LulzSec’s last lulz: Malware for all those who downloaded hackers’ final plunder

By on Jun 28, 2011 at 12:30 PM
Security June 28, 2011

The small group of hackers known as Lulz Security, or simply “LulzSec,” would never disband without one final round of fun. BGR reported on Monday that the group’s reign of terror was coming to an end after 50 lul-filled days. During that period of time, LulzSec released data stolen in a series of online breaches with targets ranging from Sony to the U.S. Government. In its coup de grâce, LulzSec released a stash of stolen data from a variety of targets, including AT&T, Disney and the U.S. Navy. But data obtained through online breaches wasn’t the only thing LulzSec stuffed into the file; a directory named “BootableUSB” also contained a variety of malware including trojans and worms. While “LulzSec” is no more and its notorious Twitter account now sits dormant, members of the well-known hacktivism group “Anonymous Operations” have confirmed that LulzSec is gone in name only — the six LulzSec members have been absorbed by Anonymous, according to the group’s official Twitter feed.

Read

Tags:
, , , , , , , , , , , , , ,
33 Comments

Related Articles

  • Anonymous

    You should know to never download anything like that from them. I stood clear away from everything involving them to keep safe. I’m glad they have fallen, they were only here to hurt, not help like Anonymous.

    • Anonymous

      If you’re smart enough to find, download and browse through a release from a hacker group but dumb enough to run random executables inside I really don’t feel very sorry for you. That’s just retarded.

      I’d be more concerned with ending up on some gov list for downloading than getting malware – I’m fairly certain I’d prefer the latter LOL.

      Also anon claims they *are* lulz and have been all along…

    • http://marcparadise.com/ Marc Paradise

      Actually, most folks should know to steer clear of any download from any nonverifiable source – and to treat even those from verifiable sources skeptically.  

    • Anonymous

      Help like anonymous. lol thanks for that one.

  • http://twitter.com/gwaki Alex Hansen

    When I looked at the file list I didn’t see any of that.  Only grabbing parts of it FTW!

  • Anonymous

    I downloaded it to check if I had any data on there. I did not. 
    Prior to checking, I scanned the files with Sophos AV, which found nothing. I also deleted the files after checking them.
    You should never trust anything from a hacker. 
    Thankfully, I not only scanned these files, but I’m also on a Mac. 

    • http://identi.ca/LauRoman LaurenÈ›iu Roman

      Because surely OSX is safe from viruses.

      • Anonymous

        Well, I did scan the file as well, but yes, there are currently no viruses out for Mac. In fact, the biggest concern is some scareware that only affects Macs that haven’t been updated in the past few weeks, and can be deleted simply by deleting the application. The scareware also requires the user to install it themselves. 
        Lulzsec wasn’t in the business of creating and distributing viruses. I’m willing to bet this wasn’t in their original release, and some other troll popped it in there themselves. I doubt this person had the skills to create new malware for any system, let alone Windows and Macs. 

      • Anonymous

        lmao your comments entertain me… “I’m on  a mac” and “there are currently no viruses out for mac” are the two greatest lines ever from someone who has a tech blog…

      • Anonymous

        @andyg8180:disqus 
        There is Malware for Mac OS, but none that could be classified as virus, ie: self replicating. 

    • http://twitter.com/gwaki Alex Hansen

      I also scanned it. I wonder if someone reuploaded the torrent with the virus in it later on and then it was posted on sites which people downloaded it from.

    • http://marcparadise.com/ Marc Paradise

      “You should never trust anything from a hacker. 
      Thankfully, I not only scanned these files, but I’m also on a Mac.”

      More and more they’re relying on the false sense of security that AV and Macs give you.  They’re both crutches.  Don’t trust either one, and use your judgement instead.  (Though in your case… since you downloaded this content from a known malicious source, opened it on your system, AND trusted AV to tell you it was safe… your own judgement may not the judgement you should trust.)

  • John

    just load these things in a virtualized environment. revert to past snapshot after done. wham bam thank you mam.

