Cyber crime

Anonymous “spokesperson” Barrett Brown facing multiple new charges, in relation to Stratfor hack

BBlol

The never ending saga of Barrett Brown continues.  Brown, 31, who was a self-styled “spokesperson” for the group Anonymous  faces new charges in relation to the hacking a year ago of the intelligence firm, Stratfor.

According to federal prosecutors, Brown was indicted this week in Texas on a dozen charges including aggravated identity theft and device fraud.  He is accused of making public an Internet link providing access to credit card information stolen from Stratfor, which had emails taken during that same hack released by WikiLeaks. The full indictment against Brown can be seen here.

Brown had already been arrested and charged in October with threatening FBI agent, Robert Smith. Like much of Brown’s recent life, even the October arrest played out in the media, as he was arrested while on a live Tinychat session.  One can hear him apparently trying to get away from the FBI and sounds that may have been taser bursts at 1:30.

The Stratfor breach led to the disclosure of thousands of credit card numbers and other information. Jeremy Hammond was also arrested, but charged with participating in the actual hacking of the company.

HT  TwoTroubles


Bret Baier reports OWS rants about benefits of Hurricane Sandy, “Anonymous” twitter accounts then threaten him

Yesterday FNC’s Bret Baier on Grapevine reported on the comments by @OccupyWallStreet ‘s official twitter account in response to Hurricane Sandy. See his report here.  This earned him some unfavorable attention from twitter accounts associated with Anonymous (one of the founding parts of  Occupy). They “doxed”  Baier (got his personal information including his home address and phone) and said “anything goes” against him.

On Tuesday, the day after the hurricane started, the OWS account started with a rant against capitalism:

Then followed up immediately thereafter with the specific “benefits” of Sandy:

What obscures “community”? Why, Capitalism, of course.

They then advised people to go outside on Tuesday (while many wires and trees were still down and dangerous, most without power, many still under water ).

In the above tweet, they link to an article on another Occupy site that refers to Sandy as the “People’s Hurricane” and a “Climate Strike”  (arguing Sandy is due to Climate change that evil Wall St loosed on itself).

In response, the OWS account was widely castigated by the Twitterverse.  Jaceyla Jones was perhaps one of the best, reminding them that people had died.

After being roundly criticized, suddenly the OWS account seemed taken over by notices of how one could volunteer to help out Sandy victims, and posting on Occupy “volunteer efforts”. Still, they revealed  it was all about the politics, noting:

They then started praising themselves for their “rapid response” to Sandy, and attacked the Tea Party and government response.

When the FNC report by Baier then dared report some of the above tweets, this Anonymous account first called him a liar, saying that Occupy was helping victims.

Thereafter the following tweets recorded the effort to “dox” Baier and discussed what should be done to him. Click to enlarge:

This was then followed up with a post with his “dox” including phone numbers, home address, age and birthday. Citizen Journalist will not be linking to that dox page.

Here is a copy of the page with relevant info excised.

Anonymous@DBCOOPA has since scrubbed the first tweet about “ruining Baier’s life”.

HT @RichardRSmithJr for screenshot


“Anonymous” group claims to have planted a bomb in a government building to blow up on November 5th (Updated)

Here is the statement that they released.  which reads as follows:

Dear citizens of the world,
We are anonymous. As of today 200 kilograms of composite Nitroglycerin and commercial explosives have effectively been concealed in a government building, situated in the united states of America. on the 5th of November 2012 the device will detonate remotely via the transmission control protocol, leaving behind severe consiquences[sic]. We would like to advise that the contraption is built inside a tamper proof apparatus sensitive to physical intrusions or attempted disarmament, thus resulting in the desired effect, if the military grade device is found before the 5th of November. there is no intention, risks or circumstances what so ever to cause harm to innocent people, but we can not, say the same for the people who are the real terrorists, oppressors and war creators.
we are anonymous
we are legion
we do not forget
we do not forgive
on the 5th of November, you will expect us.

The release says it is from the group “@FawkesSecurity” and references “#OpV” which refers to the actions planned for November 5th (which harkens back to V for Vendetta and Guy Fawkes Day). Other videos and statements from other Anonymous accounts have called for actions in the streets on that day to help bring down the government.

Update:

Since the video hit yesterday, many in Anonymous have denounced it, asserting that they would not employ such tactics. Speculation about @FawkesSecurity ranges from “false flag” and “fed”, to “attention whore”.  The Youtube account is not one of the main Anonymous accounts, although it is connected to a bigger channel.

@FawkesSecurity appears to have been on the Anonymous scene since at least the end of last year. The twitter profile lists a Facebook to a private group, with the administrator supposedly a blonde woman from New York named “Jodie Rushforth”, which is likely false. There are several others listed in the grouping as well.

This group has claimed involvement in attacks on HSBC and on Twitter last week over the suspension of the account @Anon_Central. Other Anons are now disputing these claims.

