Looks like The Sun has been hacked. The News Corp-owned UK newspaper’s website is currently redirecting to another domain (http://www.new-times.co.uk/sun/) which lands on a big, screaming headline: "Media moguls body discovered.“ At the bottom: "Lulz."
The (untrue!) story goes:
Rupert Murdoch, the controversial media mogul, has reportedly been found dead in his garden, police announce.
Murdoch, aged 80, has said to have ingested a large quantity of palladium before stumbling into his famous topiary garden late last night, passing out in the early hours of the morning.
"We found the chemicals sitting beside a kitchen table, recently cooked,” one officer states. “From what we can gather, Murdoch melted and consumed large quantities of it before exiting into his garden.”
No word yet from The Sun, whose twitter account most recently tweeted, “Oh shizzle,” before pointing towards a story about Snoop Dogg. But Lulz Security, the group that’s famously hacked PBS, Sony, and the CIA over the past few months appears to be taking credit. Just 20 minutes ago they tweeted, “The Sun’s homepage now redirects to the Murdoch death story on the recently-owned New Times website. Can you spell success, gentlemen?” And you thought they’d disbanded.
What does LulzSec want? Hack of Arizona computers offers clues
The hackers known as LulzSec, who have recently brought down websites for the CIA and US Senate with the panache of merry pranksters, selected a new target Thursday night, and in the process offered a glimpse into the mysterious group’s possible motivations.
In breaking into computers belonging to the Arizona Department of Public Safety and releasing internal documents detailing law-enforcement activity in the state, LulzSec seemed to leave no doubt about why Arizona was on its hit list.
“We are targeting AZDPS specifically because we are against SB1070 and the racial profiling anti-immigrant police state that is Arizona,” the group said in a statement, referring to the controversial Arizona law, currently under legal review, that forces police officers to ask for immigration papers of people they think might be illegal immigrants.
Such overt politics marked a sharp departure from the past for Lulz Security Group, which has gained renown in the hacker world for its devil-may-care attitude toward high-profile targets.
On its website, the group has so far posted thousands of e-mails and other electronic files the group claims belong to nearly a dozen business and government sites including Sony, PBS, Fox, and InfraGard, a public-private partnership with the Federal Bureau of Investigation. It has also taken credit this month for defacing or temporarily blocking access to public websites belonging to the Central Intelligence Agency and the United States Senate
Along the way, it has had some fun. Sporting a Viking ship logo it calls “The Lulz Boat,” a theme song, and the tag line, “Laughing at your security since 2011!” the group claims to be altruistically raising security awareness and doing what it does “for the laughs.” The term “Lulz” is hacker lingo for “laughs.”
Even before Thursday, however, there had been indications of possible political overtones in LulzSec’s stated motivations, experts who study the groups say. LulzSec now claims to be allied with a larger Internet group, dubbed Anonymous, that has attacked websites of groups it deems to have curbed Internet or political freedom, including MasterCard, Visa, and Paypal. Anonymous has also attacked Middle Eastern government sites in Tunisia, Egypt, and elsewhere in support of the “Arab Spring” uprisings.
The Arizona hack further delineates LulzSec’s philosophical justifications. The unveiling of hacked documents from Arizona law enforcement was part of what the group calls its new “Operation Anti-Security.” The intent is to embarrass law-enforcement agencies and private-security contractors by exposing the lack of security on their websites and computer systems.
Arizona documents on the hacker site are described by LulzSec as dealing with “border patrol and counter-terrorism operations and describe the use of informants to infiltrate various gangs, cartels, motorcycle clubs, Nazi groups, and protest movements.” A number of documents are marked as “law enforcement sensitive,” “not for public distribution,” and “for official use only.”
Though many of the documents are mundane, some include candid comments about operations and relations with Mexican authorities on anti-drug operations. Arizona Department of Public Safety Spokesman Capt. Steve Harrison acknowledged the intrusion and said the documents posted online appear genuine.
