LOIC Alternative RefRef Ready In Time for #OccupyWallStreet

We have all heard about the Low Orbit Ion Cannon a deceptively powerful, yet quite simple tool for bombarding a server with meaningless data until all its resources are used to answer the bombarding queries instead of serving pages, commonly known as a Denial of Service (DoS) attack. Now, Anonymous has developed its own DoS tool, calling it RefRef.

800px-Anonymous_at_Scientology_in_Los_Angeles

RefRef was developed to assist the setup of #OccupyWallStreet, that will begin September 17, at noon at the famous financial district of New York City. Peaceful protesters will set up tents, kitchens and peaceful barricades and occupy the entire district for a few months.

On September 17, we want to see 20,000 people flood into lower Manhattan, set up tents, kitchens, peaceful barricades and occupy Wall Street for a few months. Once there, we shall incessantly repeat one simple demand in a plurality of voices.

(This one simple demand is still under vote, with Revoke Corporate Personhoodleading)

demands

The expected number of campers is around 20,000. However, considering a similar protest that was done earlier at the same venue where protesters were spurned away by the police, only tomorrow will tell us what the real number of protesters there will be.

RefRef will be released at noon on September 17th along with the start of #OccupyWallStreet.

Anonymous Decides to Take Down Facebook on November 5, but Not Everybody is Joining In

Facebook is notorious for its confusing privacy settings and for the way it handles personal data of its users. It changes privacy settings too often and the matters with Facebook privacy are so volatile, they are nothing less than annoying.

In response to Facebook’s outlook towards its users, a few members from the hacker collective Anonymous have decided to take down Facebook on November 5 as declared in OP_Facebook. This is their Vendetta-style justice for all of Facebook’s wrongdoings. You can see the YouTube video with a message announcing Operation Facebook.

facebook-logo

The video claims that Facebook sells our personal information to government agencies and information security firms. It also names two governments in the message, one being Syria. This did not surprise me, as the website of the Syrian defense ministry was defaced a few days ago, and its contents replaced with a message from Anonymous.

Now, some things are clear from this YouTube video. The video is of inferior quality than what we are used to seeing from Anonymous. This means that either it is a prank, or it is from a much smaller sub-section of Anonymous, which will not draw support from the rest of them.

The YouTube account holding the video was created on July 16, as was the Twitter account for OP_Facebook. Moreover, the attack date of 5 November 2011 is nearly three months from now. Anonymous would never give a three-month notice. The Anonymous I knew would never lose its flair doing this!

The YouTube video does not sound like it really came from Anonymous, which talks in a very different tone than this one. This seems to be a big hoax and there is a good chance that Facebook might not face demise on November 5. For a service as widely distributed as Facebook, it would require all the Anonymous members to launch an attack and this OP_Facebook is a fail even before it will start. Perhaps, the AnonOps Twitter Account spoke for the better half of Anonymous (not participating) when they said,

We prefer to face the real power and not to face to the same medias that we use as tools.  #OpFacebook  #Anonymous

The message posted in this YouTube video is the views of only a few Anonymous members and the larger Anonymous does not seem to support the cause fully. If anything is interesting in this entire fiasco, it is Guy Fawkes Night.

Update: Gawker claims this video to be one of the remnants of the real OP Facebook, which was launched earlier this year, and abandoned later in July.

UK Police Identifies Topiary as Jake Davis, Both LulzSec and Topiary Twitter Accounts Silent For Now

A few days ago, LulzSec made a comeback with its parent group Anonymous for  #OpPayPal  against PayPal. It also shot Lulz cannons against Mudroch and his News Corp, and released confidential documents relating to FBI contractor  ManTech International. ManTech International also does business with the USAF, NSA, Marine Corps and the Defense Intelligence Agency.
antisec-lulzsec
LulzSec made a comeback, but is anyone here impressed? For instance, Kaushik had this to say  about LulzSec.

Considering the little amount of mayhem that LulzSec caused and the disproportionately high amount of chest thumping they gave themselves, they always seem to be on the threshold of quitting.

I will not delve into how much everyone hates LulzSec. With the arrest of Topiary, the Lulz boat has lost its Jack Sparrow. Topiary was the showstopper and public face  of LulzSec. After his arrest, LulzSec has not spoken in its official Twitter account. Although his participation in the recent hacks was not remarkable, he held an important position in the group.

Topiary was also a part of Anonymous. Days before his arrest, his Twitter account was wiped clean and only one tweet remained-

You cannot arrest an idea.

After the arrest on Wednesday, the Metropolitan Police are confident they have the right man. Although, the arrested Jake Davis does not match with earlier speculated details (of him being Swedish and 23 years of age), but the Metropolitan Police department is going ahead with the prosecution. Jake Davis will appear in court tomorrow.

