LulzSec’s last lulz: Malware for all those who downloaded hackers’ final plunder

By on June 28, 2011 at 12:30 PM.

LulzSec’s last lulz: Malware for all those who downloaded hackers’ final plunder

The small group of hackers known as Lulz Security, or simply “LulzSec,” would never disband without one final round of fun. BGR reported on Monday that the group’s reign of terror was coming to an end after 50 lul-filled days. During that period of time, LulzSec released data stolen in a series of online breaches with targets ranging from Sony to the U.S. Government. In its coup de grâce, LulzSec released a stash of stolen data from a variety of targets, including AT&T, Disney and the U.S. Navy. But data obtained through online breaches wasn’t the only thing LulzSec stuffed into the file; a directory named “BootableUSB” also contained a variety of malware including trojans and worms. While “LulzSec” is no more and its notorious Twitter account now sits dormant, members of the well-known hacktivism group “Anonymous Operations” have confirmed that LulzSec is gone in name only — the six LulzSec members have been absorbed by Anonymous, according to the group’s official Twitter feed. More →

33 Comments

Citigroup hackers stole $2.7 million in recent breach

By on June 27, 2011 at 6:50 PM.

Citigroup hackers stole $2.7 million in recent breach

A recent online security breach involving the left of 360,000 credit card numbers will cost Citigroup $2.7 million, the company confirmed to U.S. government officials on Monday. Hackers infiltrated Citigroup servers last month and stole account numbers and personal information associated with over 360,000 Citi-branded credit cards. According to Citigroup, personal information and card numbers from approximately 3,400 cardholders was subsequently used to make about $2.7 million in unauthorized purchases. Citigroup stated that affected customers would be reimbursed for the fraudulent charges. No arrests have been made in association with the breach. More →

12 Comments

Hacker claims to reveal identity of LulzSec leader

By on June 24, 2011 at 10:01 AM.

Hacker claims to reveal identity of LulzSec leader

A hacker known as “The Jester” claims to have revealed the identity of a LulzSec member who may be the group’s leader. Thirty-year-old Xavier Kaotico, also known as Xavier de Leon or “sabu,” has been outed as the hacker prankster group’s leader, though his role and involvement with LulzSec has not been confirmed. The man allegedly lives or has recently lived in New York City, and is an independant IT consultant specializing in Python programming, Linux development, network security and exploit development. LulzSec, a small group of hackers that has become the focus of the international technology media over the past few weeks, has claimed responsibility for carrying out a number of malicious breaches. Recent LulzSec targets include websites belonging to Sony, Citigroup, the CIA and the U.S. Senate. After a public spat between the two high-profile hacker groups, LulzSec united with “Anonymous Operations” to wage a cyber war against the U.S. government, stating, “Sitting pretty on cargo bays full of corrupt booty, they think it’s acceptable to condition and enslave all vessels in sight. Our Lulz Lizard battle fleet is now declaring immediate and unremitting war on the freedom-snatching moderators of 2011.” LulzSec has not directly addressed the allegation that Kaotico is its leader, though it has posted messages to its Twitter account mocking The Jester, who calls himself a “Hacktivist for good. Obstructing the lines of communication for terrorists, sympathizers, fixers, facilitators, and other general bad guys.” More →

29 Comments

26-year old pleads guilty to hacking AT&T iPad data

By on June 23, 2011 at 7:02 PM.

26-year old pleads guilty to hacking AT&T iPad data

Last year hackers made headlines when AT&T announced to a security breach that had allowed hackers to access the personal data from 114,000 iPad 3G users. On Thursday, 26-year old Daniel Spitler from San Francisco pleaded guilty to two crimes: conspiracy to gain unauthorized access to computers and identity theft. Spitler faces up to 10 years in prison — five years for each count, according to The Wall Street Journal. “Computer hackers are exacting an increasing toll on our society, damaging individuals and organizations to gain notoriety for themselves,” said U.S. Attorney Paul Fishman in New Jersey. “Daniel Spitler’s guilty plea is a timely reminder of the consequences of treating criminal activity as a competitive sport.” Fishman’s statements are clearly also aimed at other hackers; LulzSec and Anonymous, two hacking groups, recently announced that they have joined forces to attack the U.S. government. That’s in addition to recent hacks on Sony — which LulzSec took responsibility for — and Citigroup. Spitler will be sentenced on September 28th. More →

14 Comments

LulzSec denies reports of leader’s arrest

By on June 21, 2011 at 2:39 PM.