The nature of Anonymous allows anyone to effectively claim to be a part of it. Yet this is not the first threat claiming to come from an Anonymous source. In February, for example, The Anon Message released a video, declaring war on the United States and calling for the destruction of the government, specifically noting this was not calling for a “protest” but a “call to arms”, again referencing #OpV and November 5th. That video has over 400,000 views.


Anonymous connected in threats against the University of Pittsburgh

Three men, including two men who claimed to be part of Anonymous, were charged this past week with making threats against the University of Pittsburgh.

Between March 30 and April 21, 2012, the University of Pittsburgh received over 40 email bomb threats directed at its buildings.  An email “open letter” claiming to be from “the threateners” claimed the reason for the threats was that the University had posted a $10,000 reward for prior bomb threats that had been written on walls at the University. The open letter called that a “prank” by a “kid”, and expressed disturbance at the school Chancellor’s response of offering a reward to track down the perpetrator. The open letter claimed the writers were “disrupting the University to teach the Chancellor a lesson”.

Over 100 evacuations took place, disrupting classes and dormitories, causing great concern throughout the university and surrounding area, and costing the University over $300,000.  According to the FBI, these threats were made by Adam Stuart Busby, a resident of Dublin Ireland.  Authorities also are charging extortion because the threateners said they would stop if the reward, now $50,000, was withdrawn.  The University withdrew the offer and the threats ceased.

Busby is also charged with subsequently threatening the US attorney and sending bomb threats pertaining to the federal courthouses in Pittsburgh and in Erie.

Collectively Busby was charged with wire fraud(the emails),  extortion, and spreading false information. Busby is in custody in Ireland on other charges. He has a long history of threats against various governments and entities. See the indictments here and here.

On April 26, the University was threatened again over the internet by a video posted by “AnonOperative13″.  The video claimed that Anonymous had hacked the University servers and stolen confidential information including credit cards and grades of students.  The video asked that the University apologize to the students for Anonymous’ ability to access the information.  Unless the University apologized, the video promised the information would be published for all to see.

Alexander Waterland, 24, and Brett Hudson, 26, both of Ohio, were charged in relation to the video with sending threats and stealing data.

Alexander Waterland

The maximum penalty for wire fraud is 20 years in prison, for  false information is 10 years in prison, for extortionate threats is two years in prison. Because all counts charged are felonies, the maximum fine on each count is $250,000. The law provides for a maximum sentence of five years in prison, a fine of $250,000, or both, for Waterland and Hudson. Under the federal sentencing guidelines, the actual sentence imposed would be based upon the seriousness of the
offenses and the prior criminal history if any, of the defendants

Although the connection between the two Ohio men and Busby was not specified, they were charged together and Waterland is mentioned in Busby’s indictment. It is not clear at this time if Busby is also alleged to be part of Anonymous, although that would explain the connection.


Wikileaks allegedly DDOSed and taken down

Wikileaks.org and some of its attendant sites have been DDOSed, according to Softpedia.

A group identifying itself on Twitter as AntiLeaks is taking credit  for taking down Wikileaks.org on August 3, and it still appears to be down today.

Wikleaks tweeted that they were investigating.

In taking credit, AntiLeaks announced that wikileaks.org was “tango down”. AntiLeak tweeted:

“You can call me DietPepsi. I am the leader of AntiLeaks. We are not doing this to call attention to ourselves. We are young adults, citizens of the United States of America and are deeply concerned about the recent developments with Julian Assange and his attempt at asylum in Ecuador,” he wrote.

“Assange is the head of a new breed of terrorist. We are doing this as a protest against his attempt to escape justice into Ecuador. This would be a catalyst for many more like him to rise up in his place. We will not stop and they will not stop us,” he added.

WikiLeaks has responded with a call for donations from its supporters to allegedly help against attacks.

Other sites also affected by DDOS attacks were WL Central, Justice for Assange, FDNN and Cabledrum.  Only Wikileaks and Cabledrum are still down.

Wikileaks has a mirror site up in the meantime.


And one more time…

Anonymous declares war, again.

They called for revolt yesterday, but just to be clear, today they spelled it out more, that yes, they are calling for people to take up arms and overthrow the government.

Some have speculated that this may be about the fifth call on the people to war against the government.  For some reason, they just don’t seem to be getting the people to respond. Clearly, they think all that was needed was to repeat the call. Maybe people haven’t heard it enough yet.

There is something slightly more interesting in this call, though.

There is a clear outreach within the video to exploit anger and fear about Obama possibly removing guns, about Obamacare and about Obama Executive Orders.

Are they reaching out to the right, to the constitutionalist? It would appear so.

However, they fail to get that a constitutionalist would be the last person to follow them in their continued path to attack anyone who disagrees with them, the antithesis of free speech. Their sole purpose, just like Occupy, is to get folks into the streets, doesn’t matter how or why, just get them out there so they can revolt. Hence the ghoulish ambulance chasing of people upset about issues, like Trayvon Martin and the deaths in Anaheim.

One might have a concern about the growth or reach of the government. But I suspect constitutionalists will not be picking up this call anytime soon.