Anonymous Strikes, Releases Confidential Documents Belonging to FBI Contractor ManTech International

Anonymous, working together with LulzSec and other hackers, has struck again. As a part of its Operation Antisec, Anonymous has released close to 400 megabytes of documents belonging to FBI contractor ManTech International. Ironically enough, ManTech proudly claims to specialize in tackling some of the most challenging cyber security problems facing our nation.

In the recent past, Anonymous and LulzSec have been actively targeted by law enforcement agencies around the world. FBI alone arrested 16 suspected Anonymous members earlier this month. In response, Anonymous has continued to strike high profile targets such as defense contractor Booz Allen Hamilton and NATO.

The documents leaked by Anonymous include everything from photographs to income statements and strategic plans. Last year FBI had outsourced its cyber security responsibilities to ManTech for $100 million. However, it’s not the sole federal agency that is served by ManTech. National Security Agency, U.S. Navy, Air Force, Army, Marine Corps, and Defense Intelligence Agency are some of the other esteemed clients of ManTech. In fact, an overwhelming proportion of the leaked documents pertain to NATO. ManTech was also possibly chosen because of its involvement in the planned smear campaign against WikiLeaks (dubbed Operation MetalGear), along with HBGary.

Anonemous-FBI-ManTech
ManTech’s Official Response

It’s unclear exactly how much the recent spate of arrests has hurt Anonymous. Earlier this week, UK Police claimed to arrest Topiary, one of the major forces behind LulzSec. However, recent reports suggest that the law enforcement agencies might have been carefully and intentionally mislead into arresting the wrong person. However, one thing that is clear is that Anonymous doesn’t have any intention of giving up.

Anonemous-FBI-ManTech
#Antisec Release

Anonymous & LulzSec Tell FBI To Go Fish

Over the past couple of days the FBI has been making arrests in and around New York City with regards to the PayPal breach carried out by Anonymous back in December 2010. Over 14 people were arrested on Tuesday and several more searches are underway.

Back in December 2010, Anonymous had attacked PayPal because they had stopped or closed down accounts of . The shutdown was done because of the leak of classified U.S. documents by Wikileaks. After the PayPal breach, Anonymous continued destructing several other websites including those of MasterCard and Visa.

Also Read: Editorial: LulzSec, AntiSec and Why the Internet is a Sadder Place Now

The FBI had been on trail of suspects since a long time, but they final managed to make some arrests after almost 8 months. However, the arrests have hardly shaken Anonymous and the recently notorious LulzSec, who have grown in popularity over the past few months and had also recently attacked Rupert Murdoch’s newspapers because of the phone hacking scandal.

In a open letter to the FBI, Anonymous and LulzSec have basically asked the FBI to F*** Off. The response came after the deputy assistant FBI director Steven Chabinsky gave the following statement to NPR;

"We want to send a message that chaos on the Internet is unacceptable,  [even if] hackers can be believed to have social causes, it’s entirely  unacceptable to break into websites and commit unlawful acts."

The hacktivists replied to this message by arguing that Governments are lying to their citizens and trying to keep them into control and curtailing their freedom. Along with that, Corporations and lobbyists are conspiring with the Governments while collecting billions in funds for federal contracts.

They have also clearly stated that the "governments and corporations are their enemy" and they will continue to fight them. Additionally, Anonymous and LulzSec seem to have no fear in this world anymore and are claiming to be unstoppable;

We are not scared any more. Your threats to arrest us are meaningless to us as you cannot arrest an idea. Any attempt to do so will make your citizens more angry until they will roar in one gigantic choir. It is our mission to help these people and there is nothing – absolutely nothing – you can possibly to do make us stop.

This is definitely a direct attack on the FBI and their security and will ensure a cat-and-mouse game between the government and the hacktivists. It is definitely not the end and the authorities will have to fight a painful battle on the internet against people they might never be able to catch.

Also Read: LulzSec Takes Down CIA.gov Website, Forwards Prank Calls to FBI

The drama is yet to unfold. The next few months or years will show how this will pan out and who will win the battle. In the meantime, you can read the entire Anonymous & Lulz Security Statement below:

Hello thar FBI and international law authorities,

We recently stumbled across the following article with amazement and a certain amount of amusement:

http://www.npr.org/2011/07/20/138555799/fbi-arrests-alleged-anonymous-hackers

The statements made by deputy assistant FBI director Steve Chabinsky in this article clearly seem to be directed at Anonymous and Lulz Security, and we are happy to provide you with a response.