LulzSec denies reports of leader’s arrest

There are numerous reports claiming that the leader of the now infamous hacking group LulzSec has been arrested in the United Kingdom. According to London’s Metropolitan Police, the shadowy leader was a 19-year old responsible for hacking “a number of international businesses and intelligence agencies.” The group took responsibility for Sony’s recent massive security breach and has also targeted a number of high-visibility websites, including that of the Central Intelligence Agency, and has waged war on the U.S. government with another group dubbed Anonymous. Despite the reports, however, LulzSec has denied that any of its members have been arrested. Early Tuesday morning the group tweeted: “Seems the glorious leader of LulzSec got arrested, it’s all over now… wait… we’re all still here! Which poor b****** did they take down?” More →

11 Comments

LulzSec and Anonymous unite to wage cyber war on U.S. government

By on June 20, 2011 at 12:53 PM.

LulzSec and Anonymous unite to wage cyber war on U.S. government

Call it a meeting of minds or call it an unholy matrimony — in either event, the recent rash of high-profile breaches is about to get an adrenaline shot. Hacktivist group Anonymous and a crew of emerging merry hackers known as are joining forces to target the dissemination of government secrets and the defacement of other websites such as those belonging to banks. “As we’re aware, the government and whitehat security terrorists across the world continue to dominate and control our Internet ocean,” LulzSec said in a statement on Monday. “Sitting pretty on cargo bays full of corrupt booty, they think it’s acceptable to condition and enslave all vessels in sight. Our Lulz Lizard battle fleet is now declaring immediate and unremitting war on the freedom-snatching moderators of 2011.” Operation Anti-Security — or AntiSec, as the group has dubbed the mission on Twitter — encourages fellow hackers to “open fire on any government or agency that crosses their path.” Hit the break for Lulz Security’s full statement. More →

157 Comments

Hackers strike Sega, steal personal data from 1.3 million accounts

By on June 20, 2011 at 8:40 AM.

Hackers strike Sega, steal personal data from 1.3 million accounts

Sega has confirmed that personal data from 1.3 million user accounts was stolen during a recent security breach, according to Reuters. Hackers obtained email addresses, encrypted passwords, birth dates, and names of Sega Pass network users. Unlike Sony’s recent security breach, however, the hackers did not access credit card data. As a result of the attack, Sony has pulled its Sega Pass network offline. “We are deeply sorry for causing trouble to our customers. We want to work on strengthening security,” Yoko Nagasawa, a Sega spokeswoman, said. Lulzsec, the hacker group behind Sony’s attack, has not taken credit for the Sega breach. More →

19 Comments

32 ‘Anonymous’ hackers detained by Turkish police

By on June 13, 2011 at 12:30 PM.

32 ‘Anonymous’ hackers detained by Turkish police

More than 30 individuals allegedly associated with the hacker group “Anonymous” have been detained by Turkish police according to a report from the Turkish state media on Monday. Police executed raids in 12 separate Turkish cities as part of the operation that resulted in 32 arrests across Turkey. The news follows reports that three men allegedly tied to the group were detained in Spain last week, a move that sparked a statement from an Anonymous spokesperson. “You have not detained three participants of Anonymous. We have no members and we are not a group of any kind. You have, however, detained three civilians expressing themselves,” the group wrote on Saturday in a statement directed at the Spanish government. “You are providing us with the fuel, but now you must expect the fire.” Anonymous, which refers to itself as an “international Internet hactivist collective,” has carried out cyberattacks on numerous high-profile targets including Visa, Amazon and Sony. Anonymous’ full statement can be read below. More →

43 Comments

New website answers the question on all our minds: Has Sony been hacked this week?

