Brazen, High Profile Attacks Continuing

Somebody has some really big balls and either doesn’t care if or when they get caught or thinks they won’t.

In the meantime they are poking a really big stick in the eye of the U.S Government. In this specific case the CIA. LINK

I don’t know how to characterize this. On the one side I really hate the crap that government and big business are pulling. On the other side we have a situation where there exists a possibility for something very bad happening. And I’m not sure this is going to make government more citizen friendly. I’m thinking the idiots in Washington will react in the opposite way. Don’t look now but I think we’re watching the revolution getting under way.

LulzSec Downs CIA’s Public Site, Appears to be Subject of Framing Attempt
Jason Mick (Blog) – June 15, 2011 7:20 PM

Group’s attack continue to grow more flagrant, as do its detractors

At around 6 p.m. Wednesday night after a busy day of distributed denial of service (DDoS) attacks some “31337” 2005-era “/b/tards” posted a microblog to Twitter. But these weren’t just any “/b/tards”; these were the most infamous hackers of the year — LulzSec.

And they didn’t just post any old message. They typed:

Tango down – cia.gov – for the lulz.

Indeed the U.S. Central Intelligence Agency’s homepage was unreachable.

I. Brazen Hacks, Phone DOS

The apparent takedown of the CIA homepage is merely the latest in the griefers’ audacious run of high profile system intrusions and DDOS attacks on gaming services, government entities, and more.

The hack outraged th3j35t3r (“The Jester” in leetspeak), a pro-American “hacktivist”. He swore to LulzSec:

@lulzsec – re: your last hit. Gloves off. Expect me. My silence is not an indication of weakness, as your mouth is an indication of yours.

But if The Jester or anyone else can stop the group, they haven’t yet. LulzSec appears to think itself untraceable, given its flagrant hacks — infiltrating the U.S. Senate servers, hacking an U.S. Federal Bureau of Investigations affiliate, and now hacking the public presence of the world’s “most powerful” intelligence agency.

And it’s using new tactics. LulzSec has set up two phone lines — 614-LULZSEC or 732-993-7703 — and is taking thousands of calls a day. Some it actually answers, asking guests questions for prizes or regaling them in a faux French accents. But it’s also redirect the calls to phone denial of service (DOS) attacks — something rarely seen today.

Today it direct this phone wrath at the online MMORPG World of Warcraft’s customer support, the FBI’s Detroit headquarters, and “a certain hosting company” (many suspect it was GoDaddy). Last, but not least it direct attacks at disgraced security firm HBGary who was the subject of much lashing at the hands of Anonymous earlier this year.

II. Framing Attempt?

LulzSec has been the subject of what appears to be wildly bizarre framing attempt involved the increasingly popular peer-to-peer digital currency Bitcoins. Former HBGary CEO, Aaron Barr, posted to Twitter:

Lulzsec manages to pilfer nearly a half million dollars in bitcoins while running their tele-DDOS-athon today. tinyurl.com/3mfngql

Only the link in question didn’t receive the funds today — it received them on Monday (6/13). And while it did send a donation to LulzSec’s public donations account:
176LRX4WRWD5LWDMbhr94ptb2MW9varCZP

It only sent the typical token gesture: 0.31337 (“elite” in leetspeak) — worth about $7 USD.

So where did this bizarre rumor begin? It appears to trace back to a Pastebin:
http://pastebin.com/88nGp508″ rel=”nofollow

Which was a repost of the Bethesda press release, with one important alteration — the account was altered to make it look like:
1KPTdMb6p7H3YCwsyFqrEmKGmsHqe1Q3jg

…was a LulzSec donations account.

Clearly that account appears to be involved with some mass fraud or is a cleverly social engineering work to offer the deception of a mass fraud. Either way, the attempt to tie LulzSec to it seems clearly flawed and like a clear framing. No official LulzSec press release has ever carried that number.

It’s unclear whether Mr. Barr is merely a uninformed observer, or is more deeply involved with this framing. But it’s clear that his wild claims appear unfounded.

It’s also possible that the postings are some sort of attempt to discredit Bitcoin itself. In recent weeks several news agencies have been spreading posts with dubious claims, attempting to discredit the digital crypto-currency.

For example The Guardian’s Ruth Whippman writes:

An odd alliance of libertarians, geeks, businesspeople and drug kingpins hail Bitcoin as the future of the internet – global, private and immune from national economic crises and the whims of reckless bankers. Its critics in the political sphere fear that it could give rise to an online Wild West of gambling, prostitution and global bazaars for contraband.

Previously dismissed as a nerdy curiosity, the untaxable Bitcoin may soon be due for a crackdown.

And Information Week adds:

LulzSec Hackers Using Digital Currency: DEA Crackdown Soon?
The LulzSec hacker group has said it’s receiving monetary support via a P2P digital currency, Bitcoins. Now Senators are urging DEA action on an illegal online drug sales site with a Bitcoins connection.

Seemingly, some people are suggesting that Bitcoin is more villainous than the far more anonymous form of currency — cash. The source of this misinformation/smear campaign is unknown, though, news agencies seem happy to spread it gleefully.

III. Insecure World

Much has been made to explain how LulzSec is doing what it does. But the fact of the matter is that the group isn’t using new tactics, new tools, or new exploits. It’s just getting more attention because it’s good at advertising what it does and its affecting lots of people.

But the fact of the matter is that many corporate and government systems today are incredibly insecure and the vast majority of users are utterly incompetent when it comes to security [1][2][3] — even some system administrators [1].

Combine these factors and you get an infinitely abusable system.

The abuses have occurred in years past. They may be happening at a faster rate this year. But the system has been insecure for years. And it will likely still be insecure next year, as well.

Advertisements

2 thoughts on “Brazen, High Profile Attacks Continuing

  1. cmaukonen

    I do believe it will get worse though. However as I understand it at least part of the internet will be going IPV6 very shortly with the rest to follow not to far behind. This should at least slow them down a bit.

    But it may also make them even harder to trace.

    1. It’ll be a while before we see any real impact from IPV6. Vast chunks of the computing world will have to go away by attrition and be replaced. I don’t think IPV6 will make all the much difference in the short term. It may make it a less onerous task to trace the bad guys. Maybe.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s