Anonymous calls for revolution and war against the US-again

In the wake of protests in Anaheim, California,  allegedly over “officer involved shootings”, Anonymous has released a video, calling for revolution against the United States, declaring it #OpAnaheim.  In a prior video some months ago, an Anonymous video called for people to take up arms against the government and actually declared war on the US.

This video calls for for people to rise up and overthrow the US government. It mentions “shooting of protesters”, using the term loosely as the only “shooting of protesters” involved pepper spray balls or bean bags.  Here is a transcript of the video:

Citizens of the World,
We are Anonymous.

The purpose of this video is clear.

We want to inform the citizens of the world, that the United States is setting the flames of revolution. In Anaheim, police shot protesters and bystanders including kids who did nothing wrong. We, Anonymous, are calling yet again to the citizens of the United States, to rise up in unison, and defeat this government which values no lives nor freedom.

Do it for the safety of your families, your homes, and your future generations.

The fate of America is in your hands. Do you wish to be oppressed further, or do you wish to obtain freedom and peace?

The choice is yours. Let beat the drums of war.

Operation Anaheim, engaged.

We are Anonymous.
We are Legion.
We do not forgive.
We do not forget.
Expect us.


Julian Assange runs to Ecuadorian embassy in London to escape extradition

Julian Assange, the founder of Wikileaks,  is currently at the Ecuadorian embassy in London, asking for political asylum.

Ecuador says that it is analyzing his request, although Wikileaks claims already that he is already “under the protection” of the Ecuadorian embassy, according to their Twitter.

According to Russia Today(RT) , the media organ of the Kremlin that employs Assange to do a show, Ecuador previously had offered Assange residency in 2010.

Deputy Foreign Minister Kintto Lucas said his country is “open to giving him [Assange] residency in Ecuador”. Lucas also said Ecuador was “very concerned” by information revealed by Wikileaks linking US diplomats with spying on friendly governments.

Apparently Ecuador is not too concerned about Assange’s alleged spying efforts, including the effort to employ Anonymous to hack Icelandic government email to instigate an uprising in Iceland.  See here.

Assange has been under house arrest in the UK since 2010, after Sweden issued an international arrest warrant over allegations of sexual assault.

Swedish authorities accuse him of raping one woman and sexually molesting and coercing another in August that year, while on a visit to Stockholm to give a lecture.

He recently lost his bid to fight extradition and would likely have been extradited to Sweden, hence the reason for his immediate need to claim “asylum”.  Coincidentally, seemingly, Assange interviewed Ecuadorian president Rafael Correa last month on Assange’s show.

Assange had been out on bond of £200,000 ($315,780), much of which had been raised by supporters. He was supposed to be monitered electronically.

In granting the bond, Overnight Justice Duncan Ouseley stated Assange’s “reputation” would be “diminished” if he fled from extradition proceedings.

“Were he to abscond, he would diminish himself in the eyes of his supporters,” Mr Ouseley said.


UGNazi hackers attack Wounded Warrior Project website

UGNazi, a hacking group the defines themselves as hacking simply for “chaos” has attacked the Wounded Warrior Project Website.

As of 9 am the site was still down.

The reason for this action appears simply to annoy @th3j35t3r who is very supportive of the soldiers and takes down jihadi sites.

Needless to say, hurting a site that does nothing but support wounded soldiers is pretty base.



New Book: Assange solicited Anonymous group to hack Icelandic government sites, instigate uprising

For those of us who follow Anonymous, Wikileaks and Occupy, the connections between the three are not news.  We’ve been watching the connections for a long time.

Finally, however, Julian Assange will be called out very publicly on at least one of his less than savory actions to more than just the Anon/Wikileaks/Occupy watchers.

Parmy Olson, who has been writing on Assange, Wikileaks and Anonymous for Forbes for some time, is coming out with a new book, “We Are Anonymous”.  Olson as a longtime watcher will likely have many interesting observations. In one of the most interesting so far, Olson details Assange meeting online with Lulz Sec.

Lulz Sec was a small hacking group, a part of Anonymous, who had been involved in multiple hacks against government and corporate websites. These efforts included stealing credit card information as well as government and business information which they later leaked onto the internet.

After Lulz Sec attacked the CIA.gov website,  Assange posted a supporting tweet on twitter, according to Olson. He later deleted the tweet, but reached out to Lulz Sec privately. He and a Wikileaks staff member known as “q” met in an IRC channel with Topiary and Sabu of Lulz Sec.

At first, Topiary was nervous. Here was Julian Assange himself, the founder of Wikileaks,  reaching out to his team. He couldn’t think why he wanted to talk to them.  Then he noticed what q and Assange were saying. They were praising Lulz Sec for its work, adding they had laughed at the DDOS(distributed denial of service) attack on the CIA. With all the flattery it almost felt like they were nervous.

Sabu told Assange that his crew was up for taking out “traditional government targets”.

