Monday, February 7, 2011
ANONYMOUS GOES AFTER SECURITY FIRM FOR SELLING SUPPORTERS DETAILS TO FBI
If you thought Anonymous limited its cyber attacks to those who blocked WikiLeaks or suppressed free information, you’d be wrong. One software security firm is learning the hard way that it also targets anyone who acts to bring down the loosely-knit, global movement of young people who campaign through Web attacks.
On Sunday evening, just when the Super Bowl was kicking off in Dallas, Texas, five supporters of Anonymous’ elite arm AnonOps brought down the Web site for HBGary Federal, a small, Washington D.C.-based security services firm.
They then hacked into the Twitter account of CEO Aaron Barr, releasing a series of profane, self-denigrating Tweets that also provided links to the hacked Web site of one of his researchers.
An hour later, they released this screenshot, which reads: “Let us teach you a lesson you’ll never forget: you don’t mess with Anonymous,” which they hoped to use it as a new placeholder for HBGary’s site.
Why? Barr was recently quoted in the Financial Times as saying that he had identified two key members of Anonymous, including a co-founder in the U.S. along with senior members in Britain, Germany, Netherlands, Italy and Australia. He claimed to have picked up clues to their identities by monitoring emails, Facebook and IRC chat using fake online names.
The report followed news that police had arrested five suspected members of the group in the U.K. last month and carried out 40 court-authorized searches in the United States.
Though the FT report says that Barr did not plan to give his findings to the police, one person from within AnonOps who took part in Sunday night’s attack tells me that he had, in fact, been planning to sell his research to the FBI and hold a meeting with the authorities on Monday morning.
The five Anonymous supporters who participated in the hack also obtained more than 50,000 of Barr’s personal emails, financial details for HBGary and said they were planning to delete the company’s backups and support servers. The whole operation took just over 24 hours.
The hackers found that at Monday morning’s meeting with the FBI, Barr had been planning to offer a document showing names and addresses of dozens of Anonymous members, for a yet-to-be-negotiated fee.
Yet having obtained the alleged file, the Anonymous members didn’t destroy it–they made it public. The majority of the details in the 23-page document, they said, were incorrect and the names “random.” Nearly everyone actively involved in previous attacks has read the file and confirmed they were not it. The attackers thus released a link to the document through Barr’s own hacked Twitter account.
Barr did not respond to voicemails seeking comment at the time of writing.
Not long after this, Anonymous was Tweeting Barr’s cell number, a link to his 50,000 personal emails, social security number and home address.
Anonymous typically goes after big governments they accuse of corruption (think Tunisia, Egypt) and corporate players like MasterCard or eBay-owned PayPal. But in taking out HBGary the group has targeted a smaller player who, despite being a software security firm, isn’t very secure itself. (It took one of the hackers little over two minutes to get into the LinkedIn account of chief operating officer Ted Vera, another 10 to get his address and phone number.)
In their view this was all justified for serving a larger purpose: “It is harsh, but we’re harsh people,” said one of the attackers. “We felt Anon needed a break from seriousness for a while, we understood that Anon was getting paranoid about recent FBI raids and companies such as HBGary lurking our chats, so we’ve given all of Anonymous a message: we will fight back.”
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.