By on June 13, 2011 at 11:45 AM.

New website answers the question on all our minds: Has Sony been hacked this week?

BGR has provided extensive coverage of an ongoing saga that has seen numerous digital properties belonging to Sony fall under attack. To date, personal information belonging to well over 100 million Sony customers has been compromised, and nearly 13 million credit card numbers have been stolen. For IT professionals or other tech enthusiasts with weak stomachs, we can understand if reading one story after another about Sony’s security woes might make you a bit queasy. As such, a new site launched recently that has you covered. Hassonybeenhackedthisweek.com answers a single question for those who simply want to cut to the chase: Has Sony been hacked this week? The answer right now, by the way, is “yes.” More →

2 Comments

Sony confirms Sony Pictures breach, says 37,500 users affected [updated]

By on June 8, 2011 at 1:15 PM.

Sony confirms Sony Pictures breach, says 37,500 users affected [updated]

Sony has released more information regarding a recent breach suffered by one of the many Sony properties that have been targeted by hackers over the past few months. The company said on Wednesday that personal information belonging to 37,500 users has been compromised as a result of a cyberattack on the Sony Pictures website last week. Hackers from a small group known as Lulz Security claimed to have accessed over one million accounts during their breach of the Sony Pictures site, but they were only able to download a small sample of those records due to their limited resources. Sony states that no credit card numbers were stored on the website’s servers, but information including names, genders, addresses, email addresses, phone numbers, birth dates, user account names and passwords was taken during the breach.

UPDATE: Sony Pictures’ letter to customers affected by the breach can now be seen after the break. More →

13 Comments

Sony suffers yet another breach; Sony Music Brazil site hacked

By on June 6, 2011 at 9:31 AM.

Sony suffers yet another breach; Sony Music Brazil site hacked

The list of hacked Sony properties continues to grow as Sony Music Brazil finds its website the latest victim in a long line of breaches. The company’s website was the target of a cyberattack on Saturday night and nearly 36 hours later, the site is still offline. Initially, the hackers defaced the site with a single page titled “Hacked The UnderTaker,” which apparently contained nicknames of several people responsible for the attack. More than 12 hours later, the website was finally taken offline. Sony Music Brazil has not commented on the breach and it is unclear if any private data was exposed. More →

16 Comments

Sony Pictures breach confirmed to be authentic; Sony launches investigation

By on June 3, 2011 at 9:15 AM.

Sony Pictures breach confirmed to be authentic; Sony launches investigation

A small group of hackers calling themselves LulzSec on Thursday claimed to have breached a Sony website and gained access to personal information belonging to over 1 million Sony customers. The group posted a statement claiming it did not have the resources to download the massive database tied to SonyPictures.com, but it provided samples of the data accessed in order to prove the breach was real. The Associated Press contacted several of the purported victims using phone numbers posted by LulzSec, and it was able to confirm with multiple victims that the data, which included account passwords, was authentic and accurate. Sony has not yet confirmed the breach, though a company spokesperson did say Sony is currently investigating the claims. This new breach is the latest in a string of hacks on various Sony networks that have compromised personal data belonging to over 100 million Sony customers. More →

24 Comments

Sony’s PSN now fully restored in most markets

By on June 2, 2011 at 9:26 PM.

Sony’s PSN now fully restored in most markets

Sony announced on Wednesday that the final piece of its PlayStation Network, the PlayStation Store, is now back online after Sony’s networks were taken down due to a massive security breach. Sony also noted that it has outfitted PlayStation Plus store with new game trials, games, downloadable content, free avatars, and bigger discounts. The company’s “Welcome Back Offer,” which will provide two free games to Sony users as well as 30 days of PlayStation Plus, is in the final stages of testing and will also be available soon. More →

6 Comments