LulzSec

from Wikipedia, the free encyclopedia
. / $$ / $$ / $$$$$$
. | $$ | $$ / $$ __ $$
. | $$ / $$ / $$ | $$ / $$$$$$$$ | $$ \ __ / / $$$$$$ / $$$$$$$
. | $$ | $$ | $$ | $$ | ____ / $$ / | $$$$$$ / $$ __ $$ / $$ _____ /
. | $$ | $$ | $$ | $$ / $$$$ / \ ____ $$ | $$$$$$$$ | $$
. | $$ | $$ | $$ | $$ / $$ __ / / $$ \ $$ | $$ _____ / | $$
. | $$$$$$$$ | $$$$$$ / | $$ / $$$$$$$$ | $$$$$$ / | $$$$$$$ | $$$$$$. $
. | ________ / \ ______ / | __ / | ________ / \ ______ / \ _______ / \ _______ /
                          // Laughing at your security since 2011!

+

   __
   ) | ________________________.------, _ _
 _ / o | _____ /, ____________.__; __, __, __, __, _ Y ... ::: --- === `` `` // #anonymous
| ========== \; ; ; ; ; \ __, __ \ __, _____ --__, -. \ OFF ((#anarchists
           `---------- | __, __ / __, __ / __ /) =)) ~ (('- \ THE \\ #antisec
                        \ ==== \ \\ ~~ \\ \ PIGS \\ #lulzsec
                        `| === | )) ~~ \\ `` "" "" =,)) #fuckfbifriday
                         | === | | '---') #chingalamigra
                        / ==== / `===== '
                       ´ ------ ´
ASCII art of the group, from the Chinga La Migra Torrent

LulzSec (or long Lulz Security ) was the name of a loose grouping of hackers who wereresponsible forseveral high-profile campaigns in the area of information security in 2011. LulzSec partially entered criminal territory by spying on third party passwords; on the other hand, she pointed out weaknesses in the information security of the hacked systems.

Overview

The name LulzSec is made up of the words “Lulz” (meaning: “ Schadenfreude ”), a modified plural of the acronymLOL ” (Laughing Out Loud) in network jargon, and the slang term for “Security”. The group LulzSec first appeared in public in May 2011 with an attack on Fox.com . In June 2011, 50 days after it was founded, the group announced it was going to break up.

ideology

LulzSec has never been associated with financial motives. The group claimed to be acting for reasons of entertainment or the joy of chaos and devastation. On the basis of these statements, the press drew a parallel to the fun guerrilla . Political motives were used for individual actions, such as denouncing corruption or racism in the authorities, or strengthening the position against the war on drugs . A socio-political background can be determined retrospectively for all actions. The group also published a manifesto in which concerns were formulated.

Mustafa Al-Bassam ("TFlow") in December 2013 on the 30C3

Members

The nature of the loose organization allows individual individuals to claim the name of the group for themselves without consultation or integration into the actual circle ( see also: Anonymous , paragraph structure ). The group basically has six members, some of whom announced or confirmed this themselves, especially after hacks from other groups uncovered personal information. Tapped IRC log files from such an attack were published by The Guardian and also contained personal details.

In detail, the following people are associated with LulzSec :

  • Hector Xavier Monsegur alias Sabu - was a leading figure as founder and spokesman. Following his arrest in 2011 and subsequent hacking charges, Sabu served as an FBI informant and identified all key members.
  • Jake Davis, Topiary - a hacktivist from various groups, including Anonymous , who also ran the Twitter account LulzSecs . Davis became known for hacking the Westboro Baptist Church website during an ongoing interview .
  • Ryan Ackroyd, Kayla / KMS or Shock.ofgod - botnet operator with around 800,000 infected computers, also part of the gn0sis and Anonymous group .
  • Mustafa Al-Bassam, Tflow - youngest member (* 1995), ran the website of the group lulzsecurity.com .
  • Avunit - the only member not yet identified.
  • Darren Martyn, Pwnsauce - Open Web Application Security Project contributor
  • Donncha O'Cearbhaill, Palladium
  • Jeremy Hammond , Anarchaos representative Anonymous and as such charged with the Stratfor hack in 2011 and sentenced to imprisonment in 2013 after admission of guilt (10 years).
  • Sven Slootweg, joepie91 - operator of the website AnonNews.org , has a reputation for being one of the most active members, but is not directly associated with any campaign
  • Ryan Cleary, ViraL - Member with a 32 month prison term for attacking government systems.

