A= Servers.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept