About these ads

Archive

Posts Tagged ‘th3j35t3r’

1-15 July 2013 Cyber Attacks Timeline

I am quite in time with the list of the main Cyber Attacks occurred in the first half of July.

This period has been quite hard for the Video Games Industry with two noticeable events targeting Konami and Ubisoft (58 million of account potentially affected in this second case). Another noticeable breach involves the attack against the Italian Website of Sony, which lead to 40,000 records leaked.

Regarding hacktivism, Turkey keeps on being quite hot in this period, and not only for the Summer: several governmental targets have been hits by cyber attacks directly related to the OpTurkey initiative.

Last but not least: you will notice I have added a new column indicating the target country: for the sake of clarity, it refers to the nationality of the targeted organization and not to the geo-location of the targeted IP.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 July 2013 Cyber Attacks Timeline Read more…

About these ads

15-31 May 2013 Cyber Attacks Timeline

And here we are with the second part of the Cyber Attacks Timeline for May (first part here).

The second half of the month has shown an unusual activity with several high-profile breaches motivated by Cyber-Crime or Hacktivism, but also with the disclosure of massive Cyber-Espionage operations.

The unwelcome prize for the “Breach of the Month” is for Yahoo! Japan, that suffered the possible compromising of 22 million users (but in general this was an hard month for the Far East considering that also Groupon Taiwan suffered an illegitimate attempt to access the data of its 4.1 million of customers).

On the cyber-espionage front, the leading role is for the Chinese cyber army, accused of compromising the secret plans of advanced weapons systems from the U.S. and the secret plans for the new headquarter of the Australian Security Intelligence Organization.

On the Hacktivism front, this month has been particularly troubled for the South African Police, whose web site has been hacked with the compromising of 16,000 individuals, including 15,700 whistle-bowlers.

Other noticeable events include the unauthorized access against the well known open source CMS Drupal (causing the reset of 1 million of passwords), the trail of hijacked Twitter accounts by the Syrian Electronic Army and also an unprecedented wave of attacks against targets belonging to Automotive.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

May 2013 Cyber Attacks Timeline Part II Read more…

Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Doxed on Pastebin

March 7, 2012 1 comment

Hacktivists and Information Security Professionals could not believe their eyes while reading the breaking news published by Fox News according to which the infamous Sabu, the alleged leader of the LulzSec collective, has been secretly working for the government for months and played a crucial role for the raids which today led to the arrests of three members of the infamous hacking collective with two more charged for conspiracy.

You will probably remember that the hacking collective which, in its “50 days of Lulz” become the nightmare for System Administrators and Law Enforcement Agencies all over the Globe, suddenly decided to give up, on June the 25th, in a completely unexpected way, leaving their supporters and followers completely surprised, but also leaving the heritage of a name which has become a synonym for hacktivism (also because of their pact with the Anonymous, with whom they are often associated, in the name of the #Antisec movement).

Even after the group left the scene, Sabu has continued to constantly tweet and comment the events through his “official” Twitter account @anonymouSabu, probably a fake or a diversionary tactic, since it looks like that Sabu had already been arrested by the FBI since June, the 7th, more than a couple of weeks before the breakdown of the group,

At that time, the hacking group was hunted by Law Enforcement Agencies and several Grayhats as well (among all @th3j35ter, the A-Team and Web Ninjas whose blog, lulzsecexposed.blogspot.com, unfortunately is no longer available).

Curiously, it looks like that Sabu had already been “doxed” since then. At that time many claimed to have revealed the identity of the members: there was no day without a new pastebin promising to expose new information. But if you have a look at them, they all have only one thing in common, and it is just the identity of Xavier Monsegur (or Montsegur), also known as Sabu. The truth was very close and before everybody eyes: on pastebin.

June, 28th 2011: http://pastebin.com/qmP7R49Y

The real identity of the other members is not still completely known, but for sure it is not a coincidence that no one of the pastebins was able to guess anyone else except Sabu, who hence was the first to be arrested, well before the rest of the group.

School of Hacktivism

March 2, 2012 2 comments

A like Anonymous

There are really few doubts, this is the most (in)famous hacking collective. There is no new day without a new resounding action. They are Anonymous. They are Legion. They do not forgive. They do not forget. Expect Them.

B like Barrett Brown

Considered one of the early members, Barrett Brown is the alleged spokesperson of Anonymous.

C like Chanology (AKA Project Chanology, AKA Operation Chanology)

A protest movement against the practices of the Church of Scientology by Anonymous. The project (or Operation) was started in response to the Church of Scientology’s attempts to remove material from a highly publicized interview with Scientologist Tom Cruise from the Internet in January 2008 and was followed by DDoS attacks and other actions such as black faxes and prunk calls.

D like DDoS

Distributed Denial of Service (abbreviated DDoS) is the preferred weapon by Hackitivsts, since it does not need particular hacking skills and may also be centrally controlled (with a hive mind who define the target). The preferred tool for perpetrating DDoS attacks is LOIC, although next-gen tools are under development.

E like Encyclopædia Dramatica

A satirical open wiki, launched on December 10, 2004 and defunct on April 14 2011. It is considered one of the sources of inspiration for The Anonymous.[1]

F like Fawkes Guy AKA Fawkes Guido

Guy Fawkes (13 April 1570 – 31 January 1606), also known as Guido Fawkes, belonged to a group of provincial English Catholics who planned the failed Gunpowder Plot, a failed assassination attempt against King James I of England. His stylised mask designed by illustrator David Lloyd and used as a major plot element in the “V for Vendetta“ Comic Book, is the symbol for the Anonymous. The failure of the Gunpowder plot has been commemorated in England since 5 November 1605.