Attacks on government facilities

In addition to simple distributed denial of service techniques, such as the attack on the CIA website, LulzSec also used SQL injections , for example in the Sony hack. It is a matter of dispute which sentiment should be assigned to the group, but the sometimes clearly subversive hacks hardly allow the conclusion that LulzSec can be spoken of as “ white hats ”. In the case of the companies of the group, a distinction can be made between those against business representatives and against government institutions or close partners:

InfraGard

Also in June 2011, LulzSec was able to compromise the website of InfraGard , a non-profit organization that, in collaboration with the FBI, specializes in monitoring illegal botnets .

As part of this campaign, LulzSec also received access to confidential e-mails from the head of the US security company Unveillance , Karim Hijazi. These emails prove that the company offered various digital warfare services to the US authorities , such as an attack on the digital infrastructure of the oil fields in Libya .

According to his own statement, the action was in response to Barack Obama's statement that actions by hackers could also be viewed as an attack against the United States of America.

US Senate

A little later, a configuration file was published for the website of the United States Senate . The attack was officially confirmed by a spokeswoman for the Senate.

CIA

On June 15, 2011, LulzSec confessed to an attack on the website of the American international intelligence service CIA , which resulted in its website being temporarily unavailable.

Attacks on business enterprises

PBS

In May 2011, members of LulzSec hacked the Public Broadcasting Service website , copied user data and posted a hoax message in the news ticker stating that rapper Tupac Shakur , who died in 1996, was still alive and living in New Zealand .

LulzSec cited the defense of Wikileaks and the expression of solidarity with whistleblower Chelsea Manning as the motivation for the hack .

Sony

In June 2011, LulzSec declared itself responsible for an attack against the Sony Pictures website in which the group most likely had illegal access to personal information (such as name, password, address and date of birth) of over a million users.

The group tried to expose Sony in particular by pointing out how poorly the site was secured and that a primitive SQL injection , a well-known security flaw, had given them access. This was particularly explosive, since Sony had to admit illegal access to the PlayStation Network shortly before , which probably also stole several million user data together with credit card information.

As a motive for the attack, the group gave revenge for the legal action taken by Sony against the Playstation 3 hacker George Hotz .

The Sun

Although LulzSec announced their dissolution on June 26, 2011, they returned to the spotlight a short time later. The British tabloid magazine The Sun , as part of the group around media mogul Rupert Murdoch, has already been exposed to critical attention due to the wiretapping scandal surrounding his News International . On the night of July 18-19, 2011, the Sun website posted a hoax about Murdoch's alleged death. Visitors to the site were eventually redirected to LulzSec's Twitter page, where the hackers admitted to the crime with a snappy remark.

AntiSec & resolution

On June 19, 2011, LulzSec and Anonymous announced their future collaboration on Twitter and launched Operation AntiSec . The two groups, which had previously attacked each other several times, wanted to jointly take action against "security terrorists". As part of this action, the website of the Serious Organized Crime Agency (SOCA for short) was shut down for a short time and confidential documents of the Arizona Border Police on Pirate Bay were published.

On June 26, 2011, the group announced its breakup. The former hacker Kevin Mitnick attributed this to the high pressure to be persecuted and expected further actions by imitators or by follow-up organizations.

Convictions

This article or section needs to be revised. More details should be given on the “ LulzSec ” discussion page . Please help to improve it , and then remove this flag.

In May 2013, Sabu exposed LulzSec members Kayla, Topiary and Tflow were sentenced to prison terms that The Guardian rated harsh. The defendants had previously confessed to having been involved in various attacks due to the burden of proof from the key witness .