Q went on to explain why he and Assange were reaching out to Lulz Sec-they wanted help infiltrating certain government and corporate websites in Iceland.  They had reasons for wanting retribution on Iceland:

A young Wikileaks member had recently gone to Iceland and been arrested. Wikileaks had also been bidding for access to a data center in an underground bunker but had lost out to another corporate bidder after the government denied them the space.  Another journalist who supoorted Wikileaks was being held by authorities.  Assange and q appeared to want Lulz Sec to to try to grab the e-mail service of government sites then look for evidence of corruption or at least evidence that the government was unfairly targeting Wikileaks. The picture they were trying to paint was of the Icelandic government trying to suppress Wikileaks’ freedom to spread information.  If they could leak such information, they explained, it could help instigate an uprising in Iceland and beyond.

This was not a deal out the goodness offered without exchange. Q was offering to give Lulz Sec a spreadsheet of classified government data, a file called RSA 128, which was encrypted and needed to be cracked.  Q explained they had computers at MIT working on it for two weeks but hadn’t cracked it yet.

Topiary confessed to Assange that they had been behind the HB Gary hack, which thereafter resulted in a leak of 75,000 emails, including personal emails.  Assange told them they could have structured the leak better.

Topiary and Sabu invited the Wikileaks pair over to Sabu’s server and created a channel for them. Q said he wished they could help the group more obviously with things like servers but that they didn’t want to link Wikileaks too obviously to Lulz Sec.  The team received  links to 2 government websites and one company website to the rest of the team for which they were to   find ways to get into their networks and grab their emails.

What Assange didn’t know was that Sabu, by this point, was working with the FBI as an informant and likely all this was being monitored.


Massive cyber attack discovered- “Flame”

Excerpted from BBC-

A complex targeted cyber-attack that collected private data from countries such as Israel and Iran has been uncovered, researchers have said.

Russian security firm Kaspersky Labs told the BBC they believed the malware, known as Flame, had been operating since August 2010.  The company said it believed the attack was state-sponsored, but could not be sure of its exact origins. They described Flame as “one of the most complex threats ever discovered”.  Research into the attack was carried out in conjunction with the UN’s International Telecommunication Union.  They had been investigating another malware threat, known as Wiper, wihch was reportedly deleting data on machines in western Asia.

In the past, targeted malware – such as Stuxnet – has targeted nuclear infrastructure in Iran.  Others like Duqu have sought to infiltrate networks in order to steal data.

This new threat appears not to cause physical damage, but to collect huge amounts of sensitive information, said Kaspersky’s chief malware expert Vitaly Kamluk.  “Once a system is infected, Flame begins a complex set of operations, including sniffing the network traffic, taking screenshots, recording audio conversations, intercepting the keyboard, and so on,” he said.  More than 600 specific targets were hit, Mr Kamluk said, ranging from individuals, businesses, academic institutions and government systems.

Iran’s National Computer Emergency Response Team posted a security alert stating that it believed Flame was responsible for “recent incidents of mass data loss” in the country.

The malware code itself is 20MB in size – making it some 20 times larger than the Stuxnet virus. The researchers said it could take several years to analyse.

Iran and Israel

Mr Kamluk said the size and sophistication of Flame suggested it was not the work of independent cybercriminals, and more likely to be government-backed.  He explained: “Currently there are three known classes of players who develop malware and spyware: hacktivists, cybercriminals and nation states.  Flame is not designed to steal money from bank accounts. It is also different from rather simple hack tools and malware used by the hacktivists. So by excluding cybercriminals and hacktivists, we come to conclusion that it most likely belongs to the third group.”

Among the countries affected by the attack are Iran, Israel, Sudan, Syria, Lebanon, Saudi Arabia and Egypt.

“The geography of the targets and also the complexity of the threat leaves no doubt about it being a nation-state that sponsored the research that went into it,” Mr Kamluk said.

The malware is capable of recording audio via a microphone, before compressing it and sending it back to the attacker.  It is also able to take screenshots of on-screen activity, automatically detecting when “interesting” programs – such as email or instant messaging – were open.

‘Industrial vacuum cleaner’

Kaspersky’s first recorded instance of Flame is in August 2010, although it said it is highly likely to have been operating earlier.  Prof Alan Woodward, from the Department of Computing at the University of Surrey said the attack is very significant.

“This is basically an industrial vacuum cleaner for sensitive information,” he told the BBC.  He explained that unlike Stuxnet, which was designed with one specific task in mind, Flame was much more sophisticated.  “Whereas Stuxnet just had one purpose in life, Flame is a toolkit, so they can go after just about everything they can get their hands on.”

Once the initial Flame malware has infected a machine, additional modules can be added to perform specific tasks – almost in the same manner as adding apps to a smartphone.

According to Prof. Woodward:

This is an extremely advanced attack. It is more like a toolkit for compiling different code based weapons than a single tool. It can steal everything from the keys you are pressing to what is on your screen to what is being said near the machine.

It also has some very unusual data stealing features including reaching out to any Bluetooth enabled device nearby to see what it can steal.

