Anonymous Hacks Security Company, Researcher

  /     /     /  
Publicated : 22/11/2024   Category : security


Anonymous Hacks Security Company, Researcher


Breach that exposed sensitive email, personal, other information at HBGary Federal and HBGary raises concern over shift in approach by hacker group



The hacktivist Anonymous group best known for taking down high-profile websites with distributed denial-of-service attacks (DDoS) has now targeted a security researcher and his company, dumping the contents of the firms email messages and other sensitive information online yesterday, as well as commandeering his Twitter account and posting his Social Security number and address.
Security researchers have been in the bulls eye before, but the loosely affiliated hacking groups skilled attack against HBGary Federal and HBGary has raised concerns of the potentially wider damage the group could wreak. It also has served as a chilling reminder of the risks faced by researchers investigating attack groups. The targeted attack on HBGary Federal appears to be a departure from the groups DDoS modus operandi, framed by
its DDoS protests against PayPal, MasterCard, and Visa
, among other organizations, in support of WikiLeaks and its founder in what the attackers had dubbed Operation Payback.
Anonymous broke into HBGary Federals servers, as well as that of CEO Aaron Barrs Twitter account, in apparent retaliation for Barrs investigative research into the group and its leaders. It all started when Barr, who is scheduled to discuss his related social networking research at the BSides conference in San Francisco next week, said in
a
Financial Times
article
this weekend that he was able to get the names of some of the leaders of Anonymous, as well as some information on their locations -- in California, the U.K., Germany, The Netherlands, Italy, and Australia, he said.
Although Barr said he had no plans to hand over the names of individuals he had unmasked, that didnt dissuade the Anonymous group from striking out at him: You have blindly charged into the Anonymous hive, a hive from which youve tried to steal honey. Did you think the bees would not defend it? Well here we are. Youve angered the hive, and now you are being stung, Anonymous said in an online posting in the attack.
Greg Hoglund, founder and CEO of HBGary, says the attack against HBGary and HBGary Federal constitutes a serious crime, not merely a hactivist statement. They got our email, one of our tech support machines, and rootkit.com, which is Hoglunds research site, he says. You could have said they were hactivists before this. But now theyve committed federal crimes, stolen intellectual property, and posted it on the Internet. Thats a whole different thing -- its not altruistic. This is a criminal organization, and it borders on cyberterrorism.
They had a platform before, DDoS ... but that pales in comparison to a data breach and stealing millions of dollars in damages and leaking IP [intellectual property].
So far it doesnt appear that any of HBGarys technology was accessed or stolen by the group, he says. They didnt get any source code. Thats stored on a separate network, he says. But Hoglunds email spool that was breached includes a lot of sensitive information about customers, strategy, and marketing plans, which is intellectual property, he says.
The breach at HBGary -- which is a separate company from HBGary Federal -- appears to be collateral damage from the HBGary Federal hack, he says. One of the individuals at HBGary Federal was an admin on our Google email system -- we use Google to host it all. They were able to get access to the entire account, he says.
And Anonymous socially engineered a systems administrator to provide them access to rootkit.com. It wasnt an exploit, Hoglund says.
Security researchers know that potentially becoming the target of hackers goes with the territory. Researcher Dan Kaminsky was hit by a nasty hack two years ago on his Website, email, and Twitter accounts by a group of black hat hackers who stole passwords, emails, and instant message chats from Kaminsky. Other security figures, such as Kevin Mitnick, and security firms, including Matasano Security, have been targeted in the past. Any of us could be targets, says Jack Daniel, one of the founders of BSides.
Its the nature of people willing to do the research and speak on it: Largely, these people arent going to be silenced, Daniel says. So many people have been compromised over the past two years in the security community ... Hopefully people are smart enough to limit how much exposure they have online, he says.
The HBGary hack exposed at least one common security weakness aside from social engineering risks: Hoglund says the attackers appear to have executed a SQL injection attack against HBGary Federals website. They didnt hack HBGarys main website, but the company has taken its servers offline for clean-up and is investigating the breach.
Hoglund says he first got wind of the attacks yesterday afternoon at about 3 p.m. Pacific time. But they had been in the systems longer than that, after they had gotten everything they wanted, he says.
Given Anonymous global presence, it is difficult to catch or stop the attackers. Theyve got people who are very skilled at computer hacking. They are a very serious threat, he says. I just want law enforcement and citizens to take this threat seriously, Hoglund says.
Have a comment on this story? Please click Add Your Comment below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Anonymous Hacks Security Company, Researcher