Lulzsec's last supper

[Bebek Sincap Ratatosk]

It occurs to me that this sort of smoke & mirrors shit makes things easier for anon, not harder.

If anon can remain anonymous, I agree...

I was once a lackey (toady?) for the Legion of Doom. They got a little too loose lipped among themselves and when Fry Guy got caught, they all went down. Fortunately, no one cared about the wannabes 

AFAIK, the members of anonymous don't know who each other are.

I think that's the aim, the question is implementation and how strictly everyone follows that rule.

[Doktor Howl]

It occurs to me that this sort of smoke & mirrors shit makes things easier for anon, not harder.

If anon can remain anonymous, I agree...

I was once a lackey (toady?) for the Legion of Doom. They got a little too loose lipped among themselves and when Fry Guy got caught, they all went down. Fortunately, no one cared about the wannabes 

AFAIK, the members of anonymous don't know who each other are.

I think that's the aim, the question is implementation and how strictly everyone follows that rule.

Even if a few of them meet up, there's supposedly what, 20,000 of them?  And all anyone's been able to snag is a couple of teenage wannabes in Europe?  At worst, they lose a half dozen people.

[Cain]

They also have branches in places like Brazil, South Africa and Russia, where the computer laws are...somewhat different, and hacking is often overlooked, if it is embarrassing the American government at least.

[Bebek Sincap Ratatosk]

It occurs to me that this sort of smoke & mirrors shit makes things easier for anon, not harder.

If anon can remain anonymous, I agree...

I was once a lackey (toady?) for the Legion of Doom. They got a little too loose lipped among themselves and when Fry Guy got caught, they all went down. Fortunately, no one cared about the wannabes 

AFAIK, the members of anonymous don't know who each other are.

I think that's the aim, the question is implementation and how strictly everyone follows that rule.

Even if a few of them meet up, there's supposedly what, 20,000 of them?  And all anyone's been able to snag is a couple of teenage wannabes in Europe?  At worst, they lose a half dozen people.

Depends on what data you look at. Some of the infosec reports I've seen say that there are thousands of lackeys and a much lower number of actual skilled members. Those skilled members are the ones that really need to keep their lips zipped.

They also have branches in places like Brazil, South Africa and Russia, where the computer laws are...somewhat different, and hacking is often overlooked, if it is embarrassing the American government at least.

Very true.

[Doktor Howl]

They also have branches in places like Brazil, South Africa and Russia, where the computer laws are...somewhat different, and hacking is often overlooked, if it is embarrassing the American government at least.

Yeah, and the best thing is, nobody really knows how many of them there are.  It's a seemingly perfect organization that would make old Niccolo happy in his pants.

[Doktor Howl]

Depends on what data you look at. Some of the infosec reports I've seen say that there are thousands of lackeys and a much lower number of actual skilled members. Those skilled members are the ones that really need to keep their lips zipped.

That's the beauty of it.  I've seen numbers from 100 to 20,000...Which leads me to believe that nobody really has a fucking clue.  That probably includes anon itself.

[Bebek Sincap Ratatosk]

Yeah, its really the first 'Stand Alone Complex'. Yay for cyberpunk predictive powers!

[Triple Zero]

Just got this from HackerNews:

http://www.scribd.com/doc/84156085/Lulzseclegalled

The title of the link was "LulzSec indictment published - they got him by his TOR usage (scribd.com)"

But I dunno what it refers to cause the paper is 71 pages.

Here's the discussion:

http://news.ycombinator.com/item?id=3685647

[Q. G. Pennyworth]

You People are hilarious.

[Doktor Howl]

You People are hilarious.

[Junkenstein]

Depends on what data you look at. Some of the infosec reports I've seen say that there are thousands of lackeys and a much lower number of actual skilled members. Those skilled members are the ones that really need to keep their lips zipped.

That's the beauty of it.  I've seen numbers from 100 to 20,000...Which leads me to believe that nobody really has a fucking clue.  That probably includes anon itself.

With it coming up so frequently, I think everyone tries to quantify anon, totally forgetting that prety much every monkey with a computer is  Anon.

It seems to work as a very simple label that disquiets many people on some level. Considering every person is Anon to practically everyone else in the world, it  almost evokes a primate urge. Look ye mighty at my genes and desire them.  Remember MY deeds and weep. How you declare victory against those you can't bomb?

[Cain]

Just got this from HackerNews:

http://www.scribd.com/doc/84156085/Lulzseclegalled

The title of the link was "LulzSec indictment published - they got him by his TOR usage (scribd.com)"

But I dunno what it refers to cause the paper is 71 pages.

Here's the discussion:

http://news.ycombinator.com/item?id=3685647

That's strange - I thought Lulzsec banned usage of Tor, both for communicating and for general online fuckery and hacking.

Admittedly, I think I've only seen the mention of a ban policy in one place, but it would be a fairly solid assumption...that analysing Tor nodes could lead to being identified has been known for a while now.

[Triple Zero]

Still haven't had time to read more about the Tor thing, btw. AFAIK, didn't Anon only say that it's no use using the LOIC via Tor to DDoS? (because you'd be DDoSing the Tor network more than the target).