“At this point, it appears to be the e-mail accounts of seven officers and documents that were attachments or on the hard drive of a computer they all used to access e-mail,” he said. “There will be an investigation into what happened and who did this and appropriate criminal charges will be filed.”
The People’s Record News Update: This week in cyber-activism February 27, 2013
Bahrain bans ‘Anonymous’ Guy Fawkes mask
The Guy Fawkes mask – which has come to represent a universal symbol of protest – has been banned in Bahrain. The move is the latest in a series of measures implemented by the Gulf state to quell a two-year pro-democracy uprising.
A ban on orders of the mask – which was popularized by the 2005 Hollywood adaption of the comic book ‘V for Vendetta’ – has been ordered by the Gulf kingdom’s Industry and Commerce Minister, Hassan Fakhro.
DOJ ‘admits’ to targeting Aaron Swartz over his activism
Aaron Swartz’s past activism and ‘Guerilla Open Access Manifesto’ played a part in his prosecution, sources told US media. Prosecutors pursued him even though he had not yet leaked anything, as his manifesto ‘proved his alleged malicious intent’ in downloading documents on a massive scale says Justice Department representatives.
“Some congressional staffers left the briefing with the impression that prosecutors needed to convict Swartz of a felony that would put him in jail for a short sentence in order to justify bringing the charges in the first place,” Huffington Post reported, citing two aides with knowledge of the briefing.
Swartz’s actions were criminalized by the government just because he was an “effective advocate of policies contrary to their views,” human rights lawyer Scott Horton told Mashable.
“Apparently, the DOJ thought it was a reason to throw the book at Swartz, even if he hadn’t actually made any such works available,” Masnick wrote.
The digital library itself has earlier stated it received confirmation from Swartz “that the content was not and would not be used, copied, transferred, or distributed.”
Amid wide public concern over Swartz’s case, the White House issued a directive expanding access to publicly funded scientific research. Last week’s directive was hailed by Open Access supporters as a major victory in a fight in which Swartz took an active part.
US Internet providers start spy program to stop file-sharing
Starting this week, Internet Service Providers will start throttling connection speeds for customers alleged to be pirating copyright-protected materials.
Months after a controversial “six-strike” program was slated to be rolled out by the biggest ISPs in the United States, the Copyright Alert System (CAS) confirmed on Monday that the initiative has gone live.
Google is in hot water once again after application developers have discovered that the Silicon Valley giant is sharing its users’ personal information without obtaining their consent.
Non-profit advocacy group Consumer Watchdog has sent a letter to the United States Federal Trade Commission that implores for the FTC’s Bureau of Consumer Protection to intervene in the latest goof-up courtesy of Google.
The FBI is inside Anonymous: Hacker Sabu has sentencing delayed again for helping the feds
The former LulzSec hacker that turned in his colleagues to the FBI will forego sentencing for another six months while he continues to assist the government in catching supposed computer criminals.
Hector Xavier Monsegur, the man behind the hacker alias “Sabu,” was absent from federal court on Friday despite previously being scheduled to appear for sentencing that morning in regards to the 12 criminal charges he pleaded guilty to in mid-2011.
On Monday, the leaking website Cryptome published a copy [.pdf] of a request from the US Attorney’s Office for the Southern District of New York’s in which the court is asked to adjourn Monsegur’s sentencing date until August 23, 2013 “in light of the defendant’s ongoing cooperation with the Government.”
The statements made by deputy assistant FBI director Steve Chabinsky in this article clearly seem to be directed at Anonymous and Lulz Security, and we are happy to provide you with a response.
“We want to send a message that chaos on the Internet is unacceptable, [even if] hackers can be believed to have social causes, it’s entirely unacceptable to break into websites and commit unlawful acts.”
Now let us be clear here, Mr. Chabinsky, while we understand that you and your colleagues may find breaking into websites unacceptable, let us tell you what WE find unacceptable:
Governments lying to their citizens and inducing fear and terror to keep them in control by dismantling their freedom piece by piece.
Corporations aiding and conspiring with said governments while taking advantage at the same time by collecting billions of funds for federal contracts we all know they can’t fulfil.