Just like Stuxnet, this malware can spread by USB stick, i.e. it doesn’t need to be connected to a network, although it has that capability as well.

This wasn’t written by some spotty teenager in his/her bedroom. It is large, complicated and dedicated to stealing data whilst remaining hidden for a long time.

More on the Flame here


NJ Democratic Mayor and son arrested for political hacking and intimidation

A New Jersey mayor and his son were arrested Thursday by the FBI for allegedly hacking into an email account and website tied to a recall effort against the mayor— and then intimidating those associated with the site.

The Democratic mayor of West New York, Felix Roque, 55,  and his son, 22 year old Joseph Roque stand accused of accessing and taking down the site because it was critical of the mayor and called for his recall

After the site,  RecallRoque.com was taken down, Roque is alleged to have personally threatened or intimidated persons involved with the site. saying among other things,  that the page had been taken down by “high government officials and that everyone would pay for getting involved against Mayor Roque.”  He threatened to refer one to the Internal Revenue Service for an audit, according to the criminal complaint.  Roque also allegedly threatened that he had a friend on the CIA: “A friend of mine. he works in the — I can’t tell you — three letters — CIA. You know. That’s how I get information. So what I’m doing is not very kosher.”

U.S. Attorney for the district of New Jersey, Paul J. Fishman said,  “In this case, the elected leader of West New York and his son allegedly hacked into computers to intimidate constituents who were simply using the Internet to exercise their constitutional rights to criticize the government.”

The Roques are charged with gaining unauthorized access to computers in furtherance of causing damage to protected computers; causing damage to protected computers; and conspiracy to commit those crimes.

Felix and Joseph Roque appeared in shackles in federal court  in Newark yesterday, where a judge told them that they could face up to 11 years in prison and $600,000 in fines. They were released on $100,000 bond each.


Anonymous DDOS against NATO, City of Chicago and Chicago Police Dept

Cyber War News is reporting this morning DDOS(distributed denial of service) attacks against both the Chicago Police Department and NATO.

The attacks have been aimed at http://chicagopolice.org which is a community information site for the Chicago police. CWN reported the site down, but Citizen Journalist observed it was in operation, so if it was down, it was for a period under an hour.

Transcript provided by Anonymous in description on video:

Greetings fellow citizens of the world, we are AntiS3curityOPS.

While this has come to no surprise, the NATO protests are already reaching a boiling point. As tonight we have already witnessed the Chicago Police Dept sending out a request for two water cannons deployed on Michigan Avenue, which the protesters briefly were able to close of the street completely. Just a few moments ago we witnessed cops on horses seemingly all too content with the destiny that has turned their hearts cold, trampling over protesters trying to intimidate. And you know what we saw during this? Protesters locking arms and holding their ground. A few had Anonymous masks’ on, a few were girls who looked like they belonged safely off on the sidelines bravely charging cops with shields and on horse. All the while the protesters are chanting “Take those animals off those horses”, drowning out any attempts by the Chicago police to get a word in. Everyone of you are hero’s to us.

What we saw tonight watching a bit of the protest was everyday, average people fighting back and finally refusing to stand down. The NATO Summit is being utilized in such a way, and we couldn’t have predicted it more accurately. On the video we saw Mother’s, teenagers, elderly, the anarchists, white, black, hispanic, this movement see’s no skin color. every sort of person is well represented in these actions.

This is not a time to have our differences divide us, this is a time we all need to come together and rally around our brother’s and sister’s bravely in the street’s of Chicago risking their lives to make the one voice they have, heard. If every single one of us has a voice, one opinion, let us unite and show the violent Chicago police, and the government big brother tactic’s that we are not gonna take this.

We are actively engaged in actions against the Chicago Police Deptartment, and encourage anyone to take up the cause and use the AntiS3curityOPS Anonymous banner. For those able, chicagopolice.org should be fired upon as much as possible. We are in your harbor Chicago, and you will not forget us.

So for those unable to engage in attacks online by ddos, share with everyone you know what’s presently going on in Chicago, Tweet celebrities on twitter with the #SolidarityWithChicago #FuckNATO #FTP hashtags and get it trending. Also keep watching the live feed’s, and spreading the live feed links all relevant places. Together, we the people, are gonna take the power back.
We are AntiS3curityOPS.
We are Anonymous.
We are legion.
We do not forget.
We do not forgive.
Chicago Police Deptartment, expect us.

Despite the Anonymous narrative, there were no water canons used, and police were generally very restrained in dealing with the crowd on the street. The transcript refers to people linking and arms and charging the cops.  That did occur and was not precipitated by any action on the part of the police other than standing in a line. Police were charged and knocked over. There appeared to be blocs delegated to trying to impede the police from following along with the march, at one point blocking the horses, bikes and at one point slashing tires on a police van, surrounding the van and hitting it.

CWN also alleges that  www.nato.int  was taken off line this morning, but checking it now, it appears fine so it was not down for more than 3 hours.