Anyway came across this article which seems to have some more info on the flipping of Sabu:

http://www.newstatesman.com/blogs/the-staggers/2012/03/sabu-fbi-hackers-informant

[Triple Zero]

The FBI were somehow involved in the Stratfor hack

http://www.guardian.co.uk/technology/2012/mar/06/lulzsec-sabu-working-for-us-fbi

In a US court document, the FBI's informant – there described as CW – "acting under the direction of the FBI" helped facilitate the publication of what was thought to be an embarrassing leak of conference call between the FBI and the UK's Serious and Organised Crime Agency in February.

Officers from both sides of the Atlantic were heard discussing the progress of various hacking investigations in the call.

A second document shows that Monsegur – styled this time as CW-1 – provided an FBI-owned computer to facilitate the release of 5m emails taken from US security consultancy Stratfor and which are now being published by WikiLeaks. That suggests the FBI may have had an inside track on discussions between Julian Assange of WikiLeaks, and Anonymous, another hacking group, about the leaking of thousands of confidential emails and documents.

This comment, from the HN thread about the NewStatesman article linked above seems quite interesting, relating to the FBI's involvement with the Stratfor hack. Though on the one hand I don't know what this guy's sources are (conversation logs with indictment) or what the "second document" TheGuardian mentions exactly states. Considering it's "logs with indictment" they might even be referring to the same document but drawing different conclusions? Anyway:

http://news.ycombinator.com/item?id=3699156
(...)

Also, who has ever seen evidence that sabu - and by extension the FBI - has ever actually 'hacked' after being turned? To the contrary, the only logs I have ever seen (within indictment), indicate (as far as I can remember) that it was anarchos who did the actual hacking of StratFor. According to the conversatiom logs between sabu and anarchos I have read it seems as if anarchos kept other members of Anon/antisec mostly in the dark as to the details of the operation. On currently publicly available information, anarchos seeme to have done the actual 'hacking' on his own and only needed help (ftp'ing data sets for backup) afterwards. Also note that the FBI server was not the only server the data was transferred to. But providing a server to save evidence and to generally support (but not incite) a crime fits much better with the legal framework for agent provocateurs.

Also, one has to remember the general model of how anon operates - it, if by chance, resembles a need-to-know basis similar to military or intelligence operations. Do not assume their 'leader' knew exactly what any one 'member' (of what? Anon is by defintion not a specifiable group, even sub-groups are constantly changing) was specifically up to at any moment.

It's also not very insightful to blindly trust the FBI assertion that sabu was caught because he logged onto IRC just once (!) without a proxy. Given that he was always operating with proxies, bouncers and under TOR, and also given that he was publicly 'doxed' wrongly beforehand (but also correctly (!) before being visited by the FBI), why would a single unprotected login lead the FBI to actually following up on the IP and paying the 'IP address a visit', so to speak. It's possible, sure, but is it probable? For me, another possibility is more probable: sabu was a bit too forthcoming with personal, identifiable information when on IRC and chatting with people he assumed to know. Is it only a nice coincidence that laurelai, another member of anon, was visited by the FBI in the months before sabu was turned? Laurelai has admitted to the visit and even to talking to the FBI for hours, but has maintained to not habe snitched. Believable? I don't know - but it's at least more probable as to why they got to sabu. It's also standard operating procedure for the FBI to rely on several informants to get to the big guys. They very often go forthe - more reliable - human intel instead of 'internet logs'.

I wondered about the unprotected IP thing they used to catch him, as well. Some news articles make it almost sound like the FBI appeared on his doorstep within the hour, even. They must have at least some other info to be certain enough about that bust. If Sabu was using proxies most of the time, some of these proxy's IPs could have easily been some hacked home computer in a US residential area owned by some poor schmuck that is not good with computer. And if he slipped once, how did the FBI know that, unlike all those other proxy IPs, this one was real? Well, unless Sabu only used foreign proxies when not using Tor (and they knew when it was Tor).

Another insightful comment:

http://news.ycombinator.com/item?id=3699209
One other thing: It can be read on several pastebins that once anon/antisec had secured access to the StratFor data, sabu unsuccessfully tried to get Wikileaks to pay for the data. Which didn't happen of course. The incident also made him seem highly suspect to other members of anon/antisec as that clearly violated their M.O. Which to me, all seems as if the FBI accidentally stumbled unto a chance to try to stick severe charges against Wikileaks (which they have been trying to prosecute for willfully cooperating with the enemy all along) and blowing it. Still, they will have gained interesting insights into how submissions to WL work now and perhaps, to everyone's surprise, they succeeded in getting to Assange somehow.

Well except maybe for that last sentence because I would assume the FBI most probably already had "insights into how submissions to WL work"

[Triple Zero]

Anonymous' new timeline of FBI infiltration suggests Antisec may have been an FBI creation
http://www.deathandtaxesmag.com/180311/anonymous-new-timeline-of-fbi-infiltration-suggests-antisec-may-have-been-an-fbi-creation/

https://www.scribd.com/doc/85351496/Timeline-of-ANTISEC-as-Created-and-Operated-Under-FBI-Supervision