The hacking scene is a very complex territory to delve into. High profile group Lulzsec have been in the press in recent weeks for hacking into many corporations, such as Sony, as well as US government bodies.
Behind the scenes however it appears there is more than a little friction right now between various individuals and groups. One guy who appears to want the closure of Lulzsec is a chap called “th3 j35t3r.” He has an active Twitter stream which is filled with taunts and insults against Lulzsec.
By following the link, people are taken to the website of Karim Hijazi, the CEO of Unveillance. His business is a private botnet monitoring service which locates and confirms botnet infections in computer networks. On June 3rd Karim published a press release on his site which highlights a conversation he had with some members of Lulzsec after they targeted him.
(KARIM) So did we wrong you in some way, let’s get to the point?
(LULZ) <@Ninetales> If you wronged us, all of your affiliates would be crushed. Don’t worry, you’re in the good books. The point is a very crude word: extortion.
(LULZ) <@Ninetales> And what we’re both willing to agree upon that you sacrifice in return for our silence.
(LULZ) <@Ninetales> While I do get great enjoyment from obliterating whitehats from cyberspace, I can save this pleasure for other targets. Let’s just simplify: you have lots of money, we want more money.
(LULZ) <@Ninetales> Prepaid Visas, MoneyPaks, BitCoins, Liberty Reserve, WebMoney, the flavor of your choice. Naturally we’ll avoid PayPal.
Karim finishes the press release with some other details:
1. I have been able to protect the sensitive data which LulzSec was ultimately after. All they have stolen and publicly dumped are my personal and work emails.
2. I am now, and have been, in full cooperation with the FBI. In fact, I contacted the FBI and US-CERT immediately after I began receiving threats from LulzSec to request their assistance – and to explain the nature of the threat. I offered my full cooperation to the FBI in an effort to rectify the situation.
3. Unveillance is not a security company. We are a private botnet monitoring service – and a good one, which is why we were targeted. I do not provide security services to other companies. What I do provide clients with is the first zero false-positive analysis tool for identifying confirmed botnet infections in their computer networks.
4. I am not surprised by this attack; or the information dump on me; or their slanderous statements against me and my company. This is precisely what they threatened me with – in addition to other things, including allusions to physical harm to me and my family – if I did not cooperate with their demands.
5. I do not regret refusing to cooperate with LulzSec. My data is of national security importance. I could not and cannot, in good conscience, agree to release my botnet intelligence to an organization of hackers.
Lulzsec claim that they were deliberately trying to expose Karim to see if he would sell out. It all becomes rather confusing, although we can see from the events over the last couple of months that Lulzsec don’t appear to be defrauding individuals by using credit card information they compromise from servers. Kitguru doesn’t claim to know their thinking or what their motives really are and while their actions are illegal in many countries, they have yet to target any members of the public.
One thing is for sure, both Lulzsec and Anonymous are certainly on the hitlist for many of the government agencies. We wonder how long they can remain hidden from authorities. The recent attacks also have many high profile companies worrying about their security and perhaps some good can come from the attacks. After all we are pretty sure by the end of the year that Sony’s networks will be a heck of a lot more secure than they were a few months ago.
Kitguru says: Do you agree with the actions of Anonymous and Lulzsec? Some insiders claim that certain individuals are actually members of both groups.