You state:

  "We want to send a message that chaos on the Internet is unacceptable,   [even if] hackers can be believed to have social causes, it’s entirely   unacceptable to break into websites and commit unlawful acts."

Now let us be clear here, Mr. Chabinsky, while we understand that you and your colleagues may find breaking into websites unacceptable, let us tell you what WE find unacceptable:

* Governments lying to their citizens and inducing fear and terror to keep them in control by dismantling their freedom piece by piece.

* Corporations aiding and conspiring with said governments while taking advantage at the same time by collecting billions of funds for federal contracts we all know they can’t fulfil.

* Lobby conglomerates who only follow their agenda to push the profits higher, while at the same time being deeply involved in governments around the world with the only goal to infiltrate and corrupt them enough so the status quo will never change.

These governments and corporations are our enemy. And we will continue to fight them, with all methods we have at our disposal, and that certainly includes breaking into their websites and exposing their lies.

We are not scared any more. Your threats to arrest us are meaningless to  us as you cannot arrest an idea. Any attempt to do so will make your citizens more angry until they will roar in one gigantic choir. It is our mission to help these people and there is nothing – absolutely nothing – you can possibly to do make us stop.

  "The Internet has become so important to so many people that we have to ensure that the World Wide Web does not become the Wild Wild West."

Let me ask you, good sir, when was the Internet not the Wild Wild West? Do you really believe you were in control of it at any point? You were not.

That does not mean that everyone behaves like an outlaw. You see, most people do not behave like bandits if they have no reason to. We become bandits on the Internet because you have forced our hand. The Anonymous bitchslap rings
through your ears like hacktivism movements of the 90s. We’re back – and we’re not going anywhere. Expect us.

Apple Hacked. 27 Administrative Account Stolen

While the infamous hacking group LulzSec are done with their 30-days long campaign creating a havoc by hacking into several government and corporate websites, a new group of hackers who call themeselves “AntiSec”, are claiming to have hacked into one of the Apple’s servers using an SQL injection.

According to reports, it is expected that the group includes hackers from both Anonymous and LulzSec Security. Anonymous tweeted that they hacked one of the Apple servers and managed to steal 27 usernames and passwords. The document wih usernames, password and the server link was posted on Pastebin.

Apple Hacked by AntiSec

The hackers gained access to Apple’s severs due to a security falw in Apple’s software that is used by the Cupertino, California based gadget maker and other companies. However, the hacker group stated that they are focused elsewhere and there is nothing to worry about Apple as of now, but it could be target in the near future.

AntiSec posted that they managed to steal username and password from this server:

http://abs.apple.com:8080/ssurvey/survey?id=

The hacked Apple’s servers is used for conducting technical support follow-up surveys. Currently the server is temporarily down: http://abs.apple.com/fsurvey/survey.html?l=en

Apple was earlier hacked by LulzSec during their month-long campaign. LulzSec posted that it had “mapped Apple’s internal network, thoroughly pillaging all of their servers, grabbed all their source code and database passwords,  which we proceeded to shift silently back to our storage deck.”

Some weeks ago, we smashed into the iCloud with our heavy artillery Lulz Cannons and decided to switch to ninja mode. From our LFI entry point, we acquired command execution via local file inclusion of enemy fleet
Apache vessel. We then found that the HTTPD had SSH auth keys, which let our ship SSH into other servers. See where this is going?

However, Apple has not yet confirmed the breach and we are not sure if these claims are true.

New Group “LulzSec Brazil” Takes Down Brazilian Government Portal

A new branch of LulzSec group called “LulzSec Brazil” has targeted and attacked the Brazilian Government portal and the homepage of the President of Brazil. The two websites, Brasil.gov.br and Presidencia.gov.br are currently down and unreachable.

Brazilian Government Portal Attack

LulzSec Brazil claimed the attack by updating their Twitter timeline. The LulzSec Brazil group was started on June 19 and had promised that if they got more than 1,000 followers on Twitter, then they would attack and invade Brazil’s government portal.

LulzSecBrazil Attack Brazil Govt Website

LulzSec Brazil currently has more than 1,200 followers on Twitter.

According to Anonymous, the new Brazalian branch is part of the Anonymous and LulzSec operation called “AntiSec”. An video from Anonymous said:

We encourage defacement’s of the enemies websites, and use of the word antisec on any and every website or pro censorship group. Any exposed intelligence the enemy decides to withhold from us, should be brought to light. It’s time to show the corrupt governments of the world that they have no right to censor what they do not own.

Watch the video released by Anonymous:

According to LulzSec’s tweet, the next step they would take is to release AntiSec documents in coming days.

