Error: Twitter did not respond. Please wait a few minutes and refresh this page.
Tech Stuff and random observations on life as I see it….
Last week, as part of a pre-planned operation an 18 year old male from Shetland was arrested. Jake Jarvis was accused of being ‘Topiary’, the spokesperson for Anonymous and Lulzsec and was transferred to London for questioning. Most recreantly Topiary was considered to be the one behind the Lulzsec Twitter account which now only shows one tweet: “You cannot arrest an idea”.
Shortly afterwards a group named the Web Ninjas announced that Topiary was not a teenager from Scotland but a 23 year old Swedish man instead. This was considered to be simply misinformation spread about by the hacktivist groups and Jake was to appear before court this Monday.
Oddly enough, the evidence that incriminates Jake are the 750K ID’s on his PC along with drafts of the fake Murdoch death tweets. After all the sites Anonymous and Lulzsec have hacked, don’t you think that a member of that group wouldn’t keep his own information secure?
The court released him on bail. He has been ordered to live with his mother and is banned from accessing the Internet. He faces a curfew from 10pm until 7am each night, and he must wear a monitoring device to verify his compliance. His next court date is set for August 30.
After months of AntiSec activity, which as been barely tolerated by the authorities and courted by the media, may well have stepped over the mark when they took over the Fox News political twitter account and announced the assassination of the US president. It raised the ire of the FBI who have recently been trying to crack down on the groups activities.
Fox News reported first that suspected group members were arrested on Tuesday in Florida, New Jersey and California. The raid was described as a “major” operation and that arrests have been made across the country. 14 arrests were originally reported with two additional arrests were made with regard to separate criminal complaints that were filed in Newark and Tampa.
Anonymous and Lulzsec, which police believe are connected, issued a joint statement on Thursday to the FBI following a number of arrests of people with suspected involvement in the groups.
“We are not scared any more,” said the Anonymous statement. “Your threats to arrest us are meaningless to us as you cannot arrest an idea. Any attempt to do so will make your citizens more angry until they will roar in one gigantic choir. It is our mission to help these people and there is nothing — absolutely nothing — you can possibly to do make us stop.”
Despite some security experts questioning whether these arrests will have any lasting effect, law enforcement maintains that they are gathering a “treasure trove” of information that may lead to further arrests.
Unfortunately, these crimes are often thought of as being mostly harmless by those that are taking part and hiding behind anonymity makes them feel secure that they won’t get caught. Many don’t realise the risks of prison time and prosecutors are very likely to go for severe penalties. Those arrested, if convicted, could face up to 10 years in prison for trying to gain access to a protected computer.
Since Lulzsec downed their tools, those in the security community have been waiting for the AntiSec community and now we have the first warning shots across our bows. The LulzSec group were highly active for a period of 50 days claiming that this period of activism was planned to wake up the AntiSec community.
Monday 4th July – Apple servers hacked.
Hacker group Anonymous claims it has hacked one of Apple’s servers and posted usernames and passwords to prove it on their Twitter account, together with a warning that Apple could be a target of one of their attacks.
“Not being so serious, but well (…) #Apple could be target, too. But don’t worry, we are busy elsewhere”, tweeted @AnonymousIRC
Along with the tweet there was a link to a text file on Pastebin reported to be from one of Apple’s servers that contained a list of user names and passwords. As the passwords are encrypted so it will require some work to try to extract information from the tables (it would be possible for instance if someone has used a weak password for that to be recovered through a brute force hack… This may give hints to the encryption key). The server hacked was related to managing surveys and has been taken offline since the attack.
At the same time that the Anonymous tweet was posted there was another post from a lone hacker named Idahc claiming the he had found an SQL vulnerability in Apple’s servers but did not release any data from the hack.
It may well be that the upcoming cloud storage solutions of iTunes and iCloud may be looking like rich pickings from hacking groups.
Tuesday 6th July – Fox news political Twitter account hacked.
On Tuesday, the Fox News political Twitter account began posting suspicious messages including tweets that said that the US president had been fatally wounded in a shooting. A hacker group calling themselves Scriptkiddies claimed responsibility for gaining access to the account. The group gained control of @foxnewspolitics, bragging about it on several Twitter accounts (now suspended).
“BREAKING NEWS: President @BarackObama assassinated, 2 gunshot wounds have proved too much. It’s a sad 4th for #america. #obamadead RIP
Fox News said that they were working with Twitter to address the situation “We will be requesting a detailed investigation from Twitter about how this occurred, and measures to prevent future unauthorized access into FoxNews.com accounts”, said Jeff Misenti, vice president and general manager of Fox News Digital.
The US Secret Service are also looking into the attack.
Tuesday 5th July – PayPal UK Twitter Account Hacked
Also reported on Tuesday was news of another hack, the Twitter account of Paypal UK this time. The hacked account was then used to post links to a. Anti-Paypal site called paypalsucks.com which describes itself as “exposing the nightmare of doing business ‘the PayPal way.”
“This account was hacked earlier. We have it in our control now. Your personal data is still 100% safe, hack occurred on Twitter not PayPal,” tweeted PayPal UK after regaining control of the account late Tuesday.
The tweets were later removed by PayPal UK.
I haven’t written anything previously about the LulzSec and Anonymous groups specific activities, till now I just haven’t thought it right to give them the notoriety they so wanted… So why mention it now? I think that we are at an escalation point in the activities worth mentioning.