Think Information. Think Security.
Source: Google Cache
If there's one group of "hackers" that needs to be recognized in 2011, it's probably LulzSec. Their high-profile hacking spree have really rocketed them into the limelight.

And they are against all-odds.

Are the latest high-profile hacking telling us that the security technology should be raised to the next ante?

Griefer organization isn't worried about making enemies.

LulzSec ("Lulz Security") has exploded onto the world hacking scene with a series of high profile system intrusions that have drawn sympathy from some and outrage from others.  Now they've stepping up their attacks, blasting new targets.

I. LulzSec?

Before a few weeks ago pretty much no one had heard about LulzSec.  Now they're making the evening news.

Two weeks ago LulzSec was one of several parties who hacked Sony Corp (6758) using SQL injection to exploit access vulnerabilities in the company's online databases.  At the time most considered LulzSec just another hacker group targeting Sony.

Sony had in recent months become a whipping boy for the hacker community after it allegedly abused the U.S. federal court system to gain access to the personal accounts of famed hardware hacker George "GeoHot" Hotz, invading the young man's privacy.  The hacking community was also resentful about Sony's decision to try toblock users from installing Linux on their PlayStation 3s -- a practice they once promoted.  

But LulzSec showed themselves to be more than just an anti-Sony group.  After news network PBS aired a FRONTLINE specialcalled "WikiSecrets", LulzSec hacked the network's servers posting offensive fake stories.  

The group said they attacked the news network because they were upset that its special didn't portray the controversial leaks site Wikileaks in a wholly positive manner.  The decision to mix critical commentaries in with praising ones in the special was apparently unacceptable to the group, andPBS paid the price for its rounded coverage.

And most recently the group hacked Sony yet again, this time completing a much larger breach in which they scooped over 1 million user names and passwords from an online picture service from the company.  Allegedly the passwords were stored in plain text, an astoundingly careless move.

II. Attacks on Fellow Hackers

This last week, in addition to the Sony hack, LulzSec has had its hands full with new targets.

The group targeted famed hacking magazine 2600's servers due to its frustrations at a certain young hacker that used them.  The group claims that a Dutch youth named Martijn Gonlag, who goes by the name "awinee" on Twitter used 2600's IRC and proxy servers.

Mr. Gonlag who recently was arrested [1][2] (video) when he bungled an attempt to use the distributed denial of service (DDOS) tool "Low Orbit Ion Cannon" and accidentally DDOS attacked the Dutch government.

Since then he's carried out a confrontational dialogue with LulzSec on Twitter, with LulzSec mocking his inexperience.

2600 apparently was caught in the crossfire of this grudge match.  LulzSec elected to carry out distributed denial of service attacks on its fellow hackers, taking down IRC chat channels and proxy servers.  The physical news webpage remained accessible throughout much of the week, though.

The IRC channels have recently come back online as the group appears to finally be ceasing hositilities.

But the group appears to be targeting another hacker now -- an individual who goes by the name "th3j35t3r" ("The Jester" in leetspeak).  The Jester primarily leads distributed denial of service attacks against violent jihadist recruiting websites, acting as a "hacktivist".  He has taken down sites belonging to the Taliban and al-Qaida.  He's also carried out attacks against the Westboro Baptist Church, a radical Kansas-based Christian church who advocates killing gays and who has cheered the death of American soldiers the Middle East.

But The Jester ran afoul of LulzSec due to his role in DDOS attacks against Wikileaks.  Now The Jester and LulzSec are engaged in a hostile dialogue on Twitter, in which both parties have implied that they may be looking to attack each other.

III. Pro-FBI Nonprofit Hacked

But LulzSec's highest profile intrusion may have just occurred last night.  In an operation it called "f-ckFBIFriday", it hacked nonprofit Infragard.  

According to Infragard's website, it is a 42,000+ member strong organization that helps connect local businesses with the U.S. Federal Bureau of Investigations to protect themselves from crime.

Late Friday LulzSec hacked the group's servers, grabbing e-mails, passwords and personal contact information for about 180 members.  The group posted a 700 MB torrent, which it claimed to be full of internal emails.  The group also defaced Infragard Atlanta's website posting a defiant message to the FBI posting the text "LET IT FLOW YOU STUPID FBI BATTLESHIPS".

The defaced page carried a picture of LulzSec's favorite target, Mr. Gonlag.

LulzSec has also been at war with Karim Hijazi, CEO of botnet-tracking company Unveillance.  Mr. Hijazi accuses them of trying to hack into his company's corporate network with iPredator, a VPN tunneling tool.  He says they also used phone line tapping techniques to listen in and record an internal call.

He alleges that the LulzSec team contact him via IRC chat demanding he turn over logs on the botnet of Anonymous, which has been used to carry out pro-Wikileaks attacks on U.S. businesses and the U.S. government.  That botnet is believed to be composed of innocent civilians' computers infected by viruses propagated by Anonymous's hacker members.

LulzSec is also believed to have grabbed additional information using Mr. Hijazi's password from Infragard, which LulzSec claims was the same as his passwords for company servers.  By breaching Infragard, LulzSec appears to have gained the means to breach Unveillance as well.

In an interview with CNET he states, "They had me under the gun for a little over a week with threats and extortion. The very nature of having to contend with someone who is holding something ransom is not pleasant."

LulzSec has posted on Twitter claiming Mr. Hijazi tried to hire him and citing his "corrupt" behavior as justification for their leak of his company's information.  They write:

Karim offered to go into business with us even before we put on the pseudo-extortion. He tried even harder after - corrupt, filthy man.

We leaked Karim because we had enough proof that he was willing to hire us as hitmen. Not a very ethical thing to do, huh Mr. Whitehat?

IV. Who is LulzSec?

LulzSec sure is making a lot of enemies -- likely some hackers at 2600, The Jester, the FBI, Unveillance, Infragard, Sony, and more.

The group maintains chat channels on and maintains an "official" webpage  The group also communicates with the public through Twitter and Pastebin postings.

Its members firmly assert that they are not a renaming of the 4Chan hacker group Anonymous, despite sharing many similar enemies -- those who criticize Wikileaks, Sony, et al.

What is known about LulzSec at this point is that they are very sophisticated attackers.  They also appear to be members of the growing "griefer" movement, which includes such players as the obscenely-named GNAA/GoatseSec and Gnosis (who breached Gawker Media, owners of Gizmodo, last year).

The thing about griefers is that they love free speech -- until it works against them.  For that reason, and for the wealth of corporations with woeful security (link to LulzSec's hack of Nintendo), we doubt the online world has seen the last of LulzSec, who these days is given Anonymous a run for its money. 

It should be interesting to see how the U.S. intelligence community responds, now that LulzSec's attacks are hitting close to home.

Editors Note: Cross Post from: Daily Tech

Leave a Reply.