The attacks have been announced from @AnonAteam twitter account:

#TangoDown http://www.nato.int/ @NATO One-One censorship from #ATeam @DwayneV1x@AnonSkill @UKAnonymous2012 @minilulz @iblametom @ZDNetUK

The City of Chicago website also seems to be under attack and offline at the moment at cityofchicago.org.


TeaMp0isoN crew hit with arrests

The hacking group known as #TeaMpOisoN is suffering from three recent arrests. On April 12, their leader, “TriCk”, 17,  and another 16 year old were arrested in the UK   On Wednesday evening, the “spokesperson” of the group, “MLT”, also 17, was arrested by Scotland Yard in Newcastle, England.  MLT’s twitter account has been silent since that time. Last night in St Petersburg, Russia,  a 28 year old man was arrested who is believed to be “Phantom”-another #TeaMpOisoN crew member, according to Softpedia

TeaMpOisoN is one of the groups under the greater umbrella of Anonymous.  TeaMpOisoN  has been responsible for numerous actions including breaking into the websites of Panasonic, the United Nations and the Australian Government, as well as breaching an email account with private data about Tony Blair.  Perhaps their  most notorious act was the alleged  “phone bombing” of MI6 – sending out a script to continuously call the intelligence agency for 24 hours, effectively working as a phone distributed denial of service.  TriCk claimed the reason for the phone bombing was because the group objected to the extradition of Islamic terrorism suspects from the UK to the US.  It was after this that the two teenagers were arrested in April.

TeaMpOisoN also allegedly attacked websites they viewed as critical of Islam.  They claimed to have hacked “Zionist” Facebook pages on New Year’s Eve last year.  “ALLAH U AKBAR,” they wrote. “Great start to 2011, hacked over 1000 Racist/Zionist Facebook Pages in 1 day.”

During the riots in England last year, Blackberry Messenger service was believed to be used by looters for collaboration.  The maker of Blackberry, Research in Motion promised cooperation with the police and government.  In response   TeaMp0isoN reportedly defaced the official BlackBerry blogs, saying “We are all for the rioters that are engaging in attacks on the police and government.”


Major cyber attack aimed at natural gas pipeline companies

Cyber security analysts work in the “watch and warning center” at the federal government’s secretive cyber defense lab, in Idaho Falls, Idaho. The Homeland Security Department’s Control System Security Program facilities are intended to protect the nation’s power grid, water and communications systems.
Mark J. Terrill/AP

 

 

 

 

 

 

 

 

 

 

 

 

 

Excerpted from Christian Science Monitor:

A major cyber attack is currently underway aimed at computer networks belonging to US natural gas pipeline companies, according to alerts issued by the US Department of Homeland Security.

At least three confidential “amber” alerts – the second most sensitive next to “red” – were issued by DHS beginning March 29, all warning of a “gas pipeline sector cyber intrusion campaign” against multiple pipeline companies. But the wave of cyber attacks, which apparently began four months ago – and may also affect Canadian natural gas pipeline companies – is continuing.

That fact was reaffirmed late Friday in a public, albeit less detailed, “incident response” report from the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), an arm of DHS based in Idaho Falls. It reiterated warnings in the earlier confidential alerts made directly to pipeline companies and some power companies.

The ICS-CERT is charged with helping secure the nation’s industrial control systems – computerized systems that open and close valves, switches and factory processes vital to the chemical, industrial, and power sectors. Their “fly away” teams visit factories, power plants, and pipeline companies to investigate cyber intrusions.

“ICS-CERT has recently identified an active series of cyber intrusions targeting natural gas pipeline sector companies,” the confidential April 13 alert warns. “Multiple natural gas pipeline organizations have reported either attempts or intrusions related to this campaign. The campaign appears to have started in late December 2011 and is active today.”

Approximately 200,000 miles of these interstate natural gas transmission pipelines in the US supply 25 percent of the nation’s energy. Pipeline safety has been a major issue in recent years, highlighted by the San BrunoCalif. pipeline explosion that killed eight people and destroyed 38 homes in the Bay Area in September 2010.

In yesterday’s public warning, ICS-CERT re-affirms that its “analysis of the malware and artifacts associated with these cyber attacks has positively identified this activity as related to a single campaign from a single source. It goes on to broadly describe a sophisticated “spear-phishing” campaign – an approach in which cyber attackers attempt to establish digital beachheads within corporate networks.

See more of the story here


Anonymous defaces site of International Police Association

Anonymous took credit for attacking the International Police Association (IPA) website today, defacing it with angry messages. As of this evening, the site remains defaced.

While stating that they did it for “lulz”, they also suggested that they may have taken sensitive data from the site.

The defaced page contains the following message:

“oHai [hello]… International Police Association (International Admin Center) you will see we haz [had] some #LULZ at your expense maybe you will fix your security issues and of course… we always recommend you NOT store admin passwords in PLAINTEXT For a site like International Police Association… w3 [we] really expected moar [more]… #LULZ the thin…”

According to Wikipedia, the International Police Association is the largest organization for police officers in the world and has approximately 400,000 members in 64 countries. Its stated purpose is to encourage cooperation among police officers of the world.