Read more…

50 Days of Hunt

July 4, 2011 10 comments
Original Image by Ars Technica

Original Image by Ars Technica

Like the rest of the information security world, I have been impressed enough by the 50 days of Lulz. Even if one agrees with the detractors which claim that, after the first PSN hack, the LulzSec releases are of poor quality, it is unquestionable that the crew of the Lulz boat has contributed to make to the world aware, although with controversial methods and purposes, about the risks of data security. Moreover the list of their targets shows that this applies both to private and public inistitutions: from corporations to governments.

However there is another aspect I was particularly impressed by, and it was the war fought behind the scene between the bad guys (the LulzSec team), and the good guys as two main characters: an ethical hacker former military called @th3j35ter (already known also for hactivism) and a team of web sentinels, who called themselves Web Ninjas).

Since other characters played a primary role in this modern war as well (@on3iroi and a group called the A-Team), making the timeline and the scene of the crime further complicated and intriguing, I tried to collect all the possible information and references in the picture below. The whole story looks like a mix between a spaghetti western in modern sauce with a spy story (probably Hollywood scriptwriters should consider it for a movie).

What was the most impressive aspect according to my personal opinion? For sure the use of social media for intelligence purposes. Have a look at the way the first member of LulzSec Team Nakomis, was unmasked by @th3j35t3r. Is it Social Espionage, isn’t it?


1 http://www.mediaite.com/online/exclusive-gawker-hacker-gnosis-explains-method-and-reasoning-behind-his-actions/
2 http://pastebin.com/iVujX4TR
3 http://www.thetechherald.com/article.php/201106/6785/Report-HBGary-used-as-an-object-lesson-by-Anonymous
4 http://blog.imperva.com/2011/06/lulzsec-profile-who-are-they.html
5 http://lulzsecexposed.blogspot.com/2011/06/profiles.html
6 http://lulzsecurity.com/releases/50%20Days%20of%20Lulz.txt
7 http://www.theatlanticwire.com/technology/2011/06/lulzsec-enemies-list-might-be-its-undoing/39452/
8 http://th3j35t3r.wordpress.com/2011/06/16/quick-n-dirty-just-for-clarification/
9 http://lulzsecexposed.blogspot.com/2011/06/joepie-doxed.html
10 http://lulzsecexposed.blogspot.com/2011/06/barret-brown-doxed.html
11 http://lulzsecexposed.blogspot.com/2011/06/topiary-doxed.html
12 http://lulzsecexposed.blogspot.com/2011/06/sabu-doxed.html
13 http://lulzsecexposed.blogspot.com/2011/06/neuron-and-redacted.html
14 http://pastebin.com/MBEsm5XQ
15 http://pastebin.com/XDXyQ5KQ
16 http://pastebin.com/76TsPHeU
17 http://on3iroi.wordpress.com/
18 http://gawker.com/5816291
19 http://lulzsecexposed.blogspot.com/2011/06/laurelai-doxed.html
20 http://www.local12.com/News/Local/story/Butler-County-Teen-Named-In-International-Hacking/QqKIDb9J-UeDCFRFRmb98Q.cspx

Haul Down the Flag!

June 26, 2011 4 comments

Somewhat unexpected after 50 days of, apparently unstoppable chaos, the LulzSec Hacker group decided to haul down the flag of war and navigate to calmer shores, in which they will likely not attack other vessels in the sea of ​​Internet.

The alleged dissolution of the group, leading the cyber-attacks at the CIA, U.S. Senate, Nintendo, Sony, SOCA, NATO and others, was announced in a statement, entitled 50 days of lulz in which the group has taken responsibility for the events, reviving the glory days of the AntiSec Movement, while claiming not to be permanently tied to the identity of LulzSec.

For the past 50 days we’ve been disrupting and exposing corporations, governments, often the general population itself, and quite possibly everything in between, just because we could. All to selflessly entertain others – vanity, fame, recognition, all of these things are shadowed by our desire for that which we all love. The raw, uninterrupted, chaotic thrill of entertainment and anarchy. It’s what we all crave, even the seemingly lifeless politicians and emotionless, middle-aged self-titled failures. You are not failures. You have not blown away. You can get what you want and you are worth having it, believe in yourself.

Probably this decision was also a consequence of the increasing attention attracted by the group, not only by CIA and FBI (which arrested an alleged 19 years old member of the group, Ryan Cleary, whose real involvement however, is yet to be shown), but also by other hackers: @th3j35t3r, @On3iroi, Web Ninjas and Warv0x (who hacked PBS a second time, just to show that “…LulzSec are just a bunch of script kiddies…”. Against those, in the last days, LulzSec was fighting a war with no holds barred, as in a modern cyberversion of a spaghetti western: on one side the so called good guys trying to unmask the identity of the bad guys with IRC logs leakages, DDOS attacks and anti-LulzSec PHP scripts; on the other side the bad guys claiming the futility of enemy attacks, their poor detective capabilities, and also their “horrible coding” (read this pastebin with the LulzSec fixed version of the PHP script used to scan their domains). At this link the possibile identities of the LulzSec members.

As their last goodbye the LulzSec released a final torrent with data taken from AOL, AT&T, NATO & others.

The motivations of the group can be shared or not, but one thing is certain: the ease with which classified information has been leaked should make us think ….

Follow

Get every new post delivered to your Inbox.

Join 3,172 other followers