‘Anonymous’ hacks security firm that probed its membership
The online group of hacktivists known as “Anonymous” infiltrated the network and websites of an Internet security company after learning the company planned to sell information about the group to the FBI.
The website of Washington DC-based HBGary Federal was hijacked Sunday along with the Twitter account of CEO Aaron Barr. The company’s website was defaced with a message that read, “This domain seized by Anonymous under section #14 of the rules of the Internet.”
“Your recent claims of ‘infiltrating’ Anonymous amuse us, and so do your attempts at using Anonymous as a means to garner press attention for yourself,” the messaged continued. “How’s this for attention?”
Barr told the Financial Times over the weekend that he had identified the “core leaders” of the group and had information that could lead to their arrest.
He told the Times he infiltrated “Anonymous” to demonstrate the security risks to organizations from social media and networking.
In addition to hacking the company’s website and Twitter account, “Anonymous” gained access to more than 44,000 company e-mails, which were released to the public in a 4.71 gigabyte Torrent file. The group also gained access to the report that was allegedly going to be sold to the FBI and posted it online (.pdf).
“Anonymous” claims that most of the information gathered was either publicly available or inaccurate.
“The lack of quality in Aaron Barr’s undertaken research is worth noting,” the group said in a statement. “Aaron Barr missed a great deal of information that has been available online, and in fact failed to identify some of those whose identities were never intended to be hidden. People such as DailyKos’ diarist blogger Barrett Brown, and the administrator of anonnews.org, joepie91, whose identities could have been found in under a minute with a simple Google search.”
“Anonymous does not have leaders,” the statement added. “We are not a group, we are not an organization. We are just an idea. What we have done today will appear harsh. It is harsh. We will respond to those who seek to threaten us. We understand that our participants have been concerned about recent FBI raids and companies such as HBGary Federal lurking and logging our chats, so we’ve given all of Anonymous a message: we will fight back.”
Burr reportedly talked to members of “Anonymous” in an IRC chatroom, claiming he never intended to sell the information he gathered to the FBI.
“Ok I am going to say this one more time,” he told the room. “I did this for research. The FBI called me because of my research. The email you are referring to about selling data was about a model built on this type of research. It was not to sell specifically this data. I was going to use it to describe the process of how social media exploitation works.”
“Do I regret it now? Sure,” he told Forbes on Monday. “I’m getting personal threats from people, and I have two kids. I have two four-year old kids. Nothing is worth that.”
“I had expected some potential retribution,” he said. “I knew some folks would take my research as some kind of personal attack which it absolutely was not. I thought they might take down our Web site with a DDoS attack. I did not prepare for them to do what they did.”
Barr told Forbes he had to unplug his router at home because “Anonymous” was trying to crack it.
Three teenagers aged 15, 16 and 19 along with two men, aged 20 and 26, were arrested by British authorities January 27 for their involvement in “recent and ongoing” attacks by “Anonymous.” The FBI announced mass raids across the United States on the same day, executing more than 40 search warrants throughout the nation.
In a campaign known as “Operation Payback” those participating in “Anonymous” succeeded in taking down the online operations of PayPal, MasterCard Worldwide, Visa, Swiss bank PostFinance and others using a technique called “distributed denial of service” (DDoS) attacks. The companies were targeted after they dropped their financial services to WikiLeaks.
Updated Feb 7, 2011 at 3:50pm EST.