Lobby conglomerates who only follow their agenda to push the profits higher, while at the same time being deeply involved in governments around the world with the only goal to infiltrate and corrupt them enough so the status quo will never change.
These governments and corporations are our enemy. And we will continue to fight them, with all methods we have at our disposal, and that certainly includes breaking into their websites and exposing their lies.
We are not scared any more. Your threats to arrest us are meaningless to us as you cannot arrest an idea. Any attempt to do so will make your citizens more angry until they will roar in one gigantic choir. It is our mission to help these people and there is nothing - absolutely nothing - you can possibly to do make us stop.
“The Internet has become so important to so many people that we have to ensure that the World Wide Web does not become the Wild Wild West.”
Let me ask you, good sir, when was the Internet not the Wild Wild West? Do you really believe you were in control of it at any point? You were not.
That does not mean that everyone behaves like an outlaw. You see, most people do not behave like bandits if they have no reason to. We become bandits on the Internet because you have forced our hand. The Anonymous bitchslap rings through your ears like hacktivism movements of the 90s. We’re back - and we’re not going anywhere. Expect us.
As Michele Bachman might say, these folk have “choots-pah”.
Understanding the stunning LulzSec hacker bust: Authorities in the U.S., Britain, and Ireland brought charges against five hackers from the hackers group LulzSec, which is allegedly responsible for a raft of computer attacks that have robbed personal data from more than a million people and cost companies billions of dollars. And in a remarkable twist, the group was brought down by its own leader, known in the hacking world as “Sabu.” (After being arrested last June, Sabu agreed to cooperate with the FBI.) “This is devastating to the organization,” an FBI official tells Fox News. “We’re chopping off the head of LulzSec.” Here’s what you should know about this “stunning” case:
What exactly is LulzSec? The group — known more formally as Lulz Security — is an offshoot of the global hacking collective Anonymous. The groups are intertwined, with overlapping membership. They have no clear ideological agenda, though they support various causes that seek to undermine state institutions and big businesses. Both groups, for example, are strong allies of WikiLeaks. LulzSec has an impish streak, with a reputation for making trouble for the sheer anarchic pleasure of it.
What is LulzSec accused of doing? LulzSec and Anonymous have allegedly hacked the computer systems of numerous companies, institutions, and governments. Alleged corporate targets include Fox News, Sony, PBS, Visa, Mastercard, and PayPal. The hackers have also allegedly attacked the FBI and the U.S. Senate, as well as federal contractors with sensitive cybersecurity information. The governments of Zimbabwe, Yemen, Algeria, and Tunisia have also been apparent victims. In December, the hackers allegedly breached the intelligence firm Stratfor, unlocking the names, email addresses, and credit-card information of its clients. In February, WikiLeaks released emails taken from the Stratfor hack.
LulzSec goes after Arizona law enforcement: They said they did so because of SB1070, a.k.a. last year’s controversial immigration law. This release, which certainly has shades of Wikileaks, seems like the motherlode compared to some of their other releases — training materials, confidential e-mails, intelligence bulletins and so on — you know, pretty much a primer on how law enforcement conducts itself in the state. Damn. And you thought the CIA hack was a big deal. Compared to this, it’s small potatoes.
If you’re looking for the biggest breaches of the year in terms of
numbers affected, you can find them over on DataLossDB.org or in
others’ reviews. Certainly there were some really big breaches this
year, but those were not necessarily the worst, in my opinion. So
here’s my short list of the year’s worst breaches involving personally
identifiable information. In chronological order:
1. The HBGary Federal hack.
I don’t claim to be a security expert, but if you’re making the claim,
then having your server successfully attacked and all your
professional correspondence exposed on the webshould be seriously
embarrassing. Not only should HBGary Federal have been embarrassed,
but the February attack also exposed – and brought into negative
public light – a well-known law firm. From a public relations
standpoint, this breach was an in-your-face and up-your-left nostril
attack that should have put everyone on notice that both data security
and the collective known as Anonymous needed to be taken more
seriously. In terms of immediate impact, after the firm’s emails
became public, the Chamber of Commerce and Bank of America cut all
ties with HBGary. Two other firms that had collaborated with them –
Berico Technologies and Palantir – also cut ties with them. By the
end of the year, however, HBGary CEO Gary Hoglund said that the breach
had actually helped their business. Good for them, but not so good for
2. Texas Comptroller’s Office web exposure incident.
In April, Texas Comptroller Susan Combs reported that thepersonal
information of 3.5 million people had been accidentally disclosed on
the web personal information of 3.5 million people had been
accidentally disclosed on the web for quite a while – including Social
Security numbers, dates of birth and other personal information. No
hack necessary to get a goldmine of information for identity theft.
Talk about shooting yourself in the foot…
3. The Arizona Department of Public Safety hack.
A hack by LulzSec in June also makes my list of worst breaches of the
year. In apolitically motivated attack that presaged other “AntiSec”
or political attacks, the hackers released personal information on
members of Arizona law enforcement and their families. For the rest
of the year, releasing personal information on employees and their
families became almost routine, despite the fact that the hackers
occasionally recognized that calling the exposure of innocent
uninvolved people “collateral damage” was not particularly acceptable
to many members of the public.
4. The stolen SAIC/TRICARE backup tapes.
There were some massive health care sector breaches this year, but the
SAIC breach was particularly bad for a few reasons. Unencrypted
backup tapes with medical data on 5.1 million members of the military
and their dependents wereleft in an employee’s car for 8 hours and
were stolen. This was not the first time SAIC had unencrypted backup
tapes stolen. In fact, it was the second time since 2010. Despite that
and other breaches they have had in recent years, they continue to get
huge government contracts. Members of Congress have nowasked why.
5. Insurance Corporation of British Columbia insider breach.
There’s a lot we don’t know aboutthis breachas yet, but it seems that
an employee of the insurance company accessed and then disclosed
information on 13 people who were later either shot at or were the
victims of arson. Scarily, the employee also accessed information on
52 other people. Will they become victims, too? The RCMP are
investigating, but this appears to be one of those breaches where
there can be real and serious harm that has nothing to do with ID
The Federal Bureau of Investigation has arrested three suspected members of the hacker group LulzSec and charges will be made public against two more, a law enforcement official told Reuters on Tuesday.
LulzSec, an underground group also known as Lulz Security, along with fellow hacking group Anonymous have taken credit for carrying out a number of high-profile hacking actions against companies and institutions including the CIA, Britain’s Serious Organized Crime Agency, Japan’s Sony Corp and Mexican government websites.
Last month, the activist group Anonymous published a recording of a confidential call between FBI agents and London detectives in which the law-enforcement agents discuss action they are taking against hacking.
Meet Hector Xavier Monsegur, better known as “Sabu,” the defacto leader of the hacking collective LulzSec, which made a name for itself with a number of high-profile incidents last year. Monsegur, a New York City resident, was actually pinpointed by the FBI in June. However, he did something pretty major — fearing jail time would separate him from his two young children, he reluctantly agreed to work with the FBI to take down other members of the LulzSec group, going so far as to reportedly work out of FBI offices to help. The takedown happened today, with five arrests taking place. Pretty crazy, right? You said it.
If we were a newspaper and someone threw a small bomb through the window, crippling our printing press and shutting down operations until we could get a replacement, we’d call the police. But what’s the equivalent of 911 when a cyber attack happens? Who will reimburse us for lost man and woman hours and reports that didn’t get published when actual news was breaking? And will it undermine the trust our viewers and readers place in us? How to place a value on that?
This breach wasn’t done to steal national secrets or money from us, but to express anger over the work of the free press. That work will go on. At Frontline and at the NewsHour, everyone is focused on getting on with their jobs covering the news, the most important developments in the nation and in the world. But we do so feeling violated by a stranger. I guess that makes us wiser, determined to work harder to protect the work we do. And I hope it doesn’t make us, or any other news organization, more cautious.