  • serpentor

    This was pretty lulzy actually.

  • Anonymous

    You know what? That’s… funny.

  • Anonymous

    I guess they did it for the lulz?

  • Anonymous

    I hate these constant stories on these groups and I dislike how public they are with what they are doing!!!

    To me, if you’re going to hack someone…hack ‘em. Hack ‘em and then tell them how to fix their security. Show them the ropes. That’s making the world a better place.

    These people…THEY’RE CRACKERS. The moment you start stealing money…you’re not hacking! And when you’re whoring it out, you’re not doing any good in life. It would be the same as a bank robber stealing money and then making constant youtube vids of him flaunting it.

    We get it. You’re smart w/your computer skills. Either do good, or do bad. But don’t do bad and then flood my google news page with your pleas for recognition!!!

    • http://www.twitter.com/iwinrar iWinRar

      They never did it for the money.

  • http://www.facebook.com/profile.php?id=100001368525387 Cordell Collins

    haha when i first opened the download i immediately went to the at&t file and saw only one file in it, then i went into the file and went back and the bootableusb file was in their and i was like oh crap its a virus then i was like oh i got a mac haha 

    • sirpaul

      Glad that “you got a mac”…I have a PC and I haven’t had a virus in past 9 years. Always been using free AV.

      • Anonymous

        i probably saved a dozen computers with free av

      • http://marcparadise.com/ Marc Paradise

        I have a PC, haven’t been using AV at all (save a “just to be sure” scan under Clam on Linux boot which always comes back negative) and haven’t had a virus in nearly three decades of computing*.   I say this only because posts like yours imply that AV is a necessary component: it’s not.  It’s a crutch of limited effectiveness, an attempt to solve a problem that can only *really* been solved by user education and awareness.

        * OK, ok, slight hyperbole – I did get a harmless Stoned variant once under DOS 3.3, from a borrowed set of floppies containing Civilization 1.

    • http://twitter.com/androidhelpers Android Helpers

      Lol this assumption is why so many morons feel for the “Mac Defender” malware. Lulz.

  • FakeName

    From the lulzsec press release: “Note: In “AT&T internal data.rar”, do not open “BootableUSB/Program Files/WinRar/WinRar v3.71.exe”, as it is malware (due to AT&T using a pirated copy of WinRar).”

  • LulzSUCKS

    These guys are fucking idiots.  I hope they die and burn in hell. 

    • Anonymous

      They hacked the CIA and you think by posting anonymously they can’t get you? I’d tread softly around folks like this

  • Anonymous

    Seriously didn’t care about these hackers, why is it people are still writing articles about them, wtf? Don’t get that

  • Anonymous

    Oh you mean the file I scanned and checked with hijack this then dropped into Eraser and walked off to make coffee?

  • http://pulse.yahoo.com/_ML67DN65LGCQWCZENTJX5Z7TYI Dollie Flynn

    This ‘hackers” are funny. @Tim, I paid $32.67 for a XBOX 360 and my mom got a 17 inch Toshiba laptop for $94.83 being delivered to our house tomorrow by FedEX. I will never again pay expensive retail prices at stores. I even sold a 46 inch HDTV to my boss for $650 and it only cost me $52.78 to get. Here is the website we using to get all this stuff, LiveCent. com

  • http://twitter.com/djbtam djbtam

    I think they got the PSN one more time. Looks like the network in down……. WTH?!?!?!

  • Anonymous

    lol, pretty amazing stuff dude. Wow.

    http://www.total-privacy.se.tc

  • Anonymous

    Before you open the file, there’s nothing to worry about.
    I myself *did* download the files to check if any of my info was in it (1 account was in there). However, I only opened .txt files and the likes. No .exe’s or ‘bootableUSB’ folder.

  • http://www.schnittshow.com Schnitt

    Use sandboxie to open the file in a sandbox, its effectively harmless after that as long as you do not take the files outside of the sandbox.

blog comments powered by Disqus