LulzSec AntiSec

Few days back, LulzSec attacked CIA website CIA.gov.

While LulzSec is Enjoying 211,000+ Twitter Followers, Someone is Watching Over Them

LulzSec started out as the self-appointed online vigilance  commission. Now, it has replaced Anon as the next organized hacker group taking down websites. Anonymous suffered a  rift over leadership issues and went MIA. The Anon era might be past but its members and competitors are still out there and the most popular one of them  th3j35t3r is not happy at LulzSec. LulzSec has pissed off almost everyone by now.

anon-lulzsec

You all might remember  th3j35t3r as the guy who was taking down WikiLeaks a few days back. The same  th3j35t3r  is blowing their cover as it can be seen in  this Blogspot blog. He has published their chat logs from inside the IRC channels and has even gone so far as to expose some of those LulzSec members. The blogspot blog in question has entire conversations put up from IRC channels. As you read up the posts, you will numerous find individual profiles at the end of the blog as well with photographs and home addresses.

Clearly, no one finds the LulzSec lulzworthy anymore. They are trying desperately to cover their tracks with obvious methods, like encrypting drives and using Virtual private networks to stay behind closed doors. Let us see how far this level of anonymity works for them.

Another interesting observation in the expose is  Barrett Brown  of the (supposed) members of LulzSec who is a writer at Vanity Fair, Huffington Post and Onion. My understanding is that he is not really a LulzSec member and came into the crossfire when researching on something to write. Maybe he was just watching over the IRC like  th3j35t3r. Whether this is  th3j35t3r or not is well doubted but this blog makes one thing clear. LulzSec is a ruthless group hated by its own kind and pretty much everyone by now. You can follow this reddit discussion for continuous updates.

 

Private Browsing In Firefox For Android

Yes, you now have the right to browse privately on your Android phone with Firefox Beta. Firefox has introduced the “Do Not Track” feature in their latest build for Android. It is the first mobile Web browser to offer the “Do Not Track” privacy feature.

The Do Not Track feature gives more control to users over the way their browsing history is tracked and used online. The feature behaves just like private browsing and enables users to tell websites if they prefer to stay anonymous or not.

Do Not Track - Firefox for Android

To enable the feature, open Settings and click on the button that says Tell sites not to track me. Once you’ve enabled the Do Not Track feature, you can test it by using  Microsoft’s Do Not Track Test Page.

Firefox Beta for Android is available for download from the Android Market. Download the browser and test the next version of Firefox on your phone.

The update also includes some speed improvements and better compatibility with the SwiftKey keyboard for Android.

Anon Rift Kills Itself, AnonOps IRC is Going Down, it is Owen vs. Ryan Full On

When on one hand Anon fights Sony and other corporates with their DDoS attacks, it is also fighting an internal war for leadership and control. AnonOps was the very control center of Anon, with all instructions and operations being directed from this IRC channel. Ryan, who was also assuming control as the top-level management at Anon was a moderator at the IRC channels.

This incident marks a clear rift in Anon. On one hand where there is a group of hackers who accept anyone wanting to fire up a LOIC and join in hacks while on the other hand, there is a closed faction consisting of uber hackers, who do not want to have anything to do with noobs.

anonymous-logo

The rift got bigger and now, Ryan is attacking AnonOps. Ryan has a significant amount of control over Anon as all AnonOps domains are registered in his name. He is also one of the mods on the AnonOps IRC channels that read “anonops dead go home” now. AnonOps might not be the only place where Anon meets, but it was their hot action center until now.

Though, while Ryan was taking down AnonOps with a DDoS himself, those on the AnonOps IRC were discussing plans to break free and go rouge. The democratic leaders at Anon have released a statement on Ryan’s actions saying,

We regret to inform you today that our network has been compromised by a former IRC-operator and fellow helper named “Ryan”. He decided that he didn’t like the leaderless command structure that AnonOps Network Admins use. So he organised a coup d’etat, with his “friends” at skidsr.us . Using the networks service bot “Zalgo” he scavenged the IP’s and passwords of all the network servers (including the hub) and then systematically aimed denial of service attacks at them (which is why the network has been unstable for the past week). Unfortunately he has control of the domain names AnonOps.ru (and possibly AnonOps.net, we don’t know at this stage) so we are unable to continue using them.

Anon is struggling internally for conflict of interest and trust issues. What happens behind those closed doors, stays well behind closed doors. We can speculate all we want. However, one thing is clear from here. Ryan is fighting Owen for leadership and control and this is breaking up Anon, exposing it pretty badly in the process.

You can head over to this self-explanatory website for the complete ego-clash logs. The (probable) story from AnonOps is told here.