Imperfect Cybercrimes

Law Enforcement Agencies are taking their revenge against the Hacktivists who mostly targeted them during the last months. In a deadly and unexpected sequence, the last 40 days have seen the heads of three infamous hacking crews falling under the blows of FBI and Scotland Yard.

One after the other, the key members of LulzSec, CabinCr3w and Team Poison have been arrested and in all but one case (that is the arrest of the alleged members of Team P0ison for which no details are known so far), the events have unveiled some surprises and unexpected details. Moreover, at least three arrests have been possible since the hackers left behind them a trail of mistakes which allowed the investigators to connect the dots and link their twitter accounts to their real identities.

The following table depicts the facts which may be better summarized from the Criminal Complaints which are reported below for:

As you may notice, in two cases, W0rmer and ItsKahuna, the hackers were betrayed by two familiar technologies which are commonly considered dangerous for users’ privacy and identity: social networks and mobile devices. Sabu was the one who really did a “technical mistake” by connecting to an IRC without protecting his IP address with TOR.

Interesting to say is also the different approach of FBI and Scotland Yard. Once discovered the real identities of the hackers the Feds tried to “enroll” them as informants, at least in one case (Sabu) this strategy was winning. At the opposite the Britons immediately caught the alleged culprits without giving any detail about their identity, maybe hoping the arrest could act as a deterrent for the other hackers. Apparently it looks like this latter strategy was not completely successful since the CabinCr3w survivors are threatening authorities, inviting other Blackhats to join them for the revenge.

Last but not least, I cannot help but notice the tweet below for which I remember to have been particularly impressed when I first saw it since, at that time, I considered it a too much imprudent. Consequently I was not that surprised when I saw it quoted in the Criminal Complaint.

[tweet https://twitter.com/ItsKahuna/status/163423280278159360]

At the end we are becoming more and more familiar with mobile phones and Social Network, so familiar to forget their level of intrusiveness and the related dangers for our privacy. As an example try to verify how many of you and your friend toggle Geo-Tagging off from their phone cameras. (Un)fortunately, it looks like not even the bad guys are immune from this.

(more…)

Continue Reading Imperfect Cybercrimes

February 2012 Cyber Attacks Timeline (Part I)

February 2012 brings a new domain for my blog (it’s just a hackmaggedon) and confirms the trend of January with a constant and unprecedented increase in number and complexity of the events. Driven by the echo of the ACTA movement, the Anonymous have performed a massive wave of attacks, resuming the old habits of targeting Law Enforcement agencies. From this point of view, this month has registered several remarkable events among which the hacking of a conf call between the FBI and Scotland Yard and the takedown of the Homeland Security and the CIA Web sites.

The Hacktivism front has been very hot as well, with attacks in Europe and Syria (with the presidential e-mail hacked) and even against United Nations (once again) and NASDAQ Stock Exchange.

Scroll down the list and enjoy to discover the (too) many illustrious victims including Intel, Microsoft, Foxconn and Philips. After the jump you find all the references and do not forget to follow @paulsparrows for the latest updates. Also have a look to the Middle East Cyberwar Timeline, and the master indexes for 2011 and 2012 Cyber Attacks.

Addendum: of course it is impossible to keep count of the huge amount of sites attacked or defaced as an aftermath of the Anti ACTA movements. In any case I suggest you a couple of links that mat be really helpful:

(more…)

Continue Reading February 2012 Cyber Attacks Timeline (Part I)