LulzSec Reborn aims to keep hacking movement alive
Real danger from federal officials who 'continue to pooh-pooh' cybercrime, police investigator says
By Taylor Armerding
June 13, 2012 — CSO — About three months ago, following the arrests of five members of an Anonymous spinoff hacker group, an FBI official declared: "We're chopping off the head of LulzSec."
Perhaps they did. But activist hackers, some still claiming the LulzSec name, seem eager to prove that they are no more destructible than the Lernaean Hydra -- the mythical water serpent with many heads, which could grow back two heads if one was cut off.
One report this week said that the group calling itself LulzSec Reborn "posted about 10,000 Twitter usernames and passwords on Pastebin. The leaked Twitter accounts are from people who use TweetGif, a third-party app that lets users share animated GIFs."
This is not the first hack for which the group has claimed responsibility. In late March, only three weeks after the LulzSec arrests, the "Reborn" group broke into the database of the military dating site ESingles, stole passwords, email addresses and other information from nearly 171,000 accounts and also posted them on Pastebin.
CNET's Elinor Mills reports that this is not the only "new" group out there. "Suddenly, there is 'LulzSec Reborn,' 'MalSec,' and 'SpexSec,' fresh names for groups of malicious hackers using old techniques."
Nick Selby, managing director of N4Struct and a Texas police officer who investigates cybercrime, said this should be no surprise. "It's certainly evidence that the threat is highly distributed, and the barrier to entry for those wishing to engage in these kinds of activities is low and plummeting each day," he said.
Chester Wisniewski, a senior security adviser at Sophos, agrees. "As long as there are a lot of assets out there that are reasonably insecure, this will keep happening," he said. "The Occupy movement may no longer be visible, but the 99% are still upset. The FBI may give some individuals who are risk-averse pause, but if some people are stopped, there will always be another to step into the role."
The FBI broke the top ranks of LulzSec about nine months after arresting its leader, Hector Xavier Monsegur, 28, who went by the handle "Sabu." The agency reportedly was able to flip Monsegur almost immediately after his arrest on June 7, 2011.
At the time, most security experts agreed that LulzSec had been damaged, but hardly eliminated.
LulzSec (it is not known if it is actually made up of previous LulzSec or "Reborn" members) does admit to some damage. In a video posted June 3 from a previously unknown YouTube account, and which features a scrolling, disappearing script in outer space like the opening of Star Wars, the group wrote: "The oppressive powers behind the Evil empire have used Darth Sabu to seed mistrusting amongst the inhabitants of the planet Anonymous. The Old Order of the Knights of the Lulz, hunted and exterminated by FBI Siths, have gone into the shadows."
Understanding malware techniques and the ever-more sophisticated cybercrime ecosystem
Virtual analysis misses 1/3 of malware?
Advanced evasion techniques emerge
Organized cybercrime revealed
The rise of anti-forensics
The botnet hunters
Timeline: a decade of malware
- Enterprise File Sharing: All You Need to Know
- Forrester Research and EMC on Continuous Availability
- Big Ideas; Big Tech-Continuous Availability for VMware
- Reduce Costs, Maximize Performance and Ensure High Availability of your Business Critical Applications
- Software Asset Management - Program Considerations to Help Reduce Risk and Lower Costs
- Content Analytics Explained
- Mandiant's APT1: Revisited
The Mandiant APT1 report made our industry stronger by encouraging -- if not forcing -- information sharing. By Nick Selby - Attacks from China: A survival guide
- #FFSec: Infosec pros who bring value to Twitter
More Salted Hash with Bill Brenner