Web links

Individual evidence

  1. LulzSec: Chinga La Migra (download torrent) . The Pirate Bay. June 24, 2011. Retrieved June 25, 2011.
  2. ^ Adam Clark Estes: LulzSec Document Release Targets Arizona Border Patrol . The Atlantic Wire. Retrieved September 29, 2013.
  3. Who is LulzSec, Hacker of PBS? Are they hacking Sony again? . International Business Times. Retrieved June 3, 2011.
  4. ^ Controversy over the direction of the Anonymous movement in deutschlandfunk.de, March 9, 2012
  5. Anonymous puts investigation files from Brazil on the Internet , golem.de. Retrieved July 28, 2013.
  6. Kevin Poulsen: LulzSec Releases Arizona Police Documents . In: Wired , June 24, 2011. Archived from the original on June 24, 2011. 
  7. LulzSec manifesto: "We screw each other over for a jolt of satisfaction" on arstechnica.com
  8. LulzSec - 1000th tweet statement on pastebin.com
  9. Lulzsec explains himself "Nyan-nyan-nyan-nyan-nyan, oder so ..." on golem.de
  10. a b Damon Poeter: Who Is LulzSec? . In: PC Magazine , July 2, 2011, pp. 1-9. Archived from the original on July 5, 2011. Retrieved July 5, 2011. 
  11. LulzSec members betrayed by Leader . In: golem.de , March 6, 2012. Archived from the original on July 28, 2013. Retrieved on July 28, 2013. 
  12. ^ William Goodman: Video: Anonymous hacks Westboro Baptist Church website during on-air confrontation . In: CBS News , February 24, 2011. Archived from the original on July 5, 2011. Retrieved July 5, 2011. 
  13. ^ Ten years imprisonment for Anonymous member , Heise online . Retrieved November 16, 2013
  14. Hacktivists in the fratricidal war on stern.de
  15. LulzSec claims to have hacked FBI-affiliated website . LA Times. Retrieved June 4, 2011.
  16. Ugly skirmishes on the net on welt.de
  17. Max Read: LulzSec Hackers Go After FBI Affiliates . Gawker. Retrieved June 4, 2011.
  18. LulzSec hacks US Senate website . In: heise online , June 14, 2011. Accessed June 14, 2011.
  19. LulzSec claims to have attacked the CIA . In: NZZ , June 16, 2011
  20. Cyber ​​attack: Hackers brag about attack on CIA website . Spiegel Online , June 16, 2011
  21. Hackers pirate PBS website, post fake story about Tupac still alive . CNN. Retrieved June 3, 2011.
  22. Parmy Olson: Interview With PBS Hackers: We Did It For 'Lulz And Justice' . Forbes. Retrieved June 3, 2011.
  23. Julianne Pepitone: Group Claims fresh hack of 1 million Sony accounts Money . CNN. June 2, 2011. Retrieved June 3, 2011.
  24. Erica Ogg: Hackers steal more customer info from Sony servers . CNET. Retrieved June 3, 2011.
  25. Attack on Playstation Network on Heise.de
  26. ^ Don Reisinger: Tupac Hackers to Sony: 'Beginning of the end' . CNET. Retrieved June 3, 2011.
  27. LulzSec is back with "The Sun" hack . Online computer magazine ComputerBase
  28. Operation Anti-Security on pastebin.com
  29. Allied hackers target banks on handelsblatt.com
  30. "Operation AntiSec": LulzSec represents Arizona highway patrol only on spiegel.de
  31. Lulz Security hacker group disbanded. Deutsche Welle , June 26, 2011, accessed June 26, 2011 .
  32. 50 Days of Lulz. (No longer available online.) In: pastebin .com. June 25, 2011, archived from the original on June 27, 2011 ; accessed on June 27, 2011 (English).
  33. Lulzsec becomes Nullsec. In: the daily newspaper. June 26, 2011, accessed June 26, 2011 .
  34. Long prison sentences for Lulzsec members , golem.de. Retrieved August 9, 2013.
  35. LulzSec hackers jailed for string of sophisticated cyber attacks . In: The Guardian , May 16, 2013. “The 32-month and 30-month sentences […] were among the most severe handed down by a British court for such Offences.” Retrieved December 31, 2013.
  36. LulzSec hacktivists plead guilty to cyber-attacks on NHS, Sony and NI , The Guardian . Retrieved August 9, 2013.