This attack was allegedly part of a stated effort against police, known as #FuckFBIFriday, which has involved attacks on law enforcement sites over the past several months. These attacks have involved everything from hacking and stealing info to DDOS.  Recently, with the slew of Anonymous arrests, including those of Higinio Ochoa (“Wormer”) and John Anthony Borrell III (ItsKahuna), for a period of time, #FFF attacks had seemed to slow or stop.


Jihadi Jumpkick

Via The Jawa Report is this morning’s comedy gold.

Meet Tarek Maaroufi, a  member of the Armed Islamic Group of Algeria who served three years for terror involvement in Belgium.  He is a serious terrorist. But as Jawa notes, we’re not really sure what the heck he is doing here.  But whatever it is, it must be cool.  Because he posted it to Facebook.

See if you can figure out what he is doing here

Apparently Tarek’s website had a small problem and went off line courtesy of anti Jihadist hacker th3j35t3r.

Moral of the story? If you’re a terrorist, don’t post things that make people giggle on Facebook.


Occupy: Anti Israel, Anti semitism?

A Facebook post on the Occupy Tampa Facebook page has been burning up the social media lines.

According to Haaretz:

The cartoon, shown below, depicted a Jewish man with a big nose and large beard driving a car with the symbol of the United Nations as the wheel and U.S. President Barack Obama’s head as the stick shift.

On Holocaust Remembrance day, this cartoon was particularly offensive and engendered 400 comments in protest.  “Putting this on Holocaust day just makes it even more sickening than it already is,” one user said.  “This is an outrage. All OWS sympathizers must be disgusted by this vile act of hatred,” said another user.  Despite the fact that most of the commentors were furious over the cartoon, 54 people “liked” the image.

Haaretz noted users who claimed the Occupy Tampa page was “not affiliated with the Occupy Wall Street movement”, that the movement has no official leadership so anyone can post under the “occupy” name.   However, the Occupy Tampa Facebook page has more than 25,000 followers, and has been active since September 25, the beginning of the Occupy Wall Street protests.

All the occupations are technically “autonomous”, so each could disavow the other.  Invariably, when there is a crime or something unpleasant done by an Occupier, the “official” word is that the actor is “not really an Occupier” or one cannot ascribe his actions to everyone else.

Much has been said about anti semitism in OWS already; it is usually met with “we cannot control what individual people say” or as with Occupy Tampa, it is not “official” part of OWS.

It is however important to understand there is a large anti-Israel component to OWS.  For example, some of the founding boots on the ground for OWS – Code Pink, Worker’s World Party and Anonymous-all have made pro Palestinian, anti Israel pronouncements. While there is certainly a distinction that one can make between objecting to actions of a country-Israel-and being anti-semitic, these statements have sometimes crossed the line, and make one wonder.

In October in Melbourne, Occupy had a large protest, part of which marched on a mall against a chocolate shop owned by Jews, which Occupy said had somehow supported Israel. In the process of the march, one member ripped an Israeli flag out of the hands of a man silently protesting them on the side of the road.

In November,  Occupy Boston, led by Code Pink and Communications Workers of America VP Dennis Trainor, led an “invasion” of the Israeli consulate in Boston. While short, the invasion chanted slogans such as, “Viva la Intifadah” and waved Palestinian flags.

Occupy DC protested the alleged influence of Israel by “Occupying AIPAC” during the AIPAC conference in March. This was posted in support by @Anon_Central, an anonymous twitter account that has also declared war on the US:

See this cartoon and think about it. Just think this time. Is it true? #USA #Zionist #Israel #AIPAChttp://pic.twitter.com/PxwjJSgg

https://twitter.com/#!/Anon_Central/status/176365514011066368/photo/1

Historically, of course, pogroms against Jews would begin with cries against the evil “bankers” and their ability to control the world (translation: Jews controlling the world). So when the rhetoric is of the “evil banksters” controlling the world, it understandably makes some nervous.

Anonymous has actually declared war on Israel in the following video in quite virulent terms, vowing to destroy Israel in three steps:

When we asked @OccupyWallSt (as much of an “official” twitter account as you probably will get) about the above cartoon, they denounced it as hate speech, but did not respond when we asked if they would denounce Anonymous for declaring war in such terms on Israel.  This declaration has taken the very real shape of online hacks against the Israeli government as well as hitting a variety of other Israeli websites, some with no relation to the government. However, that is just the “first step”.  Anonymous promises two more steps,  “suprises” for Israel.

Anonymous has also computer attacked various law enforcement agencies in defense of Occupy for alleged police brutality against them.  The FBI has arrested several Anonymous members recently for some of these actions.

When you demonize a group of people, to the point of making up names about them-the 1%, “banksters”, “vampire squids”-you create an environment in which such sentiments can flourish. Why do you not succeed? Nazis told the people it was the evil money grubbing Jews, Occupy Wall Street tells you it’s the evil “banksters”.

