US/1 - FLASH
- PC World - June 15, 2011 12:46pm EST
LulzSec Call-In Line Taking Hacking Requests
With almost 150,000 Twitter followers, hacker group LulzSec certainly has a higher profile than it did a few weeks ago—so much so that it is now taking requests.
The group has opened a call-in line, where it will field suggestions for hacking targets. Don't like a particular company? Leave a message with LulzSec and the group might hack into its database and post damaging information on the Web.
"Now accepting calls from true lulz fans—let's all laugh together at butthurt gamers. 614-LULZSEC, accepting as many as we can, let's roll," the group tweeted yesterday.
On its blog, security firm Sophos asked readers if they were amused or disgusted by LulzSec's hacks, and the results thus far are split. About 40 percent (or 597 votes) of people said the group is funny and is making a serious point about security, while 43 percent (or 652 votes) said no, they're not amusing and hacking into companies or launching DDoS attack are no laughing matter. Another 17 percent (or 259 votes) found LulzSec amusing, but did not approve of what the group was doing.
As Sophos has noted before, LulzSec does not "appear to be motivated purely for the group's own entertainment." LulzSec apparently agrees. When it hacked into the Senate.gov database, the group said it was a "small, just-for-kicks release" of internal data.
The authorities have not yet spoken publicly about LulzSec, though they are likely investigating. As Sophos also pointed out after the Senate hack, such activity could result in five to 20 years in prison under the Computer Fraud and Abuse Act, if convicted.
Update: LulzSec is now reporting that it is forwarding its call-in number to the customer support lines of various businesses, including magnets.com and World of Warcraft. "Our number literally has anywhere between 5-20 people ringing it every single second. We can forward it anywhere in the world. Suggestions?" the group tweeted.
For more from Chloe, follow her on Twitter @ChloeAlbanesius.
By: Phil Leggiere
06/15/2011 (12:00am)
The need to pass comprehensive cyber security legislation is more urgent than ever," Sen. Susan Collins (R-Maine) said in a statement Tuesday, following news of a prank cyberattack on the United States Senate website, the latest in an escalating series of malicious attacks on high-profile government and commercial computer systems.
On Monday Martina Bradford, the deputy sergeant at arms of the United States Senate, had acknowledged that an attack had been made over the weekend on the Senate’s Senate.gov website.
Bradford said the breach had not compromised any individual senator's information and that hackers had not gotten behind a firewall into a more sensitive portion of the network.
"Although this intrusion is inconvenient, it does not compromise the security of the Senate's network, its members or staff," Bradford said in a statement. "Specifically, there is no individual user account information on the server supporting Senate.gov that could have been compromised."
The hacker group Lulz Security, a group made up of former members of the hacker organization Anonymous, which last winter conducted hacker attacks in support of the whistleblower website Wikileaks, took credit for the Senate attack, stating on its website that "We don't like the US government very much, Their sites aren't very secure.
“In an attempt to help them fix their issues, this is a small, just-for-kicks release of some internal data from Senate.gov," Lulz added in a release, "Is this an act of war?”
Over the past several weeks Lulz Sec has also claimed credit for attacks on the computers of PBS.com, Sony Corporation and the Federal Bureau of Investigation (FBI) software affiliate InfraGard.
On May 29, in response to a PBS Frontline documentary it viewed as excessively critical of WikiLeaks Lulz Security cracked PBS. com’s servers, posting thousands of stolen passwords, and adding a fake news story to a network news blog.
In a Twitter feed the following day the group linked to several pages displaying information it had stolen in the hack, along with text reading, “All your base belongs to Lulzsec.” The title of the page was “Free Bradley Manning."
The group additionally has claimed to have over 200,000 gamer usernames stolen from Bethesda Software in another hack, information we it said may subsequently be released publically, as well as publishing the user database of an FBI information sharing program, Fox News, and source code to another Sony Web property.
Lulz Security’s activities have not been the only high-profile instances of cyberattacks.
Last weekend in an attack which was apparently more sophisticated and deep seated than those of Lulz Security, hackers broke into the International Monetary Fund's computer system. The IMF hack resulted in the loss of a “large quantity” of data, including documents and e-mails, according to a person familiar with the incident, a security expert who declined to be identified because he wasn’t authorized to speak on the subject. This year, the Group of 20 and Oak Ridge National Laboratory have also come under cyber-attack.
None of the origins of these attacks have been conclusively discovered.
Last month the Obama administration proposed sweeping cybersecurity legislation, which would streamline existing laws and policies on cybersecurity nationwide, including “clarifying the penalties for computer crimes, synchronizes them with other crimes, and sets mandatory minimums for cyber intrusions into critical infrastructure.”
In a YouTube video posted last weekend the hacker group Anonymous said it plans to target the Federal Reserve with a distributed denial-of-service (DDoS) attack designed to shut down the agency's Web site in a protest dubbed Operation Empire State Rebellion aimed against Federal Reserve chairman Ben Bernacke.
“I am concerned, but not surprised, by the volume of prominent attacks we are seeing,” Congressman Jim Langevin, (D-RI), Ranking Member of the Emerging Threats and Capaiblities subcommittee told HSToday.us. “Unfortunately, they are minor when compared to the potential economic and physical damage we could experience if we don’t move swiftly to set strong security standards across our government and for the critical infrastructure that operates our power grid, water plants, financial sector and other vital systems.”
FULL ARTICLE:
http://www.hstoday.us/briefings/today-s-news-analysis/single-article/offshoot-of-anonymous-claims-responsibility-for-hacking-senate-website/cd41ca621df155114418bebbfbfe72b8.html