Occupy appears to believe in collective guilt of the imagined evil 1%, yet not in collective responsiblity of their members who commit offensive acts.  In so doing they engage in dangerous, divisive and harmful rhetoric.  People need to call it out for what it is, to put a stop to it.


Anonymous/Cabin Cr3w member, @It’sKahuna, arrested

John Anthony Borrell III, aka @It’sKahuna on Twitter, was arrested by the FBI and charged with two counts of computer intrusion in violation of 18 U.S.C.§1030(a)(5)(A).

These charges concerned hacking a Utah Police Chiefs’ website as well as the website of the Salt Lake City Police Department in January 2012.

Borrell, 21,  was allegedly part of “Cabin Cr3w”, a hacker sub group of Anonymous which has been responsible for the online attacking of law enforcement agencies, sometimes in reaction to various Occupy related police confrontations.

Police were able to link Borrell through connections to work and neighbors’  IP addresses. They also were able to obtain information from Twitter which included his picture sent to another person in anonymous.

Borrell is just one of many recent Anonymous arrests.  Recent arrests included “Sabu”(Hector Monsegur), who became an informant for the FBI, and “wormer”(Higinio Ochoa)(who was also a member of the “Cabin Cr3w”).

Borrell is also noted in the FBI complaint as offering to become an informant for them.

See full indictment and complaint here:  http://www.scribd.com/doc/89670544/Indictment-and-Complaint-against-Anonymous-hacker

Borell was arrested March 20 and has been detained in Ohio. Each count carries up to 10 years in prison and a $250,000 fine.

Authorities in early February had said the hackers who attacked the Salt Lake City Police Department website gained access to citizen complaints about drugs and other crimes, including phone numbers, addresses and other personal data of informants.

The police website was just recently restored after additional security measures were added.

Anonymous was also involved in an attack on the Boston police in retaliation for “police brutality at OWS,” an apparent reference to the Occupy Wall Street movement. The message also promised “there is plenty more mayhem to deliver.”

HT to @TomRyanBlog for indictment/complaint.


Anonymous attacks Chinese and British websites

Over the Easter weekend, Anonymous is alleged to have attacked British and Chinese websites.

500 Chinese websites were defaced.and British government websites were also hit.   The Home Office, Ministry of Justice and Number 10 Downing Street sites were disrupted on Saturday night by denial of service attacks, which flooded the websites with more traffic than they could handle.

Anonymous described the reasons for the attacks as in protest of ACTA and against the UK-US extradition treaty.  Said treaty may result in British hackers being extradited to the US for their alleged crimes.

Anonymous claims they will continue attacks each weekend on British sites.

See more at http://www.ft.com/intl/cms/s/0/f3384904-8186-11e1-b39c-00144feab49a.html#axzz1rjIzH9jJ


Massive data breach in Utah: Hackers steal hundreds of thousands of Social Security numbers

SALT LAKE CITY –  Health officials now believe a total of nearly 900,000 people have had their personal data stolen.

The information includes Social Security numbers, health department spokesman Tom Huduchko said at a news conference. Some files also contained information needed to verify Medicaid coverage, as well as names, addresses or other personal information, he added.
Read more: http://www.foxnews.com/scitech/2012/04/10/hackers-steal-hundreds-thousands-social-security-numbers/#ixzz1regUWc4f


Grandpa, patriot who goes by ‘The Raptor,’ claims credit for taking down Al Qaeda websites

Via Fox News:  An American hacker, who calls himself “The Raptor” and claims to be a grandfather waging his own war on terror, is taking credit for a series of takedowns of online forums used by Al Qaeda sympathizers.

Calling himself a patriot acting on behalf of U.S. troops serving overseas, The Raptor claims to be behind last month’s attack on Al Qaeda’s main online forum, Shamukh Islamic Network, and a handful of other sites and forums, including Ansar al-Mujahideen, where jihadists gather online to issue threats and exhort one another to acts of terror. The sites went down on March 22, and most remained dark for nearly two weeks. As the websites stayed offline, The Raptor taunted his targets on Twitter, daring them to “bring it.”


Occupy Neatherlands endorses Anonymous antisemitism and attacks on Israel

David Duke and the Nazi party endorse Occupy.

Occupy’s response? “Oh anyone can endorse us, but we don’t endorse anyone else”.

Apparently, though, Occupy endorses Anonymous anti-semitic attacks on Israel, chastising Israel’s evil plan to control the world (oh hai-Illuminati).

This is just one of several videos Anonymous has made announcing plans to attack the Israeli government:

http://occupythenetherlands.nl/2012/04/06/anonymous-message-state-of-israel/

Since Anonymous acts as a fundamental support system for Occupy with computer attacks and manpower, one might wonder why Occupy would not disavow such insanity.  But really the conclusion one might reach as to why they do not is simple.

It’s because they believe it too.

 


Follow

Get every new post delivered to your Inbox.

Join 37 other followers